How do I remove a virus I cant find? - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 02-07-2007, 11:10 PM   #1 (permalink)
True Techie
 
Join Date: Aug 2006
Posts: 168
Default How do I remove a virus I cant find?

I have a pop up generator somewhere on my computer that is annoying the **** out of me. I cant get rid of it because none of my POS anti-spyware programs have been able to detect it accept for one. Spybot Search and Destroy found it along with 50 other things however I have to pay to remove it. Windows Defender, AVG anti virus, Ad-Aware SE Personal and Spyware Doctor cant detect any of the 50 infected files I have. So does anyone know of a useful free program that will detect these infected files?
__________________

SPL Tech is offline  
Old 02-07-2007, 11:39 PM   #2 (permalink)
Wizard Techie
 
Jorsoft's Avatar
 
Join Date: Feb 2004
Location: Oakdale, MN
Posts: 4,581
Default

Download the spysweeper 14-day trial, install, update, and scan.
__________________

__________________
Jorsoft is offline  
Old 02-08-2007, 09:07 AM   #3 (permalink)
Newb Techie
 
Join Date: Dec 2006
Posts: 26
Default

Try McAfee...some people say it is good although I am not sure.
ankit3000 is offline  
Old 02-08-2007, 09:31 AM   #4 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default

Quote:
Originally posted by ankit3000
Try McAfee...some people say it is good although I am not sure.
McAfee is the worst. Dont use it.

If anything try BitDefender. It is reated as one of the best on the market. Use the Trial and see how it works. Also post a Hijack This log.
__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline  
Old 02-08-2007, 10:13 AM   #5 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Re: How do I remove a virus I cant find?

Quote:
Originally posted by SPL Tech
I have a pop up generator somewhere on my computer that is annoying the **** out of me. I cant get rid of it because none of my POS anti-spyware programs have been able to detect it accept for one. Spybot Search and Destroy found it along with 50 other things however I have to pay to remove it. Windows Defender, AVG anti virus, Ad-Aware SE Personal and Spyware Doctor cant detect any of the 50 infected files I have. So does anyone know of a useful free program that will detect these infected files?

Go thru my guide
__________________
Osiris is offline  
Old 02-08-2007, 10:24 AM   #6 (permalink)
Ultra Techie
 
Join Date: Jul 2006
Posts: 584
Default

hijack this?
__________________
<img src=http://img3.freeimagehosting.net/uploads/b4b225c12f.png border=0 alt="Free Image Hosting"></a>
TimBlanchard is offline  
Old 02-08-2007, 12:41 PM   #7 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default

Hijack this is a application that gives a detailed report of all services running on your system.
After looking thru the report most of us here can give you a layout of what should be removed and what is alright.
__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline  
Old 02-08-2007, 03:57 PM   #8 (permalink)
True Techie
 
Join Date: Aug 2006
Posts: 168
Default

I also downloaded AVg anti-spyware and Spyware Terminator and neither of them found the pop up generator. Here is the Hijack This log:


Logfile of HijackThis v1.99.1
Scan saved at 1:57:02 PM, on 2/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\psmcsh.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\WinClamAVShield\sp_clamsrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Me!\LOCALS~1\Temp\Rar$EX02.969\HijackT his.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.realmofexcursion.com/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5...ws-i586-jc.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Print Client Share (PrntCSh) - Unknown owner - C:\WINDOWS\system32\psmcsh.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
SPL Tech is offline  
Old 02-09-2007, 03:09 PM   #9 (permalink)
True Techie
 
Join Date: Aug 2006
Posts: 168
Default Re: Re: How do I remove a virus I cant find?

Quote:
Originally posted by Warez Monster
Go thru my guide
I did. None of the programs were able to do anything for me. There is still 280 spyware threats that Spyware Doctor found that none of the other programs can find. Just this makes me wonder. Do these other anti-spyware programs even do anything? Are they even worth the download? Because thats pretty sad if 8 different programs cant find even one of 280 threats on my computer. Spwyare Doctor found them. But none of the other programs can.... hmmm... That does not say much about the other programs. And Ad-Aware SE seems to be the most useless of them all. It found the fewest problems...
SPL Tech is offline  
Old 02-10-2007, 08:02 PM   #10 (permalink)
True Techie
 
Join Date: Aug 2006
Posts: 168
Default

Some things has changed. I downloaded some more anti-spyware programs and I did a scan with every one. I did a a scan with AVG anti-spyware, SpyCatcher, Ad-Aware SE, Spyware Terminator, Spybot S&D and Spyware Doctor. And this time EVERY SINGLE program found a Trojan or spyware threat. I removed all them. I did a second scan with Spyware Doctor and this time the scan came back clean. I did another scan with every other program and they all came back clean. However the generator is still there.

So I am wondering, if every single program found different threats, how useful are the programs? Because if you have 10 programs and they all find something different that means not one of them is working very well... That also makes me believe I may still have lots of other threats that havent been found.
__________________

SPL Tech is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 07:02 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.