MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: optmizer banner
July 20, 2019, 06:50:20 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
July 20, 2019, 06:50:20 AM

Login with username, password and session length
 
News
12th Anniversary Celebrating 12 Years! (1997 - 2009) 12th Anniversary
Thanks to ALL that make this site what it is!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: optmizer banner  (Read 3672 times)
Jiwon
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« on: November 05, 2004, 02:51:31 AM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:
Problem Application Name & Version:
Problem Hardware Make & Model:
Error Messages:


Can you help remove the annoying banner?

Here is my HIjackThis log, b1.98.2

Logfile of HijackThis v1.98.2
Scan saved at
Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #1 on: November 05, 2004, 05:21:26 AM »

Please download and run the following programs:

AD-AWARE

Install the program and launch it.

First, in the bottom right-hand corner of the main window
click on Check for updates now then click Connect and download
the latest reference files.

Then, in the main window: Click Start and under Select
 a scan Mode tick Perform full system scan.

Then, deselect Search for negligible risk entries.

To start the scan, click the Next button.

When the scan is finished mark everything for removal
and get rid of it. (Right-click the window and choose select
all from the drop down menu and then click Next)

Restart your computer.


SPYBOT SEARCH & DESTROY


Open Spybot Search & Destroy (Click Start, Programs,
Spybot S&D (Advanced Mode). Click online, Search for updates,
Download all available updates. Close all Browser windows,
Click ''Check for Problems''. Anything that needs to be fixed
it will show in red and have a green check in the box to the left.
Click ''Fix Selected Problems'', Then restart your computer.
Run hijack this and post a new log
Logged

John Vickers
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #2 on: November 11, 2004, 01:57:49 AM »

Merged your 2 threads here Jiwon, please stick with this same topic until you are clean
Don't Start a new topic, keep your responses in this thread, thanks

Hello, I did all as you said.
Here is my new log file.


Logfile of HijackThis v1.98.2
Scan saved at
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #3 on: November 11, 2004, 07:03:03 AM »

A few entries still need removed from your log, but first can you do me a favor

Set Windows to Show Hidden Files and folders
* Click Start.
    * Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Uncheck the Hide extensions for known file types
    * Click Yes to confirm.
    * Click OK.

Navigate to these 3 files
Let me know what you can find on them
C:\WINDOWS\System32\svgchk.exe
C:\WINDOWS\System32\microosoftup.exe
C:\WINDOWS\System32\msnsy\microsof.exe

Right click on the files---left click properties and version
What can you find out about them, including date and size
Could you also Submit them to this Malware scan
http://virusscan.jotti.dhs.org/

Give it time to load
Simply use the Browse button to navigate to each file
Right click on the file--Select it and then use the Submit button
Do it for each file in bold above

Copy and paste the info back here

Post back a fresh hijackthis log along with the information about those 3 files, thanks
Ensure you include the dates of all three
« Last Edit: November 11, 2004, 07:04:30 AM by benditup » Logged

 
Jiwon
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #4 on: November 11, 2004, 07:31:13 AM »

All these 4 files are under win32.
And whenever I start window, error messages about svgchk.exe and microsoftup.exe popup.

File:  svgchk.exe  
56KB
July 10, 2004---in MY computer

Status:  INFECTED/MALWARE  
Packers detected:  None
   
AntiVir  No viruses found (0.15 seconds taken)
Avast  Win32:Trojan-gen. {VC} (1.51 seconds taken)
BitDefender  No viruses found (0.34 seconds taken)
ClamAV  No viruses found (0.31 seconds taken)
Dr.Web  Trojan.DownLoader.57344 (0.46 seconds taken)
F-Prot Antivirus  No viruses found (0.06 seconds taken)
Kaspersky Anti-Virus  Trojan.Win32.Medias.f (0.57 seconds taken)
mks_vir  No viruses found (0.21 seconds taken)
NOD32  No viruses found (0.38 seconds taken)
Norman Virus Control  No viruses found (4.16 seconds taken)



File:  microsoftm.exe  
48KB
July 9,2004---in MY computer

Status:  INFECTED/MALWARE  
Packers detected:  None
   
AntiVir  No viruses found (0.14 seconds taken)
Avast  Win32:Trojan-gen. {VC} (1.51 seconds taken)
BitDefender  No viruses found (0.35 seconds taken)
ClamAV  No viruses found (0.31 seconds taken)
Dr.Web  BackDoor.Medias (0.47 seconds taken)
F-Prot Antivirus  No viruses found (0.06 seconds taken)
Kaspersky Anti-Virus  Trojan.Win32.Medias.h (0.57 seconds taken)
mks_vir  No viruses found (0.22 seconds taken)
NOD32  No viruses found (0.38 seconds taken)
Norman Virus Control  No viruses found (0.43 seconds taken)



File:  microsoftchk.exe  
56KB
July 9,2004---in MY computer

Status:  INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)  
Packers detected:  None
   
AntiVir  No viruses found (0.15 seconds taken)
Avast  Win32:Trojan-gen. {VC} (1.51 seconds taken)
BitDefender  No viruses found (0.35 seconds taken)
ClamAV  No viruses found (0.31 seconds taken)
Dr.Web  Trojan.DownLoader.57344 (0.46 seconds taken)
F-Prot Antivirus  No viruses found (0.06 seconds taken)
Kaspersky Anti-Virus  Trojan.Win32.Medias.f (0.57 seconds taken)
mks_vir  No viruses found (0.21 seconds taken)
NOD32  No viruses found (0.35 seconds taken)
Norman Virus Control  No viruses found (4.18 seconds taken)



File:  microosoftup.exe  
48.0KB
date : July 14, 2004---in MY computer

Status:  INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)  
Packers detected:  None
   
AntiVir  No viruses found (0.14 seconds taken)
Avast  Win32:Trojan-gen. {VC} (1.51 seconds taken)
BitDefender  No viruses found (0.35 seconds taken)
ClamAV  No viruses found (0.28 seconds taken)
Dr.Web  BackDoor.Medias (0.45 seconds taken)
F-Prot Antivirus  No viruses found (0.06 seconds taken)
Kaspersky Anti-Virus  Trojan.Win32.Medias.h (0.57 seconds taken)
mks_vir  No viruses found (0.22 seconds taken)
NOD32  No viruses found (0.35 seconds taken)
Norman Virus Control  No viruses found (0.42 seconds taken)






NEW LOG FILE

Logfile of HijackThis v1.98.2
Scan saved at
« Last Edit: November 11, 2004, 07:40:28 AM by Jiwon » Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #5 on: November 11, 2004, 08:06:03 AM »

quote:
All these 4 files are under win32.

I'm guessing you meant System32 Smiley

Let's try this
Open Hijackthis>>Config>>Misc tools>>Open Process Manager
Kill this process if running, looks like you shut it down or deleted it?

C:\WINDOWS\System32\svgchk.exe

Do another scan with Hijackthis and put a check beside these entries

O2 - BHO: V3 - {76EAE03C-F2B1-4397-97E8-390920B7C2DC} - C:\Program Files\Ahnlab\V3\V3Bar.dll (file missing)
O3 - Toolbar: V3 - {9E3849D6-41EF-4B2F-86B7-632EF90758E4} - C:\Program Files\Ahnlab\V3\V3Bar.dll (file missing)

O4 - HKCU\..\Run: [svgchk] C:\WINDOWS\System32\svgchk.exe
O4 - HKCU\..\Run: [microosoftup] C:\WINDOWS\System32\microosoftup.exe

O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://update.nprotect.net/nprotect/samsungcard/npx.cab


After you have put a tick beside the entries above, close down ALL open windows, Including this one
Leave Hijackthis open and click FIX CHECKED
Click YES to the Prompt
Exit Hijackthis

RESTART your computer

Delete those files, send them to the recycle bin, and only those files you found infected if they still exist

Post back a fresh hijackthis log and let me know how everythings running

You should install these 2 apps., they add extra security while
silently protecting you, without running in the background

SpywareBlaster by JavaCool---will block bad ActiveX and malevolent cookies
Install---Check for Updates---Enable all protection
http://www.javacoolsoftware.com/spywareblaster.html

IE-Spyad---IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
Here is a tutorial and download link
TUTORIAL==Link to Tutorial
Download link==Download link
Scroll down and click on IE-SPYAD.EXE Free!

With both, Check for updates every couple of weeks
IE-Spyad works with Windows XP service pack 2 also Smiley
Logged

 
Jiwon
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #6 on: November 11, 2004, 07:10:04 PM »

Thank you, benditup
Everything is fine so far, no popup, no error messages.


Here is my new log files.

Logfile of HijackThis v1.98.2
Scan saved at
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #7 on: November 11, 2004, 07:22:17 PM »

Looks good Jiwon, you have a couple ActiveX controls I'm not familiar with
You can fix them if you don't know what they're related too, they will be reinstalled if needed

O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - http://download.softforum.co.kr/Published/XecureWeb/v5.4.1.0/xw_install.cab

O16 - DPF: {93F83364-58E3-43C6-BE34-DE1252B26307} (Cruzbill Control) - http://211.189.120.205/sbill/cruzbill.cab

Could you also run this file through that online scanner
I believe it's legit, but let's make sure
C:\WINDOWS\system32\MUPOTL.exe <--file

Also check and see date and size, the only reference I can see it related too is an IBM thinkpad

Besides that your log looks good, let me know about that file, thanks
Logged

 
Jiwon
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 5


Bookmark and Share

View Profile
« Reply #8 on: November 12, 2004, 03:52:18 AM »

From my computerMUPOTL.exe
51.5KB
July 24, 2001
Version 1.0.3.0
MUPO Helper TOOL
Copyright (C) Sony Corporation 2001

From http://virusscan.jotti.dhs.org/
File:  MUPOTL.exe  
Status:  OK (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)  
Packers detected:  None
   
AntiVir  No viruses found (0.15 seconds taken)
Avast  No viruses found (1.51 seconds taken)
BitDefender  No viruses found (0.33 seconds taken)
ClamAV  No viruses found (0.33 seconds taken)
Dr.Web  No viruses found (0.51 seconds taken)
F-Prot Antivirus  No viruses found (0.06 seconds taken)
Kaspersky Anti-Virus  No viruses found (0.62 seconds taken)
mks_vir  No viruses found (0.22 seconds taken)
NOD32  No viruses found (0.37 seconds taken)
Norman Virus Control  No viruses found (0.50 seconds taken)


It looks fine, so I didn't remove it.
I removed two Active X thru hijackthis.

Thank you
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #9 on: November 12, 2004, 04:05:27 AM »

Sounds good Jiwon, if everything is running better you should Clear your System Restore Points
This ensures that no malware can be restored
Simply Disable System Restore---Restart your computer---Enable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

I'll lock this topic as it appears your problems are resolved, if you need it reopened please PM Admin or a Mod and supply a link to this thread
Stay safe Smiley
« Last Edit: November 12, 2004, 04:06:40 AM by benditup » Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page June 27, 2018, 01:27:37 AM