Windows Support Forum

Infection with .adtrgt

Q: Infection with .adtrgt

When I go online on my laptop it immediately defaults to a popup http://ads.adtrgt.com...etc. From looking around it seems that this is malware and that combofix is likely to be able to resolve this problem. Is it a good idea just to run this a/c your instructions that you have posted on this site, or should I run other checks first?

Relevancy 100%
Preferred Solution: Infection with .adtrgt

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Infection with .adtrgt

hi and welcome as the blue text says it can be dangerous on your own. Let's do these first and if needed we'll go there.Next run MBAM:Please download Malwarebytes Anti-Malware (v1.36) and save it to your desktop.alternate download link 1alternate download link 2If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.Next Run ATF and SAS:From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox or Opera browser click that browser at the top and choose: Select AllClick the Empty Selected button.If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.NOW Scan with SUPEROpen from the desktop icon or the program Files listOn the left, make sure you check C:\Fixed Drive.Perform a Complete scan. After scan,Verify they are all checked.Click OK on the summary screen to quarantine all found items.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.Please ask any needed questions,post logs and Let us know how the PC is running now.

http://www.bleepingcomputer.com/forums/t/223893/infection-with-adtrgt/
Relevancy 62.35%

Hey there I recently downgraded from Vista to XP on my lappy and started receiving random popups from url adtrgt com These then redirect to different advertisements usually for fake spyware detectors etc I've tried running Symantec Corporate Antivirus AVG Free and Ad Aware to Infection Adtrgt.com no avail Anyhelp will be greatly appreciated Thanks Here is my Hijack This log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Common Files Symantec Shared ccSetMgr exeC Program Files Common Files Symantec Shared ccEvtMgr exeC Program Files Common Files Symantec Shared SPBBC SPBBCSvc exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system spoolsv exeC Program Files Symantec AntiVirus DefWatch exeC WINDOWS system nvsvc exeC WINDOWS system svchost exeC Program Files Symantec AntiVirus Rtvscan exeC Program Files Hewlett-Packard Shared hpqwmiex exeC WINDOWS system RUNDLL EXEC Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exeC Program Files Java jre bin jusched exeC Program Files Common Files Symantec Shared ccApp Adtrgt.com Infection exeC Program Files Synaptics SynTP SynTPEnh exeC PROGRA SYMANT VPTray exeC WINDOWS system ctfmon exeC Program Files Steam Steam exeC Program Files Common Files Nero Lib NMIndexStoreSvr exeC Program Files DAEMON Tools Lite daemon exeC WINDOWS System svchost exeC Program Files Common Files Nero Lib NMIndexingService exeC WINDOWS explorer exeC Documents and Settings Tom McIntosh Desktop HiJackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - Adtrgt.com Infection HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run nwiz nwiz exe installO - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInitO - HKLM Run QlbCtrl ProgramFiles Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe StartO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run High Definition Audio Property Page Shortcut CHDAudPropShortcut exeO - HKLM Run Adtrgt.com Infection SynTPStart C Program Files Synaptics SynTP SynTPStart exeO - HKLM Run NeroFilterCheck C Program Files Common Files Nero Lib NeroCheck exeO - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run vptray C PROGRA SYMANT VPTray exeO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run Steam quot C Program Files Steam Steam exe quot -silentO - HKCU Run IndxStoreSvr E - C C- d f- C - D A B AA quot C Program Files Common Files Nero Lib NMIndexStoreSvr exe quot ASO- B - DAE- -A F- A E O - HKCU Run DAEMON Tools Lite quot C Program Files DAEMON Tools Lite daemon exe quot -autorunO - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dllO - Extra button no name - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exeO - Extra 'Tools' menuitem xpsp res dll - - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exeO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger m... Read more

A:Adtrgt.com Infection

Hello jackalneo,I apologise for the delay. The forum is too busy.----------------------------------------------I will be assisting you with your malware issues.Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!Please bookmark or favourite this page. In case you need it as reference or etc.IMPORTANT NOTE:If you are using Windows Vista you must right click on the desktop icon and choose Run as Administrator all tools.---------------------------------------------- RENAME HIJACKTHISThere is some infection hiding in your log.Using Windows Explore by right-clicking the Start button and left clicking Explore navigate to: C:\Documents and Settings\Tom McIntosh\Desktop\HiJackThis.exe Right-click on HijackThis.exe & select Rename to scanner.exe and post back a new Hijackthis log.----------------------------------------------Post back:A new HijackThis log.

http://www.bleepingcomputer.com/forums/t/143242/adtrgtcom-infection/
Relevancy 62.35%

Hi I've got a problem with adtrgt adtrgt.com infection com I adtrgt.com infection believe I've followed the steps in your preparation guide and scanned my computer until I'm blue in the face with Kaspersky the latest McAfee Ad-Aware and finally with HJT Along the way a couple of unactivated trojans were removed I've also run several rootkit detectors with inconclusive results I'm running Vista Home Premium without SP Anyway I do still have a problem with Adtrgt com I frequently get a crash in rundll exe and then in the pop-up I close the application Most of the time nothing visible closes which I take to mean the crappy adware DLL crashed Looking at my router logs I see entries for url adtrgt com followed by an entry for SomeSiteYouShouldNotVisit com you get the picture So I'm assuming this is what is killing me and causing the instability Looking at my IE addons I see one at least that shouldn't be there it has a random name tuvSjGYP dll It doesn't have a listed publisher HJT shows the BHO as O - BHO no name - B FE AF- E - -BFBA- DA D - C Windows system tuvSjGYP dllIronically I think I know the exact time the infection occurred since all previous system restore points are gone except for one at pm on Thursday Hmmm I've disabled the BHO I listed above and now the weird instability has stopped doh but there's something else still in there I've posted my HJT log below can you folks lend a hand to a desperate guy Thanks in advance MikeHijackThis Log after preliminary cleaning Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C Windows system Dwm exeC Windows system taskeng exeC Windows Explorer EXEC Program Files Sigmatel C-Major Audio WDM sttray exeC Program Files Intel Intel Matrix Storage Manager IAAnotif exeC Program Files Intel IntelDH CCU CCU TrayIcon exeC Program Files Common Files Intel IntelDH NMS Support IntelHCTAgent exeC Program Files Microsoft Office Office GrooveMonitor exeC Windows System rundll exeC Program Files Adobe Acrobat Distillr acrotray exeC Program Files Napster napster exeC Windows WindowsMobile wmdc exeC Program Files Dell Support Center bin sprtcmd exeC Program Files iTunes iTunesHelper exeC Program Files McAfee com Agent mcagent exeC Program Files Windows Sidebar sidebar exeC Program Files DellSupport DSAgnt exeC Windows ehome ehtray exeC Program Files Common Files TiVo Shared Transfer TiVoTransfer exeC Program Files TiVo Desktop TiVoServer exeC Program Files TiVo Desktop TiVoNotify exeC Program Files Windows Live Messenger msnmsgr exeC Program Files Windows Media Player wmpnscfg exeC Program Files MagicDisc MagicDisc exeC Program Files Intel IntelDH CCU CCU Engine exeC Windows ehome ehmsas exeC Windows System rundll exeC Windows System mobsync exeC Windows system SearchFilterHost exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer provided by DellR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhostO - Hosts Public CollaborationPeople comO - Hosts manage envisionmidway comO - Hosts CitySpace CollaborationPeople netO - Hosts CitySpace Intranet CollaborationPeople netO - Hosts dbtest CollaborationPeople netO - BHO McAntiPhishingBHO - C E- F E- D C- F-F BD D CF - c PROGRA mca... Read more

A:adtrgt.com infection

Hello rdcproPlease download MalwareBytes Anti-malware (MBAM) from one of the following links:http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/tools/mbam-setup.exeDouble-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select Perform full scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Be sure that everything is checked, and click Remove Selected.When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtPlease post a new HijackThis log and the MalwareBytes results.

http://www.bleepingcomputer.com/forums/t/175105/adtrgtcom-infection/
Relevancy 61.92%

Hey there I recently downgraded from Vista to XP on my lappy and started receiving random popups from url adtrgt com These then redirect to different advertisements usually for fake spyware detectors etc I ve tried running Symantec Corporate Antivirus AVG Free and Ad Aware to no avail Anyhelp will be greatly appreciated Thanks Here is my combofix log ComboFix - - - Tom McIntosh - - - NTFSx Microsoft Windows XP Professional GMT - Running from C Documents and Settings All Users Documents ComboFix exe Created a new restore point WARNING -THIS MACHINE Solved: infection adtrgt.com DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED Other Deletions C WINDOWS pskt ini Solved: adtrgt.com infection C WINDOWS system awtrsQgD dll C WINDOWS system cbXNhEWP dll C WINDOWS system eylgekja dll C WINDOWS system hgGvtTll dll C WINDOWS Solved: adtrgt.com infection system ljJAPHYP dll C WINDOWS system mcrh tmp C WINDOWS system opnmJYSi dll C WINDOWS system rqRJaWmL dll C WINDOWS system rqRlLbCV dll C WINDOWS system VCbLlRqr ini C WINDOWS system VCbLlRqr ini C WINDOWS system vtUKAqNe dll C WINDOWS system xpbsyxkf dll Files Created from - - to - - - - - - lt DIR gt d-------- C Program Files Remove-it - - - - lt DIR gt d-------- C Documents and Settings Tom McIntosh Application Data Talkback - - - - lt DIR gt d-------- C Program Files MSXML - - - - --a------ C WINDOWS vpc INI - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Avg - - - - --a------ C WINDOWS system drivers SYMEVENT SYS - - Solved: adtrgt.com infection - - --a------ C WINDOWS system S EVNT DLL - - - - --a------ C WINDOWS system drivers SYMEVENT CAT - - - - --a------ C WINDOWS system drivers SYMEVENT INF - - - - lt DIR gt d-------- C Program Files Symantec AntiVirus - - - - lt DIR gt d-------- C Program Files Symantec - - - - lt DIR gt d-------- C Program Files Common Files Symantec Shared - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Symantec - - - - lt DIR gt d-------- C Program Files PowerISO - - - - lt DIR gt d-------- C Program Files DAEMON Tools Lite - - - - lt DIR gt d-------- C Documents and Settings Tom McIntosh Application Data DAEMON Tools - - - - --a------ C WINDOWS system drivers sptd sys - - - - lt DIR gt d-------- C Program Files Common Files DigiDesign - - - - lt DIR gt d-------- C Program Files Toontrack - - - - --a------ C WINDOWS system vorbis acm - - - - --a------ C WINDOWS system rewire dll - - - - lt DIR gt d-------- C Program Files Steinberg - - - - lt DIR gt d-------- C Program Files Image-Line - - - - --a------ C WINDOWS system gdiplus dll - - - - --a--c--- C WINDOWS system dllcache usbstor sys - - - - lt DIR gt d-------- C Program Files Lavasoft - - - - lt DIR gt d-------- C Program Files Common Files Wise Installation Wizard - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Lavasoft - - - - --ah----- C Documents and Settings Default User NtUser dat LOG - - - - lt DIR gt d-------- C Program Files Nero - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Nero - - - - --a------ C WINDOWS system mucltui dll - - - - --a------ C WINDOWS system mucltui dll mui - - - - --a------ C WINDOWS BMafc e c xml - - - - --a------ C WINDOWS system drivers rixdptsk sys - - - - --a------ C WINDOWS system snymsico dll - - - - --a------ C WINDOWS system drivers rimsptsk sys - - - - --a------ C WINDOWS system drivers rimmptsk sys - - - - --a------ C WINDOWS system rixdicon dll - - - - --a------ C WINDOWS NeroDigital ini - - - - lt DIR gt d-------- C Program Files Microsoft Silverlight - - - - lt DIR gt d-------- C Program Files Windows Media Connect - - - - --a------ C WINDOWS system wmpns dll - - - - lt DIR gt d-------- C WINDOWS system drivers UMDF - - - - lt DIR gt d-------- C Program Files Synaptics - - - - lt DIR gt d-------- C Program Files mIRC - - - - lt DIR gt d-------- C Program Files Steam - - - - lt DIR gt d-------- C Documents and Settings Tom McIntosh Applic... Read more

Relevancy 61.06%

Hi thereI have the aforementioned infection on my PC Have run Spybot and Ad-aware and it has partly fixed the problem but I still get pop-ups new tabs really as I'm using Firefox redirecting me to usually lt hxxp url adtrgt com gt though sometimes I get sites like poker sites and other ads I've just installed and run HiJackThis and here's the log Seems like you guys are pretty good at fixing this sort of thing so hopefully you can help me out ThanksHBLogfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS Virtumonde / infection http://url.adtrgt.com system Virtumonde infection / http://url.adtrgt.com S EvMon exeC WINDOWS Explorer EXEC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system spoolsv exeC Program Files McAfee SiteAdvisor McSACore exeC PROGRA McAfee MSC mcmscsvc exec program files common files mcafee mna Virtumonde infection / http://url.adtrgt.com mcnasvc exec PROGRA COMMON Virtumonde infection / http://url.adtrgt.com mcafee mcproxy mcproxy exeC PROGRA McAfee VIRUSS mcshield exeC Program Files McAfee MPF MPFSrv exeC Program Files McAfee MSK MskSrver exeC WINDOWS system RegSrvc exec PROGRA mcafee com agent mcagent exeC WINDOWS system drivers STDSB exeC WINDOWS system drivers Icon exeC WINDOWS SOUNDMAN EXEC WINDOWS system igfxtray exeC WINDOWS system hkcmd exeC Program Files Synaptics SynTP SynTPLpr exeC Program Files Synaptics SynTP SynTPEnh exeC Program Files Java jre bin jusched exeC WINDOWS system ctfmon exeC Program Files Veoh Networks Veoh VeohClient exeC Program Files Messenger msmsgs exeC Program Files Spybot - Search amp Destroy TeaTimer exeC PROGRA McAfee VIRUSS mcsysmon exeC WINDOWS system rundll exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page about blankR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO Aplicaci n auxiliar de v nculos de Adobe PDF Reader - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO McAntiPhishingBHO - C E- F E- D C- F-F BD D CF - c PROGRA mcafee msk mcapbho dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan scriptsn dllO - BHO no name - abe fde-e - b - d- da a a - C WINDOWS system yipiwopa dllO - BHO McAfee SiteAdvisor BHO - B E -A B - A -B - CD E A FF - c PROGRA mcafee SITEAD mcieplg dllO - Toolbar Veoh Browser Plug-in - D - - -A B -AEFAF AB - C Program Files Veoh Networks Veoh Plugins reg VeohToolbar dllO - Toolbar McAfee SiteAdvisor Toolbar - EBBBE -BAD - B C- E A- ABECAE - c PROGRA mcafee SITEAD mcieplg dllO - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNCO - HKLM Run PHIME A C WINDOWS system IME TINTLGNT TINTSETP EXE IMENameO - HKLM Run STDSB C WINDOWS system drivers STDSB exeO - HKLM Run Icon C WINDOWS system drivers Icon exeO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run IgfxTray C WINDOWS system igfxtray exeO - HKLM Run HotKeysCmds C WINDOWS system hkcmd exeO - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exeO - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exeO - HKLM Run McENUI C PROGRA McAfee MHN McENUI exe hideO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run mcagent exe C Program Files McAfee com Agent mcagent exe runkeyO - HKLM Run PRONoMgr exe C Program Files Intel NCS PROSet PRONoMgr exeO - HKLM Run hiruhizevo Rundll exe C WINDOWS system tuzatazo dll sO - HKLM Run CPMbf Rundll exe c windows system kumeweva dll aO - HKCU Run CTFMON EXE C WINDOWS sys... Read more

A:Virtumonde infection / http://url.adtrgt.com

Hello, my name is fenzodahl512 and welcome to BC.. Please do the following....Please download SDFix by Andy Manchesta and save it to your desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please reboot into Safe Mode In Safe Mode, right click the SDFix.zip folder and choose Extract All, A new folder will be extracted to your %systemdrive%, typically C:\SDFix Open the extracted folder and double click RunThis.bat to start the script. Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. Press any Key and it will restart the PC. Your system will take longer that normal to restart as the fixtool will be running and removing files. When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons. Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt along with any other requested logs at the end of these instructions.NEXTPlease make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..Please download ComboFix by sUBs from one of the locations below, and save it to your Desktop.Link 1Link 2Link 3Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply..Note: DO NOT mouseclick combofix's window while its running. That may cause it to stallPlease post these logs in your next reply.. 1. SDFix2. ComboFix3. A fresh HijackThis log

http://www.bleepingcomputer.com/forums/t/183282/virtumonde-infection-httpurladtrgtcom/
Relevancy 41.71%

The url adtrgt com pop up only seems to be effecting Firefox I do not get the pop up when using Chrome or IE I got the Virtumonde Antivirus pop up virus as well and downloaded Malwarebyte's Anti-Malware which I thought got rid of it but something still seems to be lurking The websites and are also is popping up as well EDIT I'm also infected by the pop ups url.adtrgt.com Vundo Trojan and 'Malware Trace' Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System url.adtrgt.com pop ups smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system Ati evxx exeC WINDOWS url.adtrgt.com pop ups system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system LEXPPS EXEC Program Files Java jre bin jqs exeC Program Files McAfee SiteAdvisor McSACore exeC PROGRA McAfee MSC mcmscsvc exec program files common files mcafee mna mcnasvc exeC WINDOWS Explorer EXEc url.adtrgt.com pop ups PROGRA COMMON mcafee mcproxy mcproxy exeC PROGRA McAfee VIRUSS mcshield exeC Program Files McAfee MPF MPFSrv exeC WINDOWS system PnkBstrA exeC Program Files Common Files Seagate Schedule schedul exeC WINDOWS system svchost exeC PROGRA McAfee com Agent mcagent exeC Program Files CyberLink PowerDVD DVDLauncher exeC Program Files Common Files Real Update OB realsched exeC Program Files MultiRes MultiRes exeC Program Files TRIXX TRIXX exeC Program Files QuickTime qttask exeC Program Files Seagate DiscWizard DiscWizardMonitor exeC Program Files Seagate DiscWizard TimounterMonitor exeC Program Files Common Files Seagate Schedule schedhlp exeC Program Files AIM aim exeC WINDOWS system ctfmon exeC program files valve steam steam exeC Program Files MSN Messenger msnmsgr exeC Documents and Settings Emerson Walter Local Settings Application Data Google Update GoogleUpdate exeE Programs Calibrize CalibrizeResume exeC Program Files Spybot - Search amp Destroy TeaTimer exeC PROGRA Yahoo MESSEN ymsgr tray exeC Program Files Logitech SetPoint SetPoint exeC Program Files Common Files Logishrd KHAL KHALMNPR EXEC Program Files Xfire Xfire exeC PROGRA McAfee VIRUSS mcsysmon exeC Program Files Spybot - Search amp Destroy SpybotSD exeC WINDOWS system rundll exeC Program Files Java jre bin jusched exeC Program Files Lavasoft Ad-Aware aawservice exeC Program Files Mozilla Firefox firefox exeF Program Files Malwarebytes' Anti-Malware lolmbam exeC WINDOWS SYSTEM calc exeC Program Files CCleaner ccleaner exeF Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com mywaybizR - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaul rch search htmlR - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaul www yahoo comR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaul www yahoo comR - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaul rch search htmlR - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaul www yahoo comR - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaul www yahoo comO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B... Read more

A:url.adtrgt.com pop ups

Hi,1. Please download GooredFix and save it to your Desktop.Select "2. Fix Goored" by typing 2 and pressing Enter. Make sure all instances of Firefox are closed at this point. Type y at the prompt and press Enter again. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).Note: If you receive a message saying that GooredFix needs your system to be restarted, please close all applications and reboot your system. Please also allow any registry changes that may be prompted by any of your security programs.Then, I see you are running Teatimer.I suggest you to disable it because it can interfere with the changes you'll make on your system.When everything is done and your log is clean again, you can enable it again.If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.How to disable TeaTimer <== click me for instructions.After you disabled Teatimer, download ResetTeaTimer.bat to your desktop. (In case you use Firefox, rightclick the link and choose "save as").Doubleclick ResetTeaTimer.bat and let it run.This will only take a few seconds.Then, * Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPost the log from ComboFix in your next reply.

http://www.bleepingcomputer.com/forums/t/196360/urladtrgtcom-pop-ups/
Relevancy 41.71%

I use Firefox and often when I m browsing pop ups will appear from several sites but only in Internet Explorer These ads will be for everything from porn to mobile ringtones to more mobile ringtones and some only come up with page errors I recieved some other help trying to tighten up IE s security to no avail I have attached my HJT and ComboFix log files named appropriately Thanks for any help I can get guys this is driving me wild Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS ups adtrgt pop system svchost exe C WINDOWS System svchost exe C Program Files TGTSoft StyleXP StyleXPService exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Grisoft AVG Anti-Spyware guard exe adtrgt pop ups C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C WINDOWS System svchost exe C Program Files Common Files Microsoft Shared VS DEBUG mdm exe C WINDOWS system nvsvc exe C Program Files CyberLink Shared files RichVideo exe C Program Files Alcohol Soft Alcohol StarWind StarWindService exe c WINDOWS system ZuneBusEnum exe C WINDOWS SOUNDMAN EXE C WINDOWS system RUNDLL EXE C PROGRA Grisoft AVG avgcc exe C Program Files Java jre bin jusched exe C Program Files Cyberlink Shared Files brs exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Grisoft AVG Anti-Spyware avgas exe C Program Files Zune ZuneLauncher exe C WINDOWS system ctfmon exe C Program Files Atomic Alarm Clock AtomicAlarmClock exe C Program Files TGTSoft StyleXP StyleXP exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files NETGEAR WG T wlancfg exe C Program Files Windows Live Messenger usnsvc exe C WINDOWS explorer exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files Trend Micro HijackThis HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO TGTSoft Explorer Toolbar Changer - C CF - F- - AC-E D C C - C Program Files TGTSoft StyleXP TGT BHO dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run BDRegion C Program Files Cyberlink Shared Files brs exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run LanguageShortcut quot C Program Files CyberLink PowerDVD Language Language exe quot O - HKLM Run AVG Anti-Spyware quot C Program Files Grisoft AVG Anti-Spyware avgas exe quot minimized O - HKLM Run SpybotSnD quot C Program Files Spybot - Search amp Destroy SpybotSD exe quot O - HKLM Run Zune Launcher quot c Program Files Zune ZuneLauncher exe quot O - HKLM RunServices MircoSoftSN system exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run uTorrent quot C Program Files uTorrent utorrent exe quot O - HKCU Run SkinClock C Program Files Atomic Alarm Clock AtomicAlarmClock exe O - HKCU Run MsnMsgr quot C Program Files Windows Live Messenger MsnMsgr Exe quot background O - HKCU Run STYLEXP C Program Files TGTSoft StyleXP StyleXP exe -Hide O - HKCU Run SpybotSD TeaTimer C Pr... Read more

A:adtrgt pop ups

I use Firefox but I am constantly getting pop ups in IE, with alot coming from the domain url.adtrgt. Below is my HijackThis log

Thanks for all the help guys


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:15:06 PM, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\RunServices: [MircoSoftSN] system.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKCU\..\Run: [MsnMsgr... Read more

https://forums.techguy.org/threads/adtrgt-pop-ups.712118/
Relevancy 41.71%
Q: adtrgt

Not sure what is going on spybot search and destroy box pops up It says bad url adtragt com I hit deny Then IE adtrgt opens with pop ups while im surfing with fire fox I have dds text and attach txt too McAfee does not see it or can't find it Spybot does not see it when i run it But tells me it is trying to access the internet Might be time to reload windows Gonna build a new computer in june Thanks Ya'll DDS Ver - - - NTFSx Run by Administrator at on Tue Internet Explorer Microsoft Windows XP Professional GMT - Running Processes C WINDOWS system svchost -k rpcss C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system spoolsv exe C Program Files iolo common lib ioloServiceManager exe C adtrgt PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe C Program Files McAfee VirusScan McShield exe C Program Files McAfee MPF MPFSrv exe C WINDOWS System nvsvc exe adtrgt C PROGRA McAfee VIRUSS mcsysmon adtrgt exe c PROGRA mcafee com agent mcagent exe C WINDOWS Explorer EXE C WINDOWS System rundll exe C Program Files Yahoo Messenger YahooMessenger exe C Program Files Silicon Image SiISATARaid SATARaid exe C WINDOWS System devldr exe C Program Files Mozilla Firefox firefox exe C Program Files Yahoo SoftwareUpdate YahooAUService exe C WINDOWS System rundll exe C DOCUME ADMINI RAN Desktop dds scr Pseudo HJT Report uStart Page hxxp www yahoo com uSearch Page hxxp red clientapps yahoo com customize ycomp defaults sp http www yahoo com uSearch Bar hxxp red clientapps yahoo com customize ycomp defaults sb http www yahoo com search ie html mSearch Bar hxxp us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html uSearchURL Default hxxp red clientapps yahoo com customize ycomp defaults su http www yahoo com uURLSearchHooks Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yahoo companion installs cpn yt dll BHO amp Yahoo Toolbar Helper d -c f - efb- b - eca - c program files yahoo companion installs cpn yt dll BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dll BHO bf - d- cbd-b - d da - c windows system noyusoda dll BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dll BHO Yahoo IE Services Button bab b b- bc- b - d - fc de a - c program files yahoo common yiesrvc dll BHO scriptproxy db d a - - e -b d- f c - c program files mcafee virusscan scriptsn dll BHO A FD-DDB - - F -D EA D - No File BHO Google Toolbar Notifier BHO af de - d - -b fa-ce b ad d - c program files google googletoolbarnotifier swg dll BHO SingleInstance Class fdad da - a - fd - c - f ac - c program files yahoo companion installs cpn YTSingleInstance dll TB Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yahoo companion installs cpn yt dll TB B ACF - F F- FD -BB - D A D CB - No File EB amp Yahoo Messenger bbe - e - d -ad - d ad - c progra yahoo common yhexbmesus dll EB Media Band - a - b-a - c a a - SystemRoot System browseui dll uRun Yahoo Pager quot c program files yahoo messenger YahooMessenger exe quot -quiet uRun SpybotSD TeaTimer c program files spybot - search amp destroy TeaTimer exe mRun KernelFaultCheck systemroot system dumprep -k mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartup mRun mcagent exe c program files mcafee com agent mcagent exe runkey mRun d d rundll exe quot c windows system gataviva dll quot b mRun marofamona Rundll exe quot c windows system kahowuhi dll quot s mRun YMailAdvisor quot c program files yahoo common YMailAdvisor exe quot mRun CPMdb ba c Rundll exe quot c windows system limereju dll quot a StartupFolder c documents and settings all users windows start menu programs startup Adobe Reader Speed Launch lnk disabled StartupFolder c docume alluse win startm programs startup sataraid lnk - c program files silicon image siisataraid SATARaid exe IE c fe - f d- d -a b- aa c a - SystemRoot web related htm IE FB F -F - d -... Read more

A:adtrgt

Thanks ya'll. ended up being vundo.hgo. got it removed.

http://www.bleepingcomputer.com/forums/t/219506/adtrgt/
Relevancy 41.71%

I have already run ComboFix ComboFix - - - a - - - NTFSx Microsoft Windows XP Professional GMT Running from E ComboFix exe AV ESET Smart Security On-access scanning enabled Updated FW ESET Personal firewall enabled Resident please!! Help getting from adtrgt.com. keep pop-ups I AV is active Other Deletions c windows sysdat dll I keep getting pop-ups from adtrgt.com. Help please!! c windows system cnrlur dll c windows system elwxnoiq ini c windows system euokmy dll c windows system eyipkpyf ini c windows system ffusaixr ini c windows system fypkpiye dll c windows system gjPAyyxx ini c windows system gjPAyyxx ini c windows system gxvlkkcp ini c windows system hahifeyl ini c windows system iixhdy dll c windows system ilvbujxi dll c windows system jmjkym dll I keep getting pop-ups from adtrgt.com. Help please!! c windows system ljlcowjb dll c windows system llnakemy dll c windows system mearzz dll c windows system ohpxaa dll c windows system PsYabIPo ini c windows system pxumwjfw dll c windows system rxiasuff dll c windows system tCbJknmp ini c windows system uaidjnrr ini c windows system ungipowi dll c windows system vaekcl dll c windows system xvnhnmkr dll Files Created from - - to - - - - - - lt DIR gt d-------- c documents and settings All Users Application Data SUPERAntiSpyware com - - - - lt DIR gt d-------- c documents and settings a Application Data SUPERAntiSpyware com - - - - --a------ c windows system VideoGenieSetup ini - - - - -ra------ c windows system vp vfw dll - - - - --a------ c windows wininit ini - - - - lt DIR gt d-------- c documents and settings All Users Application Data Spybot - Search amp Destroy - - - - lt DIR gt d-------- c windows system Hauppauge - - - - --a------ c windows Irremote ini - - - - --a------ c windows system evr dll - - - - --a------ c windows system hcwpnp dll - - - - --a------ c windows UNWISE EXE - - - - --a------ c windows system hcwi c dll - - - - --a------ c windows system dxva dll - - - - --a------ c windows system hcwutl dll - - - - --a------ c windows HCWPNP INI - - - - --a------ c windows system PsisDecd dll - - - - --a------ c windows system MSDvbNP ax - - - - --a------ c windows system PsisRndr ax - - - - --a------ c windows system BdaPlgIn ax - - - - --a------ c windows system drivers MPE sys - - - - --a------ c windows system drivers BdaSup sys - - - - --a------ c windows system drivers hcw bda sys - - - - --a------ c windows system hcw rc sys - - - - --a------ c windows system drivers hcw rc sys - - - - ---hs---- c windows system wdskhqmx tmp - - - - lt DIR gt d-------- c windows Sun - - - - --a------ c windows system deploytk dll - - - - --a------ c windows system javacpl cpl - - - - lt DIR gt d-------- c program files Java - - - - lt DIR gt d-------- c documents and settings a Application Data vlc - - - - lt DIR gt d-------- c program files Stardock - - - - lt DIR gt d-------- c program files Common Files Stardock - - - - lt DIR gt d-------- c documents and settings a Application Data ESET - - - - lt DIR gt d-------- c program files ESET - - - - -----c--- c windows system dllcache sysmain sdb - - - - -----c--- c windows system dllcache apph sp sdb - - - - -----c--- c windows system dllcache apphelp sdb - - - - lt DIR gt d-------- c program files Windows Media Connect - - - - lt DIR gt d-------- c windows system drivers UMDF - - - - lt DIR gt d-------- c documents and settings a Application Data ArcSoft - - - - lt DIR gt d-------- c documents and settings a Application Data Philips - - - - lt DIR gt d-------- c program files Common Files ArcSoft - - - - lt DIR gt d-------- c documents and settings All Users Application Data ArcSoft - - - - --a------ c windows system unicows dll - - - - lt DIR gt d-------- c documents and settings a Application Data FileZilla - - - - --a------ c windows WebsiteBuilder ini Find M Report - - --------- d-----w c program files Common Files Wise Installation Wizard - - --------- d-----w c program files lx cats - - --------- d--h--w c program file... Read more

A:I keep getting pop-ups from adtrgt.com. Help please!!

And also HijackThis....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:14, on 08/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\SUPERAntiSpyware.exe
C:\WINDOWS\system32\HPZipm12.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - E:\PROGRA~1\STREAM~1\ARCURL~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GEST] m|\
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint... Read more

https://forums.techguy.org/threads/i-keep-getting-pop-ups-from-adtrgt-com-help-please.788321/
Relevancy 41.71%

Hello Group I just downloaded HJT and during the This Is ! Url.adtrgt.com---what installation pop-ups just pop-up going to quot url adtrgt com quot in IE How can I remove this MY LOG FILE Logfile of Trend Micro HijackThis v Scan saved at PM Url.adtrgt.com---what Is This ! on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services Url.adtrgt.com---what Is This ! exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin Url.adtrgt.com---what Is This ! S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS AOLacsd exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS System GEARSec exe C Program Files Common Files McAfee HackerWatch HWAPI exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe C PROGRA McAfee VIRUSS mcods exe C PROGRA McAfee MSC mcpromgr exe c PROGRA COMMON mcafee mcproxy mcproxy exe c PROGRA COMMON mcafee redirsvc redirsvc exe C PROGRA McAfee VIRUSS mcshield exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files McAfee MPF MPFSrv exe C PROGRA McAfee MPS mps exe C Program Files McAfee MSK MskSrver exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files SiteAdvisor SAService exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files McAfee MSK MskAgent exe C Program Files SiteAdvisor SiteAdv exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Documents and Settings Christina Local Settings Application Data VTShared GCNotifier exe C Program Files McAfee MPS mpsevh exe C Program Files iPod bin iPodService exe c PROGRA mcafee com agent mcagent exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Internet Explorer IEXPLORE EXE R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO no name - FD D- B- FC- - AE - C Program Files SiteAdvisor SiteAdv dll O - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptcl dll O - BHO CBrowserHelperObject Object - CA C - B - E-A -A C DB F - c Program Files BAE BAE dll O - BHO no name - FF D- D A- D B-AA F- EE A FE - no file O - Toolbar no name - B EA -A - -B BB- DE CCA - no file O - Toolbar McAfee SiteAdvisor - BF - F - - - FE E AA - C Program Files SiteAdvisor SiteAdv dll O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM Run MskAgentexe C Program Files McAfee MSK MskAgent exe O - HKLM Run SiteAdvisor C Program Files SiteAdvisor SiteAdv exe O - HKLM Run McENUI C PROGRA McAfee MHN McENUI exe hide O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run gcNotifier C Documents and Settings Christina Local Settings Application Data VTShared GCNotifier exe O - Service McAfee Application Installer Cleanup mcinstcleanup - McAfee Inc - C WINDOWS TEMP EXE O - Service AOL Connectivity Service AOL ACS - America Online Inc - C PROGRA COMMON AOL ACS AOLacsd exe O - Service Apple Mobile Device - Apple Inc - C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe O - Service Bonjour Service - Apple Inc - C Program Files Bonjour mDNSResponder exe O - Service Symantec Event Manager ccEvtMgr - Symantec Corporation - C Program Files Common Files Symantec Shared ccEvtMgr exe O - Service Symantec Password Validation ccPwdSvc - Symantec Corporation - C Program Files Common Files Symantec Shared cc... Read more

A:Url.adtrgt.com---what Is This !

Hello Group,
This URL keep on popping up.
// url.adtrgt.com

How can I remove this ?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:47:20 PM, on 2/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Windows Media Player\wmplayer.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Quick... Read more

http://www.bleepingcomputer.com/forums/t/131121/urladtrgtcom-what-is-this/
Relevancy 41.71%

Every five minutes or so Need Url.adtrgt! Help! internet explorer pops up with a window that has url adtrgt in it I've tried almost everything Can anyone help me please sorry if i dont have any information posted i saw a similar problem in the Url.adtrgt! Need Help! forumshere's my HJT log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss Url.adtrgt! Need Help! exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exeC WINDOWS system Url.adtrgt! Need Help! ZoneLabs vsmon exeC WINDOWS system spoolsv exeC PROGRA COMMON Stardock SDMCP exeC WINDOWS Explorer EXEC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC PROGRA Grisoft AVG avgamsvr exeC PROGRA Grisoft AVG avgupsvc exeC PROGRA Grisoft AVG avgemc exeC Program Files Common Files LightScribe LSSrvc exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS system nvsvc exeC WINDOWS system PnkBstrA exeC WINDOWS system svchost exeC Program Files Viewpoint Common ViewpointService exeC WINDOWS SOUNDMAN EXEC Program Files Java jre bin jusched exeC WINDOWS system RUNDLL EXEC Program Files iTunes iTunesHelper exeC Program Files Zone Labs ZoneAlarm zlclient exeC WINDOWS system ctfmon exeC Program Files CursorXP CursorXP exeC Program Files RocketDock RocketDock exeC Program Files Last fm LastFMHelper exeC Program Files iPod bin iPodService exeC Documents and Settings Jack Chen Desktop Stuff dxwnd DXwnd exeC Program Files AIM aim exeC Program Files AIM aolsoftware exeC Program Files Mozilla Firefox firefox exeC Documents and Settings Jack Chen Desktop Admin Folder Downloads HiJackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dllO - Hosts auto search msn comO - Hosts auto search msn esO - Hosts pagead googlesyndication comO - Hosts game us segaonline jpO - Hosts patch us segaonline jpO - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dllO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO Megaupload Toolbar - E BD F- B D- E-CCB -B EEDBE C - C PROGRA MEGAUP MEGAUP DLLO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO ZoneAlarm Spy Blocker BHO - F D B -DA B- daf- E -DFEE A AA - C Program Files ZoneAlarmSB bar bin SPYBLOCK DLLO - Toolbar Veoh Browser Plug-in - D - - -A B -AEFAF AB - C Program Files Veoh Networks Veoh Plugins reg VeohToolbar dllO - Toolbar Megaupload Toolbar - E BD F- B D- E-CCB -B EEDBE C - C PROGRA MEGAUP MEGAUP DLLO - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dllO - Toolbar ZoneAlarm Spy Blocker - F D B -DA B- daf- E -DFEE A AA - C Program Files ZoneAlarmSB bar bin SPYBLOCK DLLO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run LogonStudio quot C Program Files WinCustomize LogonStudio logonstudio exe quot RANDOMO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInitO - HKLM Run iTunesHelper quot C P... Read more

A:Url.adtrgt! Need Help!

Welcome to the BleepingComputer HijackThis Logs and Analysis forum. My name is Richie and i'll be helping you to fix your problems.Apologies for the late response,as i'm sure you can appreciate we are extremely busy.If you've already recieved help at another forum and your issues have been resolved,or you're presently recieving help elsewhere then please let us know.If you have not followed the info in the link below prior to posting your log then please do so now:Preparation Guide for use before posting a HijackThis Log:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/If you still require help,please post a new Hijackthis log into this topic in your next reply.Also post a detailed description of the issues you're experiencing.*Note*Post all reports/logs directly into this topic,not as attachments or inside code boxes,thanks.

http://www.bleepingcomputer.com/forums/t/130822/urladtrgt-need-help/
Relevancy 41.71%

Logfile of Trend Micro Adtrgt.com Pop-up HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C Adtrgt.com Pop-up WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS Explorer EXEC WINDOWS system spoolsv exeC WINDOWS system VTTimer exeC WINDOWS system VTtrayp exeC WINDOWS SOUNDMAN EXEC Program Files iTunes iTunesHelper exeC PROGRA Grisoft AVG avgcc exeC Program Files uTorrent uTorrent exeC Program Files Common Files Nero Lib NMIndexStoreSvr exeC Program Files PeerGuardian pg exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC PROGRA Grisoft AVG avgamsvr exeC PROGRA Grisoft AVG avgupsvc exeC PROGRA Grisoft AVG avgemc exeC Program Files Bonjour mDNSResponder exeC Program Files Alcohol Soft Alcohol StarWind StarWindServiceAE exeC Program Files iPod bin iPodService exeC Program Files Common Files Nero Lib NMIndexingService exeC WINDOWS system wuauclt exeC Program Files Windows Live Messenger msnmsgr exeC Program Files Windows Live Messenger usnsvc exeC WINDOWS System svchost exeC Program Files Yahoo Messenger YahooMessenger exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeO - Hosts serial alcohol-soft comO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - HKLM Run VTTimer VTTimer exeO - HKLM Run VTTrayp VTtrayp exeO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run googletalk C Program Files Google Google Talk googletalk exe autostartO - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run NeroFilterCheck C Program Files Common Files Nero Lib NeroCheck exeO - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottimeO - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUPO - HKLM Run WinampAgent quot C Program Files Winamp winampa exe quot O - HKCU Run Yahoo Pager quot C Program Files Yahoo Messenger YahooMessenger exe quot -quietO - HKCU Run MsnMsgr quot C Program Files Windows Live Messenger MsnMsgr Exe quot backgroundO - HKCU Run uTorrent quot C Program Files uTorrent uTorrent exe quot O - HKCU Run IndxStoreSvr E - C C- d f- C - D A B AA quot C Program Files Common Files Nero Lib NMIndexStoreSvr exe quot ASO- B - DAE- -A F- A E O - HKCU Run PeerGuardian C Program Files PeerGuardian pg exeO - HKCU Run AlcoholAutomount quot C Program Files Alcohol Soft Alcohol axcmd exe quot automountO - HKUS S- - - Run AVG Run C PROGRA Grisoft AVG avgw exe RUNONCE User 'LOCAL SERVICE' O - HKUS S- - - Run AVG Run C PROGRA Grisoft AVG avgw exe RUNONCE User 'NETWORK SERVICE' O - HKUS S- - - Run AVG Run C PROGRA Grisoft AVG avgw exe RUNONCE User 'SYSTEM' O - HKUS DEFAULT Run AVG Run C PROGRA Grisoft AVG avgw exe RUNONCE User 'Default user' O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLLO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http www update microsoft com windowsupd b O - HKLM System CCS Services Tcpip B F C- CE- A- C -E F E C NameServer O - Protocol skype com - FFC B - B - DFF- - C DD F D - C PROGRA COMMON Skype SKYPE DLLO - Service Apple Mobile Device - Apple Inc - C Program Files Common Files Apple Mobil... Read more

A:Adtrgt.com Pop-up

help please. it's annoying.

http://www.bleepingcomputer.com/forums/t/132924/adtrgtcom-pop-up/
Relevancy 41.71%

Hey I ve been dealing with this url adtrgt pop-up for over a week While running Mozilla it brings up the ads without loading anything on the pop-up page So I believe Mozilla is blocking the content but the pop-up is still getting through I ve also been dealing trojan virtumonde spyware I thought I d be able to clean it out however I ve seen no change in the ads except that they keep getting heavier I downloaded hijack this and have run and posted pop-ups url.adtrgt.com the results below If I need anything else please let url.adtrgt.com pop-ups me know Thank you Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS System SCardSvr exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C Program Files Java jre bin jqs exe C PROGRA AVG AVG avgtray exe C Program Files iTunes iTunesHelper exe C Program Files Spyware Doctor pctsTray exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Messenger msmsgs exe C WINDOWS system ctfmon exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Spyware Doctor pctsAuxs exe C PROGRA AVG AVG avgrsx exe C Program Files Spyware Doctor pctsSvc exe C WINDOWS system wdfmgr exe C Program Files Linksys WPC N WLService exe C Program Files Linksys WPC N WPC N exe C PROGRA AVG AVG avgemc exe C Program Files iPod bin iPodService exe C WINDOWS system wscntfy exe C WINDOWS System alg exe C Program Files Mozilla Firefox firefox exe C WINDOWS system rundll exe C Documents and Settings Ryan Desktop VundoFix exe C HJT HijackThis exe C WINDOWS system wbem wmiprvse exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exe O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run ISTray quot C Program Files Spyware Doctor pctsTray exe quot O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button no name - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra Tools menuitem Spybot - Search amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Protocol linkscanner - F C- F - D -A D -FBDDE F D - C Program Files AVG AVG avgpp dll O - AppInit DLLs avgrsstx dll njihvw dll qvgfyv dll rxnilo dll tgxedk dll euubpf dll zaxbgc dll O - Service Lavasoft Ad-Aware Service aawservice - Lavasoft - C Program Files Lavasoft Ad-Aware aawservice exe O - Service Apple Mobile Device - Apple Inc - C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe O - Service Ati HotKey Poller - ATI Technologies Inc - C WINDOWS system Ati evxx exe O - Service AVG Free E-mail Scanner avg emc - AVG Technologies CZ s r o - C PROGRA AVG AVG avgemc ex... Read more

https://forums.techguy.org/threads/url-adtrgt-com-pop-ups.785605/
Relevancy 41.71%

Hello TSG! You guys seem to be my only chance at getting rid of this horrible url adtrgt cpv pop up on my IE. It has been like this for a week now and Spybot cleans nothing that fixes this for me.. please let me know what I need to do in order to resolve this asap. I would appreciate any effort to help me! THX!
 

A:url adtrgt cpv HELP PLS!

any help guys.. ?
 

https://forums.techguy.org/threads/url-adtrgt-cpv-help-pls.818017/
Relevancy 41.71%

Every time I open my Mozilla browser, I get intermittent pop-ups to "url.adtrgt.com". I really have no idea what it is but I'm guessing it could be some sort of malware, but that's why I am here, I have no idea what to do.

I tried scanning my computer with malwarebytes, spybot, AVG, and SuperAntispyware to no avail. This thing is really pesky.
 

Relevancy 41.71%

Firefox is opening random popups with this address every few minutes It opens a hidden window then luckily times out here Url.adtrgt.com is my log Logfile of Trend Micro HijackThis v Scan saved at PM on Url.adtrgt.com Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot Url.adtrgt.com mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe Url.adtrgt.com C WINDOWS system WgaTray exe C WINDOWS Explorer EXE C Program Files Lavasoft Ad-Aware aawservice exe C Program Files NVIDIA Corporation NvMixer NVMixerTray exe C DOCUME berk LOCALS Temp winlogin exe C DOCUME berk LOCALS Temp winlogin exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Logitech MouseWare system em exec exe C WINDOWS system spoolsv exe C Program Files Internet Explorer iexplore exe C WINDOWS Microsoft NET Framework v mscorsvw exe C WINDOWS system wscntfy exe C Program Files Mozilla Firefox firefox exe C Program Files uTorrent uTorrent exe C WINDOWS system wpabaln exe C Program Files Java jre bin jqs exe C Program Files Lavasoft Ad-Aware Ad-Aware exe C Program Files Trend Micro HijackThis HijackThis exe O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run NVMixerTray quot C Program Files NVIDIA Corporation NvMixer NVMixerTray exe quot O - HKLM Run Logitech Utility Logi MwX Exe O - HKLM Run xsjfn jkemfofght C DOCUME berk LOCALS Temp winlogin exe O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKCU Run xsjfn jkemfofght C DOCUME berk LOCALS Temp winlogin exe O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exe O - HKCU Software Microsoft Windows CurrentVersion Policies System DisableRegedit O - Extra button no name - DFB A - F - C -A - CAB FD A - C Program Files Spybot - Search amp Destroy SDHelper dll O - Extra Tools menuitem Spybot - Search amp amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C Program Files Spybot - Search amp Destroy SDHelper dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - HKLM System CCS Services Tcpip EC F -FE - CE-AD -BB D E EA NameServer O - AppInit DLLs yjpzbe dll O - SharedTaskScheduler mcb uehuj n weuhejsw - C BF A - F - BD-F - C D - C WINDOWS system jsdf j dgf dll O - Service Lavasoft Ad-Aware Service aawservice - Lavasoft - C Program Files Lavasoft Ad-Aware aawservice exe O - Service Ati HotKey Poller - ATI Technologies Inc - C WINDOWS system Ati evxx exe O - Service ATI Smart - Unknown owner - C WINDOWS system ati sgag exe O - Service Java Quick Starter JavaQuickStarterService - Sun Microsystems Inc - C Program Files Java jre bin jqs exe -- End of file - bytes nbsp

https://forums.techguy.org/threads/url-adtrgt-com.777459/
Relevancy 41.71%
Q: Adtrgt

Hi-ho there I need you guys to help me get rid of this annoying adtrgt com popup Here s a HJT log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Google Update GoogleUpdate exe C WINDOWS System cisvc exe C WINDOWS BCMSMMSG exe C WINDOWS System nvsvc exe C Program Files Java jre bin jusched exe C WINDOWS system PSIService exe C Program Files NuCam CamCheck CamCheck exe C WINDOWS system rundll exe C Program Files Zone Labs ZoneAlarm zlclient exe C WINDOWS System svchost exe C Program Files Netropa OSD exe C Program Files Viewpoint Common ViewpointService exe C Program Files Siber Systems AI RoboForm RoboTaskBarIcon exe C Program Files Skype Phone Skype exe C Program Files Winamp Remote bin OrbTray exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C PROGRA ZONELA ZONEAL MAILFR mantispm exe C Program Files Skype Plugin Manager skypePM exe C WINDOWS system cidaemon exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www myspace com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize Adtrgt ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride R - URLSearchHook AOLTBSearch Class - EA - - DB- F Adtrgt -D CA FB C D - C Program Files AOL AOL Toolbar aoltb dll O - BHO no name - D -C F - EFB- B - ECA - no file O - BHO no name - f -c - ecb- - de d e - C WINDOWS system yosihemo dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO BitComet ClickCapture - F E - A- B A-BCAF- B BFDFEA - C Program Files BitComet tools BitCometBHO dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO no name - d a - d - d - - e a - C Program Files Siber Systems AI RoboForm roboform dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - C Program Files AOL AOL Toolbar aoltb dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO ST - EDE -C B - E- - BF AF E - C Program Files MSN Apps ST en-xu stmain dll O - BHO no name - ECB - F - bbc- D- DDF E - no file O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO Browser Helper Object - AFD AD - C - DB-A -FBE A C - C Program Files Common helper dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar e... Read more

A:Adtrgt

BUMP!!!

Sorry for not posting enough info last time, but I really need you guys to help me. This sucks and it's slowing down my PC.

It's the Virtumonde trojan. In Firefox, popups starting with url.adtrgt.com will appear. Spybot finds and fixes this but it always comes back. I read some tutorial on how to remove it and it said to reboot my computer in Safe Mode With Networking. Well, my computer won't boot into safe mode at all. So please. Help.

Here is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:08:50 AM, on 12/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NuCam\CamCheck\CamCheck.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\AIM6\aim6.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 195.70.55.156
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {06545f22-c213-4ecb-9521-4de902d0511e} - C:\WINDOWS\system32\puzohilo.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-9... Read more

https://forums.techguy.org/threads/adtrgt.775357/
Relevancy 41.71%

Hello Group I just downloaded HJT and during the installation pop-ups just pop-up going to quot url !!! url.adtrgt.com IS THIS ---WHAT adtrgt com quot in IE How can url.adtrgt.com ---WHAT IS THIS !!! I remove this MY LOG FILE Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS url.adtrgt.com ---WHAT IS THIS !!! system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe url.adtrgt.com ---WHAT IS THIS !!! C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS AOLacsd exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS System GEARSec exe C Program Files Common Files McAfee HackerWatch HWAPI exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe C PROGRA McAfee VIRUSS mcods exe C PROGRA McAfee MSC mcpromgr exe c PROGRA COMMON mcafee mcproxy mcproxy exe c PROGRA COMMON mcafee redirsvc redirsvc exe C PROGRA McAfee VIRUSS mcshield exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files McAfee MPF MPFSrv exe C PROGRA McAfee MPS mps exe C Program Files McAfee MSK MskSrver exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files SiteAdvisor SAService exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files McAfee MSK MskAgent exe C Program Files SiteAdvisor SiteAdv exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Documents and Settings Christina Local Settings Application Data VTShared GCNotifier exe C Program Files McAfee MPS mpsevh exe C Program Files iPod bin iPodService exe c PROGRA mcafee com agent mcagent exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Internet Explorer IEXPLORE EXE R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO no name - FD D- B- FC- - AE - C Program Files SiteAdvisor SiteAdv dll O - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptcl dll O - BHO CBrowserHelperObject Object - CA C - B - E-A -A C DB F - c Program Files BAE BAE dll O - BHO no name - FF D- D A- D B-AA F- EE A FE - no file O - Toolbar no name - B EA -A - -B BB- DE CCA - no file O - Toolbar McAfee SiteAdvisor - BF - F - - - FE E AA - C Program Files SiteAdvisor SiteAdv dll O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM Run MskAgentexe C Program Files McAfee MSK MskAgent exe O - HKLM Run SiteAdvisor C Program Files SiteAdvisor SiteAdv exe O - HKLM Run McENUI C PROGRA McAfee MHN McENUI exe hide O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run gcNotifier C Documents and Settings Christina Local Settings Application Data VTShared GCNotifier exe O - Service McAfee Application Installer Cleanup mcinstcleanup - McAfee Inc - C WINDOWS TEMP EXE O - Service AOL Connectivity Service AOL ACS - America Online Inc - C PROGRA COMMON AOL ACS AOLacsd exe O - Service Apple Mobile Device - Apple Inc - C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe O - Service Bonjour Service - Apple Inc - C Program Files Bonjour mDNSResponder exe O - Service Symantec Event Manager ccEvtMgr - Symantec Corporation - C Program Files Common Files Symantec Shared ccEvtMgr exe O - Service Symantec Password Validation ccPwdSvc - Symantec Corporation - C Program Files Common Files Symantec Shared ccPwdS... Read more

A:url.adtrgt.com ---WHAT IS THIS !!!

Please download SDFix from here and save it to your desktop


Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.


Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Post that log in your next reply.


=========================================


Please download Combofix from any of the links below, and save it to your desktop. For further information regarding this download you can see this on this Information Page

Combofix Link 1
Combofix Link 2
Combofix Link 3


**Note: It is important that it is saved directly to your desktop**

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


Caution...Never run and remove files using ComboFix without being supervised by a security analyst.

http://www.techsupportforum.com/forums/f284/url-adtrgt-com-what-is-this-221628.html
Relevancy 41.71%

Here is the ComboFix log as mentioned in another thread for this very same problem I could not reply to that thread so I figured I should Pop-Under url.adtrgt.com simply start a new one I need to know which lines to add to the removal process as I m not sure what items are detrimental Thanks ---------- ComboFix - - - FBR BDavis - - - NTFSx Microsoft Windows XP Professional GMT - Running from C Documents and Settings FBR BDavis Desktop ComboFix exe Other Deletions C WINDOWS system drivers core cache dsk C WINDOWS system drivers ipsecc sys C Documents and Settings All Users Application Data Microsoft Network Downloader qmgr dat C Documents and Settings All Users Application Data Microsoft Network Downloader qmgr dat C Temp cb C Temp cb syscheck log C Temp isgTi C Temp isgTi lPig log C temp tn C WINDOWS system crosof C WINDOWS system crosof crosoft C WINDOWS system ctkrfxwk ini C WINDOWS system drivers core cache dsk C WINDOWS system drivers ipsecc sys C WINDOWS system m C WINDOWS system mlkkj ini C WINDOWS system nGpxx C WINDOWS system nGpxx nGpxx exe C WINDOWS system p C WINDOWS system pac txt C WINDOWS system s C WINDOWS system s advcomms exe url.adtrgt.com Pop-Under C WINDOWS system wvwbgdly dllbox C WINDOWS system z ----- BITS Possible url.adtrgt.com Pop-Under infected sites ----- hxxp www download windowsupdate com Drivers Services ------- LEGACY IPSECC ------- ipsecc Files Created from - - to - - - - - - --a------ C cmldr - - - - --a------ C kmd exe - - - - --a------ C WINDOWS system SBRC dat - - - - --a------ C WINDOWS system SBFC dat - - - - --a------ C WINDOWS system drivers sbhr sys - - - - lt DIR gt d-------- C Program Files Sunbelt Software - - - - lt DIR gt d-------- C Documents and Settings FBR BDavis Application Data Sunbelt Software - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Sunbelt Software - - - - --a------ C WINDOWS system ikhcore cfg - - - - --a------ C WINDOWS wininit ini - - - - lt DIR gt d-------- C Program Files Spybot - Search amp Destroy - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Spybot - Search amp Destroy - - - - lt DIR gt d--hs---- C WINDOWS system PdmHist - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Kaspersky Lab - - - - --ahs---- C WINDOWS system drivers fidbox dat - - - - --ahs---- C WINDOWS system drivers fidbox idx - - - - --a------ C WINDOWS system drivers klin dat - - - - --a------ C WINDOWS system drivers klick dat - - - - --ahs---- C WINDOWS system drivers fidbox dat - - - - --ahs---- C WINDOWS system drivers fidbox idx - - - - lt DIR gt d-------- C Documents and Settings FBR BDavis Application Data Yahoo - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Yahoo Companion - - - - lt DIR gt d-a------ C Documents and Settings All Users Application Data TEMP - - - - lt DIR gt d-------- C Program Files Spyware Doctor - - - - lt DIR gt d-------- C Documents and Settings FBR BDavis Application Data PC Tools - - - - --a------ C WINDOWS system drivers iksyssec sys - - - - --a------ C WINDOWS system drivers iksysflt sys - - - - --a------ C WINDOWS system drivers ikfilesec sys - - - - --a------ C WINDOWS system drivers kcom sys - - - - --a------ C WINDOWS winzipsp ini - - - - --a------ C WINDOWS system mfc dll - - - - lt DIR gt d-------- C Documents and Settings FBR BDavis Application Data iolo - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data iolo - - - - lt DIR gt d-------- C Program Files Kaspersky Lab - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data Kaspersky Lab Setup Files - - - - lt DIR gt d--hs---- C WINDOWS QnV Y ggRGF aXM - - - - lt DIR gt d-------- C Temp - - - - --a------ C WINDOWS dSimEd INI - - - - lt DIR gt d-------- C Documents and Settings FBR BDavis Application Data FlashFXP - - - - lt DIR gt d-------- C Program Files Common Files Adobe Systems Shared - - - - lt DIR gt d-------- C Document... Read more

A:url.adtrgt.com Pop-Under

Hi, Welcome to TSG!!
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Sorry for the delay, we get quite busy here.

Please post a new combofix log also.
 

https://forums.techguy.org/threads/url-adtrgt-com-pop-under.681888/
Relevancy 41.71%

I recently got flooded with a bunch of nasty stuff that I promptly removed with Spybot One of these kept opening ads from url adtrgt com I use firefox exclusively I though after scans one online one offline from Spybot that I had removed whatever was making that happen So I url.adtrgt.com get on the internet and there it goes again I thought that the thing causing this was cogad exe which from the Hijackthis log appears to no longer be running I really need help with this please Heres the log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C PROGRA COMMON SYMANT CCPD-LC symlcsvc exe C WINDOWS system spoolsv exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C WINDOWS system svchost exe c WINDOWS system ZuneBusEnum exe C WINDOWS system mqsvc exe C WINDOWS system mqtgsvc exe url.adtrgt.com C WINDOWS system dllhost exe C WINDOWS system wscntfy exe C WINDOWS Explorer EXE C Program Files GE Dual Scroll Optical Mouse Amoumain exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKCU Software Microsoft Internet Explorer Main First Home Page http www dell com R - HKCU Software Microsoft Internet Connection Wizard ShellNext https login live com ppsecure sha auth srf lc R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - Toolbar Show Norton Toolbar - FEBEFE - B - - D -FFB D B CA - C Program Files Common Files Symantec Shared coShared Browser CoIEPlg dll O - HKLM Run WheelMouse C Program Files GE Dual Scroll Optical Mouse Amoumain exe O - HKLM Run ccApp C Program Files Common Files Symantec Shared ccApp exe O - HKUS S- - - Run MySpaceIM C Program Files MySpace IM MySpaceIM exe User SYSTEM O - HKUS S- - - RunOnce RunNarrator Narrator exe User SYSTEM O - HKUS DEFAULT Run MySpaceIM C Program Files MySpace IM MySpaceIM exe User Default user O - HKUS DEFAULT RunOnce RunNarrator Narrator exe User Default user O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MI Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button no name - CD F -D E - d - FE- C F AFE - no file O - Extra button no name - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exe O - Extra Tools menuitem xpsp res dll - - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF CabBuilder - http kiw imgag com imgag kiw toolbar download InstallerControl cab O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com windowsupdate v V Controls en x client... Read more

A:url.adtrgt.com

Close this, I've found a website where I'll hopefully get a faster response.
 

https://forums.techguy.org/threads/url-adtrgt-com.797261/
Relevancy 41.71%

Hello im really having issues with the quot url adtrgt com quot pop-up everytime i browse a webpage it seems to pop up constantly Can anyone help me with this url.adtrgt.com Pop-Up issue I have my Hijackthis log Logfile of Trend Micro HijackThis v Scan saved at PM on url.adtrgt.com Pop-Up Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Intel Intel Application Accelerator iaanotif exe C PROGRA ALWILS Avast ashDisp exe C WINDOWS SOUNDMAN EXE C Program Files QuickTime QTTask exe C Program Files iTunes iTunesHelper exe C WINDOWS system RUNDLL EXE C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Netropa Multimedia Keyboard nhksrv exe C PROGRA COMMON AOL ACS AOLacsd exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files Bonjour mDNSResponder exe C Program Files Intel Intel Application Accelerator iaantmon exe C Program Files Canon IJPLM IJPLMSVC EXE C WINDOWS system nvsvc exe C WINDOWS System svchost exe C Program Files Viewpoint Common ViewpointService exe C Program Files Alwil Software Avast ashWebSv exe C WINDOWS system wscntfy exe C Program Files iPod bin iPodService exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Comcast R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn yt dll O - Toolbar no name - BA B -B - c -B - F F - no file O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn yt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar Viewpoint Toolbar - F AD AA -D - - DAF- D B - C Program Files Common Files Viewpoint Toolbar Runtime IEViewBar dll O - HKLM Run IAAnotif C Program Files Intel Intel Application Accelerator iaanotif exe O - HKLM Run PRONoMgr exe C Program Files Intel NCS PROSet PRONoMgr exe O - HKLM Run POINTER point exe O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run QuickTime... Read more

Relevancy 41.71%

I keep getting a pop up from ie on my mozilla internet browser. It says url.adtrgt.com plus many more strange letters and words. Anyone know how I can get rid of this?

A:What Is Url.adtrgt.com?

hi and welcome to bleepingcomputerIn this forum there is a topic where someone elses has the same promblem your encoutering. Here is the link: Forum

http://www.bleepingcomputer.com/forums/t/141166/what-is-urladtrgtcom/
Relevancy 41.71%

I first had black screen with spyware warning: SPybot constantly popping up with registry entry changes even though I clicked deny.
I ran Panda, spybot and malwarebytes - found about 12 different problems. Black screen and warnings are gone but I'm still getting url.adtrgt.com trying to open in separate window, other times its IP 185.12.43.105. Always has "page not found".
I tried to get "hijack this" log to post but after the scan was completed it would freeze and not allow me to copy and paste log- tried 3 times.
I use firefox browser. Thanks!
 

A:url.adtrgt.com pop ups

Hiya and welcome to Tech Support Guy

Are you still having this problem? If so, can you do the following:

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3
* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

Regards

eddie
 

https://forums.techguy.org/threads/url-adtrgt-com-pop-ups.803103/
Relevancy 41.71%

Alright, everytime I open IE, another window is opened at url.adtrgt.com.......then is redirected to whichever website. Some are "crush calculater" , "set the trend" and various other match-making websites. I have used Ad-Aware in safe mode and it supposedly cleared all known infections. But these windows and addresses are still opening everytime I open IE. Any more info on getting rid of this will be appreciated.

A:Url.adtrgt.com

For instance, once I posted this message another window popped up addressed to http://url.adtrgt.com/cpv.jsp?p=112221&...stingId=7013888. This is gettting old.

http://www.bleepingcomputer.com/forums/t/120570/urladtrgtcom/
Relevancy 41.71%

I have read the "read this first" and downloaded HijackThis and copied the log
they made with their scan of my computer. Do I put it here so someone can help me figure out how to get rid of this? Thanks.
 

https://forums.techguy.org/threads/getting-rid-of-adtrgt.804213/
Relevancy 41.71%

Hi I seem to have contracted whatever causes url adtrgt to hijack my browser and it looks like you guys are very helpful with these things I get constant popups when running at times about blank over and over to where it is difficult to even close the browser Here is my HJT log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe at least... adtrgt C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C Program Files Cisco Systems CiscoTrustAgent ctalogd exe C Program Files Cisco Systems CiscoTrustAgent ctad exe C WINDOWS system spoolsv exe C Program Files Sprint Mobile Broadband SMBAUtilSvc exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Cisco Systems adtrgt at least... VPN Client adtrgt at least... cvpnd exe adtrgt at least... C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Dell NICCONFIGSVC NICCONFIGSVC exe C Program Files Trend Micro OfficeScan Client ntrtscan exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system svchost exe C Program Files Viewpoint Common ViewpointService exe C Program Files Orl VNC WinVNC exe C Program Files Trend Micro OfficeScan Client tmlisten exe C WINDOWS TEMP RZC C EXE C Program Files Trend Micro OfficeScan Client TmPfw exe C Program Files Intel Wireless Bin ZcfgSvc exe C WINDOWS Explorer EXE C WINDOWS System svchost exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Dell QuickSet quickset exe C Program Files Apoint Apoint exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C WINDOWS system dla tfswctrl exe C WINDOWS system igfxsrvc exe C Program Files Apoint HidFind exe C Program Files Java jre bin jusched exe C Program Files Trend Micro OfficeScan Client pccntmon exe C Program Files Apoint Apntex exe C Program Files HP HP Software Update HPWuSchd exe C Program Files HP hpcoretech hpcmpmgr exe C Program Files iTunes iTunesHelper exe C WINDOWS system rundll exe C WINDOWS system ctfmon exe C Program Files Microsoft Location Finder LocationFinder exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Trend Micro OfficeScan Client CNTAoSMgr exe C Program Files iPod bin iPodService exe C Program Files HP Digital Imaging bin hpqgalry exe C WINDOWS system taskmgr exe C WINDOWS system mmc exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO no name - b f d a- - -b e- f b f f - C WINDOWS system sehutota dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO b a a-e cc-cc -f - ff ab - ba ff - - f- cc-cc ea a b - C WINDOWS system esgmjy dll O - HKLM Run IntelZeroConfig C Program Files Intel Wireless bin ZCfgSvc exe O - HKLM Run IntelWireless C Program Files Intel Wireless Bin ifrmewrk exe tf Intel PROSet Wireless O - HKLM Run Dell QuickSet C Program Files Dell QuickSet quickset exe O - HKLM Run Apoint C Program Files ... Read more

https://forums.techguy.org/threads/adtrgt-at-least.805176/
Relevancy 41.71%

a new window opens one after another I know very little about computers but I think I have some sort of virus The top of each page has adtrgt on it I have a Toshiba Satellite with Windows Vista Any help would be great Thanks Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows Explorer EXE C Windows RtHDVCpl exe C Program Files Toshiba Power Saver TPwrMain exe C Program Files Toshiba SmoothView SmoothView exe C Program Files Toshiba FlashCards please I help with need adtrgt TCrdMain exe C Program Files Synaptics SynTP SynTPStart exe C Program Files Toshiba ConfigFree NDSTray exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files McAfee com Agent mcagent exe C Windows System wpcumi exe C Program Files iTunes iTunesHelper exe C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files Toshiba TOSCDSPD TOSCDSPD exe C Windows ehome ehtray exe C Program Files Windows Media Player wmpnscfg exe C Windows System rundll exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Microsoft Office Office ONENOTEM EXE C Windows ehome ehmsas exe C Program Files ATI Technologies ATI ACE Core-Static MOM EXE C Program Files Google Google Desktop Search GoogleDesktop exe C Windows system I need help with adtrgt please taskeng exe C Program Files Toshiba ConfigFree CFSwMgr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Synaptics SynTP SynToshiba exe C Program Files ATI Technologies ATI ACE Core-Static CCC exe c PROGRA mcafee msc mcuimgr exe C Program Files Internet Explorer ieuser exe C Program Files Internet Explorer iexplore exe C Program Files Google Google Toolbar GoogleToolbarUser exe C Windows system Macromed Flash FlashUtil b exe C Windows system SearchFilterHost exe C Program Files I need help with adtrgt please Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www toshibadirect com dpdstart R - HKCU Software Microsoft Internet Explorer Main Start Page http www toshibadirect com dpdstart R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www toshibadirect com dpdstart R - HKLM Software Microsoft Internet Explorer Main Default Search I need help with adtrgt please URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO McAntiPhishingBHO - C E- F E- D C- F-F BD D CF - c PROGRA mcafee msk mcapbho dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptsn dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO Google Dictionary Compression sdch - C D FE-E D- -BB - C E E C E - C Program Files Google Google Toolbar Component fastsearch A FB BD dll O - Toolbar Google Toolbar - C B - - d - B - A CD F - C Program Files Google Google Toolbar GoogleToolbar dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run RtHDVCpl RtHDVCpl exe O - HKLM Run TPwrMain ProgramFiles TOSHIBA Power Saver TPwrMain EXE O - HKLM Run HSON ProgramFiles TOSHIBA TBS HSON exe O - HKLM Run SmoothView ProgramFile... Read more

https://forums.techguy.org/threads/i-need-help-with-adtrgt-please.820136/
Relevancy 41.71%

Yup The adtrgt.com pop-ups adtrgt com popups ar unstoppable on my system Heres my hijackthis log If anyone could help I d appreciate it Obviuosly I ve tried adtrgt.com pop-ups all the top anti-spyware programs THANK YOU -derek Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes E WINDOWS System smss exe E WINDOWS SYSTEM winlogon exe E WINDOWS system services exe E WINDOWS system lsass exe E WINDOWS system svchost exe E WINDOWS System svchost exe E Program Files Common Files Symantec Shared ccSvcHst exe E Program Files Common Files Symantec Shared AppCore AppSvc exe E Program Files Lavasoft Ad-Aware aawservice exe E WINDOWS system spoolsv exe E WINDOWS Explorer EXE E Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe E Program Files Common Files Autodesk Shared Service AdskScSrv exe E Program Files Symantec LiveUpdate ALUSchedulerSvc exe E Program Files Grisoft AVG Anti-Spyware guard exe E WINDOWS system AvidSDMService exe E Program Files Bonjour mDNSResponder exe E Program Files Digidesign Drivers MMERefresh exe E WINDOWS system E S RP EXE E Program Files Autodesk ds Max mentalray satellite raysat dsmax server exe E Program Files NVIDIA Corporation nTune nTuneService exe E WINDOWS system nvsvc exe E Program Files adtrgt.com pop-ups Alcohol Soft Alcohol StarWind StarWindServiceAE exe E Program Files Common Files TiVo Shared Beacon TiVoBeacon exe E WINDOWS system SearchIndexer exe adtrgt.com pop-ups E Program Files Common Files DAbstractWhenU ScrInstall exe E WINDOWS RTHDCPL EXE E WINDOWS system RUNDLL EXE E Program Files Microsoft Office Office GrooveMonitor exe E Program Files iTunes iTunesHelper exe E Program Files Common Files Symantec Shared ccApp exe E Program Files Grisoft AVG Anti-Spyware avgas exe E Program Files Common Files TiVo Shared Transfer TiVoTransfer exe E Program Files TiVo Desktop TiVoNotify exe E Program Files BitTorrent DNA dna exe E Program Files Spybot - Search amp Destroy TeaTimer exe E Program Files SlySoft AnyDVD AnyDVD exe E Program Files Windows Desktop Search WindowsSearch exe E Program Files EarthView EarthView exe E Program Files iPod bin iPodService exe E Program Files TiVo Desktop TiVoServer exe E WINDOWS system SearchProtocolHost exe E Program Files Internet Explorer iexplore exe E Program Files Internet Explorer iexplore exe E Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - E Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - E PROGRA SPYBOT SDHelper dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - E PROGRA MICROS Office GRA E DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - E Program Files Java jre bin ssv dll O - HKLM Run NvCplDaemon RUNDLL EXE E WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run GBB X Configure E WINDOWS system JMRaidTool exe boot O - HKLM Run MARYBETH EPSON Stylus CX Series E WINDOWS System spool DRIVERS W X E FATIBIA EXE FU quot E DOCUME Derek LOCALS Temp E S tmp quot EF quot HKLM quot O - HKLM Run Auto EPSON Stylus CX Series on MARYBETH E WINDOWS System spool DRIVERS W X E FATIBIA EXE FU quot E WINDOWS TEMP E SB tmp quot EF quot HKLM quot O - HKLM Run NVIDIA nTune quot E Program Files NVIDIA Corporation nTune nTuneCmd exe quot clear O - HKLM Run NeroFilterCheck E Program Files Common Files Ahead Lib NeroCheck exe O - HKLM Run EasyTuneV E Program Files Gigabyte ET GUI exe O - HKLM Run DAbstractWhenUInstall quot E Program Files Common Files DAbstractWhenU ScrInstall exe quot i O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run NvMediaCenter RUNDLL EXE E WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run GrooveMonitor quot E Program Files Micr... Read more

https://forums.techguy.org/threads/adtrgt-com-pop-ups.683157/
Relevancy 41.28%

Thanks in advance!

A:hijacked url.adtrgt.com

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instructed to do so! Let me know if any of the links do not work or if any of the tools do not work. Tell me about problems or symptoms that occur during the fix. Do not run any other programs or open any other windows while doing a fix. Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.Thanks.

http://www.bleepingcomputer.com/forums/t/190696/hijacked-urladtrgtcom/
Relevancy 41.28%

I use firefox and IE firefox will pop up randomly and it s not even running I have run spybot and avg latest version repeatedly and it will not clean this the pop up in IE is http url adtrgt com cpv jsp p tingId but sometimes it goes to a couple other websites virus adtrgt.com another site that pops up is http www searchfeed com rd Clk jsp amp snid again these only pop up in virus adtrgt.com IE and I think it s only when I m in firefox here is my hijack this log Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system ibmpmsvc exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files ThinkPad Bluetooth Software bin btwdins exe C Program Files Intel Wireless Bin S EvMon exe C WINDOWS system spoolsv exe C WINDOWS system IPSSVC EXE C Program Files ThinkPad ConnectUtilities AcPrfMgrSvc exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Diskeeper Corporation Diskeeper DkService exe C Program Files Intel Wireless Bin EvtEng exe C Program Files FRISK Software F-PROT Antivirus for Windows FPAVServer exe C Program Files Google Common Google Updater GoogleUpdaterService exe C WINDOWS System svchost exe C Program Files Common Files InterVideo RegMgr iviRegMgr exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C WINDOWS system nvsvc exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system svchost exe c program files lenovo system update suservice exe C Program Files Common Files Lenovo tvt reg monitor svc exe C WINDOWS System TPHDEXLG exe C Program Files Lenovo Rescue and Recovery rrpservice exe C Program Files Lenovo Rescue and Recovery rrservice exe c Program Files Common Files Lenovo Scheduler tvtsched exe C Program Files Lenovo Rescue and Recovery ADM IUService exe C Program Files ThinkPad ConnectUtilities AcSvc exe C Program Files Common Files Lenovo Logger logmon exe C Program Files Canon CAL CALMAIN exe C Program Files ThinkPad ConnectUtilities SvcGuiHlpr exe C WINDOWS system wscntfy exe C WINDOWS system ctfmon exe C WINDOWS Explorer EXE C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system rundll exe C Program Files Lenovo NPDIRECT TPFNF SP exe C Program Files Lenovo HOTKEY TPOSDSVC exe C WINDOWS system TpShocks exe C Program Files Analog Devices Core smax pnp exe C Program Files Common Files Lenovo Scheduler scheduler proxy exe C WINDOWS System DLA DLACTRLW EXE C Program Files Common Files InstallShield UpdateService issch exe C Program Files Lenovo AwayTask AwaySch EXE C PROGRA THINKV PrdCtr LPMGR exe C Program Files Lenovo HOTKEY TPONSCR exe C Program Files Lenovo Zoom TpScrex exe C Program Files ThinkPad ConnectUtilities ACTray exe C Program Files ThinkPad ConnectUtilities ACWLIcon exe C Program Files Lenovo Client Security Solution cssauth exe C Program Files Diskeeper Corporation Diskeeper DkIcon exe C Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe C Program Files Powerword xdict exe C WINDOWS system RUNDLL EXE C Program Files FRISK Software F-PROT Antivirus for Windows FProtTray exe C Program Files iTunes iTunesHelper exe C Program Files Safebox safeboxTray exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Windows Live Messenger MsnMsgr Exe C Program Files Common Files Ahead Lib NMBgMonitor exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files PPStream ppsap exe C Program Files Common Files Ahead Lib NMIndexingService exe C Program Files Digital Line Detect DLG exe C Program File... Read more

https://forums.techguy.org/threads/virus-adtrgt-com.782068/
Relevancy 41.28%

i have tried many different malware removal programs such as spybot registry mechanic avg and i still cannot get rid of this pop cannot up rid firefox url.adtrgt.com on of get malware PLEASE HELP i went ahead and followed the instructions i found on your website and here i am everytime i google something a couple of seconds later i get a pop-up window that displays url adtrgt com with a different thing following it depending on what i googled DDS Ver - - - NTFSx Run by Zack at on Tue Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV AVG On-access scanning enabled Updated Running Processes C PROGRA GbPlugin GbpSv exe C WINDOWS system svchost -k DcomLaunch svchost cannot get rid of url.adtrgt.com pop up on firefox exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup svchost exe svchost exe C WINDOWS system brsvc a exe C WINDOWS system spoolsv exe C WINDOWS system brss a exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C WINDOWS Explorer EXE C Program cannot get rid of url.adtrgt.com pop up on firefox Files Amazon Amazon Unbox Video ADVWindowsClientService exe C Program Files Java jre bin jusched exe C Program Files Seagate SystemTray StxMenuMgr exe C WINDOWS RTHDCPL EXE C Program Files APC APC PowerChute Personal Edition mainserv exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files ScanSoft PaperPort pptd nt exe C Program Files ScanSoft OmniPageSE OpwareSE exe C WINDOWS system RUNDLL EXE C Program Files Norton Ghost Agent VProTray exe C Program Files Logitech QuickCam Quickcam exe C Program Files cannot get rid of url.adtrgt.com pop up on firefox Common Files LogiShrd LComMgr Communications Helper exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA Grisoft AVG avgcc exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C PROGRA Grisoft AVG avgamsvr exe C Program Files Adobe Acrobat Distillr Acrotray exe C PROGRA Grisoft AVG avgupsvc exe C Program Files iTunes iTunesHelper exe C Program Files Common Files Research In Motion Auto Update RIMAutoUpdate exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C WINDOWS system ctfmon exe C Program Files Skype Phone Skype exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C Program Files Windows Media Player WMPNSCFG exe C Program Files Registry Mechanic RegMech exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Bonjour mDNSResponder exe C WINDOWS system Brmfrmps exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Java jre bin jqs exe C Program Files Common Files Intuit DatabaseServer QBDBMgr exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files APC APC PowerChute Personal Edition apcsystray exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Microsoft SQL Server MSSQL ACT Binn sqlservr exe C Program Files Common Files Logitech KhalShared KHALMNPR EXE C Program Files Norton Ghost Agent VProSvc exe C WINDOWS system nvsvc exe C WINDOWS system svchost exe -k imgsvc C Program Files RealVNC VNC WinVNC exe C WINDOWS system BRMFRSMG EXE C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files iPod bin iPodService exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Program Files iTunes iTunes exe C Program Files Microsoft Office OFFICE WINWORD EXE C Program Files Adobe Acrobat Acrobat Acrobat exe C DOCUME Zack LOCALS Temp Adobelm Cleanup C Program Files Common Files Adobe Systems Shared Service Adobelmsvc exe C DOCUME Zack LOCALS Temp Adobelm Cleanup C PROGRA MICROS OFFICE OUTLOOK EXE C Program Files Internet Explorer IEXPLORE EXE C Program Files Cucusoft Ultimate-Converter DVD X exe C WINDOWS system rundll exe C WINDOWS system ssmypics scr C Program Files Mozilla Firefox firefox exe C Program Files Common Files Real Updat... Read more

A:cannot get rid of url.adtrgt.com pop up on firefox

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.NEXTPlease download RSIT by random/random and save it to your Desktop.Double click on RSIT.exe to run RSITBefore you click "Continue", make sure you change the List files/folders created or modified in the last 3 monthsClick Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.NEXTPlease download GMER and unzip it to your Desktop. <<mirror>>Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.IMPORTANT: Do NOT run any program while you are doing these scans as it may interfere with the output resultsPost me these logs in your next reply.. Post each log in separate post..1. Malwarebytes'2. RSIT log.txt3. RSIT info.txt4. Attach GMER result..

http://www.bleepingcomputer.com/forums/t/204374/cannot-get-rid-of-urladtrgtcom-pop-up-on-firefox/
Relevancy 41.28%

My PC infected Malware Antivirus 2008 and have been removed it manually. But the remaining thing is ... when open redirect link via IE, that will have a pop-up screen and it pointed to url.adtrgt.com.

Can I use combofix to resolve it???

A:How To Remove Url.adtrgt.com

Hello winson16882,Combofix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.If needed, we will direct you to our HijackThis Preparation Guide .

http://www.bleepingcomputer.com/forums/t/155388/how-to-remove-urladtrgtcom/
Relevancy 41.28%

I have had little problems with spyware adware viruses etc until I got rid of Sophos AV and Spybot S amp D in lieu of McAfee Internet security suite Problems began within about a week and a month later I reinstalled Spybot S amp D and now use AVG antivirus and cleared up most of my problems I have been using WinPatrol throughout and before this ordeal The remaining problem is that I have been getting quite Problem before) pop-ups with (seen url.adtrgt.com a number of pop ups from url adtrgt com for both firefox and IE I have searched your forums and found some respones about this thread but I haven t noticed any commonality after reviewing a few of the articles Problem with pop-ups url.adtrgt.com (seen before) and the associated HijackThis logs and comparing them to my own Here is my HijackThis log Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system acs exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS system HPConfig exe C Program Files HPQ Notebook Utilities HPWirelessMgr exe C Program Files CyberLink Shared Files RichVideo exe C WINDOWS System MsPMSPSv exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgnsx exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files HPQ One-Touch OneTouch EXE C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS System hphmon exe C WINDOWS system carpserv exe C Program Files HP hpcoretech hpcmpmgr exe C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe C Program Files Hewlett-Packard HP Software Update HPWuSchd exe C Program Files Jetico Jetico Personal Firewall fwsrv exe C Program Files BillP Studios WinPatrol winpatrol exe C Program Files CyberLink PCM Everio EverioService exe C Program Files Common Files Real Update OB realsched exe C PROGRA AVG AVG avgtray exe C WINDOWS system ctfmon exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files D-Link AirPlus G Wireless Adapter Utility AirPlus exe C Program Files Labtec NumPad Magickey exe C PROGRAM FILES MICROSOFT ACTIVESYNC WCESCOMM EXE C WINDOWS system wscntfy exe C PROGRA MICROS rapimgr exe C PROGRAM FILES ITUNES ITUNESHELPER EXE C Program Files iPod bin iPodService exe C PROGRAM FILES ADOBE PHOTOSHOP ALBUM STARTER EDITION APPS APDPROXY EXE C WINDOWS System svchost exe C Program Files MySpace IM MySpaceIM exe C Program Files MySpace IM MySpaceIM exe C WINDOWS system taskmgr exe C Documents and Settings Katherine Wright Local Settings Application Data Google Update GoogleUpdate exe C Program Files Mozilla Firefox firefox exe C Program Files Microsoft Office OFFICE OUTLOOK EXE C Program Files AVG AVG avgcsrvx exe C Program Files Microsoft Office OFFICE WINWORD EXE C Program Files AVG AVG avgcsrvx exe C WINDOWS System msiexec exe C Program Files Common Files Microsoft Shared Source Engine OSE EXE C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R -... Read more

https://forums.techguy.org/threads/problem-with-pop-ups-url-adtrgt-com-seen-before.801584/
Relevancy 41.28%

Somehow on my computer excessive pop ups just keep - excessive others and ups pop Adtrgt happening even when using firefox and they come up in IE I found that even when clicking on links that it sometimes redirects me to something completely different I can sometimes see something about adtrgt url or something We use Trend Micro security and it blocks the links sometimes but sometimes it Adtrgt and others - excessive pop ups doesnt A little help would be great It s a work computer and I have no idea why it keeps happening HiJackThis Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Broadcom ASFIPMon AsfIpMon exe C Program Files Intel Intel Matrix Storage Manager Iaantmon exe C Program Files MozyPro mozyprobackup exe C WINDOWS System svchost exe C Program Files Trend Micro Internet Security SfCtlCom exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files Trend Micro Internet Security UfSeAgnt exe C Program Files Analog Devices Core smax pnp exe C Program Files Trend Micro BM TMBMSRV exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Java jre bin jusched exe C Program Files Intel Intel Matrix Storage Manager Iaanotif exe C Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files CyberLink PowerDVD DX PDVDDXSrv exe C Program Files Winamp winampa exe C WINDOWS system igfxsrvc exe C WINDOWS system ctfmon exe C Program Files Altigen AltiView AltiView exe C Program Files MozyPro mozyprostat exe C PROGRA TRENDM INTERN TmPfw exe C Program Files Trend Micro Internet Security TmProxy exe C Program Files Trend Micro TrendSecure TSCFCommander exe C Program Files Trend Micro TrendSecure TSCFPlatformCOMSvr exe C Program Files CDSWin wcds exe C Program Files Trend Micro TrendSecure TransactionProtector Dependent HSChkProxyExe exe C Program Files Java jre bin jucheck exe C Program Files Microsoft Office Office OUTLOOK EXE C WINDOWS system dllhost exe C Program Files Microsoft Office Office EXCEL EXE C Program Files Google Gmail Notifier gnotify exe C WINDOWS system kdfmgr exe C Program Files Microsoft Office Office WINWORD EXE C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL partnerpage google com smallbiz dell com en us hl en amp client dell-usuk amp channel us-smb amp ibd R - HKCU Software Microsoft Internet Explorer Main Start Page https www advisorservices com AdvisorWeb login asp R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL partnerpage google com smallbiz dell com en us hl en amp client dell-usuk amp channel us-smb amp ibd O - BHO IEEvent Class - F D - E - D -B - - C Program Files Altigen Shared Files IEEventView dll O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO XML Class - BCA - A - eaf- - C B D - C WINDOWS system msxml dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - BHO TransactionProtector BHO - C CCA-D EA- A - AE-AE B E - C Program Files Trend Micro TrendSecure Transa... Read more

https://forums.techguy.org/threads/adtrgt-and-others-excessive-pop-ups.793276/
Relevancy 41.28%

Hello i been having an issue with a pop up url.adtrgt.com problem url adtrgt com pop up whenever im using fire fox This is my first time posting on the forums but i did download hijackthis and this is the log i recieved what can i do to fix this Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system url.adtrgt.com pop up problem lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS system rundll exe C WINDOWS system RUNDLL EXE C PROGRA ALWILS Avast ashDisp exe C WINDOWS system ctfmon exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C WINDOWS system nvsvc exe C WINDOWS system svchost exe C Program Files Alwil Software url.adtrgt.com pop up problem Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com O - BHO no name - D -C F - efb- B - ECA - no file O - BHO no name - BF - FE - AFD- E - DC C BA C - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO no name - E - C - -B DE-F A A - no file O - BHO fc e - b c- a-d d - e b c - c b- e - d d-a -c b e cf - C WINDOWS system yaefyj dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll file missing O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO no name - DF -D - B-B - F B - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - ADDAC E- C - A - C E- C EF FEA - no file O - BHO AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL file missing O - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO no name - B DD - B- C - C D- EE F F - no file O - BHO no name - F A E C -AE F- - -F B FD B - C WINDOWS system jkkLBrro dll file missing O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL file missing O - HKLM Run Kernel and Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run fd d rundll exe quot C WINDOWS system borcevlk dll quot b O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WI... Read more

https://forums.techguy.org/threads/url-adtrgt-com-pop-up-problem.800567/
Relevancy 41.28%

I saw where you've helped others with this irritating adtrgt thing where pop ups happen WAY too often. I have tried everything imaginable to get rid of them and near ready to reformat my hard drive to just get it out.

I already downloaded the Malwarebytes software. It's running now. But I know that it takes assistance so if you could let me know what I need to do...I'm hoping it's as painless as possible.
 

A:Need help removing the adtrgt pop ups

I went ahead and deleted what Malwarebytes found. And got this report....

Memory Modules Infected: 6
Registry Keys Infected: 7
Registry Values Infected: 7
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 15
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\wabedelu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\liwibaju.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pokihuyi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\radiguyo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\behipaya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\Rdulebodamujum.dll (Trojan.Vundo.V) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21d4a540-d6d4-4792-a307-c3ce0aa1bd67} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{21d4a540-d6d4-4792-a307-c3ce0aa1bd67} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{21d4a540-d6d4-4792-a307-c3ce0aa1bd67} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\04f6b2b7 (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm07c5812b (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zopoworita (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wqudomatumoye (Trojan.Vundo.V) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lnarixo (Trojan.Agent) -> Delete on reboot.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\wabedelu.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\wabedelu.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\behipaya.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\liwibaju.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ujabiwil.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\behipaya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pokihuyi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\radiguyo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wabedelu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\Rdulebodamujum.dll (Trojan.Vundo.V) -> Delete on reboot.
C:\WINDOWS\system32\birizofu.exe (Trojan.Vundo.V) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\puneromi.dll (Trojan.Vundo.H) ... Read more

https://forums.techguy.org/threads/need-help-removing-the-adtrgt-pop-ups.819942/
Relevancy 41.28%

Hello all,
For the past few days I've been getting random adtrgt popups. It's getting to be quite a nuisance. Can someone help me?
 

Relevancy 41.28%

I've been running into pop-ups for some time now and none of the anti-spyware software seems to be able Pop-ups And Trojan Adtrgt.com to remove them At the same time AVG keeps telling me that I'm getting a Trojan in 'wmilibb sys' that it can't seem to heal or quarantine and the Trojan Adtrgt.com Pop-ups And Trojan seems to be related to some of the pop-ups Adtrgt.com Pop-ups And Trojan I did run combofix recently and it seemed to get rid of the pop-ups but it also seemed to kill my sound drivers somehow I went back to a restore point far prior to Combofix and restored my sound but of course brought back the Adtrgt.com Pop-ups And Trojan pop-ups I've run through all of the checkers listed in the intro thread and here's my HijackThis log Any help would be greatly appreciated Thanks StephenLogfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C Windows system taskeng exeC Windows system Dwm exeC Windows Explorer EXEC hp support hpsysdrv exeC Windows RtHDVCpl exeC Program Files HP HP Software Update hpwuSchd exeC Program Files Java jre bin jusched exeC Program Files iTunes iTunesHelper exeC Program Files Grisoft AVG avgcc exeC Windows System rundll exeC Windows System rundll exeC Program Files Internet Explorer IEUser exeC Program Files Windows Sidebar sidebar exeC Windows ehome ehtray exeC Program Files Windows Media Player wmpnscfg exeC Windows ehome ehmsas exeC hp kbd kbd exeC Windows system SearchFilterHost exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http ca my yahoo com R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dllO - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn yt dllO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dllO - HKLM Run hpsysdrv c hp support hpsysdrv exeO - HKLM Run KBD C HP KBD KbdStub EXEO - HKLM Run RtHDVCpl RtHDVCpl exeO - HKLM Run HP Software Update c Program Files HP HP Software Update HPWuSchd exeO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run NeroFilterCheck C Program Files Common Files Ahead Lib NeroCheck exeO - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUPO - HKLM Run NvSvc RUNDLL EXE C Windows system nvsvc dll nvsvcStartO - HKLM Run NvCplDaemon RUNDLL EXE C Windows system NvCpl dll NvStartupO - HKLM Run NvMediaCenter RUNDLL EXE C Windows system NvMcTray dll NvTaskbarInitO - HKLM Run SD Tips iexplore http www spywaredetector net tips vista htmO - HKLM Run SystemTraySD C Program Files SpywareDetector SDSystemTray exe -AUTOO - HKLM Run SDAutoLiveupdate C Program Files SpywareDetector LiveUpdateSD exe -AUTOO - HKCU Run Sidebar C Program Files Windows Sidebar sidebar exe autoRunO - HKCU Run ehTray exe C Windows ehome ehTray exeO - HKCU Run WMPNSCFG C Program Files Windows Media Player WMPNSCFG exeO - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User ' ' O - HKUS S- - - Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter User ' ' O - HKUS S- - - Run AVG Run C PROGRA Grisoft AVG avgw exe RUNONCE User ' ' O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User ' ' O - HKUS S- - - - - - - Run Sidebar C Program Files Windows Sidebar sidebar exe autoRun User ' ' O - HKUS S- - - Run AVG Run C ... Read more

A:Adtrgt.com Pop-ups And Trojan

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.When posting your logs please post them directly into the reply. Do not attach them or include them codeboxes going forward.Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.Double-click on dss.exe to run it, and follow the prompts. If your anti-virus or firewall complains, please allow this script to run as it is not malicious. It is also possible that you may need to disable your Antivirus or Antimalware programs before this program can run properly A guide on how to temporarily disable many of the common protections programs can be found here.When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimizedCopy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt in your next reply. If you have any problems with the logs, both can be found in C:\Deckard\System Scanner.

http://www.bleepingcomputer.com/forums/t/136327/adtrgtcom-pop-ups-and-trojan/
Relevancy 41.28%

When I'm of pop the ups url.adtrgt.com with addresses using Firefox or internet explorer I randomly receive pop ups pop ups with the addresses of url.adtrgt.com with the addresses url adtrgt com and different ip address like try to connect but fails Couldnt not attach file so i put it on the bottom DDS Ver - - - NTFSx Run by USER at on Sat Internet Explorer Microsoft Windows XP Professional GMT - AV AVG Internet Security On-access scanning enabled Updated Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Broadcom ASFIPMon AsfIpMon exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS system svchost exe -k imgsvc C Program Files Viewpoint Common ViewpointService exe C PROGRA AVG AVG avgrsx exe C Program Files AVG AVG avgcsrvx exe C WINDOWS Explorer EXE C Program Files Analog Devices Core smax pnp exe C WINDOWS system igfxpers exe C WINDOWS system igfxsrvc exe C Program Files ScanSoft PaperPort pptd nt exe C Program Files Brother ControlCenter brctrcen exe C Program Files Java jre bin jusched exe C Program Files Common Files Real Update OB realsched exe C Program Files iTunes iTunesHelper exe C PROGRA AVG AVG avgtray exe C Program Files Nitro PDF Professional NitroPDFPrinterMonitor exe C Program Files Microsoft ActiveSync wcescomm exe C WINDOWS system ctfmon exe C Program Files palmOne Hotsync exe C Program Files Lavasoft Ad-Aware Ad-Watch exe C PROGRA MI AA rapimgr exe C Program Files iPod bin iPodService exe C PROGRA Yahoo MESSEN ymsgr tray exe C WINDOWS system rundll exe C Program Files Mozilla Firefox firefox exe C Documents and Settings USER Desktop dds scr Pseudo HJT Report uInternet Settings ProxyOverride local uSearchURL Default hxxp us rd yahoo com customize ie defaults su msgr http www yahoo com BHO D -C F - efb- B - ECA - No File BHO NoExplorer - No File BHO RealPlayer Download and Record Plugin for Internet Explorer c e -b - bc - - c ca - c program files real realplayer rpbrowserrecordplugin dll BHO - a - ad- ca -f c a - c windows system ssqOEvtq dll BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dll BHO b ac - d -bd b-c d - e ff ff -e - d c-b db- d ca b - c windows system vfcxnh dll BHO d cb -c cd- c f-bfdc- b afbdc c - c windows system pmnnKCrp dll BHO SSVHelper Class bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dll BHO AVG Security Toolbar a a -bacc- d - - a e e - c progra avg avg AVGTOO DLL BHO A -ECD - BD -BCDD-F AD D - No File TB AVG Security Toolbar a a -bacc- d - - a e e - c progra avg avg AVGTOO DLL TB EF BD -C FB- D - F- D F - No File uRun H PC Connection Agent quot c program files microsoft activesync wcescomm exe quot uRun ctfmon exe c windows system ctfmon exe uRun Yahoo Pager quot c progra yahoo messen YAHOOM EXE quot -quiet mRun SoundMAXPnP c program files analog devices core smax pnp exe mRun IgfxTray c windows system igfxtray exe mRun HotKeysCmds c windows system hkcmd exe mRun Persistence c windows system igfxpers exe mRun SSBkgdUpdate quot c program files common files scansoft shared ssbkgdupdate SSBkgdupdate exe quot -Embedding -boot mRun PaperPort PTD c program files scansoft paperport pptd nt exe mRun IndexSearch c program files scansoft paperport IndexSearch exe mRun ControlCenter c program files brother controlcenter brctrcen exe autorun mRun SunJavaUpdateSched quot c program files java jre bin jusched exe quot mRun TkBellExe quot c program files common files real update ob realsched exe quot -osboot mRun QuickTime Task quot c program files quicktime qttask exe quot -atboottime mRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun AVG TRAY c progra avg avg avgtray exe mRun Nitro PDF Printer Monitor quot c program files nitro pdf professi... Read more

A:pop ups with the addresses of url.adtrgt.com

Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**If you are using Firefox, make sure that your download settings are as follows:Tools->Options->Main tabSet to "Always ask me where to Save the files".During the download, rename Combofix to Combo-Fix as follows:

It is important you rename Combofix during the download, but not after.Please do not rename Combofix to other names, but only to the one indicated.Close any open browsers.Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------Close any open browsers.WARNING: Combofix will disconnect your machine from the Internet as soon as it startsPlease do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.If there is no internet connection after running Combofix, then restart your computer to restore back your connection.-----------------------------------------------------------Double click on combo-Fix.exe & follow the prompts.When finished, it will produce a report for you. Please post the "C:\Combo-Fix.txt" along with a new HijackThis log for further review.**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

http://www.bleepingcomputer.com/forums/t/193981/pop-ups-with-the-addresses-of-urladtrgtcom/
Relevancy 41.28%

Hi My computer has been a mess the problems 173.exe and adtrgt help! other pop ups, past week or so and help! adtrgt pop ups, 173.exe and other problems i was hoping someone could help me out I've been inundated with pop up IE browsers even though i use fire fox i keep on getting a random windows box that opens up telling me its closed a file called WMI to protect my computer a similar box regarding a program exe and i've got some random antivirus agent plus program on my computer that i don't recall ever downloading I ran an adaware scan and it found objects but didn't solve the problem and AVG hasn't been ablet to find anything Below is my hijackthis log any help would be greatly appreciated Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware AAWService exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC PROGRA AVG AVG avgwdsvc exeC Program Files Bonjour mDNSResponder exeC Program Files Hotspot Shield bin openvpnas exeC WINDOWS System svchost exeC PROGRA AVG AVG avgrsx exec Program Files Microsoft SQL Server Shared sqlwriter exeC WINDOWS system svchost exeC Program Files Viewpoint Common ViewpointService exeC WINDOWS system mqsvc exeC WINDOWS Explorer EXEC WINDOWS system SearchIndexer exeC Program Files Canon CAL CALMAIN exeC Program Files Hewlett-Packard Shared hpqwmiex exeC WINDOWS system mqtgsvc exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Java jre bin jusched exeC WINDOWS system hkcmd exeC WINDOWS system igfxpers exeC WINDOWS System DLA DLACTRLW EXEC WINDOWS system ctfmon exeC WINDOWS system igfxsrvc exeC Program Files Synaptics SynTP SynTPEnh exeC Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exeC Program Files hpq HP Wireless Assistant HP Wireless Assistant exeC WINDOWS SMINST Scheduler exeC Program Files Microsoft Office Office GrooveMonitor exeC Program Files Hp HP Software Update HPWuSchd exeC Program Files iTunes iTunesHelper exeC Program Files Lavasoft Ad-Aware AAWTray exeC PROGRA hpq Shared HPQTOA EXEC Program Files Antivirus Agent Pro aap exeC WINDOWS system rundll exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC Program Files AIM aim exeC Program Files Windows Media Player WMPNSCFG exeC Program Files Microsoft ActiveSync wcescomm exeC Program Files Messenger msmsgs exeC Program Files iPod bin iPodService exeC PROGRA MI AA rapimgr exeC Program Files Google Google Calendar Sync GoogleCalendarSync exeC Program Files Windows Desktop Search WindowsSearch exeC Program Files Microsoft Office Office ONENOTEM EXEC Program Files AIM aolsoftware exeC Program Files AVG AVG avgui exeC PROGRA AVG AVG aAvgApi exeC Program Files AVG AVG avgscanx exeC Program Files AVG AVG avgcsrvx exeC Program Files Mozilla Firefox firefox exeC WINDOWS system SearchProtocolHost exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Trend Micro HijackThis HijackThis exeC Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exeC Program Files Internet Explorer IEXPLORE EXER - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page about blankR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main First ... Read more

A:help! adtrgt pop ups, 173.exe and other problems

Hello float1nq1nspace,I apologise for the delay, the forum is extremely busy.I will be assisting you with your malware issues.Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!Please bookmark or favourite this page. In case you need it as reference or etc.If you fail to reply in 5 days period from now, this thread will close, and you will have to open another topic, and wait for another helper.----------------------------------------------I see that you also posted for help here:http://forums.techguy.org/malware-removal-...r-problems.htmlIf I will help you, please close the thread at Techguy forum. As forums are too crowded with users who needs help, it doesn't help anyone if each user posts to multiple forums. It make the problem bigger, as helpers are less from people who needs help.----------------------------------------------Please post a new HijackThis log.

http://www.bleepingcomputer.com/forums/t/207496/help-adtrgt-pop-ups-173exe-and-other-problems/
Relevancy 41.28%

lt hxxp url adtrgt com cpv jsp p amp ip amp url toolbarqueries google com search sourceid navclient-ff amp features Rank amp client navclient-auto-ff amp googleip O null amp ch baf amp q info hxxp www bleepingcomputer com forums index php act post amp do new post amp f amp selectedKeyword tool amp default hxxp sagipsul com go rfe php cmp vm mg fails juan amp uid F A CD DDB CFFFFF amp guid F D B B E ADAC B D DB amp lid amp url toolbarqueries google com search sourceid navclient-ff amp features Rank amp client navclient-auto-ff amp googleip O null amp ch baf amp q info hxxp www bleepingcomputer com forums index php act post amp do new post amp f amp affid amp b amp aid gt I keep getting that annoying link url.adtrgt.com to get want of this I right rid here pop up link on my firefox even if I don't open it or something I already tried to do Malware scan and Spybot scan but that keeps reappearing every single time and both of them don't detect it This is my Hijackthis log file so I want to get rid of this link right here url.adtrgt.com if you guys could please look into it and see what the problem is Thank you very much Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C CachemanXP CachemanXP exe C WINDOWS system CTSvcCDA exe C Program Files Maxtor Sync SyncServices exe C WINDOWS system nvsvc exe C WINDOWS system HPZipm exe C WINDOWS system svchost exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcAppFlt exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcIp exe C Program Files Java jre bin jusched exe C Program Files Yahoo Search Protection SearchProtection exe C WINDOWS system LVCOMSX EXE C Program Files Common Files Real Update OB realsched exe C PROGRA ALWILS Avast ashDisp exe C Program Files Common Files Pure Networks Shared Platform nmctxth exe C WINDOWS system RUNDLL EXE C WINDOWS RTHDCPL EXE C WINDOWS system ctfmon exe C Program Files RSSoft RedSwoosh exe C PROGRA DEFEND DEFEND PopUpKiller exe C WINDOWS system rundll exe C Program Files Messenger msmsgs exe C Program Files DNA btdna exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Program Files Xfire xfire exe C WINDOWS system rundll exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page www emurayden net R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn yt dll R - URLSearchHook no name - B B - - d -B D- EBB BA F A - C Program Files AskSBar SrchAstt bin A SRCHAS DLL file missing O - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C PROGRA Yahoo Companion Installs cpn yt dll O - BHO e e cc- fbe- ec -be -e c ba ec - ce ab -c e- eb- ce -ebf cc e e - C WINDOWS system oiwlfr dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn yt dll O - Toolbar no name - D - - -A B -AEFAF AB - no file O - Toolbar Defender Pro Anti-Scam - BAD B-CD - ff- FF-A C ABD F D - C Program Files Defender Pro Defender Pro Anti-Scam mscoree dll O - Toolbar DAEMON Tools Toolbar - AAC-C - - E A- E A E - C Program Files DAEMON Tools Toolbar DTToolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run AudioHQ C Program Files Creative SBPCI AudioHQ AHQTB EXE O - HKLM ... Read more

A:I want to get rid of this link right here url.adtrgt.com

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instructed to do so! Let me know if any of the links do not work or if any of the tools do not work. Tell me about problems or symptoms that occur during the fix. Do not run any other programs or open any other windows while doing a fix. Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.Thanks.

http://www.bleepingcomputer.com/forums/t/189975/i-want-to-get-rid-of-this-link-right-here-urladtrgtcom/
Relevancy 41.28%

Hi I am constantly getting this pop url url adtrgt com when Im browsing the internet I especially happens when im using firefox I pops up url.adtrgt.com pop up: Annoying about every minutes Sometime it does it every five seconds It does it also when using Internet explorer Other URLs pop also but for the most part the url above is the most Annoying pop up: url.adtrgt.com consistent It is annoying as hell Please help I have included my Hijack This File below Thank You ------------------------------------------------------------------------- Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT system csrss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system svchost exe C WINNT System svchost exe C WINNT system svchost exe C WINNT System svchost exe C WINNT System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINNT system spoolsv exe C WINNT System SCardSvr exe C Program Files Ashampoo Ashampoo AntiSpyWare AntiSpyWareService exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Google Common Google Updater GoogleUpdaterService exe C Program Files Hummingbird Connectivity Exceed HumDisplayServer exe C Program Files iPass iPassConnect iPCAgent exe C PROGRA Marimba CASTAN Tuner exe C Program Files McAfee Common Framework FrameworkService exe C Program Files McAfee VirusScan Enterprise mcshield exe C Program Files McAfee VirusScan Enterprise vstskmgr exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Lotus Notes ntmulti exe C Program Files Nero Nero Nero BackItUp NBService exe C WINNT system IoctlSvc exe C Program Files McAfee Common Framework naPrdMgr exe C WINNT system Prot srv exe C WINNT system pstartSr exe C PROGRA Marimba CASTAN RemoteUser exe C Program Files Retrospect Retrospect Express HD retrorun exe C Program Files CheckPoint SecuRemote bin SR Service exe C Program Files CheckPoint SecuRemote bin SR WatchDog exe C WINNT System svchost exe C Program Files Marimba marimba ws ch data sum exe C WINNT Explorer EXE C Program Files CheckPoint SecuRemote bin SR GUI Exe C WINNT AGRSMMSG exe C Program Files Apoint Apoint exe C WINNT system DSentry exe C Program Files Pointsec Pointsec for PC P Tray exe C Program Files McAfee VirusScan Enterprise SHSTAT EXE C Program Files iPass iPassConnect downloader ipccheck exe C Program Files McAfee Common Framework UdaterUI exe C Program Files Apoint HidFind exe C Program Files Apoint Apntex exe C Program Files McAfee Common Framework McTray exe C Program Files Websense WDC WsUIMgr exe C Program Files Ashampoo Ashampoo AntiSpyWare AntiSpyWare Guard exe C WINNT system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C PROGRA Marimba CASTAN lib minituner exe C WINNT system taskmgr exe C Program Files Mozilla Firefox firefox exe C WINNT system rundll exe E Azureus Azureus exe C Program Files Spybot - Search amp Destroy SpybotSD exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http mww metlife com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http mww metlife com R - HKLM Software Microsoft Internet Explorer Main Search Bar http www detoate home ro MAIN htm R - HKLM Software Microsoft Internet Explorer Main Start Page http www detoate home ro MAIN htm R - HKCU Software Microsoft Internet Explorer SearchURL Default http detoate home ro R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook no name - ee e -c - ab-b -aa f ca - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - B D - AA- B - -E CFD F F - no file O - BHO RealPlayer... Read more

A:Annoying pop up: url.adtrgt.com

Can somone please help?
 

https://forums.techguy.org/threads/annoying-pop-up-url-adtrgt-com.802168/
Relevancy 41.28%

Hi

I have the blasted adtrgt pop-up on the PC. I attach the log file - any help would be greatly appreciated!!

Thanks
Mark
 

https://forums.techguy.org/threads/the-dreaded-adtrgt-bug.786249/
Relevancy 41.28%

I m running windows XP and i keep getting popups The sites usually just result in Page Load Errors like http url adtrgt com cpv jsp p amp url Guy amp affid amp b amp b amp aid I ve tried Malwarebyes Anti-Malware Spybot S amp D and Ad-Aware but none of them have fixed my problem Here is my hijackthis log Logfile of Trend Micro HijackThis up url.adtrgt.com keeps popping v Scan saved at PM on Platform Windows XP SP WinNT url.adtrgt.com keeps popping up MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe c Program Files Common Files Symantec Shared ccProxy exe c Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C WINDOWS arservice exe C Program Files Bonjour mDNSResponder exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE c Program Files Norton Internet Security Norton AntiVirus navapsvc exe C WINDOWS system PnkBstrA exe C Program Files Viewpoint Common ViewpointService exe c Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system dllhost exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C WINDOWS Explorer EXE C WINDOWS system ctfmon exe C WINDOWS system wscntfy exe C WINDOWS ehome ehtray exe C WINDOWS ARPWRMSG EXE C WINDOWS eHome ehmsas exe C Program Files Common Files Symantec Shared ccApp exe C Program Files HP HP Software Update HPwuSchd exe C Program Files ANI ANIWZCS Service WZCSLDR exe C Program Files Winamp winampa exe C Program Files DISC DISCover exe C Program Files Google Google Talk googletalk exe C Program Files iTunes iTunesHelper exe C Program Files Plaxo PlaxoHelper en exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files AIM aim exe C Program Files DAEMON Tools Lite daemon exe C Program Files Yahoo Messenger YahooMessenger exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files iPod bin iPodService exe C Program Files DISC DiscStreamHub exe C Program Files AIM aolsoftware exe C HP KBD KBD EXE C WINDOWS ALCXMNTR EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe c windows system hpsysdrv exe C Program Files Java jre bin jusched exe C Program Files Java jre bin jqs exe C Program Files iTunes iTunes exe C Program Files FeedReader feedreader exe C Program Files uTorrent uTorrent exe C Program Files Mozilla Firefox firefox exe C Program Files Microsoft Office OFFICE WINWORD EXE C Program Files Common Files Real Update OB realsched exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Java jre bin java exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www nexon co jp talesweaver home R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn yt dll O - BHO amp Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C PROGRA Yahoo Companion Installs cpn yt dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO Java tm Plug-In SSV Helper... Read more

A:url.adtrgt.com keeps popping up

The P2P programs you have installed expose you to risks because of the nature of the P2P file sharing process. File sharing/P2P programs rely on members giving and gaining unrestricted access to computers across the P2P network. This practice can make you vulnerable to data and identity theft. It also exposes you to very malicious worms and trojans. You change those risky default settings to a safer configuration but the act of downloading files from an anonymous source greatly increases your exposure to infection.

I suggest you go to add/remove programs and remove all P2P programs!
Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Click Exit on the Main menu to close the program.


Please download Malwarebytes Anti-Malware and save it to your desktop. alternate link 1 alternate link 2
Make sure you are connected to the Internet.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.

If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply with a new hijackthis log.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Please do an online scan with Kaspersky WebScanner

Kaspersky online scanner uses JAVA tecnology to perform the scan. If you do not have the latest JAVA version, follow the instrutions below under Upgrading Java, to download and install the latest vesion.
Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure the following is checked.
Spyware, Adware, Dialers, and other potentially dangerous programs
[*]Archives
[*]Mail databases

Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on ... Read more

https://forums.techguy.org/threads/url-adtrgt-com-keeps-popping-up.781390/
Relevancy 41.28%

Hello I am running Windows XP Professional with TrendMicro Internet Security I initially noticed this issue when browsing in something pop-ups "url.adtrgt.com" causing many Firefox Internet Explorer would be launched and go to quot url adtrgt com something causing many "url.adtrgt.com" pop-ups quot in many many tabs The new tabs opened faster than I could close them After not being able to get rid of this issue using simple things deleting cookies uninstalling new software playing with security settings I used the quot Prevent Unauthorized Changes quot feature of TrendMicro to roll back some quot Changes Found quot After this I began getting warnings whenever I started a program the warnings would say quot mvinal dll is not a valid image quot or something along those lines and sometimes quot fihiyota dll is not a valid image quot I noticed these dll's mvinal dll fihiyotal dll in the windows system folder the files were dated around the time this issue started I deleted them Those warnings have stopped but I still have the original issue Most recently I uninstalled Firefox thought maybe some setting there was messed up However the issue still persists when I browse in Internet Explorer I have not tried reinstalling Firefox Thanks in advance for any help you can provide The contents of my DDS txt file follow DDS Ver - - - NTFSx Run by Kirk at on Wed Internet Explorer Microsoft Windows XP Professional GMT - AV Trend Micro Internet Security On-access scanning enabled Updated FW Trend Micro Personal Firewall enabled Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup svchost exe svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS system cisvc exe c Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files SAP SAPsetup setup Updater NwSapAutoWorkstationUpdateService exe C Program Files Trend Micro Internet Security SfCtlCom exe C WINDOWS System svchost exe -k imgsvc C Program Files Trend Micro BM TMBMSRV exe C Program Files Common Files Pure Networks Shared Platform nmsrvc exe C Program Files Canon CAL CALMAIN exe C WINDOWS Explorer EXE C WINDOWS System igfxpers exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Trend Micro Internet Security UfSeAgnt exe C Program Files iTunes iTunesHelper exe C WINDOWS system rundll exe C WINDOWS system ctfmon exe C Program Files Palm Hotsync exe C PROGRA TRENDM INTERN TmPfw exe C Program Files iPod bin iPodService exe C Program Files Trend Micro Internet Security TmProxy exe C Program Files Internet Explorer iexplore exe C Documents and Settings Kirk Desktop dds scr Pseudo HJT Report uStart Page hxxp my earthlink net uSearch Page hxxp www google com uSearch Bar hxxp www yahoo com search ie html uDefault Search URL hxxp www google com ie mDefault Page URL hxxp www yahoo com mStart Page hxxp www yahoo com uInternet Settings ProxyOverride local uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s uURLSearchHooks Yahoo Toolbar ef bd -c fb- d - f- d f - BHO c f f-b d- a - d-b c d a c - c windows system fihiyota dll BHO d c a- d - -bb -e a d bb bb d - a e- bb- - d a c d - c windows system qrckmf dll BHO BB-D F - C-B EB-D DAF D D - No File EB - a - b-a - c a a - No File uRun ctfmon exe c windows system ctfmon exe uRun LightScribe Control Panel c program files common files lightscribe LightScribeControlPanel exe -hidden mRun igfxtray c windows system igfxtray exe mRun igfxhkcmd c windows system hkcmd exe mRun igfxpers c windows system igfxpers exe mRun ISUSPM Startup c progra common instal update ISUSPM exe -startup mRun ISUSScheduler quot c program files common files installshield updateservice issch exe quot -start mRun UfSeAgnt exe quot c program files trend micro... Read more

A:something causing many "url.adtrgt.com" pop-ups

I noticed a new symptom...my Windows Automatic Update was really screwed up. Could not get it to work and tried several things suggested on the Microsoft Update site, but still no luck. When searching around the site, I decided to download Windows Defender. After downloading and running, it found several versions of Vundo (Vundo.gen!G, Vundo.gen!H, Vundo.KM). I ran it and rebooted several times, because it kept finding new stuff. Now things seem to be back to normal. No more crazy pop-ups. I can even get the Windows Automatic Update to work.

I ran DDS again. If someone can take a look to see if any bad stuff remains, that would be great. But I don't think it as urgent as before.

Thanks.
DDS (Ver_09-02-01.01) - NTFSx86
Run by Kirk at 23:19:05.10 on Fri 03/06/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.378 [GMT -5:00]

AV: Trend Micro Internet Security *On-access scanning enabled* (Updated)
FW: Trend Micro Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\SAP\SAPsetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Palm\Hotsync.exe
C:\PROGRA~1\TRENDM~1\INTERN~3\TmPfw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\Internet Security\UfNavi.exe
C:\Program Files\Trend Micro\Internet Security\UfNavi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kirk\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.earthlink.net/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: {3c7f898f-b22d-46a8-922d-b61c42d82a6c} - c:\windows\system32\fugudipi.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: {4521e4e8-70d3-dc7a-e794-9e7ad6f5e7ec}: ... Read more

http://www.bleepingcomputer.com/forums/t/208512/something-causing-many-urladtrgtcom-pop-ups/
Relevancy 41.28%

I have been experiencing some trouble with adtrgt I have been exhibiting symptoms of Internet Explorer popping up to this url appox times and crashing Since the problem started I ve switched to Firefox but IE will still pop up every few minutes or so again approx times I m unable to do windows updates I ve tried problem adtrgt spybot ad-aware spyware doctor and they won t get rid of it Here is my specs and hijackthis log please help Quick Specs Windows XP Pro SP GB Ram Ghz P Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet adtrgt problem Explorer v SP Boot mode Normal Running adtrgt problem processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS Explorer EXE C Program Files HPQ One-Touch OneTouch EXE C Program Files Microsoft Office Office GrooveMonitor exe C Program Files Common Files Logitech LComMgr Communications Helper exe C Program Files Common Files Logitech LComMgr LVComSX exe C Program Files Java jre bin jusched exe C WINDOWS system rundll exe C WINDOWS system ctfmon exe C Program Files Windows Live Messenger MsnMsgr Exe C WINDOWS system spoolsv exe c program files common files logitech lvmvfm LVPrcSrv exe C WINDOWS system HPConfig exe C Program Files HPQ Notebook Utilities HPWirelessMgr exe C Program Files Java jre bin jqs exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system svchost exe C Program Files Viewpoint Common ViewpointService exe C WINDOWS System WLTRYSVC EXE C WINDOWS system MsPMSPSv exe C WINDOWS System bcmwltry exe C Program Files Mozilla Firefox firefox exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C WINDOWS system taskmgr exe C Documents and Settings ALAN Desktop HiJackThis exe C WINDOWS system rundll exe C Program Files Windows Live Messenger usnsvc exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - c e-d ca- - - db f e a - no file O - BHO no name - c b-ec b- cb- eb-c ab c - C WINDOWS system pedejelo dll file missing O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C PROGRA MICROS Office GRA E DLL O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migration O - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNC O - HKLM Run PHIME A C WINDOWS system IME TINTLGNT TINTSETP EXE IMEName O - HKLM Run CARPService carpserv exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run Cpqset C Program Files HPQ Default Settings cpqset exe O - HKLM Run Display Settings C Program Files HPQ Notebook Utilities hptasks exe s O - HKLM Run QT HPOT C Program Files HPQ One-Touch OneTouch EXE O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run RoxioDragToDisc quot C Program Files Roxio Easy Media Creator Drag to Disc DrgToDsc exe quot O - HKLM Run SM BG C WINDOWS SM BG EXE O - HKLM Run GrooveMonitor quot C Program Files Microsoft Office Office GrooveMonitor exe quot O - HKLM Run LogitechCommunicationsManager quot C Program Files Common Files Logitech LComMgr Communications Helper exe... Read more

Relevancy 41.28%

Hi My computer has been a mess the past week or so and i was hoping someone could help me out i ve been innundated with pop up IE browers even though i use fire fox i keep on getting a random windows box that opens up telling me its closed a file called WMI to protect my computer and i ve got some random antivirus agent plus program on my computer that i dont recall ever downloading I ran an adaware scan and it found objects but didn t solve the problem and AVG hasn t been ablet to find anything Below is and adtrgt pop problems other ups my hijackthis log any help would be greatly appreciated Logfile of Trend Micro adtrgt pop ups and other problems HijackThis v adtrgt pop ups and other problems Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C Program Files Hotspot Shield bin openvpnas exe C WINDOWS System svchost exe C PROGRA AVG AVG avgrsx exe c Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS system svchost exe C Program Files Viewpoint Common ViewpointService exe C WINDOWS system mqsvc exe C WINDOWS Explorer EXE C WINDOWS system SearchIndexer exe C Program Files Canon CAL CALMAIN exe adtrgt pop ups and other problems C Program Files Hewlett-Packard Shared hpqwmiex exe C WINDOWS system mqtgsvc exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Java jre bin jusched exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C WINDOWS System DLA DLACTRLW EXE C WINDOWS system ctfmon exe C WINDOWS system igfxsrvc exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe C Program Files hpq HP Wireless Assistant HP Wireless Assistant exe C WINDOWS SMINST Scheduler exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files Hp HP Software Update HPWuSchd exe C Program Files iTunes iTunesHelper exe C Program Files Lavasoft Ad-Aware AAWTray exe C PROGRA hpq Shared HPQTOA EXE C Program Files Antivirus Agent Pro aap exe C WINDOWS system rundll exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files AIM aim exe C Program Files Windows Media Player WMPNSCFG exe C Program Files Microsoft ActiveSync wcescomm exe C Program Files Messenger msmsgs exe C Program Files iPod bin iPodService exe C PROGRA MI AA rapimgr exe C Program Files Google Google Calendar Sync GoogleCalendarSync exe C Program Files Windows Desktop Search WindowsSearch exe C Program Files Microsoft Office Office ONENOTEM EXE C Program Files AIM aolsoftware exe C Program Files AVG AVG avgui exe C PROGRA AVG AVG aAvgApi exe C Program Files AVG AVG avgscanx exe C Program Files AVG AVG avgcsrvx exe C Program Files Mozilla Firefox firefox exe C WINDOWS system SearchProtocolHost exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Trend Micro HijackThis HijackThis exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files Internet Explorer IEXPLORE EXE R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page about blank R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R ... Read more

https://forums.techguy.org/threads/adtrgt-pop-ups-and-other-problems.805128/
Relevancy 41.28%

I've been having this issue and am having it as I type this where this pop-up keeps appearing and opening new tabs over and over again on the Internet Explorer. the link that apears on the url bar is http://url.adtrgt.com/cpv.jsp?p=113...d=641044680b2b11debe7e169208ffffff&rid=155255

I don't know if this is a virus, malware or spyware it just keps popping up and I'd like to know how to stop it if possible. Thank you.
 

Relevancy 41.28%

I have a Dell M-140 running XP Media Center.

I had pc cillin until it was time to renew my subscription. Since my isp is comcast i decided to use their anti-virus program Macafee. that was my mistake. MacAfee is fee based virus removal or comcast customers. Dell instructed me to download Webroot Spy Sweeper. I now have that program installed with no success either. Webroot too is a fee based removal program is you want it done that day. I have contacted them and have been instructed to download and run Combo fix and smitfruad fix. I have run both programs and the results are the same. I have sent my logs to them and am still waiting on a response.

Can you help me?

Bob

A:url.adtrgt.com needs to be removed

I tried to paste the screenshots here but am unable to. I have 4 and can't put them on here. Do I need special permission to post the screenshots?

http://www.bleepingcomputer.com/forums/t/187111/urladtrgtcom-needs-to-be-removed/
Relevancy 41.28%

Here is my notepad generated from virus adtrgt Trend Scan Any adtrgt virus help StartupList report AM StartupList version Started from C Program Files Trend Micro HijackThis HijackThis EXE Detected Windows XP SP WinNT Detected Internet Explorer v SP Using default options Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS adtrgt virus system services exe C adtrgt virus WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Trend Micro BM TMBMSRV exe C Program Files Trend Micro Internet Security SfCtlCom exe C Program Files Trend Micro Internet Security TmPfw exe C Program Files Trend Micro Internet Security TmProxy exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C WINDOWS Explorer EXE C WINDOWS system hkcmd exe C Program Files Java j re bin jusched exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Dell AccessDirect dadapp exe C Program Files Dell QuickSet quickset exe C Program Files Dell Media Experience DMXLauncher exe C WINDOWS system dla tfswctrl exe C Program Files Musicmatch Musicmatch Jukebox mm tray exe C Program Files Dell AccessDirect DadTray exe C Program Files Musicmatch Musicmatch Jukebox mmtask exe C Program Files Real RealPlayer RealPlay exe C WINDOWS system rundll exe C Program Files Trend Micro Internet Security UfSeAgnt exe C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Digital Line Detect DLG exe C Program Files Microsoft AntiSpyware gcasDtServ exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe C WINDOWS system NOTEPAD EXE -------------------------------------------------- Listing of startup folders Shell folders Common Startup C Documents and Settings All Users Start Menu Programs Startup Digital Line Detect lnk -------------------------------------------------- Checking Windows NT UserInit HKLM Software Microsoft Windows NT CurrentVersion Winlogon UserInit C WINDOWS system userinit exe -------------------------------------------------- Autorun entries from Registry HKLM Software Microsoft Windows CurrentVersion Run IgfxTray C WINDOWS system igfxtray exe HotKeysCmds C WINDOWS system hkcmd exe SunJavaUpdateSched C Program Files Java j re bin jusched exe SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe DVDLauncher quot C Program Files CyberLink PowerDVD DVDLauncher exe quot Default DadApp C Program Files Dell AccessDirect dadapp exe Dell QuickSet C Program Files Dell QuickSet quickset exe DMXLauncher C Program Files Dell Media Experience DMXLauncher exe UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r dla C WINDOWS system dla tfswctrl exe MMTray C Program Files Musicmatch Musicmatch Jukebox mm tray exe mmtask C Program Files Musicmatch Musicmatch Jukebox mmtask exe RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot c d rundll exe quot C WINDOWS system ksjphghm dll quot b UfSeAgnt exe quot C Program Files Trend Micro Internet Security UfSeAgnt exe quot -------------------------------------------------- Autorun entries from Registry HKCU Software Microsoft Windows CurrentVersion Run OE C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe -------------------------------------------------- Load Run keys from C WINDOWS WIN INI load INI section not found run INI section not found Load Run keys from Registry HKLM Windows NT CurrentVersion WinLogon load Registry value not found HK... Read more

https://forums.techguy.org/threads/adtrgt-virus.803817/
Relevancy 41.28%

Hi, I am having the same problem that I see going around, with Firefox popping up random windows when I use it, with the majority of them being url.adtrgt.com

I have run combofix and hijackthis and will post the logs. But I'm not sure what I'm looking for in the logs so if someone could take a look to see what (if) I need to put in cfscript that would be great. Thanks!
 

A:url.adtrgt.com popups

ComboFix 09-01-11.04 - Ramzi 2009-01-12 9:08:30.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.459 [GMT -5:00]
Running from: c:\documents and settings\Ramzi\Desktop\ComboFix.exe
AV: Norton Internet Security 2006 *On-access scanning disabled* (Outdated)
FW: Norton Internet Security 2006 *enabled*
FW: Norton Internet Worm Protection *disabled*
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Ramzi\Localdir
c:\documents and settings\Ramzi\Localdir\setup.exe
c:\documents and settings\Ramzi\Localdir\Setup.zip
c:\documents and settings\Ramzi\Localdir\winlogo.exe
c:\windows\adaway.lic
c:\windows\Downloaded Program Files\setup.inf
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\auxhmuhb.dll
c:\windows\system32\pxwaau.dll
c:\windows\Sysvxd.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SYSSRV

((((((((((((((((((((((((( Files Created from 2008-12-12 to 2009-01-12 )))))))))))))))))))))))))))))))
.
2009-01-09 11:47 . 2009-01-09 11:50 <DIR> d-------- c:\program files\coolpro2
2009-01-09 11:17 . 2009-01-09 11:17 <DIR> d-------- c:\temp\cooleditpro
2009-01-08 15:31 . 2009-01-08 15:31 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-08 15:31 . 2009-01-08 15:31 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-08 13:19 . 2009-01-08 13:19 <DIR> d-------- c:\program files\Trend Micro
2009-01-06 01:31 . 2009-01-06 01:31 <DIR> d-------- c:\documents and settings\Ramzi\Application Data\VoipCheapCom
2009-01-06 01:29 . 2009-01-06 01:29 <DIR> d-------- c:\program files\VoipCheapCom
2008-12-28 06:55 . 2008-12-28 06:55 <DIR> d-------- c:\windows\tiinst
2008-12-28 06:54 . 2008-12-28 06:54 <DIR> d-------- c:\program files\TIVistadriver
2008-12-28 01:12 . 2007-11-22 06:43 78,720 --------- c:\windows\system32\dllcache\sdbus.sys
2008-12-28 01:12 . 2007-11-22 06:23 12,032 --a------ c:\windows\system32\dllcache\sffdisk.sys
2008-12-28 01:12 . 2007-11-22 06:23 11,008 --a------ c:\windows\system32\dllcache\sffp_sd.sys
2008-12-28 01:12 . 2007-11-22 06:23 10,240 --------- c:\windows\system32\drivers\sffp_mmc.sys
2008-12-28 01:12 . 2007-11-22 06:23 10,240 --a------ c:\windows\system32\dllcache\sffp_mmc.sys
2008-12-19 04:31 . 2008-12-19 04:31 <DIR> d-------- c:\program files\iTunes
2008-12-19 04:31 . 2008-12-19 04:31 <DIR> d-------- c:\program files\iPod
2008-12-19 04:31 . 2008-12-19 04:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-19 04:30 . 2008-12-19 04:30 <DIR> d-------- c:\program files\Bonjour
2008-12-19 04:29 . 2008-12-19 04:29 <DIR> d-------- c:\program files\QuickTime
2008-12-19 04:28 . 2008-12-19 04:28 <DIR> d-------- c:\program files\Apple Software Update
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-12 14:17 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-12 14:15 22,528 ----a-w c:\windows\system32\drivers\nhcDriver.sys
2009-01-09 16:44 --------- d-----w c:\program files\ALZip
2009-01-08 20:31 --------- d-----w c:\program files\Java
2009-01-08 17:45 --------- d-----w c:\program files\Mozilla Thunderbird
2009-01-08 17:04 --------- d-----w c:\program files\FriendBlasterPro
2009-01-08 05:27 --------- d--h--w c:\documents and settings\Ramzi\Application Data\Move Networks
2008-12-19 17:12 --------- d-----w c:\documents and settings\Ramzi\Application Data\Apple Computer
2008-12-19 09:31 --------- d-----w c:\program files\Common Files\Apple
2008-12-06 20:58 --------- d-----w c:\program files\Ad-Aware
2008-12-06 20:57 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-06 20:57 --------- d-----w c:\docu... Read more

https://forums.techguy.org/threads/url-adtrgt-com-popups.789650/
Relevancy 41.28%

I'm getting multiple popups from url trgt every few minutes and notice significant performance loss on my mahcine Please help any help would - url.adtrgt.com pls help popups be greatly appreciated Here's the DDS log and I'll attached the quot Attach quot file DDS Version - NTFSx url.adtrgt.com popups - pls help Run by Admin at on Fri Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Trend Micro Internet Security On-access scanning enabled Updated url.adtrgt.com popups - pls help FW Trend Micro Personal Firewall enabled Running Processes C WINDOWS system Ati evxx exeC WINDOWS system svchost -k DcomLaunchC WINDOWS system svchost -k rpcssC WINDOWS System svchost exe -k netsvcsC WINDOWS system Ati evxx exeC WINDOWS system svchost exe -k NetworkServiceC WINDOWS system svchost exe -k LocalServiceC WINDOWS system spoolsv exeC WINDOWS system CTsvcCDA exeC Program Files Cisco Systems VPN Client cvpnd exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC WINDOWS system inetsrv inetinfo exeC Program Files Java jre bin jqs exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC Program Files Sony Shared Plug-Ins Media Manager MSSQL SONY MEDIAMGR Binn sqlservr exec Program Files Microsoft SQL Server MSSQL MSSQL Binn sqlservr exeC Program Files Trend Micro Internet Security SfCtlCom exeC Program Files Common Files Sony Shared WMPlugIn SonicStageMonitoring exeC Program Files Sony Sony TV Tuner Library SMceMan exec Program Files Microsoft SQL Server Shared sqlbrowser exec Program Files Microsoft SQL Server Shared sqlwriter exeC WINDOWS system svchost exe -k imgsvcC Program Files stunnel stunnel exeC Program Files ThreatFire TFService exeC WINDOWS Explorer EXEC WINDOWS system wdfmgr exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exeC Program Files Viewpoint Common ViewpointService exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exeC Program Files Trend Micro BM TMBMSRV exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzFw exeC WINDOWS SOUNDMAN EXEC Program Files Creative Sound Blaster X-Fi DVDAudio CTDVDDET EXEC Program Files Creative Shared Files Module Loader DLLML exeC Program Files Creative Sound Blaster X-Fi Volume Panel VolPanel exeC Program Files Microsoft IntelliPoint ipoint exeC Program Files Microsoft IntelliType Pro itype exeC WINDOWS ehome ehtray exeC Program Files Trend Micro Internet Security UfSeAgnt exeC Program Files ThreatFire TFTray exeC WINDOWS system dllhost exeC WINDOWS system rundll exeC WINDOWS system ctfmon exeC Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exeC Program Files Sony Sony TV Tuner Library RM SV exeC Program Files Viewpoint Viewpoint Manager ViewMgr exeC WINDOWS SYSTEM CTXFISPI EXEC WINDOWS system wscntfy exeC WINDOWS System alg exeC WINDOWS eHome ehmsas exeC Program Files Creative ShareDLL CADI NotiMan exeC PROGRA TRENDM INTERN TmPfw exeC Program Files Trend Micro Internet Security TmProxy exeC WINDOWS system rundll exeC Documents and Settings Admin Desktop dds scrC WINDOWS system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp www google com BHO HelperObject Class c d-c - c - -fce ad c - c program files techsmith snagit SnagItBHO dllBHO e f- e - d - ac-c fe dd b - c windows system ddcYrSMe dllBHO d cb -c cd- c f-bfdc- b afbdc c - c windows system awtSIAPh dllBHO Java Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dllBHO Google Toolbar Helper aa ed - dd- d - -cf f - c program files google googletoolbar dllBHO e a f- bb -a -de - ee c aea aea c - ee - ed- a- bb f a e - c windows system fqbtgb dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllTB SnagIt ff e -abde- eb-b e-d aab cabe - c program files techsmith snagit SnagItIEAddin dllTB amp Google c b - - d - b - a cd f - c program files google googletoolbar dllTB B EAC - D - B E- B -A C A A - No FileTB FF E -ABDE... Read more

A:url.adtrgt.com popups - pls help

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.NEXTPlease download RSIT by random/random and save it to your Desktop.Double click on RSIT.exe to run RSITBefore you click "Continue", make sure you change the List files/folders created or modified in the last 3 monthsClick Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.NEXTPlease download GMER and unzip it to your Desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.Post me these logs in your next reply.. Post each log in separate post..1. Malwarebytes'2. RSIT log.txt3. RSIT info.txt4. Attach GMER result..

http://www.bleepingcomputer.com/forums/t/189441/urladtrgtcom-popups-pls-help/
Relevancy 41.28%

Hi just was recently infected by this superjuan from can I see and adtrgt, what Not that I m complaining much I run about different programs Spybot superjuan and adtrgt, from what I can see Symantec required by school and when discovering this website malwarebytes I saw an earlier fix but I wasn t gonna try to use someone s solution for my problem Here s superjuan and adtrgt, from what I can see my hijackthis file but I m hoping someone can help me with this edit okay there is no way I m opening the online blackboard system for my uni with this thing on my computer if I search for stuff on google toolbar or even the site a new window full screen popup etc opens out of my control Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS system spoolsv exe C Program Files Bonjour mDNSResponder exe C Program Files Symantec AntiVirus DefWatch exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Java jre bin jqs exe C WINDOWS system lxczcoms exe C Program Files Dell NICCONFIGSVC NICCONFIGSVC exe C WINDOWS system PnkBstrA exe C Program Files Intel Wireless Bin RegSrvc exe c program files microsoft corporation msn remote record service remoterecordclient exe C Program Files Dell Support Center bin sprtsvc exe C WINDOWS system svchost exe C Program Files Symantec AntiVirus Rtvscan exe C Program Files Skyhook Wireless Wi-Fi Driver WPSScannerSvc exe C Program Files Webroot Washer WasherSvc exe C WINDOWS system ZuneBusEnum exe C WINDOWS system dllhost exe C Program Files Intel Wireless Bin ZcfgSvc exe C WINDOWS Explorer EXE C PROGRA Intel Wireless Bin XConfig exe C WINDOWS system wscntfy exe C PROGRA Symantec LIVEUP LUCOMS EXE C WINDOWS system rundll exe C WINDOWS ehome ehtray exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Java jre bin jusched exe C Program Files Intel Wireless Bin ifrmewrk exe C WINDOWS stsystra exe C Program Files Dell QuickSet quickset exe C WINDOWS system dla tfswctrl exe C WINDOWS System svchost exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files iTunes iTunesHelper exe C WINDOWS eHome ehmsas exe C Program Files QuickTime qttask exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Musicmatch Musicmatch Jukebox mm tray exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files Lexmark Series lxczbmgr exe C Program Files iPod bin iPodService exe C Program Files Lexmark Series lxczbmon exe C Program Files Corel Corel Photo Album MediaDetect exe C Program Files Dell Support Center bin sprtcmd exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Winamp winampa exe C Program Files Zune ZuneLauncher exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files DellSupport DSAgnt exe C WINDOWS system ctfmon exe C Program Files DAEMON Tools Lite daemon exe C Program Files Digital Line Detect DLG exe C Program Files Webroot Washer wwDisp exe C Program Files MSN Messenger msnmsgr exe C Program Files MSN Messenger usnsvc exe C Program Files Mozilla Firefox firefox exe C Program Files Common Files Microsoft Shared Source Engine OSE EXE C Program Files Trend Micro HijackThis HijackThis exe C PROGRA Symantec LIVEUP LUCOMS EXE C PROGRA Symantec LIVEUP LUALL EXE R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www de... Read more

Relevancy 41.28%

I and Adtrgt Mirar have been experiencing some trouble as of late with adtrgt and mirar programs I have been exhibiting the normal symptoms of Internet Explorer popping up and crashing I use firefox I also have not been able to complete windows updates for some time this was prior to the adtrgt and mirar And since I have very little money to do anything but feed myself and pay rent I have not been able to resubscribe for Pc-cillin I would send my computer in but like I said my cash reserves are dry Also Internet Explorer hasnt been able to function for some time prior to adtrgt and mirar Adtrgt and Mirar Lately my computer has been incredibly slow and I have processor spikes that last for about seconds something ties up my processors also my page-file usage is abnormally high its been in the - Gb range where if I remember right its usually Mb to Mb Quick Specs Windows XP GB Ram nVidia GTS in SLI Ghz quad core Intel Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files The Skins Factory Hyperdesk Common HdThemeEnabler exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS system CTsvcCDA exe C Program Files Firebird Firebird bin fbguard exe C WINDOWS System svchost exe C Program Files Java jre bin jqs exe C Program Files NVIDIA Corporation nTune nTuneService exe C WINDOWS system nvsvc exe C PROGRA TRENDM INTERN PcCtlCom exe C WINDOWS system svchost exe C PROGRA TRENDM INTERN Tmntsrv exe C PROGRA TRENDM INTERN TmPfw exe C PROGRA TRENDM INTERN tmproxy exe C Program Files Viewpoint Common ViewpointService exe C Program Files Linksys Wireless-G PCI Wireless Network Monitor WLService exe C Program Files Linksys Wireless-G PCI Wireless Network Monitor WMP Gv exe C Program Files Firebird Firebird bin fbserver exe C PROGRA TRENDM INTERN PcScnSrv exe C WINDOWS Explorer EXE C WINDOWS system Rundll exe C WINDOWS system rundll exe C Program Files Trend Micro Internet Security pccguide exe C Program Files Unlocker UnlockerAssistant exe C WINDOWS system RUNDLL EXE C Program Files iTunes iTunesHelper exe C Program Files Java jre bin jusched exe C WINDOWS system rundll exe C WINDOWS system ctfmon exe C Program Files Creative Shared Files CTSched exe C program files steam steam exe C Program Files Messenger msmsgs exe C Program Files DAEMON Tools Pro DTProAgent exe C Program Files AIM aim exe C Program Files InterVideo Common Bin WinCinemaMgr exe C Program Files iPod bin iPodService exe C Program Files MultiKeyboard Driver KbdDrv exe C WINDOWS system taskmgr exe C Program Files AIM aolsoftware exe C PROGRA MOZILL FIREFOX EXE C Documents and Settings Thomas Darron Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main First Home Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO no name - aafdd-d - - dd -ad cf - C WINDOWS system p... Read more

Relevancy 41.28%

My computer is infected with a really nasty malware. Google seems to suggest that it's a fairly common one. It produces frequent pop-ups, most going to a url along the lines of this:

http://url.adtrgt.com/cpv.jsp?p=1121...tingId=7013811

I have Spybot SnD installed, but every time it runs it finds and deletes the same things. Same for Housecall.

I will do anything to get rid of this!

Thanks!
 

https://forums.techguy.org/threads/adtrgt-malware.787435/
Relevancy 41.28%

I have got this annoying little spyware adware virus whatever it is that I am tring my best to get rid of I run Trend Micro for protection I keep getting random websites popping up or removal adtrgt.com HELP NEED trend micro notification for adtrgt com Here is my hijack log any help would be much appreciated Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C WINDOWS system cisvc exe C Program Files Canon IJPLM IJPLMSVC EXE C Program Files Java jre bin jqs exe C Program Files Common Files Microsoft Shared Media Manager airsvcu exe C Program Files Trend Micro Internet Security SfCtlCom exe C WINDOWS System svchost exe C Program Files Trend Micro BM TMBMSRV exe C Program Files Canon CAL CALMAIN exe C Program Files Trend Micro Internet Security UfSeAgnt exe C WINDOWS Explorer EXE C PROGRA TRENDM INTERN TmPfw exe C Program Files Trend Micro Internet Security TmProxy exe C WINDOWS system hkcmd exe C WINDOWS BCMSMMSG exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C WINDOWS System svchost exe C Program Files iTunes iTunesHelper exe C Program Files Creative adtrgt.com removal NEED HELP Shared Files CAMTRAY EXE C Program Files Common Files InstallShield UpdateService issch exe C Program Files Java jre bin jusched exe C Program Files Common Files Real Update OB realsched exe C Program Files Dell Photo AIO Printer dlbtbmgr exe C Program Files iPod bin iPodService exe C Program adtrgt.com removal NEED HELP Files Dell Photo AIO Printer dlbtbmon exe C WINDOWS system ctfmon exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C Program Files Kodak KODAK Software Updater Program Kodak Software Updater exe C Program Files Paltalk Messenger paltalk exe C WINDOWS system cidaemon exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www dellnet com R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - f - - fe -b d - f a e - C WINDOWS system susimilo dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO no name - AA F F-E - B - -A B CDF - no file O - BHO c -deaf-ab b-aa -c b f df - fd f b- c- aa-b ba-faed c - C WINDOWS system klwlam dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run Ad... Read more

A:adtrgt.com removal NEED HELP

I disabled my Trend Micro and ran Combofix as I have seen in other post with this same problem. It did not generate a log when it was finished for some reason or another. I then ran Trendsecure Hijackthis a 2nd time and here is the 2nd log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51, on 2009-03-01
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\ComboFix\hidec.exe
C:\WINDOWS\system32\cmd.exe
C:\ComboFix\Catchme.tmp
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\ComboFix\Catchme.tmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dellnet.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {68f06683-5378-4fe1-b8d5-04f3a27033e5} - C:\WINDOWS\system32\susimilo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - (no file)
O2 - BHO: {20644c48-deaf-ab7b-aa94-c680b29f5df9} - {9fd5f92b-086c-49aa-b7ba-faed84c44602} - C:\WINDOWS\system32\klwlam.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - H... Read more

https://forums.techguy.org/threads/adtrgt-com-removal-need-help.805316/
Relevancy 41.28%

how do i remove <hxxp://url.adtrgt.com/cpv.jsp>Deactivated link to protect other readers and moving to Am I Infected forum from Windows XP ~ OB

A:http://url.adtrgt.com/cpv.jsp

Welcome to BC. We want to do 2 things. Turn off BOClean and Spybot if running. Then run these tools.MBAMPlease download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.Follow with SDFixPlease print out and follow these instructions: "How to use SDFix". When using this tool, you must use the Administrator's account or an account with "Administrative rights"Disconnect from the Internet and temporarily disable your anti-virus, script blocking and any real time protection programs before performing a scan.When done, the SDFix report log will open in notepad and automatically be saved in the SDFix folder as Report.txt.If SDFix is unable to run after rebooting from Safe Mode, run SDFix in either Mode, and type F, then press Enter for it to finish the final stage and produce the report.Please copy and paste the contents of Report.txt in your next reply.Be sure to renable you anti-virus and and other security programs before connecting to the Internet.-- If the computer has been infected with the VirusAlert! malware warning from the clock and the Start Menu icons or drives are not visible, open the SDFix folder, right-click on either the XP_VirusAlert_Repair.inf or W2K VirusAlert_Repair.inf (depending on your version of Windows) and select Install from the Context menu. Then reboot to apply the changes.

http://www.bleepingcomputer.com/forums/t/191125/httpurladtrgtcomcpvjsp/
Relevancy 41.28%

Hello guys I http://url.adtrgt.com am fed up of these pop ups I am using firefox on windows xp home edition Every few minutes or so a browser pops up with the main url being http url adtrgt com followed by a bunch of other s and letter s It is getting very frustrating I am running zone alarm ad aware spybot avast antivirus and it s still not getting rid of it Any help is appreciated Here is my hijack this report Logfile of Trend Micro HijackThis v Scan saved at AM on Platform http://url.adtrgt.com Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C WINDOWS system ZoneLabs vsmon exe C Program Files Lavasoft Ad-Aware aawservice exe C Program Files Intel Wireless Bin ZcfgSvc exe C PROGRA COMMON Stardock SDMCP http://url.adtrgt.com exe C Program Files Alwil Software Avast aswUpdSv exe C WINDOWS Explorer EXE C PROGRA Intel Wireless Bin XConfig exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe c program files common files logitech lvmvfm LVPrcSrv exe C Program Files Bonjour mDNSResponder exe C Program Files TOSHIBA ConfigFree CFSvcs exe C WINDOWS system DVDRAMSV exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files Alcohol Soft Alcohol StarWind StarWindServiceAE exe C WINDOWS system svchost exe c TOSHIBA IVP swupdate swupdtmr exe C Program Files TOSHIBA TOSHIBA Applet TAPPSRV exe C WINDOWS system wscntfy exe C WINDOWS RTHDCPL EXE C Program Files Toshiba Toshiba Applet thotkey exe C Program Files TOSHIBA ConfigFree NDSTray exe C Program Files Toshiba Tvs TvsTray exe C WINDOWS AGRSMMSG exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C WINDOWS system TPSMain exe C Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exe C toshiba ivp ism pinger exe C http://url.adtrgt.com Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system TPSBattM exe C Program Files Synaptics SynTP Toshiba exe C WINDOWS System DLA DLACTRLW EXE C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Winamp winampa exe C Program Files TOSHIBA ConfigFree CFSServ exe C Program Files Java jre bin jusched exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files Common Files Logitech LComMgr Communications Helper exe C Program Files Logitech QuickCam QuickCam exe C PROGRA ALWILS Avast ashDisp exe C Program Files Common Files Logitech LComMgr LVComSX exe C WINDOWS system ctfmon exe C Program Files Logitech QuickCam COCIManager exe C Program Files TOSHIBA TOSCDSPD toscdspd exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Zone Labs ZoneAlarm MailFrontier mantispm exe C Program Files Common Files Ahead Lib NMBgMonitor exe C Program Files Messenger msmsgs exe C Program Files Common Files Ahead Lib NMIndexingService exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Common Files Ahead Lib NMIndexStoreSvr exe C Program Files Mozilla Firefox firefox exe C Program Files Spybot - Search amp Destroy TeaTimer exe C WINDOWS system RAMASST exe C Program Files MSN Messenger msnmsgr exe C WINDOWS system rundll exe C Program Files mIRC mirc exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www toshibadirect com dpdstart R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Int... Read more

A:http://url.adtrgt.com

Receiving help here:
http://forums.whatthetech.com/Keep_...trgt_com_t97195.html&gopid=503876#entry503876

Please don't post for help at multiple forums.
 

https://forums.techguy.org/threads/http-url-adtrgt-com.772152/
Relevancy 41.28%

Hi There Hope you can help me out I've noticed for the past or days that i've been getting pop up ads from url adtrgt com I ran a virus scan today st Dec using Trend Micro Internet Security which found and quarantined the trojans I deleted the trojans from my PC and restarted but I'm still getting these popus Here is the RSIT logs and I've also included the virus scan log of trend micro internet security I also ran popus url.adtrgt.com Kaspersky's free online scanner and found nothing Any help would be greatly appreciatedLogfile of random's system information tool written by random random Run by HP Owner at - - Microsoft Windows XP Home Edition Service Pack System drive C has GB free of GBTotal RAM MB free Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP url.adtrgt.com popus WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS url.adtrgt.com popus system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS system CTsvcCDA EXEC Program Files Java jre bin jqs exeC Program Files Common Files LightScribe LSSrvc exeC url.adtrgt.com popus WINDOWS system nvsvc exeC WINDOWS System spool DRIVERS W X HPZIPM EXEC WINDOWS system svchost exeC WINDOWS Explorer EXEC WINDOWS SOUNDMAN EXEC HP KBD KBD EXEC WINDOWS system ctfmon exeC WINDOWS System svchost exeC Program Files Mozilla Firefox firefox exeC Program Files Java jre bin java exeC Program Files Yahoo Messenger ymsgr tray exeC Documents and Settings HP Owner Desktop RSIT exeC Program Files Trend Micro HijackThis HP Owner exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE a amp pf desktopO - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - C D BB- - C- DA-D FB A CC - no file O - BHO no name - ae - ac - b - a - a e bcb - C WINDOWS system nukavuso dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run KBD C HP KBD KBD EXEO - HKLM Run UfSeAgnt exe quot C Program Files Trend Micro Internet Security UfSeAgnt exe quot O - HKLM Run jeleyujozu Rundll exe quot C WINDOWS system mazimiru dll quot sO - HKLM Run CPM c f Rundll exe quot c windows system pedewovo dll quot aO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'LOCAL SERVICE' O - HKUS S- - - Run jeleyujozu Rundll exe quot C WINDOWS system mazimiru dll quot s User 'LOCAL SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'NETWORK SERVICE' O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MI Office EXCEL EXE O - Extra button Send to OneNote - A- - f c- - EE C C - C PROGRA MI Office ONBttnIE dllO - Extra 'Tools' menuitem S amp end to OneNote - A- - f c- - EE C C - C PROGRA MI Office ONBttnIE dllO - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MI Office REFIEBAR DLLO - Extra button Connection Help - E D D B- - a -B F- D D C - C WINDOWS PCHEALTH HELPCTR Vendors CN Hewlett-Packard L Cupertino S Ca C US IEButton support htmO - Extra 'Tools' menuitem Connection Help - E D D B- - a -B F- D D C - C WINDOWS PCHEALTH HELPCTR Vendors CN Hewlett-Packard L Cupertino S Ca C US IEButton support htmO - Extra button no nam... Read more

A:url.adtrgt.com popus

Hi Guys,You can close this topic now. I have fixed it using the how to guide: http://www.bleepingcomputer.com/malware-re...undo-virtumondeCheers

http://www.bleepingcomputer.com/forums/t/188105/urladtrgtcom-popus/
Relevancy 41.28%

I need help to get rid of this quot url adtrgt com quot pop ups I saw that you help someone some url.adtrgt.com Heed get to help rid of: time ago You told him to post the logfile for Hihack this and combofix Below is the HIJACK THIS Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Heed help to get rid of: url.adtrgt.com WINDOWS BCMSMMSG exe C Program Heed help to get rid of: url.adtrgt.com Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS System DSentry exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe C Program Files Bonjour mDNSResponder exe C WINDOWS system cisvc exe C WINDOWS System nvsvc exe C Program Files Common Files Symantec Shared ccApp exe C Program Files iTunes iTunesHelper exe C Program Files Java jre bin jusched exe C Program Files Dell Support Center bin sprtsvc exe C WINDOWS system ctfmon exe C Program Files DellSupport DSAgnt exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C Program Files Dell Support Center bin sprtcmd exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C Program Files iPod bin iPodService exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system cidaemon exe C Program Files Common Files Symantec Shared VAScanner comHost exe C WINDOWS explorer exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Apple Software Update SoftwareUpdate exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www optonline net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO no name - E A - - D F-BEAE-D A C - C Program Files Common Files Symantec Shared coShared Browser NppBho dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO BrowsingSoftware - B C F -D D - F -F E- EB AC - C Program Files BrowsingSoftware BrowsingSoftware- dll O - BHO no name - FDD B - D - ffb- - B AD ACC - C Program Files Microsoft Money System mnyviewer dll O - Toolbar no name - BF - F - - - FE E AA - no file O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run DVDSentry C WINDOWS System DSentry exe O - HKLM Run MoneyStartUp quot C Program Files Microsoft Money System Activation exe quot O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run mmtask C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run dscactivate quot C Program Files Dell Su... Read more

A:Heed help to get rid of: url.adtrgt.com

Hi, Welcome to TSG!!

Please close/disable all anti-virus and anti-malware programs so they do not interfere with the running of SDFix and make sure you are disconnected from the Internet after downloading the program but before extracting the files.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with SDFix and remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.
Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually
Instead of Windows loading as normal, the Advanced Options Menu should appear
Select the first option, to run Windows in Safe Mode, then press Enter
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to the clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

 

https://forums.techguy.org/threads/heed-help-to-get-rid-of-url-adtrgt-com.710168/
Relevancy 41.28%

First time poster and am looking for help. Currently running Windows XP and having issues with adtrdt.com pop-ups. I have run SuperAntiSpyware, AdAware, and Spybot - Search and Destroy and still am having issue. Not all that savvy on this (censored) comp! Please help.

theBandit

A:adtrgt.com Popup not going away

Hi and welcome to BleepingComputer The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note:-- If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. Note 2:-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes. To disable these programs, please view this topic: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

http://www.bleepingcomputer.com/forums/t/192564/adtrgtcom-popup-not-going-away/
Relevancy 41.28%

I'm getting periodic popups Ups, Url.adtrgt.com Virtumonde, Pop warning of possible infection and to CLICK HERE to download and install a free adware removal tool Also getting redirects to url adtrgt com and other seemingly random sites with and errors Spybot removed several instances of virtumonde Thanks in advance for your help HijackThis log follows Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINNT System smss exeC WINNT system winlogon exeC WINNT system services exeC WINNT system lsass exeC WINNT system svchost exeC WINNT Virtumonde, Pop Ups, Url.adtrgt.com system spoolsv exeC Program Files ContentWatch Internet Protection cwsvc exeC Program Files Lavasoft Ad-Aware Virtumonde, Pop Ups, Url.adtrgt.com aawservice exeC Program Files Alwil Software Avast aswUpdSv exeC Program Files Alwil Software Avast ashServ exeC Program Files Grisoft AVG Anti-Spyware guard exeC WINNT system Virtumonde, Pop Ups, Url.adtrgt.com svchost exeC Program Files Common Files LightScribe LSSrvc exeC WINNT system proxy exeC WINNT system nvsvc exeC WINNT system MSTask exeC WINNT system stisvc exeC WINNT System WBEM WinMgmt exeC WINNT system mspmspsv exeC WINNT Explorer EXEC PROGRA ALWILS Avast ashDisp exeC Program Files HP hpcoretech hpcmpmgr exeC Program Files HP HP Software Update HPWuSchd exeC Program Files ContentWatch Internet Protection cwtray exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files Sony Sony Picture Utility VolumeWatcher SPUVolumeWatcher exeC Program Files Alwil Software Avast ashWebSv exeC Program Files Alwil Software Avast ashMaiSv exeC Program Files Verizon Wireless VZAccess Manager VZAccess Manager exeC Program Files HIJACKTHIS HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http www crawler com search dispatcher a amp tbid R - HKLM Software Microsoft Internet Explorer Main SearchAssistant http www crawler com search ie aspx tb id R - HKLM Software Microsoft Internet Explorer Main CustomizeSearch http dnl crawler com support sa customize aspx TbId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www crawler com search ie aspx tb id R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch http dnl crawler com support sa customize aspx TbId R - HKLM Software Microsoft Internet Explorer Main Local Page C windows system blank htmO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO no name - BB C -AAD - EE-A FA- F - C WINNT system ljJyaWmj dllO - BHO no name - F B C- - C-A D- C F F - C WINNT system urqQkKeE dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run avast C PROGRA ALWILS Avast ashDisp exeO - HKLM Run HP Component Manager quot C Program Files HP hpcoretech hpcmpmgr exe quot O - HKLM Run HP Software Update quot C Program Files HP HP Software Update HPWuSchd exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINNT system NvCpl dll NvStartupO - HKLM Run USB Check RUNDLL EXE quot C WINNT system PCLECoInst dll quot CheckUSBControllerO - HKLM Run Synchronization Manager mobsync exe logonO - HKLM Run cwtray C Program Files ContentWatch Internet Protection cwtray exeO - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exeO - HKUS DEFAULT RunOnce SetupICWDesktop C Program Files Internet Explorer Connection Wizard icwconn exe desktop User 'Default user' O - Startup Picture Motion Browser Media Check Tool lnk C Program Files Sony Sony Picture Utility VolumeWatcher SPUVolumeWatcher exeO - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dllO - Extra 'Tools' menuitem Sun Java Console - B E C... Read more

A:Virtumonde, Pop Ups, Url.adtrgt.com

Hello azwanzig,Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish, so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy and Paste the entire Malwarebytes' Anti-Malware report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly. If you encounter this message:"c:\program files\malwarebytes' Anti-Malware\mbamext.dll Unable to register the dll/ocx: RegSvr32 failed with exit code 0x5" Click on ignore mbamext.dllDownload random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

http://www.bleepingcomputer.com/forums/t/165741/virtumonde-pop-ups-urladtrgtcom/
Relevancy 41.28%

I ran combofix then hijack this Do I need to do anything further Logs hijackthisLogfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot adtrgt.com virus mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system Ati evxx exeC WINDOWS System svchost exeC Program Files DigitalPersona Bin DPWinLct exeC WINDOWS system svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system spoolsv exeC adtrgt.com virus Program Files DigitalPersona Bin DpHost exeC WINDOWS System inetsrv inetinfo exeC Program Files Linksys Linksys Updater bin LinksysUpdater exeC WINDOWS system java exeC WINDOWS System locator exeC WINDOWS System svchost exeC WINDOWS system UTSCSI EXEC Program Files DigitalPersona Bin DPFUSMgr exeC WINDOWS System alg exeC WINDOWS Explorer EXEC WINDOWS system ps exeC WINDOWS System spool DRIVERS W X fppdis a exeC WINDOWS ALCXMNTR EXEC Program Files HP DVD Umbrella DVDTray exeC Program Files ATI Technologies ATI ACE CLI EXEC Program Files Java jre bin jusched exeC Program Files Microsoft IntelliPoint ipoint exeC Program Files DigitalPersona Bin DPAgnt exeC WINDOWS system ctfmon exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC Program Files Microsoft IntelliPoint dpupdchk exeC PROGRA KEYWAL KWallet exeC Program Files ATI Technologies ATI adtrgt.com virus ACE cli exeC Program Files PC Tools Internet Security pctsAuxs exeC Program Files PC Tools Internet Security pctsSvc exeC Program Files PC Tools Internet Security pctsTray exeC Program Files Microsoft Office OFFICE OUTLOOK EXEC Program Files Microsoft Office OFFICE WINWORD EXEC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeC WINDOWS System wbem wmiprvse exeR - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId N - Netscape user pref quot browser startup homepage quot quot quot C Documents and Settings ADMINISTRATOR Application Data Mozilla Profiles default t qyxp slt prefs js N - Netscape user pref quot browser search defaultengine quot quot engine C A CProgram Files CNetscape CNetscape Csearchplugins CSBWeb src quot C Documents and Settings ADMINISTRATOR Application Data Mozilla Profiles default t qyxp slt prefs js O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - BHO Google Dictionary Compression sdch - C D FE-E D- -BB - C E E C E - C Program Files Google Google Toolbar Component fastsearch B E dllO - BHO no name - ddb e - cbb- -b a-c b ab cf - C WINDOWS system tahisepi dllO - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - ... Read more

A:adtrgt.com virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERER,K

http://www.bleepingcomputer.com/forums/t/221704/adtrgtcom-virus/
Relevancy 41.28%

Hi,

I have this pop up from ADTRGT.com popping up every 15 seconds. It is annoying the heck out of me. I was wondering if anyone knew how to get rid of this pop up once and for all.

I looked at the other thread similar to this but I am not much of a computer expert. I am not exactly sure what I should do after I download and run the program as mentioned in this thread

http://forums.techguy.org/malware-r...s/680076-computer-hijacked-adtrgt-com-ie.html

Please help me get rid of this. It is just soo annoying..
 

A:ADTRGT.com PopUp

Hi, Welcome to TSG!!
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

https://forums.techguy.org/threads/adtrgt-com-popup.684275/
Relevancy 41.28%

Hi I have been experiencing popup tabs lately Spybot detected virtumonde but the problem persists Here popups adtrgt.com is the hijackthislog Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Symantec AntiVirus Smc exeC Program Files Common Files Symantec Shared ccSvcHst exeC WINDOWS System WLTRYSVC EXEC WINDOWS System bcmwltry exeC WINDOWS system spoolsv exeC Program Files Common Files Apple adtrgt.com popups Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC Program Files Dell QuickSet NICCONFIGSVC exeC WINDOWS system svchost exeC Program Files Symantec AntiVirus Rtvscan exeC adtrgt.com popups Program Files Canon CAL CALMAIN exeC Program Files Symantec AntiVirus SmcGui exeC WINDOWS system WLTRAY exeC Program Files Synaptics SynTP SynTPEnh exeC Program Files CyberLink PowerDVD DVDLauncher exeC Program Files Common Files InstallShield UpdateService issch exeC Program Files Java jre bin jusched exeC WINDOWS system hkcmd exeC WINDOWS system igfxsrvc exeC WINDOWS system igfxpers exeC Program Files Microsoft IntelliPoint point exeC Program Files iTunes iTunesHelper exeC Program Files Common Files Symantec Shared ccApp exeC WINDOWS system ctfmon exeC Program Files Digital Line Detect DLG exeC Program Files iPod bin iPodService exeC Program Files iTunes iTunes exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system rundll exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeC WINDOWS explorer exeC WINDOWS system notepad exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www cnn com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page about blankR - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk amp channel usR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - b a -c c- db-b d -abe e b - C WINDOWS system sipewise dllO - HKLM Run Broadcom Wireless Manager UI C WINDOWS system WLTRAY exeO - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exeO - HKLM Run DVDLauncher quot C Program Files CyberLink PowerDVD DVDLauncher exe quot O - HKLM Run ISUSPM Startup quot C Program Files Common Files InstallShield UpdateService isuspm exe quot -startupO - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -startO - HKLM Run MSKDetectorExe C Program Files McAfee SpamKiller MSKDetct exe uninstallO - HKLM Run CloneCDTray quot C Program Files SlySoft CloneCD CloneCDTray exe quot sO - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exeO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run IgfxTray C WINDOWS system igfxtray exeO - HKLM Run HotKeysCmds C WINDOWS system hkcmd exeO - HKLM Run Persistence C WINDOWS system igfxpers exeO - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint point exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run QuickTime Task quot C P... Read more

A:adtrgt.com popups

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERER,K

http://www.bleepingcomputer.com/forums/t/187355/adtrgtcom-popups/
Relevancy 40.85%

My laptop (running Windows XP Pro) has been infected with a stuborn bug and when I'm in script debugger I can see the http://url.adtrgt.com/cpv.jsp triggering popups.

Trend Micro OfficeScan & Spybot find stuff but try as they might, when I reboot and open a browser window the popups return.

When I Googled the URL, I found this site with what appeared to be several successful removals using a combination of Hijack This and ComboFix.

Attached is my Hijack This log & ComboFix log.

If someone could please also help me I would really appreciate it.
Thanks...
 

https://forums.techguy.org/threads/ie-popups-from-http-url-adtrgt-com.686976/
Relevancy 40.85%

ok so i have run my antivirus spybot S amp D adaware and malwarebytes keep getting the popups after the items have been deleted by the prvious programs ran them in safemode same results PLEASE HELP here is my HJT log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Windows System spool drivers w x CMpdpsrv exe C Program Files QuickTime qttask exe C Program Files Winamp winampa exe C Program Files Common Files logishrd LComMgr Communications Helper exe C Program Files Logitech QuickCam Quickcam exe C Windows System rundll exe C Program Files Trend Micro Internet Security UfSeAgnt exe C Windows System rundll exe C Windows System ctfmon exe C Windows system taskeng exe C Windows ehome ehtray exe C Program Files Linksys EasyLink Advisor LinksysAgent exe C Program Files Windows Media Player wmpnscfg exe C Program Files Logitech SetPoint SetPoint exe C Windows ehome ehmsas exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files Windows Media Player wmplayer exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Windows system wbem unsecapp exe C Program Files Ventrilo Ventrilo exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files Internet Explorer iexplore exe C Program popups url.adtrgt.com won't stop! Files Internet Explorer ieuser exe C Users url.adtrgt.com popups won't stop! Kenny Desktop HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO no name - e ee a - b - c - -f b - C Windows system lujetifi dll file missing O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run CMPDPSRV C WINDOWS System spool DRIVERS W X CMPDPSRV EXE O - HKLM Run NVIDIA nTune quot C Program Files NVIDIA Corporation nTune nTuneCmd exe quot clear O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKLM Run Kernel and Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run LogitechCommunicationsManager quot C Program Files Common Files LogiShrd LComMgr Communications Helper exe quot O - HKLM Run LogitechQuickCamRibbon quot C Program Files Logitech QuickCam Quickcam exe quot hide O - HKLM Run Performance Center C Program Files... Read more

A:url.adtrgt.com popups won't stop!

ok... so i did some work on my problem and i think i may have fixed it, just need somebody to scan over the log and see if it looks clean.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:05:15 AM, on 4/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\spool\drivers\w32x86\3\CMpdpsrv.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CMPDPSRV] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CMPDPSRV.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Qu... Read more

https://forums.techguy.org/threads/url-adtrgt-com-popups-wont-stop.816899/
Relevancy 40.85%

Well since this morning I have been getting random pop ups from a website called url.adtrgt. I can see that adtrgt means Ad Target, so I know this is some kind of adware. I have run a full scan on ad aware but it still continues. I do not have Trend Micro Internet security because the last time I had it, it screwed my computer really badly. I have CCleaner and Ad Aware. If anyone can help me out here I would be very grateful
 

Relevancy 40.85%

Hey any help would be appreciated every - minutes a pop up appears from http url adtrgt com cpv jsp p amp amp aid My Hijackthis log file is Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS Explorer EXEC url.adtrgt popup problem WINDOWS system spoolsv exeC WINDOWS zHotkey exeC Program Files QuickTime qttask exeC Program Files Trend Micro BM TMBMSRV exeC PROGRA COMMON AOL AOLSPY AOLSP Scheduler exeC Program Files Digital Media Reader shwiconem exeC WINDOWS system igfxtray exeC url.adtrgt popup problem WINDOWS system hkcmd exeC Program Files CyberLink PowerDVD PDVDServ exeC WINDOWS SOUNDMAN EXEC WINDOWS ALCWZRD EXEC Program Files Thomson SpeedTouch USB Dragdiag exeC Program Files HP HP Software Update HPWuSchd exeC Program Files HP hpcoretech hpcmpmgr exeC Program Files Microsoft url.adtrgt popup problem Office Office GrooveMonitor exeC Program Files btbb wcm McciTrayApp exeC Program Files TrojanHunter THGuard exeC Program Files Lexmark - Series lxdumon exeC Program Files Trend Micro Internet Security UfSeAgnt exeC Program Files Windows Live Messenger MsnMsgr ExeC Program Files Messenger msmsgs exeC WINDOWS system ctfmon exeC Program Files Lexmark - Series lxduMsdMon exeC Program Files DNA btdna exeC Program Files Veoh Networks Veoh VeohClient exeC Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exeC PROGRA COMMON AOL ACS AOLacsd exeC WINDOWS system lxducoms exeC Program Files Common Files New Boundary PrismXL PRISMXL SYSC Program Files Trend Micro Internet Security SfCtlCom exeC WINDOWS system slserv exeC WINDOWS system svchost url.adtrgt popup problem exeC Program Files Trend Micro Internet Security TmPfw exeC Program Files Trend Micro Internet Security TmProxy exeC Program Files HP hpcoretech comp hptskmgr exeC WINDOWS system wscntfy exeC WINDOWS System svchost exeC Program Files Mozilla Firefox firefox exeC Program Files Adware Away AdAway exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn co uk SEENGB SAOS FORM TOOLBRR - HKCU Software Microsoft Internet Explorer Main Search Page http g msn co uk SEENGB SAOS FORM TOOLBRR - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http uk red clientapps yahoo com customi arch yahoo com O - Toolbar Windows Live Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files Windows Live Toolbar msntb dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - Toolbar Winamp Toolbar - EBF BA - - c a- B-BB F D DE - C Program Files Winamp Toolbar winamptb dllO - Toolbar Veoh Browser Plug-in - D - - -A B -AEFAF AB - C Program Files Veoh Networks Veoh Plugins reg VeohToolbar dllO - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXEO - HKLM Run CHotkey zHotkey exeO - HKLM Run ShowWnd ShowWnd exeO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run AOL Spyware Protection quot C PROGRA COMMON AOL AOLSPY AOLSP Scheduler exe quot O - HKLM Run SunKistEM C Program Files Digital Media Reader shwiconem exeO - HKLM Run High Definition Audio Property Page Shortcut HDAudPropShortcut exeO - HKLM Run Mixersel C Program Files Realtek InstallShield mixersel exeO - HKLM Run IgfxTray C WINDOWS system igfxtray exeO - HKLM Run HotKeysCmds C WINDOWS system hkcmd exeO - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run AlcWzrd ALCWZRD EXEO - HKLM Run Alcmtr ALCMTR EXEO ... Read more

A:url.adtrgt popup problem

Hi AYSTER,Open Hijackthis, take another scan and place a checkmark next to these entries. R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO20 - AppInit_DLLs: ezhgjg.dll Close all open Windows except Hijackthis and click on "fix Checked".Combo Fix first post:Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**Please, never rename Combofix unless instructed.Close any open browsers.Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.Close any open browsers.WARNING: Combofix will disconnect your machine from the Internet as soon as it startsPlease do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.If there is no internet connection after running Combofix, then restart your computer to restore back your connection.Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**Open Hijackthis,Click Config | Misc Tools | Open Unistall Manager.A list of the entries in Add/remove programs will appear.Click on Save List...The list will be saved as 'Uninstall_list.txt'Copy & Paste the contents in your next reply. Post the following: A new Hijackthis log The Uninstall List. The Combo Report.This may not remove all the infections present. It is important that you post back and complete the fix. Please post in this thread for further review and evaluation. Please provide details of any problems you encountered whilst performing the above steps & update us on how the Computer is running. Joe.

http://www.bleepingcomputer.com/forums/t/186244/urladtrgt-popup-problem/
Relevancy 40.85%

Hey Guys Girls I am having huge problems with ad popups in an and Firefox I in popups adtrgt.com IE use Help! IE window when I don t have IE open I use Mozilla Help! adtrgt.com popups in IE and I use Firefox FireFox and every time I do a search google I get related ads to Help! adtrgt.com popups in IE and I use Firefox my search loading in IE as well as pages going to quot The True Love Meter quot and other sites stemming from ADTRGT COM I have tried every spyware and adware prog I can think of but nothing removes it Please Help Here Is my HijackThis Log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Stardock Object Desktop WindowBlinds wbload exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Grisoft AVG Anti-Spyware guard exe C Program Files Bonjour mDNSResponder exe C Program Files Comodo Firewall cmdagent exe C Program Files ESET ESET NOD Antivirus ekrn exe C WINDOWS Explorer EXE C WINDOWS System svchost exe C WINDOWS system inetsrv inetinfo exe C Program Files Nero Nero Nero BackItUp NBService exe C Program Files Spyware Doctor svcntaux exe C Program Files Spyware Doctor swdsvc exe C WINDOWS System tcpsvcs exe C Program Files Spyware Doctor SDTrayApp exe C WINDOWS system svchost exe C Program Files Comodo Firewall CPF exe C Program Files Windows Media Player WMPNetwk exe C Program Files iTunes iTunesHelper exe C Program Files ESET ESET NOD Antivirus egui exe C WINDOWS System alg exe C Program Files Windows Media Player WMPNSCFG exe C Program Files PC Connectivity Solution ServiceLayer exe C Program Files PC Connectivity Solution Transports NclRSSrv exe C Program Files PC Connectivity Solution Transports NclUSBSrv exe C Program Files iPod bin iPodService exe C Program Files Common Files Nokia MPAPI MPAPI s exe C Program Files Microsoft Office OFFICE OUTLOOK EXE C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe C WINDOWS System wbem wmiprvse exe R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - HKLM Run Comodo Firewall quot C Program Files Comodo Firewall CPF exe quot background O - HKLM Run NeroFilterCheck C Program Files Common Files Nero Lib NeroCheck exe O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run AVG Anti-Spyware quot C Program Files Grisoft AVG Anti-Spyware avgas exe quot minimized O - HKLM Run SDTray quot C Program Files Spyware Doctor SDTrayApp exe quot O - HKLM Run egui quot C Program Files ESET ESET NOD Antivirus egui exe quot hide waitservice O - HKLM Run SpyHunter Security Suite C Program Files Enigma Software Group SpyHunter SpyHunter exe O - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot background O - HKCU Run WeatherWatcher C Program Files We... Read more

https://forums.techguy.org/threads/help-adtrgt-com-popups-in-ie-and-i-use-firefox.679606/
Relevancy 40.85%

Recently bought a used iphone hooked it up unlocked it all in one night Then I started looking for some cracked apps pretty stupid I know Downloaded one from some rapidshare link and immedietely got virus warning from symantec and computer got really really slow mouse movement was skipping lagging all over popup and http://url.adtrgt.com/ more the place etc I did a hard restart of the computer hoping somehow it would help of course it didnt help much popup http://url.adtrgt.com/ and more Ran antivirus from symantec and spybot then installed ran avira They both found a few things and cleaned quarantined but I started getting constant popups to http url adtrgt com as well as to some long address with an ip in the begining suggesting at least to me with my minimal knowledge of viruses and what-not that its probably a virus and not malware Anyway just downloaded and ran combofix as well as hijackthis and I will post both logs Any help appreciated as this is a terrible time for this to happen I have way too much work this week and along with classes its brutal Thanks in advance for any all help Hijackthis logfile Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system ibmpmsvc exe C WINDOWS system svchost exe C WINDOWS system ngvpnmgr exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Avira AntiVir PersonalEdition Classic sched exe C WINDOWS system RUNDLL EXE C WINDOWS system rundll exe C WINDOWS system rundll exe C Program Files Analog Devices Core smax pnp exe C Program Files Java jre bin jusched exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Avira AntiVir PersonalEdition Classic avguard exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA SYMANT VPTray exe C Program Files Bonjour mDNSResponder exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Java jre bin jqs exe C Program Files Common Files SolidWorks Installation Manager Scheduler sldIMScheduler exe C Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files Nero Nero Nero BackItUp NBService exe C Program Files iTunes iTunesHelper exe C Program Files Avira AntiVir PersonalEdition Classic avgnt exe C WINDOWS system nvsvc exe C WINDOWS system IoctlSvc exe C WINDOWS system svchost exe C Program Files Common Files Nero Lib NMIndexStoreSvr exe C Program Files Symantec AntiVirus Rtvscan exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C Program Files Common Files Nero Lib NMIndexingService exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C Program Files iPod bin iPodService exe C WINDOWS explorer exe C Program Files Pidgin pidgin exe C Program Files internet explorer iexplore exe C WINDOWS system wuauclt exe C Program Files Mozilla Firefox firefox exe C WINDOWS System svchost exe C Documents and Settings Michael Desktop HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page https remote amphenol-tcs com extraweb realmform resource Fworkplace Faccess Fhome amp alias workplace amp r amp r R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet... Read more

Relevancy 40.85%

i have been having problems with pop also adtrgt.com ups included virtumonde - hjt pop ups from adtrgt com i use firefox and i have been recieving pop ups in i e when it s not even open i think tureromance com was one of the windows that actually opened up i also have been having a i e window come up and a obscene amount of tabs are opened the only way that adtrgt.com pop ups - virtumonde also hjt included i can stop this when it happens is to ctrl alt delete and end it the hard way when this happens my computer is at i have googled a couple dll s in system and they came up a malware but unforuntely i deleted them before i was able adtrgt.com pop ups - virtumonde also hjt included to get the name i ran a spybot a couple days after christmas and have been coming up with virtumonde a couple different varients and also somethign that has to do with the firewall dunno if it will help but here is the spybot report Microsoft WindowsSecurityCenter FirewallBypass SBI D B Settings Registry value nothing done HKEY LOCAL MACHINE SYSTEM ControlSet Services SharedAccess Parameters FirewallPolicy StandardProfile AuthorizedApplications List C WINDOWS explorer exe Microsoft WindowsSecurityCenter FirewallBypass SBI B B B Settings Registry value nothing done HKEY LOCAL MACHINE SYSTEM ControlSet Services SharedAccess Parameters FirewallPolicy StandardProfile AuthorizedApplications List C WINDOWS explorer exe Virtumonde SBI D BC Settings Registry key nothing done HKEY LOCAL MACHINE SOFTWARE Microsoft contim Virtumonde prx SBI BCD AF Autorun settings CPM ec Registry value nothing done HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Run CPM ec Virtumonde prx SBI D B Autorun settings yavizaneki Registry value nothing done HKEY USERS S- - - SOFTWARE Microsoft Windows CurrentVersion Run yavizaneki Virtumonde prx SBI D B Autorun settings yavizaneki Registry value nothing done HKEY USERS S- - - SOFTWARE Microsoft Windows CurrentVersion Run yavizaneki Virtumonde prx SBI D B Autorun settings yavizaneki Registry value nothing done HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Run yavizaneki Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C WINDOWS eHome ehSched exe C WINDOWS system gearsec exe C WINDOWS system nvsvc exe C WINDOWS system HPZipm exe C WINDOWS system svchost exe C Program Files Viewpoint Common ViewpointService exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgemc exe C WINDOWS system dllhost exe C WINDOWS system rundll exe C WINDOWS AGRSMMSG exe C PROGRA AVG AVG avgtray exe C WINDOWS system ctfmon exe C Program Files Common Files Real Update OB realsched exe C Program Files Winamp winampa exe C Program Files AIM aim exe C WINDOWS System svchost exe C Program Files AIM aolsoftware exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search ... Read more

A:adtrgt.com pop ups - virtumonde also hjt included

has anyone had any time to take a look at this?? it's been a while and it got buried in the newer posts.
 

https://forums.techguy.org/threads/adtrgt-com-pop-ups-virtumonde-also-hjt-included.785123/
Relevancy 40.85%

Dear Forum Friends First off just wanted to say cool site and great work I ve read through someone else s repair of this terrible pop-up virus sleepless issue? & url.adtrgt.com url adtrgt com and I really wanted some help with it myself I think url.adtrgt.com & sleepless issue? it may also be tied in with the reason why my laptop wont stay asleep or wont stay hibernated Please I am so frustrated with this - url.adtrgt.com & sleepless issue? my laptop used to keep power for hours but after this virus the battery ends up dead even after i shut down the computer after a few hours In any case the popups have rendered my IE completely useless I m sorry I m not as experienced as I m sure many of you are but could someone PLEASE take me through the steps to repair my computer I ve dL the hijack this and I am posting the log here in the hopes that it finds a friendly eye Best elliotnyc Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Windows System rundll exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Motorola SMSERIAL sm hlpr exe C Windows RtHDVCpl exe C Windows System rundll exe C Program Files Intel Intel Matrix Storage Manager IAAnotif exe C Program Files Windows Defender MSASCui exe C Program Files HP Digital Imaging bin HpqSRmon exe C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files Hewlett-Packard HP Wireless Assistant WiFiMsg exe C Program Files Java jre bin jusched exe C Program Files Windows Media Player wmpnscfg exe C Program Files Trend Micro Internet Security UfSeAgnt exe C Program Files Virgin Broadband advisor Broadbandadvisor exe C Program Files HP HP Software Update hpwuSchd exe C Windows System rundll exe C Windows System rundll exe C Program Files Hewlett-Packard Shared HpqToaster exe C Program Files Mozilla Firefox firefox exe C Program Files Synaptics SynTP SynTPHelper exe C Program Files Microsoft Office Office WINWORD EXE C Windows System calc exe C Program Files Internet Explorer ieuser exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files HP Smart Web Printing hpswp clipbook exe C Program Files Internet Explorer iexplore exe C Windows system conime exe C Windows system Macromed Flash FlashUtil a exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en gb amp c amp bd Pavilion amp pf laptop R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http bloomberg com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en gb amp c amp bd Pavilion amp pf laptop R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en gb amp c amp bd Pavilion amp pf laptop R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO NCO IE BHO - ADB E- AFF- - AA - DAC DFA - no file O - BHO Java tm Plug-In SSV Help... Read more

https://forums.techguy.org/threads/url-adtrgt-com-sleepless-issue.806063/
Relevancy 40.85%

I have run SpyBot, Malwarebytes, and ATF Cleaner all to no avail. I get constant pop ups through IE even when Firefox is my default browser, (url.adtrgt.com/). I have WinXP with sp2. I tend to believe that this is a root kit. But I do not know and that is why I'm here. If anyone has seen this before I would seriously appreciate the help.
 

A:url.adtrgt.com/, POP-UPS - Very Nasty Little thing....Help?

https://forums.techguy.org/threads/url-adtrgt-com-pop-ups-very-nasty-little-thing-help.687536/
Relevancy 40.85%

I have been attempting to resolve this problem for about days Would prefer to resolve this without performing complete re-install of software In another forum post with a similar issue redirected to a similar URL the poster claimed to have resolve the problem with Spyware Doctor and AVG I have not been as fortunate although the frequency of popups has been reduced My firewall is currently set to block the network zone of the destination address Symptoms Problems Facts IE pop-up window to http url adrgt com IE pop-up window to http partners findology com IE (et ux) pop-up: Log) http://url.adtrgt.com IE (HiJack pop-up window to http multi-pop not certain of full address Primary Browser Used Mozilla Periodically Firewall warns me that iexplorer exe is requesting elevated status - system time Then the window pops up I do not remember receiving this warning prior to installing spyware (HiJack Log) IE pop-up: http://url.adtrgt.com (et ux) doctor and registering product Software installed and ready to use for fix CCleaner v free AVG free PC Tools Spyware Doctor registered HijackThis v free COMODO Firewall Pro COMODO BOClean LavaSoft Ad-Aware Ad-Aware Free Edition Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C windows System smss exe C windows system csrss exe C windows system winlogon exe C windows system services exe C windows system lsass exe C windows system Ati evxx exe C windows system svchost exe C windows system svchost exe C windows System svchost exe C WINDOWS system ACS exe C windows system svchost exe C windows system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C windows system spoolsv exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C Program Files Comodo CBOClean BOCORE exe C Program Files Toshiba Power Management CeEPwrSvc exe C Program Files TOSHIBA ConfigFree CFSvcs exe C Program Files COMODO Firewall cmdagent exe C Program Files DivX DivX Connected Bin DivX Connected DivXConnectedService exe C WINDOWS system DVDRAMSV exe C Documents and Settings CASPIAN Desktop xampp filezillaftp filezillaserver exe C Program Files Common Files Microsoft Shared VS DEBUG mdm exe C windows System svchost exe C Program Files Spyware Doctor pctsAuxs exe C Program Files Spyware Doctor pctsSvc exe C windows system svchost exe C windows System alg exe C windows Explorer EXE C windows system ctfmon exe C Program Files TOSHIBA E-KEY CeEKey exe C Program Files TOSHIBA Power Management CePMTray exe C Program Files TOSHIBA TouchPad TPTray exe C WINDOWS system dla tfswctrl exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C windows AGRSMMSG exe C Program Files TOSHIBA Touch and Launch PadExe exe C toshiba ivp ism pinger exe C Program Files Adobe Acrobat Acrobat Acrotray exe C PROGRA Grisoft AVG avgcc exe C PROGRA Comodo CBOClean BOC exe C Program Files Common Files Real Update OB realsched exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files Microsoft IntelliPoint point exe C Program Files Java jre bin jusched exe C Program Files COMODO Firewall cfp exe C Program Files Spyware Doctor pctsTray exe C Program Files TOSHIBA TOSCDSPD toscdspd exe C Program Files Messenger msmsgs exe C Program Files DivX DivX Connected Bin DivX Connected DivXConnected exe C WINDOWS system RAMASST exe C Program Files Mozilla Firefox firefox exe C Program Files Microsoft Office Office ONENOTEM EXE C Program Files Adobe Reader Reader AcroRd exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C Program Files Adobe Adobe Dreamweaver CS Dreamweaver exe C Program Files uTorrent uTorrent exe C Documents and Settings CASPIAN Desktop Hijack This Buddy HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www toshiba com search R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkI... Read more

A:(HiJack Log) IE pop-up: http://url.adtrgt.com (et ux)

I am going to work on the solution more myself - something needs to be done - , so please send a message before you spend much time looking at this - because my HijackThis Log may change tonight.
 

https://forums.techguy.org/threads/hijack-log-ie-pop-up-http-url-adtrgt-com-et-ux.690125/
Relevancy 40.85%

Hi Im having this malware problem with IE popups Ive tried a bunch of removal tools with no luck Can you help me Here s th hijackthis log Code Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system taskeng exe C Windows system Dwm exe C Windows system conime exe C unders etc.. adtrgt, brandorama pop Program Files Windows Defender MSASCui exe C Windows System CTHELPER EXE C Windows System rundll exe C Windows System rundll exe C Program Files Java jre bin jusched exe C Program Files TortoiseSVN bin TSVNCache exe C Program Files Alwil Software Avast ashDisp exe C Program Files Windows Sidebar sidebar exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Windows ehome ehtray exe C Program Files Logitech SetPoint SetPoint exe C Windows Explorer exe C Windows ehome ehmsas exe pop unders adtrgt, brandorama etc.. C Windows System OBroker exe C Program Files Windows pop unders adtrgt, brandorama etc.. Sidebar sidebar exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C Program Files Internet Explorer ieuser exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files Windows Mail WinMail exe C Windows system Macromed Flash FlashUtil e exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google se ig hl sv R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO L nkhj lp till Adobe PDF Reader - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO e-kort Browser Helper Object - C -DEEF- aa -B - EF F C A D - C Program Files ekort Bhoekort dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live inloggningshj lpen - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run CTHelper CTHELPER EXE O - HKLM Run CTxfiHlp CTXFIHLP EXE O - HKLM Run NvSvc RUNDLL EXE C Windows system nvsvc dll nvsvcStart O - HKLM Run NvCplDaemon RUNDLL EXE C Windows system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C Windows system NvMcTray dll NvTaskbarInit O - HKLM Run Kernel and Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run e-kort C PROGRA ekort ekort exe dontopenmycards O - HKLM Run WinampAgent quot C Program Files Winamp winampa exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKCU Run Sidebar C Program Files Windows Sidebar sidebar exe autoRun O - HKCU Run MsnMsgr quot C Program Files Windows Live Messenger MsnMsgr Exe quot background O - HKCU Run swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe O - HKCU Run ehTray exe C Windows ehome ehTray exe O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User 'LOKAL TJ NST' O - HKUS S- - - Run WindowsWelcomeCenter rundl... Read more

https://forums.techguy.org/threads/pop-unders-adtrgt-brandorama-etc.682262/
Relevancy 40.85%

http sameshi tasiteverwas com http url adtrgt com cpv jsp IE keeps getting opened automatically and tries to post to one of the above URL s or both one after another Needs some assistance this is very annoying thanks a lot Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Synaptics SynTP SynTPStart exe E Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files Common Files Logishrd LComMgr Communications Helper exe C Program Files Common Files Real Update OB realsched exe C Program Files Trend Micro Internet Security UfSeAgnt exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files iTunes iTunesHelper exe C Program Files Java jre bin jusched exe C Program Files Windows Live Messenger keeps popping up IE ...http://url.adtrgt.com/cpv.jsp msnmsgr exe C Windows ehome ehtray exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Windows Media Player wmpnscfg exe C Program Files eFax Messenger J GDllCmd exe C Program Files Google Google Calendar Sync GoogleCalendarSync exe C Program Files Logitech SetPoint SetPoint exe C Windows ehome ehmsas exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C Program Files Mozilla Firefox firefox exe C Program Files Internet Explorer iexplore exe C Program Files Google Google Toolbar GoogleToolbarUser exe C Windows system rundll exe C Program Files Internet Explorer IE keeps popping up ...http://url.adtrgt.com/cpv.jsp iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Malwarebytes Anti-Malware mbam exe C Users Monkeyboy Downloads Firefox Download HiJackThis exe R IE keeps popping up ...http://url.adtrgt.com/cpv.jsp - HKCU Software Microsoft Internet Explorer IE keeps popping up ...http://url.adtrgt.com/cpv.jsp Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO ContributeBHO Class - C DC - - A A- D-C C - E Program Files Adobe Adobe Contribute CS contributeieplugin dll O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolba... Read more

https://forums.techguy.org/threads/ie-keeps-popping-up-http-url-adtrgt-com-cpv-jsp.819039/
Relevancy 40.85%

Hello I am the admin for a small company We have a user who came down with a particularly nasty variation of some adware Regardless of which tools I ran on it Nod SuperANTISpyware Previx AdAware ComboFix HJT KillBox VundoFix Windows Defender Windows Malware Remover adtrgt.com on and Pro XP core.cache.dsk SpyWare Blaster AVG AntiSpyware it kept returning immediately once a browser IE or IE was opened It always manifests the same Open Browser Navigate to Google Keyword Driven Ads begin Popping From semi-reputable companies but always as a redirect from url adtrgt com I ran Belarc Advisor on the system and realized core.cache.dsk and adtrgt.com on XP Pro the user had stopped the Updates from Auto-Downloading I updated all needed patches upgraded to IE and even resorted to contacting the manufacturer of my AV software Yikes I am now on day of this extraction and see no light at the end of the tunnel Performing Packet Analysis on the IP stream allowed me to see that I was dealing with url adtrgt com which lead me to your site It seems that your analysts have some experience with assisting users with removing the core cache dsk among other trojan adware variations Once I read the core.cache.dsk and adtrgt.com on XP Pro steps to posting on this board I stopped all progress I was making and re-enabled core.cache.dsk and adtrgt.com on XP Pro MSCONFIG performed all the LOGS and attachments and lay this problem at your feet A LOT of the junk you see in the logs has not been used for a few years but was prevented from loading per MSCONFIG It looks as though there will be a lot of cleanup to do there as well Please for the love of all that is good and kind in this world - help me eradicate this adware PS gt USERNAME USER USER USER are all individuals at work whom do not want to share their names with the world one of which I am PPS gt I noticed something I've never seen before in the logs - Tech Smith installed on could this be something that would cause the problems I'd like to go back to the user and coach on how NOT to ever do this again Thank you so much for your time Chris --- Start of the Panda Log File --- Incident Status Location Potentially unwanted tool Application NirCmd A Not disinfected C Documents and Settings Administrator GIBSON Desktop Tools ComboFix ComboFix exe R FWJFW nircmd com Potentially unwanted tool Application NirCmd A Not disinfected C Documents and Settings Administrator GIBSON Desktop Tools ComboFix ComboFix exe R FWJFW nircmd cfexe Spyware Cookie Adrevolver Not disinfected C RECYCLER S- - - - - - - De username adrevolver txt Spyware Cookie Apmebf Not disinfected C RECYCLER S- - - - - - - De username apmebf txt Spyware Cookie Atwola Not disinfected C RECYCLER S- - - - - - - De username atwola txt Spyware Cookie bravenetA Not disinfected C RECYCLER S- - - - - - - De username bravenet txt Spyware Cookie Barelylegal Not disinfected C RECYCLER S- - - - - - - De username c fsx txt Spyware Cookie Cgi-bin Not disinfected C RECYCLER S- - - - - - - De username cgi-bin txt Spyware Cookie Com com Not disinfected C RECYCLER S- - - - - - - De username com txt Spyware Cookie did-it Not disinfected C RECYCLER S- - - - - - - De username did-it txt Spyware Cookie Belnk Not disinfected C RECYCLER S- - - - - - - De username dist belnk txt Spyware Cookie DomainSponsor Not disinfected C RECYCLER S- - - - - - - De username domainsponsor txt Spyware Cookie GoStats Not disinfected C RECYCLER S- - - - - - - De username gostats txt Spyware Cookie Humanclick Not disinfected C RECYCLER S- - - - - - - De username hc humanclick txt Spyware Cookie DomainSponsor Not disinfected C RECYCLER S- - - - - - - De username landing domainsponsor txt Spyware Cookie Linksynergy Not disinfected C RECYCLER S- - - - - - - De username linksynergy txt Spyware Cookie Maxserving Not disinfected C RECYCLER S- - - - - - - De username maxserving txt Spyware Cookie Qsrch Not disinfected C RECYCLER S- - - - - - - De username qsrch txt Spyware Cookie Rightmedia Not ... Read more

http://www.techsupportforum.com/forums/f284/core-cache-dsk-and-adtrgt-com-on-xp-pro-218948.html
Relevancy 40.85%

Hello. Newbie to this site. I have tried everything under the sun to get rid of these, all to no avail. I have searched a dozen forums looking for a fix, ran all kinds of cleaners, but this seems to need some individual attention. FireFox is my default browser, but I get constant pop ups from IE for adtrgt.com. I tend to think that this is a root kit, but I do not know and that is why I'm here. I am running WinXP w/sp2. If someone could help me tackle the removal of this thing, it would be greatly appreciated.

A:url.Adtrgt.com/ Constant POP-UPS in IE .... UGHH!

Here are the ComboFix Log and the HiJackThis Log. Just trying to give someone a headstart. I've seen in most threads that these are the first items that are asked for.

ComboFix 08-02-25.3 - DavidW.Forant 2008-02-27 13:00:09.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.564 [GMT -5:00]
Running from: C:\Documents and Settings\DavidW.Forant\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\autorun.inf
C:\Program Files\Common Files\{1E201~1

C:\Program Files\Common Files\{1E201~1\system.dll

C:\Program Files\Common Files\{1E201~1\Update.exe

C:\Program Files\Common Files\{1E201~2

C:\Program Files\Common Files\{1E201~2\system.dll

C:\Program Files\Common Files\{1E201~2\Update.exe

C:\Program Files\Common Files\oe

C:\Program Files\Common Files\oe\msbb.dll

C:\Program Files\Common Files\oe\uninstallwa.exe

C:\Program Files\orbit

C:\Program Files\orbit\ad.oe

C:\Program Files\orbit\menu.oe

C:\Program Files\orbit\update.exe

C:\Program Files\orbit\view.exe

C:\Program Files\outlook

C:\Program Files\outlook\outlook.exe

C:\Program Files\outlook\p.zip

C:\Program Files\outlook\v.tmp

C:\temp\tn3

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\customer_cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\heart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_down.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\plates.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\ticket.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\tray.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\music\mainmenumusic.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_bring_check_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_order_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_diner.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_food_ready_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_gain_heart_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_get_drinks_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_party_arrive_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pencil_write_2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pickup_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_rollover_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_seat_people_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\choosedifficulty.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\credits.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_lose.png

C:\WINDOWS\Downloaded Program ... Read more

http://www.techsupportforum.com/forums/f284/url-adtrgt-com-constant-pop-ups-in-ie-ughh-225213.html
Relevancy 40.85%

I am having a difficult time removing url adtrgt com malware from my daughters computer The computer runs windows XP professional It started acting slow then IE started opening up a bunch of popup ads etc It kept freezing running slow and every time you booted up or started a program there were error messages I googled some of the error messages and it looked like Vundo so I found and ran a Vundo removal tool It said it found and fixed that Most of the error messages went away but there are still constant pop up ads The url of many of the popups is adtrgt com I tried using system restore to restore to an earlier configuration But when I tried that it didnt work I removal url.adtrgt.com problems chose a date and clicked next and nothing happened I tried this in safe mode and with a limited config msconfig In googling the problem I saw many solutions that included posting a HijackThis log And then running a program like Malware Bytes and or ComboFix Every time I tried to install url.adtrgt.com removal problems HijackThis or run MalwareBytes or ComboFix nothing happened I opened the task manager and looked in the process list and the program would spawn a process when clicked but nothing would happen I tried this as well in safe mode or with a limited configuration Does anybody have any ideas I am at the end of my rope Thanks Tom nbsp

A:url.adtrgt.com removal problems

Just in case anybody finds this post, I thought I would post my own solution. Finally after searching for hours, I found a post on Experts exchange suggesting renaming the hijack this executable so it wasnt recognized and blocked, so I tried that and it worked! I was able to do the same thing for malwarebytes and combofix.
Anyway, after running those, a ton of vundo and antivirus and a bunch of other malware was found and removed. Everything seems to be working fine. I will post my final hijackthis log in case it looks like there is some stuff left over.

Thanks!

Tom

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:33:41 PM, on 12/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\hjhere\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! uC - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! uC - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Sym... Read more

https://forums.techguy.org/threads/url-adtrgt-com-removal-problems.776609/
Relevancy 40.85%

Currently using Firefox When open IE popups will randomly appear even though it s not running Theses popups usually go sites such as http url adtrgt com cpv jsp p Keyword techguy org amp selectedListingId http www searchfeed com rd Clk jsp amp snid http www nexplore com search html gest popTab amp query Toys and Games Adtrgt, searchfeed, using FF: IE when ad popups etc. Online Game as well as others SP S IE ad popups when using FF: Adtrgt, searchfeed, etc. amp D and SUPERAntiSpyware despite having had complete scans multiple times have not been able to clean it up Help please Thanks in advance Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA COMMON Stardock SDMCP exe C WINDOWS Explorer EXE C WINDOWS RTHDCPL EXE C WINDOWS system taskswitch exe C Program Files McAfee VirusScan Enterprise SHSTAT EXE C Program Files McAfee Common Framework UdaterUI exe C Program Files Airlink WLAN Monitor WLANmon exe C Program Files ANI ANIWZCS Service WZCSLDR exe C Program Files McAfee Common Framework McTray exe C Program Files Java jre bin jusched exe C WINDOWS system rundll exe C Program Files Logitech Video LogiTray exe C WINDOWS system RUNDLL EXE C WINDOWS system ctfmon exe C Documents and Settings Andrew Ta Local Settings Application Data Google Update GoogleUpdate exe C WINDOWS system LVComS exe C Program Files ANI ANIWZCS Service ANIWZCSdS exe C Program Files Bonjour mDNSResponder exe C Program Files McAfee Common Framework FrameworkService exe C Program Files McAfee VirusScan Enterprise VsTskMgr exe C WINDOWS system nvsvc exe C WINDOWS System svchost exe C Program Files McAfee VirusScan Enterprise Mcshield exe C Program Files Mozilla Firefox firefox exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C Documents and Settings Andrew Ta Desktop Random Antivirus HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Freecorder Toolbar - b d - c - f-a f -b f a - C Program Files Freecorder tbFree dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Files Microsoft Office Office GrooveShellExtensions dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan Enterprise Scriptcl dll O - Toolbar Freecorder Toolbar - b d - c - f-a f -b f a - C Program Files Freecorder tbFree dll O - Toolbar Veoh Browser Plug-in - D - - -A B -AEFAF AB - C Program Files Veoh Networks Veoh Plugins reg VeohToolbar dll O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SkyTel SkyTel EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run CoolSwitch C WINDOWS system taskswitch exe O - HKLM Run ShStatEXE quot C Program Files McAfee VirusScan Enterprise SHSTAT EXE quot STANDALONE O - HKLM Run McAfeeUpdaterUI quot C Program Files McAfee Common Framework UdaterUI exe quot StartedFromRunKey O - HKLM Run Airlink WLAN Monitor C Program Files Airlink WLAN Monitor WLANmon exe O - HKLM Run ANIWZCS Service C Program Files ANI ANIWZCS Service WZCSLDR exe O - HKLM Run nwiz nwiz exe install O - HKLM Run SunJ... Read more

Relevancy 40.85%

Currently using Firefox Recently started getting IE popups randomly even though it s not running At least one of the popups popups etc. ad Adtrgt, IE using when Firefox: goes to http url adtrgt com cpv jsp p tingId Found this forum via a Google search on my problem and it appears IE ad popups when using Firefox: Adtrgt, etc. that other IE ad popups when using Firefox: Adtrgt, etc. have had this same problem Downloaded and ran SpyBot S amp D but it hasn t eliminated the problem Thanks for any help you can provide Tom Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files AskBarDis bar bin AskService exe C Program Files Cisco Systems VPN Client cvpnd exe C Program Files Java jre bin jqs exe C Program Files Common Files LightScribe LSSrvc exe C Program Files CyberLink Shared Files RichVideo exe C WINDOWS system svchost exe C WINDOWS system mqsvc exe C Program Files Hewlett-Packard Shared hpqwmiex exe C WINDOWS system mqtgsvc exe C WINDOWS Explorer EXE C Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe C WINDOWS RTHDCPL EXE C Program Files Motorola SMSERIAL sm hlpr exe C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files HP QuickPlay QPService exe C WINDOWS system igfxsrvc exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Hp HP Software Update HPWuSchd exe C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files Java jre bin jusched exe C Program Files Samsung Samsung SCX- Series SPanel RCP Scan pc exe C WINDOWS Samsung PanelMgr ssmmgr exe C WINDOWS system rundll exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files Common Files LightScribe LightScribeControlPanel exe C WINDOWS system ctfmon exe C Program Files Microsoft ActiveSync wcescomm exe C WINDOWS System svchost exe C Program Files Xpress Mail Professional Editon XpressMailDesktopClient exe C PROGRA MI AA rapimgr exe C Program Files Xpress Mail Professional Editon Connection exe C Program Files Hewlett-Packard Shared HpqToaster exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Mozilla Firefox firefox exe c Program Files HP Smart Web Printing hpswp clipbook exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - Hosts browser-security microsoft com O - Hosts best-click-scanner info O - Hosts antivirus-xp-pro- com O - Hosts microsoft infosecuritycenter com O - Hosts microsoft softwaresecurityhelp com O - Hosts onlinenotifyq net O - Hosts antivirusxp-pro- com O - Hosts microsoft browser-security-center com O - BHO HP Print Enhancer - C E- - -BF - C - c Program Files HP Smart Web Printing hpswp printenhancer dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO AskBar BHO - f d - - d - c -aa e ed - C Program Files AskBarDis bar bin askBar dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO NCO IE BHO - ADB E- AFF- - AA - DAC DFA - no file O - BHO no name - aa- c a- -b b -b b f a - C WINDOWS system dimunitu dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp s... Read more

https://forums.techguy.org/threads/ie-ad-popups-when-using-firefox-adtrgt-etc.818722/
Relevancy 40.85%

Hello I ve been having a problem with pop-ups fo the past - days I have ran ad-aware made by lavasoft and I deleted everything that it came up with I then restarted and I am still having the problem I would like to have it checked out by someone that knows what they are doing Anyway the pop-ups are coming up all with the URL starting as http display adtrgt com and then it s followed by a bunch of random letters and numbers They always show up when I am browsing the internet with IE I haven t tried any other browser When I click on a link to anything is when the windows pop up I am running Windows XP Service Pack Here s my HJT log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system when Pop-ups for IE http://display.adtrgt.com using svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Pop-ups for http://display.adtrgt.com when using IE Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C Program Files Java jre bin jqs exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C WINDOWS Pop-ups for http://display.adtrgt.com when using IE system PSIService exe C WINDOWS system rpcnet exe C WINDOWS System svchost exe C WINDOWS System WLTRYSVC EXE C Program Files Google Update GoogleUpdate exe C WINDOWS System bcmwltry exe C WINDOWS Explorer EXE C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C WINDOWS system wscntfy exe C WINDOWS stsystra exe C WINDOWS System WLTRAY exe C Program Files Java jre bin jusched exe C Program Files Common Files LogiShrd LComMgr Communications Helper exe C Program Files ATI Technologies ATI ACE CLI EXE C Program Files Logitech QuickCam Quickcam exe C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS system rundll exe C Program Files Common Files Corel Corel PhotoDownloader Corel Photo Downloader exe C Program Files Windows Live Messenger MsnMsgr Exe C WINDOWS system ctfmon exe C Program Files DNA btdna exe C Program Files DAEMON Tools Pro DTProAgent exe C Program Files Messenger msmsgs exe C WINDOWS System svchost exe C Program Files Stardock ObjectDock ObjectDock exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Program Files ATI Technologies ATI ACE cli exe C Program Files Windows Live Messenger usnsvc exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch O - Hosts tux-hack net O - Hosts www tux-hack net O - Hosts http tux-hack net O - Hosts http www tux-hack net O - Hosts http www tux-hack net index php O - Hosts hacksantana com O - Hosts www hacksantana com O - Hosts http hacksantana com O - Hosts http www hacksantana com O - Hosts http www hacksantana com index php O - HKLM Run SigmatelSysTrayApp stsystra exe O - HKLM Run Broadcom Wireless Manager UI C WINDOWS System WLTRAY exe O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE CLIStart exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run LogitechCommunicationsManager quot C Program Files Common Files LogiShrd LComMgr Communications Helper exe quot O - HKLM Run LogitechQuickCamRibbon quot C Program Files Logitech QuickCam Quickcam exe quot hide O - HKLM Run ABCACD - F E-EB A- A- D B EC F quot C WINDOWS TEMP IXP TM... Read more

A:Pop-ups for http://display.adtrgt.com when using IE

Bump. Please help.
 

https://forums.techguy.org/threads/pop-ups-for-http-display-adtrgt-com-when-using-ie.824102/
Relevancy 40.85%

I have been having adtrgt.com browser hijack a problem with this hijacker in the last days Adaware or Spy bot wont find it and delete it I just ran Combofix I hope it will help Here are my log files ComboFix - - - Gab - - - NTFSx Microsoft Windows XP Professional GMT - Running from c documents and settings Gab Desktop ComboFix exe Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED Other Deletions c documents and settings Gab Application Data inst exe c windows system egikvx dll c windows system iifcCttr dll c windows system irpvifcq dll c windows system jkkJyWoM dll c windows system knavdmyi dll c windows system lsprst dll c windows system MoWyJkkj ini c adtrgt.com browser hijack windows system MoWyJkkj ini c windows system nsprs dll c windows system pmnnOGXP dll c windows system Pncrt dll c windows system serauth dll c windows system serauth dll c windows system ssprs dll Files Created from - - to - - - - - - lt DIR gt d-------- c program files Trend Micro - - - - lt DIR gt d-------- c documents and settings All Users Application Data Spybot - Search amp Destroy - - - - lt DIR gt d-------- c program files Spybot - Search amp Destroy - - - - lt DIR gt d-------- c program files CCleaner - - - - lt DIR gt d-------- c documents and settings All Users Application Data vsosdk - - - - --a------ c windows gdiplus dll - - - - --a------ c windows system wvc dmod dll - - - - --a------ c windows system vp vfw dll - - - - --a------ c windows system drv dll - - - - --a------ c windows system drv dll - - - - --a------ c windows system drv dll - - - - --a------ c windows system cook dll - - - - lt DIR gt d-------- c program files VSO - - - - lt DIR gt d-------- c documents and settings Gab Application Data Vso - - - - --a------ c windows system drivers pcouffin sys - - - - --a------ c documents and settings Gab Application Data pcouffin sys - - - - lt DIR gt d-------- c program files Microsoft Silverlight - - - - lt DIR gt d-------- c documents and settings All Users Application Data TechSmith - - - - lt DIR gt d-------- c program files TechSmith - - - - -----c--- c windows system dllcache msxml dll - - - - -----c--- c windows system dllcache mrxsmb sys - - - - lt DIR gt d-------- c documents and settings Gab Application Data Hamachi - - - - lt DIR gt d-------- c program files Hamachi - - - - --a------ c windows system drivers hamachi sys Find M Report - - --------- d--h--w c program files InstallShield Installation Information - - --------- d-----w c documents and settings Gab Application Data LimeWire - - --------- d-----w c program files SPSSEVAL - - --------- d-----w c program files Common Files Wise Installation Wizard - - --------- d-----w c documents and settings All Users Application Data Microsoft Help - - --------- d-----w c program files PartyGaming - - --------- d-----w c program files MagicISO - - --------- d-----w c program files Microsoft Games - - --------- d-----w c documents and settings All Users Application Data Age of Empires - - --------- d-----w c program files Rockstar Games - - ----a-w c windows system PnkBstrB exe - - ----a-w c windows system drivers PnkBstrK sys - - --------- d-----w c documents and settings Gab Application Data Leadertech - - --------- d-----w c program files EA Sports - - --------- d-----w c documents and settings Gab Application Data dvdcss - - --------- d-----w c program files Common Files Nero - - --------- d-----w c documents and settings All Users Application Data Nero - - ----a-w c windows system drivers mrxsmb sys - - ----a-w c windows system wuweb dll - - ----a-w c windows system wuaueng dll - - ----a-w c windows system wuapi dll - - ----a-w c windows system wucltui dll - - ----a-w c windows system cdm dll - - ----a-w c windows system wuauclt exe - - ----a-w c windows system wups dll - - ----a-w c windows system wups dll - - ----a-w c windows system mucltui dll - - ----a-w c windows system muweb dll - - --------- d-----w c program files EA Games... Read more

A:adtrgt.com browser hijack

And here is my Hijackthis logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:45, on 2008-12-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Too... Read more

https://forums.techguy.org/threads/adtrgt-com-browser-hijack.777423/
Relevancy 40.85%

Hello I am on a lap top running Windows XP I also have office This is my first experience with such a malware spyware I have seen similar posts for this pop up website in this forum and others I used Spybot and Malwarebytes Anti url in of Need firefox rid pops help getting adtrgt.com Malware and still the pop up remains I don t seem to get the problem in IE They only seem to appear when I do a search in google or yahoo After a few minutes a pop page will appear with the URL s below http url adtrgt com cpv jsp p trgt com amp affid amp b amp b amp aid The end of the files will change depending on the search but it is always url adtrgt com Your assistance is gladly appreciated Please let me know what I should do next Based on some of the other forum posts let me know if I need to download Combofix and or disable or unistall spybot So after I tried all this I ran the HJT and the log is Need help getting rid of url adtrgt.com pops in firefox below Need help getting rid of url adtrgt.com pops in firefox Logfile of Trend Micro HijackThis v Scan saved at AM Need help getting rid of url adtrgt.com pops in firefox on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C WINDOWS system spoolsv exe C Program Files Intel Wireless Bin ZcfgSvc exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C PROGRA Intel Wireless Bin XConfig exe C PROGRA COMMON AOL ACS AOLacsd exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe c program files mcafee com agent mcdetect exe c PROGRA mcafee com agent mctskshd exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C PROGRA McAfee com PERSON MPFSERVICE exe C Program Files Dell NICCONFIGSVC NICCONFIGSVC exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system svchost exe C WINDOWS ehome ehtray exe C Program Files Java jre bin jusched exe C Program Files Apoint Apoint exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Dell QuickSet quickset exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Real RealPlayer RealPlay exe C WINDOWS system dla tfswctrl exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Apoint HidFind exe C PROGRA mcafee com agent mcagent exe C Program Files Apoint Apntex exe C PROGRA McAfee com PERSON MpfTray exe C Program Files iTunes iTunesHelper exe C Program Files Common Files InstallShield UpdateService agent exe C Program Files Boingo GoBoingo GoBoingo exe C Program Files SpyNoMore SNM exe C Program Files ScanSoft PaperPort pptd nt exe C Program Files Brother Brmfcmon BrMfcWnd exe C Program Files Musicmatch Musicmatch Jukebox mmtask exe C Program Files Brother ControlCenter brccMCtl exe C PROGRA McAfee com PERSON MpfAgent exe C WINDOWS system ctfmon exe C Program Files DellSupport DSAgnt exe C Program Files Skype Phone Skype exe C Program Files Windows Live Messenger MsnMsgr Exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Business-in-a-Box BIBLauncher exe C Program Files Starfield Desktop Calendar Tools OutSync exe C Documents and Settings clara rodriguez Local Settings Application Data Google Update GoogleUpdate exe C WINDOWS system dllhost exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtMng exe C Program Files Digital Line Detect DLG exe C WINDOWS eHome ehmsas exe C Program Files iPod bin iPodService exe C Program Files eFax Messenger J GTray exe C Program Files Google Web Accelerator GoogleWebAccWarden exe C Program Files Toshiba Bluetooth Toshiba Stack TosA dp exe C Program Files Toshiba Bluetooth Toshiba St... Read more

A:Need help getting rid of url adtrgt.com pops in firefox

Also... Below is the log from the Malwarebytes Anti Malware:

Malwarebytes' Anti-Malware 1.31
Database version: 1481
Windows 5.1.2600 Service Pack 3

12/10/2008 1:06:02 AM
mbam-log-2008-12-10 (01-06-02).txt

Scan type: Quick Scan
Objects scanned: 68096
Time elapsed: 27 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 7
Registry Keys Infected: 27
Registry Values Infected: 5
Registry Data Items Infected: 5
Folders Infected: 20
Files Infected: 47

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\qoMfcbXn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\murebiyo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nugedezo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\dozafuna.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ljJYOgdE.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\tnmvwdme.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yqzbeu.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljjyogde (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d96085f-8c08-4d79-9692-f50a9fc028c6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{8d96085f-8c08-4d79-9692-f50a9fc028c6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd418a7d-3c34-48b3-8365-107b312dc507} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fd418a7d-3c34-48b3-8365-107b312dc507} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46733578-b9c4-4fe3-a017-86c78acd0077} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{46733578-b9c4-4fe3-a017-86c78acd0077} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46733578-b9c4-4fe3-a017-86c78acd0077} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8d96085f-8c08-4d79-9692-f50a9fc028c6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fd418a7d-3c34-48b3-8365-107b312dc507} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4d25f920-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d25f923-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f924-b9fe-4682-bf... Read more

https://forums.techguy.org/threads/need-help-getting-rid-of-url-adtrgt-com-pops-in-firefox.778060/
Relevancy 40.42%

For the last few days, whenever I'm using IE or Firefox, I'm getting these odd pop-ups directing me to a site listed at adtrgt.com... The pop-ups are only coming up in Firefox windows.

I've run both Spybot and AVG, and while they do turn up some problems, the adtrgt pop-ups haven't stopped.

My OS is Windows XP Service Pack 2.

I'm definitely a beginner here. What information do you need from me?

Thank you for any help you can offer.
 

https://forums.techguy.org/threads/getting-strange-popups-from-adtrgt-com-in-firefox.788394/
Relevancy 40.42%

I am running Windows XP SP Not sure how Malware url.adtrgt.com causing popup this got onto my computer but either way often when I start up firefox or Internet Explorer i get a popup in IE ONLY that goes to a link http url adtrgt com someone please kill that link so it doesn t infect someone followed by some random characters for a long time Trend Micro blocks the site from connecting but the popup is driving me mad and I don t feel safe doing any banking etc on this comp with ANY infection I tried all sorts of solutions to no avail I m at wits end and would love some help with this I ran MalwareBytes and it seems to keep coming up with a worm P P in the system folder under different names and removing them I m guessing thats the culprit Any help is greatly appreciated Heres my HJT log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS Malware causing url.adtrgt.com popup system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C Program Files Trend Micro BM TMBMSRV exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Autodesk Data Management Server Server Dispatch Connectivity WindowsService JobDispatch exe C WINDOWS Explorer EXE C Program Files Autodesk Data Management Server Server Webserver Connectivity EDMWS Server exe C Program Malware causing url.adtrgt.com popup Files Bonjour mDNSResponder exe C Program Files Intel Intel Application Accelerator iaantmon exe C Program Files Java jre bin Malware causing url.adtrgt.com popup jqs exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Java jre bin jusched exe C Program Files Intel Intel Application Accelerator iaanotif exe C Program Files Intel Modem Event Monitor IntelMEM exe C Program Files Microsoft SQL Server MSSQL MSSQL Binn sqlservr exe C Program Files HP hpcoretech hpcmpmgr exe C Program Files Analog Devices Core smax pnp exe C Program Files HP HP Software Update HPWuSchd exe C Program Files ATI Technologies ATI ACE Core-Static MOM exe C Program Files iTunes iTunesHelper exe C Program Files Trend Micro Internet Security UfSeAgnt exe C WINDOWS system ctfmon exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files ATI Technologies ATI ACE Core-Static ccc exe C Program Files Trend Micro Internet Security SfCtlCom exe C Program Files Microsoft SQL Server Shared sqlbrowser exe C Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS system svchost exe C Program Files Trend Micro Internet Security TmPfw exe C Program Files Trend Micro Internet Security TmProxy exe C Program Files Viewpoint Common ViewpointService exe C Program Files iPod bin iPodService exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C WINDOWS system HPZipm exe C Program Files Mozilla Firefox firefox exe C Program Files Java jre bin java exe C Program Files Trend Micro HijackThis HijackThis exe C WINDOWS system wbem wmiprvse exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http google icq com search search frame php R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext se... Read more

Relevancy 40.42%

My browser keeps opening up these adware pages from url.adtrgt, end-search.com and various other search related web sites.

I've tried running Spyware - S & D, Spyware Doctor etc. multiple times but have not had much success. These tools say that removal was successful but these things keep popping up again. Please find attached the HijackThis log.

Any help is appreciated.

A:Removal of malware - url.adtrgt.com/end-search.com etc.

Hello nomansland,I will be assisting you with your malware issues.Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!Please bookmark or favourite this page. In case you need it as reference or etc.----------------------------------------------I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.Thank you for your patience.

http://www.bleepingcomputer.com/forums/t/181151/removal-of-malware-urladtrgtcomend-searchcom-etc/
Relevancy 40.42%

Firefox keep popping up windows for MS Juan and least MS attacked Being by adtrgt at Juan/SuperJuan and for adtrgt oh and yellowpage as well This has been going on for a while now Probably should have had this dealt with before now I tried deleting MS Juan and MS Tracker from the registry Not sure if I was successful or not Also when I try to open the C drive I get a warning now that says Being attacked by at least MS Juan/SuperJuan and adtrgt quot Windows cannot find RECYCLER S- - - - - - - com Make sure you typed the name correctly and then try again To search for a file slick the Start button and the click Search quot I can get into the C Drive by clicking Explore instead of Open though My HijackThis log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C WINDOWS system RUNDLL EXE C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system nvsvc exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system wscntfy exe C WINDOWS System svchost exe C Program Files Windows Media Player wmplayer exe C WINDOWS system spoolsv exe C Program Files Mozilla Firefox firefox exe C WINDOWS system ctfmon exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page about blank R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ycomp defaults su http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http localhost R - URLSearchHook no name - EF BD -C FB- D - F- D F - no file O - Toolbar no name - EF BD -C FB- D - F- D F - no file O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run High Definition Audio Property Page Shortcut CHDAudPropShortcut exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run ISUSPM Startup quot C Program Files Common Files InstallShield UpdateService isuspm exe quot -startup O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run Cpqset C Program Files Hewlett-Packard Default Settings cpqset exe O - HKLM Run RecGuard C Windows SMINST RecGuard exe O - HKLM Run HostManager C Program Files Common Files AOL ee AOLSoftware exe O - HKLM Run Symantec PIF AlertEng quot C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe quot a m quot C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A AlertEng dll quot O - HKLM Run avgnt quot C Program Files Avira AntiVir PersonalEdition Classic avgnt exe quot min O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - S- - - Startup Vongo Tray lnk C Program Files Vongo Tray exe User SYSTEM O - DEFAULT Startup Vongo Tray lnk C Program Files Vongo Tray exe User Default user O - DEFAULT User Startup Vongo Tray lnk C Program Files Vongo Tray exe User Default user O - Extra context menu item Add to Google Photos Screensa amp ver - res C WINDOWS system GPhotos scr O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button Real com - CD F -D E - d - FE- C F AF... Read more

Relevancy 40.42%

I ve been trying to fix a problem with a browser hijacker with no success I ve got several things going on and it seems to be other things possibly adtrgt.com with and Infected getting worse I m getting random Infected with adtrgt.com and possibly other things pop-ups including some nasty ones attempting to disguise themselves as warning messages from Windows about Infected with adtrgt.com and possibly other things a virus then I get the quot downloading anti virus software quot pop-up Every now and then IE will start opening up dozens of tabs all directed to some variation of url adtrgt com Yesterday Youtube stopped working on IE and I ve been having some issues with reading pdfs on my machine I m running XP I ve performed full scans with Kapersky Anti-Virus updated this week and Ad-Aware just downloaded and updated this week Ad-Aware keeps pulling up unknown objects and can t seem to remove them Kapersky s not any better I have backed up my important information and I m hoping I can get some help with is before I can t take it anymore and reformat my hard drive It s getting worse Please help Thank you in advance

A:Infected with adtrgt.com and possibly other things

I ran into a very similar problem a couple weeks ago on a friend's machine. I have a bunch of antivirus tools and stuff on a flash drive, so I took it to her house to run it all. The damn virus wouldn't let me run ANY of them. Even in safe mode.

This may seem like a silly question to you, but have you tried a system restore? That's what I did to her computer. I just restored it to about two months back, and THEN I was able to run all of my tools. Had her computer running like brand new in a couple of hours. I found, like, 36 trojans, worms, rootkits, etc.

If you haven't done a system restore, try it. Go back a couple of months, then you should be fine.

http://www.bleepingcomputer.com/forums/t/210507/infected-with-adtrgtcom-and-possibly-other-things/
Relevancy 40.42%

I use firefox but IE will pop up randomly every - mins while it s not even running and load up different webpages It also pops up when running IE I have run spybot S amp E Fully updated and deleted what was detected spyware Solved: virus adtrgt.com or and I also ran Kaspersky Anti-Virus Fully updated and deleted what it detected mostly trojans I did run Solved: spyware or virus adtrgt.com the scans again after rebooting my PC from the deletions and it doesn t detect anything now Kaspersky does pop-up a warning before IE starts up asking me to Allow Or Deny the process Which I attached as a screenshot not sure if it helps One of the websites it loads up is http url adtrgt com cpv jsp p selectedKeyword ron amp selectedListingId Heres my HijackThis Log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C windows System smss exe C windows system winlogon exe C windows system services exe C windows system lsass exe C windows system svchost exe C windows System svchost exe C windows system spoolsv exe C windows system PnkBstrA exe C windows system svchost exe C windows explorer exe C Program Files Kaspersky Lab Kaspersky Anti-Virus avp exe C Program Files Kaspersky Lab Kaspersky Anti-Virus avp exe C Program Files Kaspersky Lab Kaspersky Anti-Virus avp exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net a R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Start Page http home sweetim com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file R - URLSearchHook SweetIM For Internet Explorer - BC FFE -DE F- fa-B -AAD B F - no file O - BHO no name - CC - - -AAC -CAEE D - no file O - BHO COM Service - BDEC -B AC- e b- AB - A DA - no file O - BHO a bc - d- ffb-aac - be f - f e-b - caa-bff -d cb a - no file O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO no name - B FF - - -AB -A A EB CA - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar SweetIM For Internet Explorer - BC FFE -DE F- fa-B -AAD B F - no file O - HKLM RunOnce SpybotDeletingA command c del quot C WINDOWS system drivers core cache dsk quot O - HKLM RunOnce SpybotDeletingC cmd c del quot C WINDOWS system drivers core cache dsk quot O - HKCU Software Policies Microsoft Internet Explorer Restrictions present O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra context menu item amp Clean Traces - C Program Files DAP Privacy Package dapcleanerie htm O - Extra context menu item amp Download with amp DAP - C Program Files DAP dapextie htm O - Extra context menu item amp Search - p ZJfox O - Extra context menu item Append to existing PDF - res C ... Read more