TheStubware -- How to remove adtrgt.com popup

Home

Download

About

Donation

Forum

	Current Version:

	TheStubware Version : 1.7.8 Library date : 2010-04-11



	Malware removal instructions

	Remove Your PC Protector
	Remove Antispyware Soft
	Remove Security essentials 2010
	Remove Desktop Security 2010
	Remove Internet Security 2010
	Remove Vista Smart Security 2010
	Remove Total XP Security
	Remove H8SRTd.sys rootkit
	Remove Mysecuritysoft.com hijacker
	Remove AntiVir rogue program
	Remove Additional Guard
	Remove Alpha Antivirus
	Remove VirusResponse Lab 2009
	Remove Content security
	Remove thefeedyard.com hijacker
	Remove Antivirus Pro 2010
	Remove rootkit-based malware
	Remove stubborn malware files
	Remove Rootkit.SKYNET
	Remove Trojan Alureon
	Remove "Your computer is infected" balloon
	Remove search engine redirect malware
	Remove about:blank hijacker
	Remove Personal antivirus malware
	Remove windowsclick.com hijacker
	Remove adtrgt.com popup
	Remove random popups
	Remove trojan braviax (braviax.exe)
	Remove rogue PC_Antispyware2010
	Remove niheradomen.com hijacker
	Remove rogue Antivirus 2010
	Remove Home Antivirus 2010
	Remove Trojan Fakeavalert
	Remove Windows Police Pro
	Remove winibluesoft
	Remove GreenAV
	Remove Rogue.SaveKeeper
	Remove Antivirus System Pro
	Remove Personal Guard 2009
	Remove Virus Doctor
	Remove Total Security Malware
	Remove Security Tool Malware
	Remove World Anti Spy Malware
	Remove globexonline hijacker
	Remove Livefeedinc hijacker

How to remove adtrgt.com popup

Description of adtrgt.com popup

This malware redirect your Internet Explorer browser to the website adtrgt.com. Usually it displays a popup with advertisement, in the popup window address bar, it displays "http://url.adtrgt.com/cpv.jps?...", If you click the link in the popup window, it will download some other malware.

Objects of adtrgt.com popup

This malware create several registry keys, registry values, and dll files.

Add a value in registry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\random_name
The value name is random, and the value looks like this :
Rulldll32.exe "%SystemRoot%\system32\random_name.dll", s
OR
Rundll32.exe "%SystemRoot%\system32\random_name.dll", a

Add a value in registry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SSODL
The value is : {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} or something like that.

Add a value in registry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}
The value is : STS

Add a key in registry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\random_clsid, the random_clsid looks like "{xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx}"

Add several dlls with random name into %SystemRoot%\system32 folder

How to remove adtrgt.com popup

Run TheStubware scanner, after the scan is completed, all the adtrgt.com objects should be checked, just click "Fix selected" button, then you may need to restart Windows to complete the removal.

What if I finished the above steps but still have the malware ?

Your computer may get infected by a new variant. The new variant may use different method to hide itself, but don't worry, you can run the scanner first, after the scan is done, click "View Log" button, then send your log file to me for anylasis. You can submit your log file to technical support forum or send it in email to : support@TheStubware.com. After your log file is received, you will be sent a customizing removal to remove this malware.

3 Comments

Yeah, I only found three stuff you mentioned above in my comupter, after fix the three objects, the popup is no longer shown up. Great!

Commented by Jack-- 08/10/09 9:03:30

In in reality, divers years ago I purchased a tv tuner that plugged into my laptop with a USB connector. can sarcoidosis cause positive pet scan board When you requirement to part of not busy online poker, your operating set-up needs also to obey with a variety of requirements in hierarchy to be adept to download the software imperative to play.

Commented by WifefePhigure-- 09/11/09 13:48:35

Please do not send junk comment.

Commented by Michael-- 09/11/09 13:50:06

Leave your comment :

	Your Name :
	Your Email :	Your email will not be exposed to others.
	Your comment :