Internet explorer popups

Status
Not open for further replies.
T

toneeh

Posts: 13   +0
Hi, this has been occurring for quite some time, whenever i load mozilla i will get internet explorer popups. I've tried running softwares to clean it, but it just doesn't go away. Recently I watched something using real player and it just opened websites non stop :(

Is there anyway to stop these Internet explorer pop ups?
 
-Have you tried uninstalling Mozilla completely and then reinstalling it?
..from Control Panel, then Program files, then registry?

- Do you have a Firewall protecting your internet connection?

- Do you have a third-party pop-up blocker? - http://www.stopzilla.com/download/d...POP BLOCKER&gclid=CKaKjbb3lo4CFRrnPgodpzqrXg&

- Is your Mozilla pop-up blocker on? - http://www.bsu.edu/techtrain/popup/mozpopup/

- What do you mean by Internet Explorer pop-ups?

***Try this and post your results: http://www.popuptest.com/***

- Oh and by the way, welcome to TechSpot! :)
 
No i haven't, but sometimes i will get popups even though mozilla isn't opened :(

My system says i have firewall turned on.
I don't use third party popup blockers, and i have just checked, the inbuilt mozilla popup blocker is checked.

These popups can be like adds, or links to various sites I've never seen so its very random.

Thanks for the warm welcome ^_^
 
There are settings in Internet Explorer 7.0 to opt out of most pop ups.
I have been using Firefox for years. Popups are almost never a problem, unless your settings allow them.
See the Help section in Mozilla... There is a section there on "Controlling PopUps."
 
Your system is badly infected with malware.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard :)

This thread is for the use of toneeh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
It`ll take you quite a while to follow the instructions. Take your time and don`t skip any of them, unless it states otherwise.

Regards Howard :)

This thread is for the use of toneeh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
for step 11 - Run the programme and click the "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path" Do not fix anything yet. Let me know what is found in your reply and I`ll instruct you on how to proceed. Reconnect to the net.

i finished the scan but how do i post it ?

I think i found it in the folder, is it called Results? It is like 10 mbs and i cant upload it
 
You don`t post the AVG Antirootkit scan, just the results(location/file path) of what it finds(if anything).

Example: C:\windows\system32\somefile.exe

Regards Howard :)

This thread is for the use of toneeh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
the rookie scan finds like thousands of things like c:\Documents and Settings\user\Application Data\Microsoft\Msn Messenger.....
 
In that case, I think the better option would be to reformat and reinstall from scratch.

Before doing that, can you post a screen shot of the AVG Antirootkit scan?

Regards Howard :)
 
This is a print screen of the rootkit scan

Well i dont know if this matters of not, these are the HJT and AVG scans:

i also did another AVG scan later on.
 
I`m not 100% sure what`s going on here, but would like you to do the following.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

Run AVG Antirootkit as per the instructions in step11 of this thread HERE and have it fix everything it finds.

Download Vundofix from HERE.

Double click the Vundofix.exe to run it.

Right click in the vundofix window and click add files.

Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do it`s stuff.

These are the filepaths you need to enter into Vundofix.

C:\Program Files\Common Files\goskdl.dll
C:\WINDOWS\system32\qqxrkx.dll
C:\program files\internet explorer\nm070809.dll

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Delete all files in AVG Antispyware quarantine.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

spoolsv.exe
Update.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {C1626E66-C26B-C628-E1DF-CDACCFA26EE1} - C:\Program Files\Common Files\goskdl.dll

O2 - BHO: (no name) - {C9E1A926-69E5-1B4A-BD5A-3676151B0DC4} - C:\WINDOWS\system32\qqxrkx.dll

O4 - HKCU\..\Run: [Reas] "C:\PROGRA~1\SSEMBL~1\spoolsv.exe" -vt ndrv

O4 - HKLM\..\Policies\Explorer\Run: [nongmin] rundll32.exe "C:\program files\internet explorer\nm070809.dll" mymain

O4 - HKCU\..\Policies\Explorer\Run: [{40BAC257-07E3-1033-0423-040502020001}] "C:\Program Files\Common Files\{40BAC257-07E3-1033-0423-040502020001}\Update.exe" mc-110-12-0000904

O4 - HKCU\..\Policies\Explorer\Run: [{40BAC257-07E4-1033-0423-040502020001}] "C:\Program Files\Common Files\{40BAC257-07E4-1033-0423-040502020001}\Update.exe" mc-110-12-0000904

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\PROGRA~1\SSEMBL~1<Delete the entire folder.
C:\Program Files\Common Files\{40BAC257-07E4-1033-0423-040502020001}<Delete the entire folder.
C:\Program Files\Common Files\{40BAC257-07E3-1033-0423-040502020001}<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Run a fresh AVG Antirootkit scan and let me know if it finds anything.

Post fresh HJT and AVG Antispyware logs.

Regards Howard :)

This thread is for the use of toneeh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Open AVG Antispyware and click on the Infections button, then the qurantine tab. Click select all, then click Remove Finally.

Regards Howard :)

This thread is for the use of toneeh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I have experienced my system crashing at times, like programs will get critical errors after deleting things and stuff.

The two programs which have crashed are:

World of warcraft - game
Ventrilo

i will post the logs shortly.
 
sorry for the late reply, been caught up in real life ><

Here are the scans from HJT, however i cannot generate a report for AVG for some reason :(
 
1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT, Combofix and AVG Antispyware logs.

Regards Howard :)

This thread is for the use of toneeh only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

midian182
Microsoft revives aggressive Windows 11 upgrade campaign with intrusive popups for Windows...
2
Replies
46
Views
717
Ecurb
Ecurb
Daniel Sims
European Union set to revise cookie law, admits cookie banners are annoying
2
Replies
31
Views
689
opckieran
O
midian182
YouTube escalates battle against ad blockers, rolls out site slowdown (update)
2
Replies
47
Views
717
Benny26
Benny26

Latest posts

Back