Pop Up / Spyware Virus

By Breon88
Dec 20, 2008
  1. Im not sure what really caused the problem. I seem to have ran into a virus where pop ups plague my computer. All of my pop up blockers are on and the same pop ups keep coming back indefinitely. Ive ran malwarebytes anti malware several times. When infected files are found i delete them, reboot my computer, and the pop ups return. Someone please help it will be greatly appreciated!
  2. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    bump i need help
  3. mflynn

    mflynn TS Rookie Posts: 2,655

  4. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    It appears i acted to rashly. I went ahead and ran MBAM and restarted my computer and now i cant use the start button or any other program. Sometimes the start menu does not even show. I have tried to run MBAM again or any other program and right before it gets to quarantining and deleting the computer freezes. This continues to happen over and over, and now i cant use my laptop.

    Please someone help
  5. mflynn

    mflynn TS Rookie Posts: 2,655

    OK Boot to Safe Mode with Networking!

    1. Go here: Do the Copy Paste operation to the Command Prompt.
    2. Then do this
    Note you can not rename by clicking the Name/Label you must rt click and chose properties and rename from there.

    When it reboots from fixit F8 again to Safe Mode Networking and UPDATE and run both MBAM and SAS attach logs. Then a new HJT log after the above are run.

    Then boot back to normal while waiting for logs to be read!

  6. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    I could not edit and attach my post, i have to download SAS in my administrator profile. I can not download SAS in safe mode it say administrator will not allow this tool. I thought i was the administrator , and i cannot return to regular mode since the virus is still present.

    Attached Files:

  7. mflynn

    mflynn TS Rookie Posts: 2,655

    OK so you are running with a very old version. Even this is better than nothing.

    Except you just exited without selecting next and deleting the Malware so you cleaned nothing.

    So run again select and delete all. Then run again and it will likely find more delete those.

    Also when rebooting hit the F8 key and chose Safe Mode with networking. Regular Safe Mode will not allow internet access but Safe Mode with Networking will.!


  8. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    Thanks I appreciate your help Mike.

    I have been running in safe mode with networking since your first response to the problem.

    I am not able to install SAS while in safe mode, normal mode is still not working.

    I have used MBAM twice back to back to scan for problems and then restarted my computer as it requested still no change. Antivirustrigger is still active as well as fake virus alerts
  9. mflynn

    mflynn TS Rookie Posts: 2,655

    You may have run mbam multiple times but you are not deleting what it found. You actually need to click next and answer yes to delete the malware. All you are doing is finding and exiting. You are not cleaning!

    That is why if you look you will see "No Action taken" in the log file.

    You need to run MBAM again and when it finds you must chose to delete the malware before you close MBAM!

    Do MBAM 2 times in a row check the log yourself. It will say Deleted or Quarantined at the end of each line that has Malware. Reboot if it asks you too!

    After the 2nd run try to update MBAM and if it updates you must run it again because the updates will likely find more.

  10. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16


    For some reason, I cannot update MBAM in safe mode, its saying a firewall is present, but my firewalls are down.

    Ive also dont see a delete all option after the scan is complete, i just see a remove option or ignore a few others but these are the most important.

    I believe that most of these virus/spyware are quarantined ive check the quarantine section and thats where they are? Is this the problem?
  11. mflynn

    mflynn TS Rookie Posts: 2,655

    Nope I can plainly see they are not in Quarintine!

    Use the remove option!!!!

    Run MBAM even without updates (use remove option) . Then run it again (use remove option)! Post both logs.

    Then try to do the 2 below operations.
    D/L Xclean_Micro
    No install, just run it delete all it finds decline to reboot on each item found, until the program finishes then reboot.

    Xclean will run minimized and will pop up a window if it finds anything. If it finds nothing it will exit.

    Please make a note of what it found if any as it has no log.
    If it finds several things reboot to Safe Mode and run again before continuing below.

    Malware Removal Tool by Joe Pestro This tool will run almost instantly if it finds nothing.

    After all above try updating MBAM again, if it updates then run it again with the new updates and attach new log.

  12. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    I ran MBAM in safe mode,I have attached the 2 logs, I will now do the scan u advised me about this will be in safe mode as well normal mode is still not working properly.
  13. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    I ran MBAM in safe mode,I have attached the 2 logs, I will now do the scan u advised me about this will be in safe mode as well normal mode is still not working properly.

    I have ran xcleaner i was not able to post the first thing it found, i removed it 2 quickly here is what all came up:

    Detected FlashTrack:
    Registry Keys (Software) (1) :

    Detected SystemDoctor 2006:
    CLSIDs (1) :

    Registry Keys (1) :

    I malware removal tool did not work, it said parent key could not be found. The system still has Anti virus trigger, and run virus scan icons. Also the same fake alert is still present. I honestly am getting discouraged, thanks again for all your help Mike
  14. mflynn

    mflynn TS Rookie Posts: 2,655

    OK we will get to normal mode later.

    Every time until I tell you boot to Safe Mode Networking.

    For now we want to clean all we can and it will break things loose.

    Try this next only after doing all you can of the above.

    Download SD Fix to Desktop among other things Catchme to look for RootKits.

    On Desktop run SDdFix It will run (install) then close.

    Then reboot into Safe Mode

    As the computer starts up, tap the F8 key several times.

    On the Boot menu Choose Safe Mode.

    Click thu all the prompts to get to desktop.

    At Desktop
    My Computer C: drive. Double-click to open.

    Look for a folder called SD Fix. Double-click to enter SD Fix.

    Double-click to RunThis.bat. Type Y to begin.

    SD Fix does its job.

    When prompted hit the enter key to restart the computer

    Your computer will reboot.

    On normal restart the Fixtool will run again and complete the removal process then say Finished,
    Hit the Enter key to end the script and load your desktop icons.

    Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
    Attach the Report.txt file to your next post.
    Reboot then do the below


    NOTE: If you have had ComboFix more than a few days old delete and re-download.

    Get it here:
    Or here:

    Double click combofix.exe follow the prompts.

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

  15. mflynn

    mflynn TS Rookie Posts: 2,655

    No need to get discouraged yet you are only now following instructions and running everything correctly.

    And you have been a long time responding. So a few more steps and we will make real progress. Don't expect one or two runs to correct this.

    The SDFix and ComboFix if you can run them should break us loose.

  16. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    Well all the steps were fine, up until the combo fix everything was working fine, then it removed a rootkit and a few other things, then it rebooted and this is where the problem arised.

    I am not able to log into my profiles, as soon as i sign in it signs right back out, this is while on safe mode, then on normal mode i sign in and my desktop and start menu will not pop up.

    I felt like it was going to be A breakthrough and now this. I hope you have a solution for this one, or I might have to go get my computer rebooted and deleted
  17. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

  18. rf6647

    rf6647 TS Maniac Posts: 829

  19. Breon88

    Breon88 TS Rookie Topic Starter Posts: 16

    That would be great to use, i wish i could.

    However everytime I log into one of my profiles it logs right back out. Thanks for trying to help me though, I appreciate it!
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...