Popups keep coming.....something is wrong..

By tizerist
Sep 20, 2007
Topic Status:
Not open for further replies.
  1. hi all. I use AVG antivirus and Zonealarm firewall. have done for about a year.
    But recently the pop-up advertisements have come back, something i haven't seen in years. i can't remember how to tighten the belt of the firewall, i've checked it but to no avail.
    i haven't changes any settings.

    please help!!
  2. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    Firewalls are not good at blocking popups. You can block many popups with Internet Explorer 7.1 with changes in the settings. But if you want to have the best success, use Mozilla FireFox 2.0.0.7 at www.mozilla.org. Then check your options, tools, and settings carefully.
    We are heavy users of the internet, but have perhaps three or less popups per week using Firefox, ZoneAlarm, Adaware 2007, SpyBot 14, AVG spy and virus protection, Windows Defender, and the like. Still we have found no way to block spyware except by using Google Gmail.
  3. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :)

    This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  4. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    thanks guys.
    no, i dont want to format or do a fresh clean at the moment. i'm just getting used to my new com as it is.
    i suspect that the "new half-open TCP IP" settings in torrent program BITCOMET may have something to do with it. i adjusted the settings, which i have now put back.

    but i am still getting the occasional "your computer has been infected", "symptoms of your computer slowing down" and "try our new malware scanner" windows. im getting about 5 an hour.

    ill update you now that ive changed the settings. thanks again.
  5. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    Just follow the instructions and post the requested log files once done.

    Regards Howard :)

    This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  6. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    okay thanks. ive just turned my comuter on and its got a red shield in the bottom right saying " no anti-virus detected".

    isa this an example of a threat getting 'behind' the antivirus?

    before i follow those instructions, howard, i'm currently doing an AD-AWARE scan, concurently with a SPYBOT SEARCH AND DESTROY scan.
    If i then re-install AVG anti-virus and Zonealarm, would you think that would be sufficient?

    cheeers aain.
  7. wen9x88

    wen9x88 Newcomer, in training Posts: 116

  8. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +17

    Until you post the requested log files, I can`t say what malware is on your system. Suffice to say I believe your system is infected with various nasties.

    The red shield you are seeing and the fact your getting popups are a dead give away.

    Regards Howard :)

    EDIT: Dont bother with the Bitdefender scan at the moment. It could conflict with your current antivirus and actually make matters worse.

    This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  9. Rik

    Rik Banned Posts: 4,985

    Howard is trying his best to help you out, you really should do as he asks.
  10. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    okay fair enough. here goes.
  11. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    okay, sorry about the wait.
    heres the adaware results. ill do the other ones you mentioned as well shortly. cheers.
  12. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    Items Scanned:375783
    Infections Detected:198
    Infections Removed:0
    Infections Quarantined:0
    Infections Ignored:0

    Why is it that you are not removing or quarantining infestations?

    I would run AVG AntiVirus, and AVG Antispyware, then immediately reboot to Safe Mode, then run them again.
    Then I would download the latest HiJack This, and post the results for the experts her to look at.

    It might be useful to you to read all the stickies on this forum regarding infestations, and such.

    You have a tremendous number of files, then, perhaps because of the sites you visit, you have a lot of junk on there that is apparently not being removed, or blocked.

    But you would likely benefit from the reviews of your logs by such people as Momok, Howard_Hopkinso, and others who know them well.

    Have you considered using a Firewall, such as Kerio, Comodo, or Zone Alarm?
  13. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    bah. it didnt quarantine them! i'll run it again....
     
  14. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    ok heres the AVG anto rootkit scan results

    c/windows/system32/ruejfqdgqn.exe
    C/windows/Prefetch/RUEJFQDGQN.EXE-0B4D93D5.pf
    C/windows/Prefetch/RUEJFQDGQN.EXE-3A7152F5.pf
    C/windows/ruejfqdgqn.dat
    C/windows/ruejfqdgqn.exe
    C/windows/ruejfqdgqn_nav.dat
    C/windows/ruejfqdgqn_navps.dat

    all come under 'hidden files' apart from the first one which is a 'hidden application file'.
    if i go to delrtr them if warns me that this would be irreversable and only do it if i know exactly what i am doing.

    i'll wait to see what you guys say. cheers.
  15. Rik

    Rik Banned Posts: 4,985

    Please note where it says about attachments.

    You are also using an old version of HJT.

    You also have not renamed HJT as per the instructions.



    This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  16. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    apologies.
    2.0.2 report (google showed nothing for 2.0.3, guess it doesnt exist)
    renamed .exe to meme.exe
  17. tizerist

    tizerist Newcomer, in training Topic Starter Posts: 119

    Eeeeeekkkk! this is slipping down the page!!!!

    can someone please tell me what to do with these reports?

    should i clear all the files that AVG antirootkit found?
    what to do with HJT report?

    cheers.
  18. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    Let AVG do its job to remove or quarantine all detected files.
    Then be sure you have the lastest version of HiJack This.
    Then reboot, run AVG in SAFE MODE, which you access by pressing <F8> once per second as soon as you press the start switch.
    Remove or quarantine any additional files AVG finds in SAFE MODE, then reboot once more.
    Now run your newly downloaded version of HiJack This, and post the results here for the experts such as Momok and Howard_Hopkinso to review. They are very good at this.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.