Popups keep coming.....something is wrong..

[tizerist]

hi all. I use AVG antivirus and Zonealarm firewall. have done for about a year.
But recently the pop-up advertisements have come back, something i haven't seen in years. i can't remember how to tighten the belt of the firewall, i've checked it but to no avail.
i haven't changes any settings.

please help!!

 

[raybay]

Firewalls are not good at blocking popups. You can block many popups with Internet Explorer 7.1 with changes in the settings. But if you want to have the best success, use Mozilla FireFox 2.0.0.7 at www.mozilla.org. Then check your options, tools, and settings carefully.
We are heavy users of the internet, but have perhaps three or less popups per week using Firefox, ZoneAlarm, Adaware 2007, SpyBot 14, AVG spy and virus protection, Windows Defender, and the like. Still we have found no way to block spyware except by using Google Gmail.

 

[howard_hopkinso]

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard

This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[tizerist]

thanks guys.
no, i dont want to format or do a fresh clean at the moment. i'm just getting used to my new com as it is.
i suspect that the "new half-open TCP IP" settings in torrent program BITCOMET may have something to do with it. i adjusted the settings, which i have now put back.

but i am still getting the occasional "your computer has been infected", "symptoms of your computer slowing down" and "try our new malware scanner" windows. im getting about 5 an hour.

ill update you now that ive changed the settings. thanks again.

 

[howard_hopkinso]

Just follow the instructions and post the requested log files once done.

Regards Howard

This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[tizerist]

okay thanks. ive just turned my comuter on and its got a red shield in the bottom right saying " no anti-virus detected".

isa this an example of a threat getting 'behind' the antivirus?

before i follow those instructions, howard, i'm currently doing an AD-AWARE scan, concurently with a SPYBOT SEARCH AND DESTROY scan.
If i then re-install AVG anti-virus and Zonealarm, would you think that would be sufficient?

cheeers aain.

 

[wen9x88]

try this if you still have Popups keep coming.
bitdefender
http://www.bitdefender.com/world/Main/view/Download-Free-Products.html

 

[howard_hopkinso]

Until you post the requested log files, I can`t say what malware is on your system. Suffice to say I believe your system is infected with various nasties.

The red shield you are seeing and the fact your getting popups are a dead give away.

Regards Howard

EDIT: Dont bother with the Bitdefender scan at the moment. It could conflict with your current antivirus and actually make matters worse.

This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Rik]

Howard is trying his best to help you out, you really should do as he asks.

 

[tizerist]

okay fair enough. here goes.

 

[tizerist]

okay, sorry about the wait.
heres the adaware results. ill do the other ones you mentioned as well shortly. cheers.

 

[raybay]

Items Scanned:375783
Infections Detected:198
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0

Why is it that you are not removing or quarantining infestations?

I would run AVG AntiVirus, and AVG Antispyware, then immediately reboot to Safe Mode, then run them again.
Then I would download the latest HiJack This, and post the results for the experts her to look at.

It might be useful to you to read all the stickies on this forum regarding infestations, and such.

You have a tremendous number of files, then, perhaps because of the sites you visit, you have a lot of junk on there that is apparently not being removed, or blocked.

But you would likely benefit from the reviews of your logs by such people as Momok, Howard_Hopkinso, and others who know them well.

Have you considered using a Firewall, such as Kerio, Comodo, or Zone Alarm?

 

[tizerist]

Why is it that you are not removing or quarantining infestations?

bah. it didnt quarantine them! i'll run it again....

 

[tizerist]

ok heres the AVG anto rootkit scan results

c/windows/system32/ruejfqdgqn.exe
C/windows/Prefetch/RUEJFQDGQN.EXE-0B4D93D5.pf
C/windows/Prefetch/RUEJFQDGQN.EXE-3A7152F5.pf
C/windows/ruejfqdgqn.dat
C/windows/ruejfqdgqn.exe
C/windows/ruejfqdgqn_nav.dat
C/windows/ruejfqdgqn_navps.dat

all come under 'hidden files' apart from the first one which is a 'hidden application file'.
if i go to delrtr them if warns me that this would be irreversable and only do it if i know exactly what i am doing.

i'll wait to see what you guys say. cheers.

 

[Rik]

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Please note where it says about attachments.

You are also using an old version of HJT.

You also have not renamed HJT as per the instructions.



This thread is for the use of tizerist only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[tizerist]

apologies.
2.0.2 report (google showed nothing for 2.0.3, guess it doesnt exist)
renamed .exe to meme.exe

 

[tizerist]

Eeeeeekkkk! this is slipping down the page!!!!

can someone please tell me what to do with these reports?

should i clear all the files that AVG antirootkit found?
what to do with HJT report?

cheers.

 

[raybay]

Let AVG do its job to remove or quarantine all detected files.
Then be sure you have the lastest version of HiJack This.
Then reboot, run AVG in SAFE MODE, which you access by pressing <F8> once per second as soon as you press the start switch.
Remove or quarantine any additional files AVG finds in SAFE MODE, then reboot once more.
Now run your newly downloaded version of HiJack This, and post the results here for the experts such as Momok and Howard_Hopkinso to review. They are very good at this.