Getting a lot of popups

By sunny1120 · 6 replies
Nov 24, 2008
  1. Can you guys please help me with the following.

    I was getting lot of popup windows all of a sudden on my laptop yesterday .When i ran yahoo spyware it showes lot of Tracking cookies and also darksma downloader.

    Luckily i found this website and performed all the 8 Steps to clean Spyware and now i do not see Darksma but still see lot of Tracking cookies also do not see lot of pop up windows now(Still getting).

    attaching all the Logs here.Can you guys please let me know if my laptop is treated now or still infected.

    Really appreciate your help.


    Moderator edit:
    Removed pasted log
    All logs must be attached
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Sunny, I'd like to make an observation- it may be a while before someone can get to your logs. I looked at them You are badly infected and you have WAY too many programs and processes loading! It takes hours to go through logs of such a length- Franky I don't know that I've even seen a computer with so much "stuff" on it!

    Some of the infections found require a reboot to remove. Did you do that?
    There is malware in the System Restore points. Do Not use system restore.

    You are running an enormous number of Lenova processes. Are you using all of them? Or did they just come with the computer?

    You also have both McAfee and Symantec antivirus. You should only have one AV program.

    You show connections through both Comcast and Verizon and you have a VPN through Nortel.

    It might do you well to review the programs you have installed in Add/Remove Programs in the Control Panel> Uninstall those you don't use. If you don't know what a program is or does, look it up and decide if you're using it.
  3. sunny1120

    sunny1120 TS Rookie Topic Starter


    Thanks Bobbye.

    All the Lennovo processes came with the computer. I have not installed any process.
    I had Symantc antivirus and i have un installed it and installed Macafee.I do not know why the log is still showing symantec info.

    Yes, i use Nortel VPN connection to connect to the client.

    I have uninstaqlled all the unused programs as far as i know(except the ones which came with the Laptop) before generating the Hijakthis Log.

    Before running the Hikack this log i ran Malaware bytes and Super antispyware and currently i do not get any popups.

    Please suggest me to get rid of thease infections.Really appreciate your help.

  4. rf6647

    rf6647 TS Maniac Posts: 829

    It appears that you did not react to the findings in MBAM. A restart of the computer was needed. This explains HJT scan still detects it.
    Update MBAM & SAS.

    Scan with MBAM - twice. React to 'reboot' if present in the log. The repeat will confirm the cleaning & inform if other infections have been uncovered.

    Scan with SAS & HJT.

    Post logs & describe progress & symptoms still present.
  5. sunny1120

    sunny1120 TS Rookie Topic Starter

    updated HJT Log

    Thanks rf6647.

    Please find the updated HJT log as an attachment.

    Ran HJT after removing the programs which i know and after running MBAM and SAS .

    Please let me know if this log looking any better.

    appreciate your help.

  6. rf6647

    rf6647 TS Maniac Posts: 829

    From a malware perspective, your HJT log shows the threat removed. Additionally, O17 entries associated with IPs controlled by Verizon were removed. I cite this because O17 changes are almost never needed and most often are a direct threat. Sometimes they are an 'easy' accommodation and a sacrifice of some security. I do not expect this will effect your internet connections with Verizon sites.

    It appears you chose to remove Symantec/Norton protections. This link is the 'Scrubber tool' that removes all remants.

    I borrow the text from Blind Dragon for clearing System Restore from infected copies ( this is the pretty view)
    Bobbye may revisit your startup applications if you express the desire to continue pursuing it. The HJT O4 list is a starting point. Go after the fluff stuff first. Each application under menus for properties/tools/options/etc. should offer a tick-box to withhold it from the startup list and another tick-box to turn off automatic updates. Choose this link if you want to do it yourself
  7. sunny1120

    sunny1120 TS Rookie Topic Starter

    Thanks a bunch and Next steps please

    Thanks a lot rf6647 and Bobbye.You guys really saved me.struggled 2 days before visiting this site.

    rf6647, as you said Will be clearing the infected restore points and create a new one.

    Bobbye,Can you please help me when you get a chance with the startup applications from the latest Hijack log to see if every thing is fine?

    Also i am not getting any popups now. That means is this laptop cured?

    Really apreciate your help.

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...