Im not sure what really caused the problem. I seem to have ran into a virus where pop ups plague my computer. All of my pop up blockers are on and the same pop ups keep coming back indefinitely. Ive ran malwarebytes anti malware several times. When infected files are found i delete them, reboot my computer, and the pop ups return. Someone please help it will be greatly appreciated!
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Pop Up / Spyware Virus
- Thread starter Breon88
- Start date
- Status
- Not open for further replies.
OK open MBAM and attach back the last 2 logs!
Also: Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Get us an updated SAS run and log. And a HJT log.
Mike
Also: Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Get us an updated SAS run and log. And a HJT log.
Mike
It appears i acted to rashly. I went ahead and ran MBAM and restarted my computer and now i cant use the start button or any other program. Sometimes the start menu does not even show. I have tried to run MBAM again or any other program and right before it gets to quarantining and deleting the computer freezes. This continues to happen over and over, and now i cant use my laptop.
Please someone help
Please someone help
OK Boot to Safe Mode with Networking!
1. Go here: https://www.techspot.com/vb/topic118177.html Do the Copy Paste operation to the Command Prompt.
2. Then do this https://www.techspot.com/vb/post684649-3.html
Note you can not rename Fixit.zip by clicking the Name/Label you must rt click and chose properties and rename from there.
When it reboots from fixit F8 again to Safe Mode Networking and UPDATE and run both MBAM and SAS attach logs. Then a new HJT log after the above are run.
Then boot back to normal while waiting for logs to be read!
Mike
1. Go here: https://www.techspot.com/vb/topic118177.html Do the Copy Paste operation to the Command Prompt.
2. Then do this https://www.techspot.com/vb/post684649-3.html
Note you can not rename Fixit.zip by clicking the Name/Label you must rt click and chose properties and rename from there.
When it reboots from fixit F8 again to Safe Mode Networking and UPDATE and run both MBAM and SAS attach logs. Then a new HJT log after the above are run.
Then boot back to normal while waiting for logs to be read!
Mike
I could not edit and attach my post, I have to download SAS in my administrator profile. I can not download SAS in safe mode it say administrator will not allow this tool. I thought I was the administrator , and I cannot return to regular mode since the virus is still present.
Attachments
OK so you are running with a very old version. Even this is better than nothing.
Except you just exited without selecting next and deleting the Malware so you cleaned nothing.
So run again select and delete all. Then run again and it will likely find more delete those.
Also when rebooting hit the F8 key and chose Safe Mode with networking. Regular Safe Mode will not allow internet access but Safe Mode with Networking will.!
See http://www.computerhope.com/issues/chsafe.htm
Mike
Except you just exited without selecting next and deleting the Malware so you cleaned nothing.
So run again select and delete all. Then run again and it will likely find more delete those.
Also when rebooting hit the F8 key and chose Safe Mode with networking. Regular Safe Mode will not allow internet access but Safe Mode with Networking will.!
See http://www.computerhope.com/issues/chsafe.htm
Mike
Thanks I appreciate your help Mike.
I have been running in safe mode with networking since your first response to the problem.
I am not able to install SAS while in safe mode, normal mode is still not working.
I have used MBAM twice back to back to scan for problems and then restarted my computer as it requested still no change. Antivirustrigger is still active as well as fake virus alerts
I have been running in safe mode with networking since your first response to the problem.
I am not able to install SAS while in safe mode, normal mode is still not working.
I have used MBAM twice back to back to scan for problems and then restarted my computer as it requested still no change. Antivirustrigger is still active as well as fake virus alerts
You may have run mbam multiple times but you are not deleting what it found. You actually need to click next and answer yes to delete the malware. All you are doing is finding and exiting. You are not cleaning!
That is why if you look you will see "No Action taken" in the log file.
You need to run MBAM again and when it finds you must chose to delete the malware before you close MBAM!
Do MBAM 2 times in a row check the log yourself. It will say Deleted or Quarantined at the end of each line that has Malware. Reboot if it asks you too!
After the 2nd run try to update MBAM and if it updates you must run it again because the updates will likely find more.
Mike
That is why if you look you will see "No Action taken" in the log file.
You need to run MBAM again and when it finds you must chose to delete the malware before you close MBAM!
Do MBAM 2 times in a row check the log yourself. It will say Deleted or Quarantined at the end of each line that has Malware. Reboot if it asks you too!
After the 2nd run try to update MBAM and if it updates you must run it again because the updates will likely find more.
Mike
HAPPY HOLIDAYS
For some reason, I cannot update MBAM in safe mode, its saying a firewall is present, but my firewalls are down.
Ive also dont see a delete all option after the scan is complete, i just see a remove option or ignore a few others but these are the most important.
I believe that most of these virus/spyware are quarantined ive check the quarantine section and thats where they are? Is this the problem?
For some reason, I cannot update MBAM in safe mode, its saying a firewall is present, but my firewalls are down.
Ive also dont see a delete all option after the scan is complete, i just see a remove option or ignore a few others but these are the most important.
I believe that most of these virus/spyware are quarantined ive check the quarantine section and thats where they are? Is this the problem?
Nope I can plainly see they are not in Quarintine!
Use the remove option!!!!
Run MBAM even without updates (use remove option) . Then run it again (use remove option)! Post both logs.
Then try to do the 2 below operations.
----------------------------------------------------------------------------------------------------------------------------------
D/L Xclean_Micro http://www.xblock.com/download/xclean_micro.exe
No install, just run it delete all it finds decline to reboot on each item found, until the program finishes then reboot.
Xclean will run minimized and will pop up a window if it finds anything. If it finds nothing it will exit.
Please make a note of what it found if any as it has no log.
If it finds several things reboot to Safe Mode and run again before continuing below.
Malware Removal Tool by Joe Pestro http://majorgeeks.com/Malware_Removal_Tool_d4632.html This tool will run almost instantly if it finds nothing.
After all above try updating MBAM again, if it updates then run it again with the new updates and attach new log.
Mike
Use the remove option!!!!
Run MBAM even without updates (use remove option) . Then run it again (use remove option)! Post both logs.
Then try to do the 2 below operations.
----------------------------------------------------------------------------------------------------------------------------------
D/L Xclean_Micro http://www.xblock.com/download/xclean_micro.exe
No install, just run it delete all it finds decline to reboot on each item found, until the program finishes then reboot.
Xclean will run minimized and will pop up a window if it finds anything. If it finds nothing it will exit.
Please make a note of what it found if any as it has no log.
If it finds several things reboot to Safe Mode and run again before continuing below.
Malware Removal Tool by Joe Pestro http://majorgeeks.com/Malware_Removal_Tool_d4632.html This tool will run almost instantly if it finds nothing.
After all above try updating MBAM again, if it updates then run it again with the new updates and attach new log.
Mike
I ran MBAM in safe mode,I have attached the 2 logs, I will now do the scan u advised me about this will be in safe mode as well normal mode is still not working properly.
I have ran xcleaner i was not able to post the first thing it found, i removed it 2 quickly here is what all came up:
Detected FlashTrack:
Registry Keys (Software) (1) :
HKEY_CURRENT_USER\Software\XML
Detected SystemDoctor 2006:
CLSIDs (1) :
{09f1adac-76d8-4d0f-99a5-5c907dadb988}
Registry Keys (1) :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988}
I malware removal tool did not work, it said parent key could not be found. The system still has Anti virus trigger, and run virus scan icons. Also the same fake alert is still present. I honestly am getting discouraged, thanks again for all your help Mike
I have ran xcleaner i was not able to post the first thing it found, i removed it 2 quickly here is what all came up:
Detected FlashTrack:
Registry Keys (Software) (1) :
HKEY_CURRENT_USER\Software\XML
Detected SystemDoctor 2006:
CLSIDs (1) :
{09f1adac-76d8-4d0f-99a5-5c907dadb988}
Registry Keys (1) :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988}
I malware removal tool did not work, it said parent key could not be found. The system still has Anti virus trigger, and run virus scan icons. Also the same fake alert is still present. I honestly am getting discouraged, thanks again for all your help Mike
OK we will get to normal mode later.
Every time until I tell you boot to Safe Mode Networking.
For now we want to clean all we can and it will break things loose.
Try this next only after doing all you can of the above.
Download SD Fix to Desktop among other things Catchme to look for RootKits.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
On Desktop run SDdFix It will run (install) then close.
Then reboot into Safe Mode
As the computer starts up, tap the F8 key several times.
On the Boot menu Choose Safe Mode.
Click thu all the prompts to get to desktop.
At Desktop
My Computer C: drive. Double-click to open.
Look for a folder called SD Fix. Double-click to enter SD Fix.
Double-click to RunThis.bat. Type Y to begin.
SD Fix does its job.
When prompted hit the enter key to restart the computer
Your computer will reboot.
On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.
Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Attach the Report.txt file to your next post.
=========================================
Reboot then do the below
ComboFix
NOTE: If you have had ComboFix more than a few days old delete and re-download.
Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe
Double click combofix.exe follow the prompts.
When finished, it will open a log.
Attach the log and a new HJT log in your next reply.
Note: Do not click combofix's window while its running. That may cause it to stall.
Mike
Every time until I tell you boot to Safe Mode Networking.
For now we want to clean all we can and it will break things loose.
Try this next only after doing all you can of the above.
Download SD Fix to Desktop among other things Catchme to look for RootKits.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
On Desktop run SDdFix It will run (install) then close.
Then reboot into Safe Mode
As the computer starts up, tap the F8 key several times.
On the Boot menu Choose Safe Mode.
Click thu all the prompts to get to desktop.
At Desktop
My Computer C: drive. Double-click to open.
Look for a folder called SD Fix. Double-click to enter SD Fix.
Double-click to RunThis.bat. Type Y to begin.
SD Fix does its job.
When prompted hit the enter key to restart the computer
Your computer will reboot.
On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.
Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Attach the Report.txt file to your next post.
=========================================
Reboot then do the below
ComboFix
NOTE: If you have had ComboFix more than a few days old delete and re-download.
Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe
Double click combofix.exe follow the prompts.
When finished, it will open a log.
Attach the log and a new HJT log in your next reply.
Note: Do not click combofix's window while its running. That may cause it to stall.
Mike
No need to get discouraged yet you are only now following instructions and running everything correctly.
And you have been a long time responding. So a few more steps and we will make real progress. Don't expect one or two runs to correct this.
The SDFix and ComboFix if you can run them should break us loose.
Mike
And you have been a long time responding. So a few more steps and we will make real progress. Don't expect one or two runs to correct this.
The SDFix and ComboFix if you can run them should break us loose.
Mike
Well all the steps were fine, up until the combo fix everything was working fine, then it removed a rootkit and a few other things, then it rebooted and this is where the problem arised.
I am not able to log into my profiles, as soon as i sign in it signs right back out, this is while on safe mode, then on normal mode i sign in and my desktop and start menu will not pop up.
I felt like it was going to be A breakthrough and now this. I hope you have a solution for this one, or I might have to go get my computer rebooted and deleted
I am not able to log into my profiles, as soon as i sign in it signs right back out, this is while on safe mode, then on normal mode i sign in and my desktop and start menu will not pop up.
I felt like it was going to be A breakthrough and now this. I hope you have a solution for this one, or I might have to go get my computer rebooted and deleted
This appears to need to go back to the system restore point created by ComboFix.
How to start the System Restore tool by using the safe mode option with the Command prompt in Windows XP
How to start the System Restore tool by using the safe mode option with the Command prompt in Windows XP
- Status
- Not open for further replies.
Similar threads
- Replies
- 25
- Views
- 5K
Latest posts
-
New Affordable AMD B650 Motherboard Roundup
- Resonator replied
-
Logitech thinks the computer mouse needs an AI upgrade- dangh replied
-
-
How to flash a os on hard drive partition
- Artsu replied
-
Pioneer's latest Blu-ray drive caters to disc diehards
- Michiel replied
-
TechSpot is dedicated to computer enthusiasts and power users.
Ask a question and give support.
Join the community here, it only takes a minute.