Pop Ups

The Avast Home addition Anti Spyware and has been working successfully for me until yesterday and for some reason I’ve started getting lots of Pop Ups. The pop blocker on my computer is turned on. Does anyone have any suggestions?

You should first try Mbam: http://www.malwarebytes.org/mbam.php

Make a scan and post the created Report.

I suggest:

  1. Disable System Restore and then reenable it again.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM (as raman suggested) or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

Hi Raman I tried the http://www.malwarebytes.org and the created report gives the all clear. Unfortunately I’m still getting the pop ups.

I’ll try your suggestions Tech and see what happens.

Thanks both of you for your help.

Don’t try Tech’s suggestion JUST yet…Most of those steps are for after-diagnosis.

I think your getting spammed through Windows Messanger (very common as of late)

Go into My computer\control panel\administrative tools\Services\ and navigate to Windows Messanger (messanger), and then turn it off (disable)

Tell me if they stop…

hi
good suggestions everybody
but
what are these pop ups?
not
your computer is infected type of thing-
if so mbam should have got it but I gotta ask

In fact, I think they’re for diagnosis and cleaning and not after-diagnosis ???

The next step would be Combofix:

You do not need to install the Recovery Console. Be sure to disable all AV/AS Guards while using it
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

No, ComboFix can be dangerous if a computer is not infected Same as with SmitFraudFix and VundoFix

Tech: Yes, downloading unnecessary programs and disabling system restore is for diagnosis, even when MBAM did not report anything. You shouldn’t tell people to take certain medicine when they aren’t diagnosed.

neways

Did turning of the messanger help??

First, the PC is infected and CF isn´t more dangerouse than other Tools or flood an infected System with more installations. fisher can use the option /skipfix, or use RSIT*.

But of course fisher its your choice, because its your PC and noone is able to say what willl happen using the tools and tips given here.

[*]Download random’s system information tool (RSIT) by random/random from here and save it to your desktop.[*]Double click on RSIT.exe to run RSIT.[*]Click Continue at the disclaimer screen.[*]Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Probably the most “dangerous” thing here is disabling System Restore. What happens if the computer doesn’t start? :o

First, the PC IS NOT Infected as told by MBAM and AVAST.

Second, ComboFix IS DANGEROUS as it can damage the registry and in some cases MAKE THE SYSTEM UNBOOTABLE.

This is EITHER AN ADBOT, WHICH IS COMMON, and it not detected by most AVs, for which you can remove with Spybot - Search and Destroy from here www.safer-networking.org, or you could download Lavasoft Ad-Aware.

OR THIS IS SPAMMING OF windows messanger <<<More likely, which fisher can take my earlier advice on.

Yes, thats possible, as any other Programm or tool can do this. Combofix makes many Backups bevor start scanning or cleaning. It Backups the Registry, make Backups of any registrykey it deletes, any file it deletes and also create a systemrestorepoint.

OR THIS IS SPAMMING OF windows messanger <<<More likely, which fisher can take my earlier advice on.

Yes, i hope he will answer that.

Looks like he is gone…

I hate it when people ask for help and never come back :frowning:

It’s only been about a day.
Some fairly good ideas, here, guys, but it does seem to me that some respondents are leaping to worst-case-scenario-type responses, which may or may not be appropriate, and, as indicated, one or two of them could do harm without the appropriate guidance.

What’s needed first is a proper diagnosis.

fisher
What is the text in these popups? As much detail as possible, please, a screenshot if you can.
What browser do you use? If you have another browser, does it still get the popups?
What OS, and what firewall do you use?

I’m sorry I haven’t replied sooner.

I tried most of your suggestions without any success. I was also beginning to experience an increase in virus infections on my computer.

When I read what Targ57 wrote (Do the Pop Ups happen with another browser) I had never thought about switching browsers so I decided to download a different browser. The one I chose is the new Google chrome browser. Since the download it’s solved my problem with the Pop Ups. I can only assume it was my internet browser which was infected.

Thanks everyone for your suggestions and help

Don’t think that’s completely solved your problems, fisher. It maybe has narrowed them down a bit.
Fairly interested to have the questions back over the page answered, if you are able, and that might nail it down a bit.
Also very interested to know what you mean when you talk about an increase in virus infections. What infections? How did these present? (symptoms, messages, things not working/bits falling off etc etc.)
Hope you had a good read of the Google privacy agreement, which is spoken of elsewhere here, and at many other forums. I mean, if you’re happy with it, fine, it’s up to you. But I wouldn’t touch it. (Nor would I blame anyone for not understanding the agreement. But you can bet your a$$ that the lawyers would not be so generous, if it came down to it.)