Bloody pop-ups!!! please help

Please follow the steps below:

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis

 

It does not look like you ran ALL of the READ & RUN ME. I do not see evidence of multiple online scanners being run and I cannot tell that Spybot has been installed and run.

You should also run this Disable/Remove Windows Messenger to disable Windows Messenger.

 

The instructions in the READ & RUN ME are written for a reason and we do need them to be followed. You should have already run Spybot before your first message was posted. You said you followed the instructions!!!!

If you are still having problems, go back and run ALL steps in the order written of the READ ME. Make sure you use Spybot's SDhelper and Immunize features.

If you still have any problems afterwards, explain what they are.

 

In my previous message I repeated the below:

which is also in the READ ME. Is there a reason you are not doing this? If you did this, the SDhelper function would show as an O2 BHO line in your HJT log. I do not see it, thus it appears to me that either Spybot was not installed and run or you just did not follow the instructions.

Also you still have not run at least two online scanners per step 5. Only BitDefender shows as being run.

At anyrate, your log is clean other than: C:\Program Files\Kazaa Lite K++\KazaaLite.kpp

A clean HJT this log does not necessary mean a PC is free of malware. It just means nothing in what HJT has the ability to report is a problem.

 

Yes it is called: Resident "SDHelper" (Internet Explorer bad download blocker) and it should be checked by default when you first install Spybot which is what we request in the sticky. You can find it in Advanced Mode under Tools and Resident!

If you are only seeing 150 bad products blocked you either have the wrong version of Spybot or you have not installed the updates.

 

Under the Mode, Advanced, Tools, Resident area there are two check boxes that can be checked. One is for SDhelper.

I have 8226 bad products blocked with the latest update to Spybot.

What version of Spybot do you have and what is the last detections date?

 

Remember message # 2, where I said:

Our directions are important. Neglecting them always causes problems.

And now you can see the line I was referring to:
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

Your log is clean! Are you having any other malware problems? If not then it is time to work thru the below link:

How to Protect yourself from malware!