ads popping up

tiamarie223 · Oct 30, 2012

My brother-in-law was having some problems with his laptop and asked me to look at it. Ads are popping up in the lower right and left corner of webpages. Avast was also blocking the use of google chrome, google.com and majorgeeks as malicious. There may have been more sites but those are the ones I know of for sure. I ran a scan with avast. It found some things and asked to restart and run another scan before windows was fully loaded. I did that and was able to use chrome and access google.com and majorgeeks. The ads are still popping up on some webpages.
http://i45.tinypic.com/301lyq9.jpg

I have run the Read & Run me first. Attached are the logs. For some reason there are 2 TDSSKiller logs, possibly because it had to restart? I will attach the MGlogs.zip as a reply.

Thank you for any and all help.

tiamarie223 · Oct 30, 2012

MGlogs

TimW · Oct 30, 2012

Have you installed pop up blockers for your browsers?

Please uninstall Ask Toolbar

Run this: Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these detections:

[STARTUP][SUSP PATH] iBarioGames.lnk @All Users : C:\Documents and Settings\Carole\Local Settings\Temporary Internet Files\Content.IE5\88A00LZX\iBarioGames[1].exe -> FOUND
[STARTUP][SUSP PATH] iBarioGames.lnk @Common : C:\Documents and Settings\Carole\Local Settings\Temporary Internet Files\Content.IE5\88A00LZX\iBarioGames[1].exe -> FOUND

Place a checkmark each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Do not reboot your computer yet.

Now run Hitman and have it fix everything it finds.

After a reboot, rescan with both RogueKiller and Hitman and attach both those logs as well.

Then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Attach the new C:\MGLogs.zip and tell me how things are running.

tiamarie223 · Oct 30, 2012

It's not my laptop, but I don't believe he has installed pop up blockers for the browsers.
I could not find the ask toolbar in the uninstall menu (I also looked in ccleaner's uninstall list and couldn't find it there either.)

I believe I followed all of the directions correctly. I have an extra RK report, not sure why.

TimW · Oct 31, 2012

I need you to rescan with RogueKiller and attach that log so I can be sure the items were removed. And then I asked you to re-run the C:\MGtools\GetLogs.bat file and attach the new C:\MGLogs.zip.

Log in or Sign up

ads popping up

tiamarie223 Private E-2

Attached Files:

RKreport[1].txt

mbam-log-2012-10-29 (23-06-43).txt

TDSSKiller.2.8.13.0_29.10.2012_23.27.13_log.txt

TDSSKiller.2.8.13.0_29.10.2012_23.34.45_log.txt

HitmanPro_20121029_2344.log

tiamarie223 Private E-2

Attached Files:

MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

tiamarie223 Private E-2

Attached Files:

RKreport[2].txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member