Celldorado popups

Welcome to Major Geeks!

You need to complete ALL of the steps in the READ & RUN ME and the must be run in the order given. Based on what I see, you skipped part of step 1 as you did not uninstall old Sun Java versions and update to the new version and you did not uninstall Viewpoint Media Player. See step 1. Uninstall the below now:

Java 2 Runtime Environment, SE v1.4.2_03
Viewpoint Media Player

Also you never even ran ComboFix. So start from the point of ComboFix and continue thru to the end and attach all of the requested logs which are:

• C:\ComboFix.txt
• log from AVG Antispyware that you need to create per the instructions
• C:\MGlogs.zip

 

You forgot to attach the new MGlogs.zip file. It needs to be a new log since you had not run all the prior steps before you posted MGlogs.zip in your first message. You can get this new log by doing the below.

Run the C:\MGtools\GetLogs.bat file by double clicking on it. Make sure you wait until it is finished running! Then attach the new C:\MGlogs.zip file that will be created.

Also note that you did not follow the instructions for using ComboFix. You ran it from here:

C:\Documents and Settings\Heather Mayers\My Documents\My Downloads\ComboFix.exe

The instructions clearly state that it MUST BE saved on your Desktop. If you do not follow our instructions properly, it could cause problems at a later time.

Also are you still having issues after running ComboFix and AVG Antispyware?

 

1. Do the popups only occur when accessing certain websites?
2. What browswer are you surfing with?
   • Have you tried another browser (like try both IE and FireFox)?
   • Does it happen with both browsers?
3. Can you access the internet in safe mode? If yes, then try surfing in safe mode and tell me if you still get popups.
4. Are you using any P2P or Torrent type downloading programs? If so, make sure they are shutdown or uninstalled.

If you look in the below folder:

C:\Documents and Settings\Heather Mayers\Application Data

Do you see any files anything like below? The first part of the file name may be different.

Please download Navilog1

• Right-click and Extract all to the Desktop
• Double click on navilog1.exe to install
• When the installation is complete, the tool starts automatically. (If it doesn't start automatically, please double click on the Navilog1 shortcut on the Desktop)
• From the language menu, press E for English
• In the next menu, type 1 to select Search and press Enter (Please wait for the Scan to finish (It may take a while)
• Press any key as requested

The tool produces a document: fixnavi.txt, saved in C:\fixnavi.txt
Attach the C:\fixnavi.txt log to your next message.

 

Okay if your are not having anymore problems then do the below. If you are having problems then you should do what was given in msg # 6.

If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix then UNINSTALL COMBOFIX (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN
   • Now type combofix /u in the runbox and click OK.
   • Note: The space between the X and the /U, it must be there.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
5. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
6. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
7. If we had you run Avenger, you can delete all files related to Avenger now.
8. If we had you run RenV.exe, you can delete it and the Log.txt file on your Desktop.
9. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
10. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
11. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
12. If you are running Windows XP or Windows ME, do the below:
    • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.
13. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!