Something keeps trying to connect me to sites

You need to attach the requested log from MGtools so that we can help you.

 

You have Spybot installed, but it appears that you may not have used the Immunize feature. Please run it now and Immunize your PC. Make sure you do not stop (TrendMicro may complain) it from Immunizing the hosts file.


Please download and run the below tool since you still seem to have some of Nortons stuff installed:

Norton Removal Tool (SymNRT)

Then download the current version of FireFox from here: Mozilla Firefox Do not install yet.

Then I want you to uninstall the current version of FireFox that you have installed. Then delete the C:\Program Files\Mozilla Firefox folder.

Now reboot!!! After reboot, install the new version of FireFox.

Are you still having problems?

 

Please answer all of the below questions:

1. Do the popups occur if you use IE instead of FireFox?
2. Do the popups occur if you boot in safe mode and run FireFox?
3. Are the popups from your firewall? Can you post a snapshot of one (make sure it is legible. Only capture the popup not the whole screen).

Please run this Using BitDefender Online Scan and attach the reuqested log. Follow the instructions properly. You should be renaming the HTML file into a text file so that it can be uploaded.

 

That address is to some kind of proxy hosting company. Do you or anyone else using this PC use a proxy server? Is this a home PC or a company owned PC? Does Performance Systems International mean anything to you?


Please do the below.


Flush Java Cache


Click Start > Control Panel and select Programs and double click the Java icon (be patient, it may take a while to open) Now click the General tab and under the Temporary Internet File area Click the Settings button and then click the Delete Files... button. In the next popup click OK.

If you have multiple Java plugin icons in Control Panel follow the above to clear all their caches


Flush FireFox Cache



To flush your FireFox Cache:

• click Tools
• select Options
• select Privacy
• in the section labeled Private Data click Clear Now

Flush Internet Explorer Cache



To flush your Internet Explorer Cache:

• click Tools
• Internet Options
• Now on the General tab and click Delete Files and select Delete all Offline content too
• Click OK.
• When it finishes Click OK.

Flush DNS Server

Click Start > Run and type in cmd

• Click OK.
• This will open a command prompt.
• Type or copy and paste the following line in the command window:
  ipconfig /flushdns
• Hit Enter
• Exit the command window

Please run the C:\MGtools\GetLogs.bat file by double clicking on it.


Then attach the below log

• C:\MGlogs.zip

Are you still seeing this popup in your firewall? When exactly does it happen? Does it happen only when FireFox is first open or does it happen at later times too? Does it happen as new tabs are opened? Does it happen with each site you goto? What Addons have you installed in FireFox?

 

Disable all of your FireFox AddOns and then see what happens.

 

Enable them one at a time to see which one or which ones are the cause.

There is nothing wrong with FireFox. Just like IE, when you allow things to be added onto the browser, you have to be aware of what you are adding and the effects. There is no real proof that anything is really wrong with the software causing your firewall popup. It could just be checking for a required update or it could be part of how the software works to get info. If you told you firewall to block that and always do the same thing, it should not be asking you all the time. If you did that, does the addon that is causing it still appear to work as desired?

Not sure what you mean? A fix to what?

 

Actually we don't normally recommend doing this as stated in the READ & RUN ME where we say

It is not that is necessarily a problem using the Issues tab, but it could be and in most cases it is better to not fix it if it is not broken.

You're welcome.


If you are not having any other malware problems, it is time to do our final steps:

1. You can uninstall SUPERAntiSpyware now.
2. We recommed you keep Malwarebytes Anti-Malware as a scanner. It uses no resources except a little disk space until you run a scan.
4. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\cf" /u
     • Notes: The space between the cf" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\cf folder from combofix.
5. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
6. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
7. If we had you run Avenger, you can delete all files related to Avenger now.
8. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
9. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
10. Go to add/remove programs and uninstall HijackThis.
11. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
12. If you are running Vista, Windows XP or Windows ME, do the below:
    • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.
13. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!