still getting pop up messages

Discussion in 'Malware Help (A Specialist Will Reply)' started by vega, May 31, 2006.

  1. vega

    vega Private E-2

    I ran all the recomended tools from safe mode and deleted all the unneeded keys from the HKLM/run, HKLU/run parts of the registry but still getting pop ups
    I don't think I have smitfraud I ran the cleaner in safe mode

    It looks helpless

    Edit: HJT log removed so steps in guide can be followed

    any help appreciated
     
    Last edited by a moderator: May 31, 2006
    vega, May 31, 2006
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    If you have not followed our guide then please do so as its pretty specific as to the order that the software needs to be run.


    Please follow our standard cleaning procedures which are necessary for us to provide you support, they cover specific order of running the cleaning applications as HJT is a last resort and mop up program, Also there are steps included for installing, running, and posting HijackThis logs as attachments.


    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.


    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

    Downloading, Installing, and Running HijackThis


    When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
    • Bitdefender
    • Panda Scan
    • HijackThis
    .


    Please follow the directions in step 7 for installing HijackThis correctly. You have it here:
    C:\Documents and Settings\Owner\My Documents\henry\hijackthis\HijackThis.exe

    That is exactly where step 7 specifies not to install it, so please re-run and attach as described :)
     
    DavidGP, May 31, 2006
    #2
  3. vega

    vega Private E-2

    I reinstalled hijackthis to C:\Program Files\HJT and reran it
     

    Attached Files:

    vega, May 31, 2006
    #3
  4. Shadow_Puter_Dude

    Shadow_Puter_Dude MG Authorized Malware Fighter

    There is a lot missing from your log. Things I would expect to see from running our procedure. There is no signs of an infectrion in your log, and you shouldn't be fixing things with HijackThis without guidance, you can can break your OS by fixing the wrong lines.
     
    Shadow_Puter_Dude, May 31, 2006
    #4
  5. vega

    vega Private E-2

    well I ran the following tools:

    Microsof malicious romoval tool: no spyware found
    Microsoft defender: no spyware found
    _______________________________________________
    Spybot search and destroy: found following cokies:

    Avenue A,inc
    Advertising.com
    DoubleClick
    FastClick
    HitBox
    _______________________________________________
    Sunbelt CounterSpy
    found and removed some spyware but I was still getting pop ups after that
    see the report in the attachement
    _______________________________________________
    Bitdefender: no viruses found
    see the report in the attachement
    _______________________________________________
    Panda Scan Platuinum
    found some spyware and cokies
    see the report in the attachement
    _______________________________________________
    Finally I'm including the HijacjThis log again

    Just want to mention that the zango was comming back after every scan
    also I'm browsing the web with Firefox and the pop ups come up in IE
    I know that there must be spyware running in the background it allways pops up things related to my browsing
     

    Attached Files:

    vega, Jun 3, 2006
    #5
  6. Shadow_Puter_Dude

    Shadow_Puter_Dude MG Authorized Malware Fighter

    Shadow_Puter_Dude, Jun 3, 2006
    #6
  7. vega

    vega Private E-2

    before I ran these two tools I ran the Adaware SE and it found the "Adinteligence.Apropost" addware with the "maptfmon.dll" in the "C:\windows\system32 directory"

    that was removed and I reran the program in safe mode
     

    Attached Files:

    vega, Jun 3, 2006
    #7
  8. Shadow_Puter_Dude

    Shadow_Puter_Dude MG Authorized Malware Fighter

    Follow the directions for Running Hoster.

    Boot to Safe Mode and delete this file: C:\WINDOWS\invnexus.exe

    Reboot to Normal Mode.

    How is your computer running?
     
    Shadow_Puter_Dude, Jun 3, 2006
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds