traffic explorer

Please follow the steps below exactly:


- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Your log shows no signs of any malware. This does not necessarily mean your system is clean. It just means you HJT log does not show anything.

Are you still getting popups? When do you get them? All the time? What do they say? Do you only get them when connected to the internet? To what site or sites?

Are you sure that they are not occurring due to the fact than you have Windows Messenger running? It has been know to cause popups?

 

Do you really use both Windows Messenger and MSN Messenger? It does not seem necessary to me.

Let's try digging a little deeper.


Download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster
• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program

Download this trial version of Ewido Security Suite

• Install ewido security suite
• Launch ewido, there should be an icon on your desktop double-click it.
• The program will have a window come up. One of the buttons on the left is to Update. Click the Update button.and then Start the Update. The update will start and a progress bar will show the updates being installed.
• After it completes the update, click the Scanner button

Now exit Ewido. Now print the below instructions or save them locally because I want you do have no browsers opened and also have no connection to the internet (unplug your cable) while doing the below.

Okay, reboot into safe mode and follow the steps below. (If you have any problems at all trying to get into safe mode to complete these steps, just run them in normal boot mode and make sure you tell me when you come back.)

Open up Ewido and do the following:

• Click on Scanner
• Then click Settings
• Under What to Scan? Select Scan every file
• Then click OK
• Click on Complete System Scan and the scan will start.
• Let the program scan the machine

While the scan is in progress you will be prompted to clean files that are infected. Leave the defaults selections (to Remove and backup) and click OK. To save yourself some time, you can select Perform action with all infections and then click OK. With the option to scan every file, a lot of cookies will be removed.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report

• Click Save report
• Save the report to your desktop or anyplace you will be able to find it to upload here.

Reboot into normal mode and reconnect to the internet.

Come back here and post the Ewido Scan Report. And tell me if you are still having any problems.

After doing the above goto this link: How to Protect yourself from malware!

Complete all the steps! Make sure you get one of the firewalls indicated installed.

 

No! Did this occur before or after doing the Ewido scan and have you rebooted since doing the Ewido scan? And what do you mean by "virus popups". Do you mean you have virus detections or advertisements to by virus cleaning programs? What were they for?

Now answer my question from message # 6.

 

Run the below and let me know how things look. Note: Windows Messenger is not the same thing as MSN Messenger so you will not be doing anything to MSN Messenger with this:

Disable/Remove Windows Messenger

 

Windows Messenger is install on all PCs by default and next to know one uses it because it caused all kinds of security issues like yours with popups. See this for example: http://www.itc.virginia.edu/desktop/docs/messagepopup/

Tell me exactly what Sygate is blocking (include file and path names if given) also indicate whether it is outgoing or incoming.

 

That is a valid Windows process. Ewido would not be blocking it. You could get popups from Sygate telling you about Generic Host Process requesting access to the network. It is not a problem. You can normally just say no to this and tell it to always say no.