Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91977 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Alert Popup removal help


  • This topic is locked This topic is locked
37 replies to this topic

#16 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 08 November 2009 - 07:30 PM

Tomk, Thanks for your reply. I don't know why but I tried the Java update and it says my Jave is up to date. I have not run JavaRa as yet but I will. In regard to the SuperAntiSpyware installation I have removed it. I thought before I ran DDS. It is gone from the program folder and all shortcuts have been removed so I don't think it is 'active' anymore. As you are know the registry does wierd things when uninstalling a program and may have left things behind when I uninstalled SuperAntiSpyware. I don't remember if I checked it for x64 use, but Windows does usually not allow running of non compliant software or asks if you want to install in to run in x32 mode. Alert Popup is still running and I have not found any references to it in any programs. It seem to be hidden somewhere and the only way I know it is still there is when I look in the task manager and see it running. I'll run JavaRa and see what happens then and post the log for you. Thanks again, BobSea

    Advertisements

Register to Remove


#17 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 08 November 2009 - 08:01 PM

Tomk, Hmmmm, I posted a reply but don't see it here, wierd. the system says I posted 22 minutes ago but I see nothing. Anyway. I ran JavaRa and it says it removed two files (x86) java\jrel.6.0_03 and _06. It says it generated a JavaRa log file but I could not find it anywhere. After a bit of expermenting with the selections I was able to find where you could have JavaRa display the log file. It didn't display it at the end of the program running and it couldn't find it to dispaly when I had JavaRa try either. I have uninstalled SuperAntiSypware so there should be nothing there anymore. I don't remember if it was before I ran DDS or after. Alert Popup is still running every time I start my comuter. Still haven't found any references to where it resides or any other way to remove it as yet. Still hanging in there with your instructions! Thanks again for your help, BobSea

#18 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 08 November 2009 - 08:02 PM

Hmmm I see both messages when I replied last. Wierd!

#19 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 08 November 2009 - 08:04 PM

Ahhh got it ! there are more pages, dah! Sorry about that I'm new to this whole buisness. BobSea

#20 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 08 November 2009 - 09:26 PM

BobSea, Run a new DDS log and let's see if there is anything new.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#21 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 09 November 2009 - 08:09 PM

Tomk, OK, I ran a new dds scan and the file names are 20091109 dds and 20091109 Attach. I put them in a zip file again. Thanks again for your assistance. BobSea

Attached Files



#22 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 09 November 2009 - 08:30 PM

BobSea,

Please download the OTM by OldTimer.
  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
    (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines inside the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Processes
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "472734EA-242A-422B-ADF8-83D1E48CC825"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}]
    
    :Files
    c:\windows\system32\drivers\kgpcpy.cfg
    
    :Commands
    [purity]
    [emptytemp]
    [start explorer]
    [Reboot]
  • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Post the results and then see if JavaRa will run.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#23 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 10 November 2009 - 07:55 PM

Tomk, OK, I kinda fumbled my way through it. When I first ran it it locked up and exited. I ran it again and that is the log file I am sending you. I"ll try to run JavaRa again and let you know how that went. Thanks again for your help! BobSea

Attached Files



#24 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 10 November 2009 - 07:59 PM

BobSea, It appears that it actually ran the first time you tried. Now keep your fingers cross when you run JavaRa.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#25 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 10 November 2009 - 08:07 PM

Tomk, OK, I am on my other computer so I will let you know what the results are when I run JavaRa. BobSea

    Advertisements

Register to Remove


#26 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 10 November 2009 - 08:13 PM

:thumbup:

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#27 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 10 November 2009 - 08:22 PM

Tomk, SUCESS! Log file being sent with this message. Thanks! BobSea

Attached Files



#28 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 10 November 2009 - 10:57 PM

BobSea, Awesome. Post me a new DDS log and let me know how things are running now.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#29 BobSea

BobSea

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 11 November 2009 - 06:45 PM

Tomk, OK, I have ran DDS again and am sending the logs to you in a zip file. The Alert Popup is still running, I see it in the task manager Let me know what to do next. Thanks again for you help in doing this! BobSea

Attached Files



#30 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 11 November 2009 - 07:05 PM

BobSea,

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users