can't remove popups...please help. HJT log included

Status
Not open for further replies.

jobamsoft

Posts: 6   +0
i'm getting popups from casinos, registry cleaners, various ads...
i've run updated versions of ad-aware, spybot, and norton antivirus. i'm new to this, so please help me. i rebooted and ran HJT...log below.
thanks


Logfile of HijackThis v1.99.1
 
did everything and still have popups

thanks for your help. i did everything you said exactly and i still get them. what's the next step?

i've gone ahead and attached 2 logs. 1 after a fresh boot...and the other after i opened IE and a couple other programs and browsed a lil to get the popups to come out.

when i get one of the popups, i click properties and the first part says:
"click.aspx?"...something something then "epilot" ...other stuff then "productresearch.info"...blah

below that in the properties window still...for address (url) it shows:

"adchannel.contextplus.net/services/adclickserver/ccid_eql_11251_amp_requestid_eql_b32298B4"...blah blah blah "productresearch.info"...blah

i also get www.888.com casino popups
and also an antivirus ad popup with this url:
http://www.pcsecurityshield.com/webApp/90023a.asp?trk=WTK&affid=571

your help is greatly appreciated.
thanks! :)

chip
 
and cassava casino popups

i'm also getting cassava casino popups
thanks for your help...hope to hear back from you soon. :)
 
First Read: Only use these HJT-instructions when asked!
NO /P/S/U/R/ FUNCTIONS FOR YOU.
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions, and in HJT tick/fix ALL lines!
...................................................................................................
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
...................................................................................................

I would advise to get rid of AOL, incl. the AOL-toolbar and AIM

And stop using that crappy IE, go to www.getfirefox.com
 
still having the same issues

i followed the directions...turned off restore, allowed viewing of all files, etc...
1 thing i had to do was actually open IE instead of just right click and properties when i had to delete cookies and files. would that screw it up?

also...i ran spyware doctor and i typed a list of a buncha stuff it found below. lemme know if you have any other ideas. i'm fine with using regedit.

i've attached the hjt log from when i rebooted a few minutes ago. (date and time are in the file name, not that it matters, but i i'll be able to review them and compare them if need be.)

please help me get this crap off my system.
thanks for your help...
chip


2nd-thought.com
2o7.net
epilot.com
888.com
exact advertising -trafficmp.com
istbar - sfxwiz32-gcc.exe
deal helper- gjoocbk2, gjoocbk1, gjoocbk
ads.pointroll.com
adknowledge.com
media.adrevolver.com
adrevolver.com
maxserving.com
tickle.com
tradedoubler.com
citi.bridgetrack.com
ads.cc214142.com
tribalfusion.com
atwola.com
revenue.net
perf.overture.com
centrport.net
casalemedia.com
statcounter.com
pcsecurityshield.com
overpro.com - swf studio\pulgins2\inifile.dll
tradedoubler.com
 
sorry, forgot the attachment

I just ran hjt a few minutes ago after I ran the apropos fix. logs are attached.

in the previous response, I simply listed that spyware doctor had found that stuff. I didn't notice anything before, but I will look again to see if it gives details about where the files are. I figured it might give you more info on what exactly we're dealing with here.
thanks a lot.

chip
 

Attachments

  • hijackthis-103105-1400.txt
    6.4 KB · Views: 5
Apart from this
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

the log is clean (if you overlook that crap-junk from AOL and Symantec...)
 
ok, how do i fix that one?

i checked it before and it came back. i'll try it again now that i haven't had any popups for a little while. hopefully everything is all better. i'll get back to you if it doesn't work this time.
thanks for your help and take care.

chip
 
Status
Not open for further replies.
Back