TechSpot

PopUps (Toolbar888, was there) - My HJT Log

By ravneetg
Sep 30, 2006
  1. Hi Guys;

    I think I messed up somewhere, and I started getting popup ads during browsing. Checked for BHO's and found one Toolbar888. Tried to fix it in safe mode using HJT. But I still do some popups occasionaly.
    I am pasting my HJT log here for your reference and s****tions:




    Thanks
    r
     
  2. N3051M

    N3051M TS Evangelist Posts: 2,115

    Rename the HiJackThis.exe program to HiJackThis1991.exe (because some nasties hide from the original file name)
    Then read this thread. Try to follow all the instructions.
    Follow these instructions BEFORE posting your HJT log.

    Post your new HJT log attatched as a .txt or .log to your next post.
     
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    In addition to the instructions given by N3051M, you should get yourself some antivirus and firewall protection.

    Download and install the free AVG or Avast antivirus programmes and either the free Zonealarm or Kerio firewall programmes. You can get them HERE, HERE, HERE and HERE.

    Install whichever firewall you chose, followed by whichever antivirus programme you chose. Reboot your system the required number of times. Run the antivirus updates.

    Then, follow the instructions provided by N3051M.

    Post fresh HJT and Ewido logs as attachments into this thread, only after doing the above.

    Regards Howard :wave: :wave:

    This thread is for the use of ravneetg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  4. ravneetg

    ravneetg TS Rookie Topic Starter

    Logs uploaded.

    Hi Howard & N3051M;

    I was away for a couple of days. Got time tonite to go through & get avast! & AVG Anti spyware on my machine.

    I did find references to ddaya.dll BHO and tried to zap it, but being nasty it is back on reboot.

    I am uploading my logs from Hijackthis. The startuplist from HijackThis also has the ddaya.dll reference.

    The System scan from AVG AS is now returning clean, and hence the reports are empty. Do you want to look at those still? I can do another system wide scan and uplaod those too.

    Thanks
     
  5. N3051M

    N3051M TS Evangelist Posts: 2,115

  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean.

    The C:\WINDOWS\system32\ddaya.dll(file missing) means the file is either gone or inactive and is nothing to worry about.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).


    O2 - BHO: (no name) - {584C0663-DDD4-4C00-9ACC-2DFAC0702F53} - C:\WINDOWS\system32\ddaya.dll (file missing)

    O11 - Options group: [INTERNATIONAL] International*

    O16 - DPF: {34260DAF-318A-4B5A-8778-A861CF2108A5} (FavImport Class) - https://favorites.live.com/cab/ImportAx.cab

    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab

    O16 - DPF: {A28E2797-55E8-4D20-BFA6-FDE2290BC951} - https://mce.galleryplayer.net/cart/install.cab

    Click on the fix checked button.

    Close HJT.

    I would`ve liked to see an Ewido log as requested, but it`s up to you.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of ravneetg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...