Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't Get Rid Of Popups


  • This topic is locked This topic is locked
5 replies to this topic

#1 trand87

trand87

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 14 June 2007 - 09:51 AM

Hi,
Even after I ran all of the advised scans I still get lots of pop ups...even when I am on an intranet. Please advise based on the attached HJT log.

Thanks,
Tom

Attached Files



BC AdBot (Login to Remove)

 


m

#2 rookie147

rookie147

  • Members
  • 5,321 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 14 June 2007 - 11:16 AM

Hello there and welcome to BleepingComputer. My name is Charles and I will be dealing with your log today.

Please download VundoFix to your Desktop.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please post the contents of C:\vundofix.txt in your next reply.
Note: It is possible that VundoFix encountered a file it could not remove.
VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

Please include VundoFix.txt and a new HijackThis log in your next reply.
Thanks,
Charles

If you are pleased with the service I have offered, you may like to consider making a donation. Posted Image
Posted Image


#3 trand87

trand87
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 14 June 2007 - 12:14 PM

Hey Charles,
Thanks for the tip...ill try that today and post my results

-Tom

#4 trand87

trand87
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:46 AM

Posted 14 June 2007 - 12:49 PM

I ran VundoFix and it came up with many files, which were removed. Please find attached the VundoFix log and the new HJT log.

Thanks,
Tom

Attached Files



#5 rookie147

rookie147

  • Members
  • 5,321 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 14 June 2007 - 04:39 PM

Hello again,
Please print off a copy of these instructions, and also save them to a Notepad file on your desktop, so they are easily accessible.
We are going to boot into Safe Mode later in the fix, and there is no internet access.

Scan again with HijackThis and put a checkmark next to each of the following entries (if present):

O2 - BHO: (no name) - {4B7CB86D-AE0E-40C7-8E71-F4B83A3D9CCD} - C:\WINDOWS\system32\sstqo.dll (file missing)
O2 - BHO: (no name) - {4F578401-52FF-4429-8E8E-0E8C7EBF412d} - C:\WINDOWS\system32\avvgypji.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\grvjjxca.dll
O2 - BHO: (no name) - {717A6266-05B7-4FCB-A183-1734931C8034} - C:\WINDOWS\system32\avvgypji.dll (file missing)
O2 - BHO: 0 - {78A304DF-9189-4614-2195-3B7FC2F47774} - C:\Program Files\NetMeeting\lavuh.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {AF353E37-2A93-4F16-BA89-05B5086F753C} - C:\WINDOWS\system32\gebyx.dll (file missing)
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\dtqjtvjp.dll",realset
O20 - Winlogon Notify: pmkjh - C:\WINDOWS\system32\pmkjh.dll (file missing)
O20 - Winlogon Notify: sstqo - C:\WINDOWS\system32\sstqo.dll (file missing)


Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix checked button.

Please reboot your computer into Safe Mode.
This is done by rebooting Windows and pressing F8 at boot/Windows startup, usually right after the beep.
Then select Safe Mode from the list.
Make sure you choose the option without Networking Support.

Set your system to show all files.
Navigate to Start | My Computer | Tools | Folder Options.
Select the View tab. Under the "Hidden Files and Folders" heading, select "Show hidden files and folders".
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.

Next, please find and delete the following files (if present):

C:\WINDOWS\system32\grvjjxca.dll
C:\WINDOWS\system32\dtqjtvjp.dll

Reboot into Normal Mode again.

Scan once more with HijackThis and post back the new log.
Thanks,
Charles

If you are pleased with the service I have offered, you may like to consider making a donation. Posted Image
Posted Image


#6 rookie147

rookie147

  • Members
  • 5,321 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 24 June 2007 - 02:05 PM

Due to lack of feedback, this topic is now closed.
If you need this topic reopened, please request this by sending me a Personal Message including a link to your thread.
This applies only to the original topic starter. Everyone else please begin a New Topic.

If you are pleased with the service I have offered, you may like to consider making a donation. Posted Image
Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users