Still getting popups before IE opened

well, been working on this system for more than 12 hours.....

clean with Adaware (had VX2), Spybot, CCCleaner, CW Shredder, etc. MS AntiSpyware Beta found 10 problems, stopped some others manually, but still getting popups to Poker, etc. Norton 2004 shows a buch of adware stuff that it cannot delete, and at one point found a Trojan.

Have done all the prelims you request, and have run HijackThis and produced a log which I can post.

Michael Hewiit
Hampstead, NC

 

Also, on startup, I am getting a message that a "an exception occurred while trying to run Winnt\system3\qdr0200.dll, Dllget version"

the dll name changes every time. i thin last time it was lgpcd70ndll

Michael

 

Download HijackThis 1.99.1

Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

Run HijackThis and save your log file.

Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

Need help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Here is the log....thanks...

Michael

 

!!@#$%^&*(OP

....and now it is rebooting itself spontaneously!!!!

Michael

 

Download the following items:

L2MeFix Tool

Generic Detection Tool - NT/2000/XP

VX2.BetterInternet Finder XP/2k - Version Msg126

Pocket KillBox

DO NOT USE ANY OF THESE TOOLS UNTIL TOLD TO!


NOW:
Please move the L2MeFix Tool to your Desktop and DoubleClick l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix Folder on your Desktop. DoubleClick l2mfix.bat and type 2 and ENTER to select option #2 for Run Fix. Then, press any key to Reboot your machine.
Your computer will go crazy for a bit, but just let it run. It should eventually spit out a log in Notepad. Please attach that log.

Please don't run any other files in the L2MFix folder.

 

Here is the L2mfix log

Michael

 

I rebooted it and now it seems to be fixed.

Is that possible?

IE isn't throwing any spontaeous popups and no longer seems to be rebooting whenever it wishes.

Michael

 

Unzip the Generic Detection Tool to a safe folder of your choice and run "find.bat" - Allow it as much time as it needs to run. You may get an error message of "File Not Found," but just let it go.

The tool should generate a long text file. Attach this log as an attachment to your post along with a fresh HJT log.

 

here they are..

Michael

 

Things are starting to look better

Please look in Add or Remove Programs for the following and Uninstall them if found:

picsvr

nsvsvc

NOW:
Click Start > Run > type services.msc and Click OK

Locate System Startup Service (SvcProc) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply


NOW:
Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following if they should remain:

C:\WINNT\System32\nsvsvc ←–– Delete this whole folder if it exist!

C:\WINNT\System32\picsvr ←–– Delete this whole folder if it exist!

C:\WINNT\svcproc.exe

NEXT:
Run CCleaner


Reboot to Normal Windows , Scan with HijackThis and attach the new log.

 

DONE! and here it is!!!

thanks, I agree that it was looking much better...

Michael

 

Your Welcome!

Your log is clean, are you having any further problems?