csvalue ad pop ups

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.


After doing ALL of the above if you still have a problem:

Make sure you have HJT Version 1.98.2 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

 

Please read my previous message again an note the version of HijackThis I specified. Also I stated that it must be an attachment to your message. Not inline text. Please get the proper version and install it correctly and post new log as an attachment.

 

Okay that's better. First a note! You are seriously out of date with your Windows updates. You are going to need to follow the steps in the below link (all of them) but the first step tells you how to get updated. Do not do these until we fix your current problems though:

How to Protect yourself from malware!

Question: Is there a reason why you did not run the Symantec online scan given in the READ ME FIRST?

Make sure you have system restore disabled and viewing of hidden files enabled (per the tutorial).

Please bring up Task Manager by hitting CTRL-ALT-DEL and click the Processes tab. Find the below processes and End them:
?hkdsk.exe
rshl.exe
tuhe.exe

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: (no name) - {60F13A70-E019-7BC7-8723-62557BF07349} - (no file)
O2 - BHO: (no name) - {65A5362A-B043-2CC0-8723-62557BF77A4E} - C:\WINDOWS\System32\epycyp.dll
O4 - HKCU\..\Run: [Scrt] C:\Documents and Settings\Steph\Application Data\tuhe.exe
O4 - HKCU\..\Run: [Dgcnd] C:\WINDOWS\System32\?hkdsk.exe
O4 - HKCU\..\Run: [Ocap] C:\Documents and Settings\Steph\Application Data\rshl.exe

Boot into safe mode and use Windows Explorer to delete:
C:\Documents and Settings\Steph\Application Data\rshl.exe
C:\WINDOWS\System32\epycyp.dll

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

You're welcome. I fixed the link. It was a bad link! You should check it out now.