Popup problem

Hi Guys,

I am having problems on this PC with lots of popup windows. Could somebody help with this please. Relevant logs attached after following the clen-up steps.

Thanks
Bob

 

More logs...

 

Using add/remove programs which can be accessed from the control panel, uninstall the following:

Download and install Sun Java Runtime Environment 5.0 Update 9


Download

- Pocket KillBox

- Process Explorer

Extract each to their own folder somewhere that you will be able to locate later.

IMPORTANT: You should print or save the below locally, so you can refer to them while offline. You must exit all browsers before running the below steps and it would be best if you actually physically unplug your cable to the internet, reboot, and do not run anything but what I give you to do. Also it would be good to exit all processes and items in your System tray.

Do the above before continuing! Okay unplug your cable now.

Make sure you have rebooted in Normal Mode (do not open any other processes)


- Run Process Explorer

In the top section of the Process Explorer screen double click on winlogon.exe to bring up the winlogon.exe properties screen. Click on the Threads tab at the top.

Once you see this screen click on each instance of gdiplog.dll once and then click the kill button. After you have killed all of the gdiplog.dll under winlogon click ok. (If you do not find the dll, just continue on.)

Next double click on explorer.exe and again click once on each instance of gdiplog.dll and kill it. (If you do not find the dll, just continue on.)

Now just exit Process Explorer.




Run HijackThis. Click the 'Do a system scan only' button.

Once the scan has completed click Config

Click Misc Tools

Click Open Process Manager

Terminate the following processes by selecting them from the list and clicking Kill Process
If you don't find them just move on to the next step

Click back to return to the scan results.

Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.


Copy and paste the below bold text into notepad and save as FixMWS.reg on your desktop. NOte the extension .reg you will need to set the file type in the save dialog to all types so you can save like this.

Go to your destop and run the file. Click yes to allow it to merge with the registry.



Now run Pocket Killbox:

Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.


REBOOT to Normal Mode.

Let me know how things are running now

Post a fresh HijackThis log, a fresh newfiles log and a fresh activescan log.