Serious Help, Pop Ads All Over!!

Hello everyone!!
I need some serious help, my computer is running very slow!, I try to keep it clean by running these programs at least once a week: xoftspy, spybot search & destroy, ccleaner and spyware blaster. I get pop ads all the time, specially the win fixer , I have ran hi-jack this log but I don't know how to analyse it, can you help me out??, Thanks!!:
Here is the log:

• Edit by bjgarrick: Unrequested, Inline HJT log removed!

 

Welcome to MajorGeeks.com, please follow the steps below:

http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis

 

I am sorry I didn't read the cleaning procedure first!
I have gone through every step and I still get pop ads. Here is the log:

• Edit by bjgarrick: Inline HJT log removed!

Any help will be greatly appreciated, computer seems to be better but still runs slow upon start up.
Thanks for dealing with me!!

 

Here I go again!

I followed every step in the tutorial. Turned off the system restore, show all files, downloaded "Ad-Aware", the other ones I didn't because I already had them (I have been using them for a while, never ran them on safe mode though which is dumb I know!!)
I ran Bitfender (which took forever) and it found some ad-aware but it was all deleted and disinfected, I ran it a second time and It didn't find anything.
Kaspersky didn't find any "malware".
Trend Micro's found one ad-aware but it didn't clean..
I started my computer on safe mode and download the listed programs: Ccleaner, Ad-awareSe (which I am not a big fan of it..), spybot search & destroy, and Microsoft Anti-spyware. I ran CCleaner only the windows tab and it found a bunch of uninstall files that were roaming around the My documents folder, Ad-aware found a couple of "windows optimizers" ad-awares(junk!!) and Microsoft anti-spyware didn't find a thing.
I even tried the Ewido, cdwshredder on safe mode..
The thing is that when it comes to computer protection I am nut case and this computer keeps "allowing" pop ads left and right, the scans don't seem to reflect anything major but obviously there is something wrong.. Is there anything else I should tell you??
Thanks for your patience!!

 

From now on please attach ALL logs as attachments to your post!


Please download Spy Sweeper

• Click the link above to download the program.
• Install it. Once the program is installed, it will open.
• It will prompt you to update to the latest definitions, click Yes.
• Once the definitions are installed, click Options on the left side.
• Click the Sweep Options tab.
• Under What to Sweep please put a check next to the following:
  
  • Sweep Memory
  • Sweep Registry
  • Sweep Cookies
  • Sweep All User Accounts
  • Enable Direct Disk Sweeping
  • Sweep Contents of Compressed Files
  • Sweep for Rootkits
  • Please UNCHECK Do not Sweep System Restore Folder.
• Click Sweep Now on the left side.
• Click the Start button.
• When it's done scanning, click the Next button.
• Make sure everything has a check next to it, then click the Next button.
• It will remove all of the items found.
• Click Session Log in the upper right corner, copy everything in that window.
• Click the Summary tab and click Finish.
• Paste the contents of the session log you copied into notepad and save it as spysweeper.txt and attach it to your next post along with a fresh HJT log.

 

Hey there, Thanks for your prompt reply!
Find attached the spy sweeper log.
Here is the hi-jack log :

Inline log attached!

Thanks a lot!!

 

For the third time, please attach ALL logs as ATTACHMENTS to your post!

Please look in Add or Remove Programs for the following and Uninstall them if found:

Viewpoint

Spy Sweeper

Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

R3 - Default URLSearchHook is missing

O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\RunServices: [System Support] system32.exe
O4 - HKCU\..\Run: [System Support] system32.exe

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following if they should remain:

C:\Program Files\Viewpoint ←–– Delete this whole folder if it exist!

NEXT:
Run CCleaner to clean up cookies and temp files.

Run full scans with Ad-Aware SE & Spybot S&D and have both programs fix what they find.
Note: Remember to get all updates before doing the scans.

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot to Normal Windows , Scan with HijackThis and attach the new log.

 

I am sorry it has taken me such long time to reply but the computer belongs to my husband who is never home anymore
I did what you told me to do but I keep getting pop ads like win software (It is not winfixer), poker.com and many others, it is nerve wrecking, I wish I knew how to read the results so I wouldn't have to bug you, is there any manual I can read??
Thanks a lot!!

Ps: Find attached a fresh hi-jack log.

 

Since it's been a while, go ahead and get the latest updates for SpySweeper and then run another full sweep and then attach that log along with a fresh HJT log.

 

Hey there
I have been reading the help section and It is very helpful!, I have always used the already mentioned programs to keep my laptop clean but my husband doesn't think is necessary, that's why his computer is all messed up
My favorite tools are help2go and sysinfo.org!, I ran them in my laptop and it found a couples of "baddies" in the BHO's entries, the rest was completely clean. I have read the hi-jack this log guidelines too, it is simple, efficient and easy to follow!, I have a better understanding of how computers get infected by spyware, I am hoping to learn more so I don't have to bug you but in the mean time THANK YOU SO MUCH for your help!!
Spysweeper found lots of rootkit masked files but when I check the option to clean it, the computer stops responding, it freezes and It doesn't even let me control+ALT+del to restart it , I have to turn it off.
I am not running spysweeper in safe mode to see if it will clean those files, I hope it is ok. Here are the logs:

 

Download AproposFix by Swandog46

Save it to your desktop or to another folder of its own, but do NOT run it yet!

Now reboot your computer in Safe Mode! (You must be in safe mode or this fix will not work.)

Once in Safe Mode, double-click aproposfix.exe which will give you a chice of where to unzip/install the program to). This is called the Destination folder in the window that popsup. So either install it to the Desktop or the folder where you downloaded the aproposfix.exe file to. It will create a new folder named aproposfix. Open the aproposfix folder and double click on RunThis.bat to run the fix. Follow the prompts.

When the tool is finished, reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file that has been created in the aproposfix folder.

 

Hey there:
I though I'd let you know that I had to run spy sweeper on safe mode and it deleted the files (rootkit-masked files) that seemed to be responsible for the pop ads, The computer runs much faster and the pop ads are gone, but I want to clear ever trace of spyware!
Here are the logs:

Thanks again

 

Scan with HijackThis and Check the Boxes for the following:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner to clean up cookies and temp files.

Run full scans with Ad-Aware SE & Spybot S&D and have both programs fix what they find.
Note: Remember to get all updates before doing the scans.


After you complete the above, reboot and let me know how things are running.

 

Hey! Thanks for your prompt response!
I have been surfing the net all night and I haven't seen one pop ad yay!, it runs very smooth.
I want to thank you for all your help!, The tutorials are extremely helpful, I will stick around to learn from others and perhaps help other people! (If I am allowed to do so of course )
I gotta get to bed now.. it is 2:37 am!!

 

Your Welcome!

If your not having any further problems, you should see this article on How to Protect yourself from malware!

Surf Safely!

 

I read it several days ago so I am ahead of you on that one
I was sick and tired of Mcfee and Norton so I got Zone Alarm securiy suite all in one protection!, I have spyware blaster and many other anti-spyware every day programs and heavy duty ones as well so I am good
Thanks SO much for your help!!!

 

Your Welcome!