I need help removing popup ads

[Bjo]

getting popup ads from NYM1.Ib.adnxs.com, only when I am in facebook using apps. I have not gotten them at any other time, even when just in facebook, its just when I use the game apps.

 

[g3n-h@ckm@n]

hello welcome

Download From this link OTL : http://oldtimer.geekstogo.com/OTL.exe

Save it to your desktop

If you have XP => double-click , else , right-click "Run as administrator" to launch it

configure it like this : ("Run Scan"="Analyse") must be pressed after pasting the bold text below under the picture)

if a 64 bits checkbox appears let it checked.

copy/paste what is below in blue bold under "Personnalization" in OTL :

HKCU\Software
HKLM\Software
HKCU\Software\Microsoft\Command Processor /s
HKLM\Software\Microsoft\Command Processor /s
%Homedrive%\*
%Homedrive%\*.
%Userprofile%\*
%Userprofile%\*.
%Allusersprofile%\*
%Allusersprofile%\*.
%LocalAppData%\*
%LocalAppData%\*.
%Userprofile%\Local Settings\Application Data\*
%Userprofile%\Local Settings\Application Data\*.
%programFiles%\*
%programfiles%\Google\Desktop\Install /s
%programFiles%\*.
%Systemroot%\Installer\*.
%Systemroot%\Temp\*.exe /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.in*
%systemroot%\Tasks\*
%systemroot%\Tasks\*.
%systemroot%\system32\Tasks\*
%systemroot%\system32\Tasks\*.
%systemroot%\system32\drivers\*.sy* /lockedfiles
%systemroot%\system32\config\*.exe /s
%Systemroot%\ServiceProfiles\*.exe /s
%systemroot%\system32\*.sys
dir %Homedrive%\* /S /A:L /C
msconfig
activex
/md5start
explorer.exe
winlogon.exe
wininit.exe
volsnap.sys
atapi.sys
ndis.sys
cdrom.sys
i8042prt.sys
iastor.sys
tdx.sys
netbt.sys
afd.sys
/md5stop
netsvcs
safebootminimal
safebootnetwork
CREATERESTOREPOINT

click on "Run scan"(Analyse) and let the tool work
At the end "notepad" will open (OTL.txt & Extras.txt)
you can find them near the OTL executable.

Dont post them in the forum !!!! ( they're too big )

Attach them here or on http://cjoint.com or other site and give the links you obtained.

 

[Bjo]

ok complete attaching logs

One more comment on this . g3n-h@ckm@n is not on the list of those who should be helping.. is it ok to be following his directions?

 

[g3n-h@ckm@n]

No cause they want to test me before accepting me , I'm just Trusted Advisor for the moment

Paste this bold text under "Personnalization" in OTL and Click "Run Fix"

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
IE - HKU\S-1-5-21-263363050-1132841584-2172254880-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://centurylink.net/
CHR - homepage: http://www.centurylink.net/
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
SafeBootMin: 30340216.sys - Driver
SafeBootNet 30340216.sys - Driver
SafeBootNet: 30340216.sys - Driver
SafeBootMin 30340216.sys - Driver
[2013/04/02 22:32:42 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallMate
[2014/02/01 08:50:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy
[2014/02/01 08:50:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy

:reg
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
""=-

:commands
[ResetHosts]
[emptytemp]

Attach the new log

 

[Bjo]

ok running the fix now.. I hope your tests with me work !

 

[Bjo]

completed and file attached

 

[g3n-h@ckm@n]

in which browser have you got this problem ?

 

[Bjo]

in which browser have you got this problem ?

IE I use google chrome once in awhile but never saw it in there at all.. and actually since running the fix, I have only seen it once.

 

[Bjo]

LOL I spoke too soon.. just got the internet explorer update recommended one. and this one is updatenowpro.com

IE I use google chrome once in awhile but never saw it in there at all.. and actually since running the fix, I have only seen it once.

 

[g3n-h@ckm@n]

Install AdBlockPlus for IE https://adblockplus.org/en/internet-explorer

 

[Bjo]

Install AdBlockPlus for IE https://adblockplus.org/en/internet-explorer

ok I installed it.. is there any setup to do?

 

[g3n-h@ckm@n]

you have Chrome ? install il in Chrome too https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?hl=fr

 

[Bjo]

you have Chrome ? install il in Chrome too https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?hl=fr

ok I have both of them done. so far no popups

 

[Bjo]

can I delete all the other stuff off my pc.. FRST, OTL? I use malwarebytes so I will keep that one.

 

[g3n-h@ckm@n]

Ok do you still see your problem actually ?

 

[Bjo]

I have had none of those popups since loading the adblockplus.

 

[g3n-h@ckm@n]

Ok do you want to try this evening and tomorrow and come back to tell me the news about that at the end of the day ?

 

[Bjo]

Ok do you want to try this evening and tomorrow and come back to tell me the news about that at the end of the day ?

That sound great to me!!! thanks for the help. Can u explain whats going on though, seems to me like its not on my computer really but in my browser?? By blocking these does it make me safe for no one to get any personal stuff from me?

 

[g3n-h@ckm@n]

No it just blocks popups and publicities.
browse until tomorrow evening and if it's good we'll finish by cleaning the tools and little updates

 

[Bjo]

No it just blocks popups and publicities.
browse until tomorrow evening and if it's good we'll finish by cleaning the tools and little updates

OK ...