Here's a whole load of freeware pop-up stoppers:
http://www.webattack.com/Freeware/mi...popblock.shtml
And here's a ratings and reviews site:
http://www.popup-killer.info/
Printable View
Here's a whole load of freeware pop-up stoppers:
http://www.webattack.com/Freeware/mi...popblock.shtml
And here's a ratings and reviews site:
http://www.popup-killer.info/
If these popups are generated by spyware inside your computer, a popup stopper won't be of much use.
Let's have that Hijack This log. It's a terrific troubleshooting tool.
If that computer has been infected, it will show. :)
I tried to put screenprints on here, but they are too big. Can I e-mail them to you?
Thanks!
But you don't need to do that. Just do a copy and paste:
If you doubleclick the log file, does it open in Notepad?
If so, go to Edit > Select all, then to Edit > copy.
Now you've copied the entire text to the Windows Clipboard (this happens behind your back.)
Next, go back to this forum thread, and click "Post Reply".
In an empty area click your RIGHT mouse button, and choose 'Paste' from the context menu.
And voila, there's your Hijack This log.
NOTE: Should the log not open in Notepad by default, do this:
. Highlight the logfile by clicking on it once
· Hold down the shift key and then right-click your mouse
· Select "Open With" from the menu
. Pick Notepad.exe.
Be sure to check the box, "Always use this program to open these files".
· Click "OK" and you are all done!
Sorry about that, I just ran the scan, never saved it. Here is what comes up. I appreciate all the help!!
~~~~~~~~~~~~~~~~~~~~~~~~~~
Logfile of HijackThis v1.94.0
Scan saved at 4:28:21 PM, on 5/18/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL=http://www.noblindlinks.com/sp.shtml
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://search.xrenoder.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.noblindlinks.com/sp.shtml
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://my.screenname.aol.com/_cqr/login/login.psp?siteId=atlasaol&authLev=2&mcState=initialized&triedAimAuth=y
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.noblindlinks.com/sp.shtml
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O1 - Hosts: 193.125.201.50 msn.com
O1 - Hosts: 193.125.201.50 search.msn.com
O1 - Hosts: 193.125.201.50 auto.search.msn.com
O1 - Hosts: 193.125.201.46 thehun.net
O1 - Hosts: 193.125.201.46 www.thehun.net
O1 - Hosts: 193.125.201.46 thehun.com
O1 - Hosts: 193.125.201.46 www.thehun.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Support (HKCU)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: Microsoft WFC Forms Designer - file://E:\VJ98\wfcforms.cab
O16 - DPF: Visual Studio 6 Extensibility Libraries - file://E:\VJ98\vstudio6.cab
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O16 - DPF: {D18B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.xxxtoolbar.com/ist/softwa...ist_remove.cab
O16 - DPF: {F0AA2376-F073-4E57-86E8-0238F99087C7} (AInst Class) - http://cnt.rapidblaster.com/install/activeinstaller.dll
OK,
Check all of the following items in Hijack This, subsequently close all browser windows, and then press "fix checked:
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL=http://www.noblindlinks.com/sp.shtml
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://search.xrenoder.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.noblindlinks.com/sp.shtml
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.noblindlinks.com/sp.shtml
m
O1 - Hosts: 193.125.201.50 msn.com
O1 - Hosts: 193.125.201.50 search.msn.com
O1 - Hosts: 193.125.201.50 auto.search.msn.com
O1 - Hosts: 193.125.201.46 thehun.net
O1 - Hosts: 193.125.201.46 www.thehun.net
O1 - Hosts: 193.125.201.46 thehun.com
O1 - Hosts: 193.125.201.46 www.thehun.com
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O16 - DPF: {D18B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://www.xxxtoolbar.com/ist/softw.../ist_remove.cab
O16 - DPF: {F0AA2376-F073-4E57-86E8-0238F99087C7} (AInst Class) - http//cnt.rapidblaster.com/install/activeinstaller.dll
That should fix your problem! :)
Cheers,
Thanks Tony! I did what you suggested, so we'll see what goes on from here.....only time will tell. Either way, I will post my findings. This thread may help other people too!
Thanks again!
You're welcome! :)
And you may find this a useful read: So how on earth did I get all this spyware in the first place?
Cheers,
Thanks for the additional info. So far, so good. Also, I installed Javacool's SpywareBlaster....the list that came up was huggge!!!
Thanks again!
Remember, the spyware on that list is NOT spyware on your computer, but stuff SpywareBlaster will protect you against! :)Quote:
Originally posted by Wooglin
the list that came up was huggge!!!
Still getting some popups from time to time. Any other hints or other things I can try.
I have noticed on our local news that there has been issues with unwanted adult popups on home PC's, and that it will be going to legislature to get this spamming (or messaging) to become illegal.
Thanks again everyone.
Those are probably sneaking through port 137 (netBIOS) while you're connected with cable. You're online all the time, with or without a browser window. You can use a firewall to stop them. I use ZoneAlarm www.zonelabs.com (free) but you can also use the crummy firewall included with XP. Just using the default settings with ZoneAlarm eliminated all my pop-ups.
Some people prefer to disable the messaging service that delivers these messages. Of course, you still have the open port as a security hole, but it's effective to stop popups. (it seems windows messaging is disabled by default in server2003, maybe MS will be phasing it out in workstation oses, too)
i had a similar problem like this. When the popup's come up, or even just now, close ALL open programs and press ctrl+alt+delete and tell me what prgrams you have running (write them all) then i will take it from there
The only thing running is the I.E. page (VirtualDR).
Me Monkey likes this one;
http://www.guardwall.com/en/index.asp