|
-
October 11th, 2004, 11:56 AM
#1
excessive popup
this annoying site keeps popping up even when im not surfing. 
http://www.ad-w-a-r-e.com/callback_ron.php?GUID={F194F621-0ED3-11D9-A431-00045AA1DA42}&country=US&type=
the domain cant even be found when i load it into my browser (DNS error)
how do i stop it from invading my computer?? it appears quite often. luckily my popup stopper is on, but it still keeps popping up every few minutes! 
anyone know what this site is and how the popups can be stopped? i ran spybot and cleaned out a lot of spyware and checked for viruses but could find nothing.
-
October 11th, 2004, 12:47 PM
#2
Might be more than spyware, could be hijackers invaded your computer. I have no idea what that site is but I'm not foolish enough to click on the link to find out either. 
To see if you have indeed been hijacked you should run Hijackthis Following the instructions for this program from the link below.
http://discussions.virtualdr.com/sho...hreadid=167915
-
October 11th, 2004, 04:10 PM
#3
Logfile of HijackThis v1.98.2
Scan saved at 1:05:56 PM, on 10/11/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\YTRAYMAGICLITE\YTRAYMAGIC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\KTYTAW.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\WINKEY\WINKEY.EXE
C:\PROGRAM FILES\DOUBLEDESKTOP\DD.EXE
C:\PROGRAM FILES\KIRYSTECH2K\KCPUCOOLER\KCPUCOOLER.EXE
C:\PROGRAM FILES\RESIZEENABLE\RESIZEENABLERUNNER.EXE
C:\PROGRAM FILES\MOUSEAWAY\MOUSEAWAY.EXE
C:\PROGRAM FILES\SOFTWARE BY DESIGN\STAYLIVE.EXE
C:\PROGRAM FILES\EPROMPTER\EPROMPTER.EXE
C:\PROGRAM FILES\CLICKOFF\CLICKOFF.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\GREENBROWSER 2.3\GREENBROWSER.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://trafficg.com/hps.php?member=trafg
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.msn.com
R3 - Default URLSearchHook is missing
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\RunServices: [YTrayMagic Lite 1] C:\PROGRAM FILES\YTRAYMAGICLITE\YTRAYMAGIC.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
O4 - Startup: WinKey.lnk = C:\Program Files\WinKey\WinKey.exe
O4 - Startup: DoubleDesktop.lnk = C:\Program Files\DoubleDesktop\dd.exe
O4 - Startup: KCPUCooler.lnk = C:\Program Files\KirysTech2k\KCPUCooler\KCPUCooler.exe
O4 - Startup: ResizeEnableRunner.lnk = C:\Program Files\ResizeEnable\ResizeEnableRunner.exe
O4 - Startup: MouseAway.lnk = C:\Program Files\MouseAway\MouseAway.exe
O4 - Startup: StayLive.exe.lnk = C:\Program Files\Software by Design\StayLive.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Startup: Ontrack SystemSuite 2000 Task Manager.lnk = C:\Program Files\Ontrack\SystemSuite\mxtask.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: ClickOff.lnk = C:\Program Files\ClickOff\Clickoff.exe
O8 - Extra context menu item: For&msAgent - C:\Download ZIP\agent.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {FDE6B956-B80A-4578-9A10-4C24609412F1} - http://access.gamezdump.com/output/0.../fullgames.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Sha...in/AvSniff.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
-
October 15th, 2004, 03:24 AM
#4
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
