Popups Everywhere!!! - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 02-15-2004, 06:49 PM   #1 (permalink)
Junior Techie
 
Join Date: Dec 2003
Posts: 87
Send a message via AIM to radguy
Default Popups Everywhere!!!

i am asking this question for my friend who knows nothing about computers.

He gets popups on his pc all the time even when he isnt browsing the web and he has a popup blocker on and it doesnt block all of them. when the popup blocker is on and he isnt browsing the web he gets about one popup a minute. when the popup blocker is disabled and he isnt browsing the web, he gets about 13 popups a minute.

HOW DO WE GET RID OF THIS??????

i have ran an adware scan with noadware 2.0 and deleted it all but it still has that problem.... it only deleted the other adware on his pc.........

is this like an extreme undetectable adware or is it a virus??????
__________________

__________________
<b><center>|My Current System ( till i get more money)|</center></b><p>
Ahanix Platinum XP Case (Modded)
S-ATA 80GB HD 7200 RPM
52X48X52 CDRW
16X DVD+r/-r
512 (2 x 256) PC 3200 DDR Ram 400 mhz
CP technologies i865APE Mainboard (ya i kno nobody has heard of it)
p4 2.66 800mhz WITH HT oc\'ed to 2.99ghz
geforce fx 5200 128 mb agp 8x (ya i kno bottom of the line but i oc\'ed it the best i could)
Windows XP Home Edition SP2 (SP2 in my opinion sucks when you first get it)
Realtek AC97\' Onboard Audio
JMW 17\" Flat \"Screen\" (not panel) Monitor
P4 Approved 450 Watt power supply

Im doing ok for a 15 year old, rit?
http://www.ratemypc.net/pictures/img40c64cbc90148.jpg
radguy is offline  
Old 02-15-2004, 08:01 PM   #2 (permalink)
Techie Beyond Description
 
Apokalipse's Avatar
 
Join Date: Jun 2003
Location: Melbourne, Australia
Posts: 14,559
Default

try and find the name of the popup, go to regedit (start, run type regedit) and delete suspicious entries with its name; this has happened to me and it's how I got rid of them.
__________________

__________________
Apokalipse is offline  
Old 02-15-2004, 08:43 PM   #3 (permalink)
Ultra Techie
 
Join Date: May 2003
Posts: 548
Send a message via AIM to aye29 Send a message via Yahoo to aye29
Default

I've never heard of that program you're using. Personally I would recommend using Spybot Search and Destroy. Its the most effective program in my experience.
aye29 is offline  
Old 02-15-2004, 11:04 PM   #4 (permalink)
Banned
 
Join Date: Feb 2004
Posts: 241
Default

Is IExplore closed when this happens,hard to beleive,if thats what you mean.
What do you mean by browseing or not browesing ?
If he arrives here,does it happen then? I have no stopper and get none here.
Is this computer totally useless to play games etc. ?
Are you useing pop-up stopper ?
stan-the-man is offline  
Old 02-16-2004, 02:50 AM   #5 (permalink)
btv
True Techie
 
Join Date: Feb 2004
Posts: 120
Default

Quote:
Originally posted by MicroBell
Humm interesting issue offline. I would disable MS Messenger...
just adding more info...
disable MS messenger services(not the MS IM)
http://www.itc.virginia.edu/desktop/docs/messagepopup/
btv is offline  
Old 02-16-2004, 11:35 PM   #6 (permalink)
True Techie
 
Join Date: May 2003
Posts: 221
Default

Download 'Hijack This!'. http://www.tomcoyote.org/hjt/ or from http://www.majorgeeks.com/downloadge...8baee6434cfc13
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the " scan " button will change into a " save log " button.
Press that, save the log , load it in Notepad, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.
.
mobo is offline  
Old 02-17-2004, 09:56 PM   #7 (permalink)
Junior Techie
 
Join Date: Dec 2003
Posts: 87
Send a message via AIM to radguy
Default

http://www.techist.com/showthread.php?threadid=11308

Logfile of HijackThis v1.97.7
Scan saved at 9:50:44 PM, on 2/17/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\windows\system\hpsysdrv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DIGStream\digstream.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\winservn.exe
C:\PROGRA~1\HPINST~1\Pavilion\XPENABF3EN\plugin\bi n\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\AIM\aim.exe
C:\Documents and Settings\Shane\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [sureshotpopupkiller] "C:\Program Files\Stop-the-Pop-Up\stopthepop.exe" -minimized
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ContentService] C:\WINDOWS\System32\winservn.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\Pavilion\XPENABF3EN\plugin\bi n\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: MUSICMATCH MX Web Player (HKLM)
O9 - Extra button: MoneySide (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...ctor/swdir.cab
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://mfr.mlxchange.com/Control/Mul...ctComboBox.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://mfr.mlxchange.com/Control/MLXClientUtils.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://mfr.mlxchange.com/Control/IRCSharc.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {96B0F9A1-AD48-41F0-A1ED-093D66CF1AD9} - http://att-motion.movies.go.com/digs...oviessetup.exe
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzilla.com/_download/...ler/dwnldr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub...sh/swflash.cab

its an hp media pc and he doesnt want any of the hp processes disabled

and he likes that weather adware thing
__________________
<b><center>|My Current System ( till i get more money)|</center></b><p>
Ahanix Platinum XP Case (Modded)
S-ATA 80GB HD 7200 RPM
52X48X52 CDRW
16X DVD+r/-r
512 (2 x 256) PC 3200 DDR Ram 400 mhz
CP technologies i865APE Mainboard (ya i kno nobody has heard of it)
p4 2.66 800mhz WITH HT oc\'ed to 2.99ghz
geforce fx 5200 128 mb agp 8x (ya i kno bottom of the line but i oc\'ed it the best i could)
Windows XP Home Edition SP2 (SP2 in my opinion sucks when you first get it)
Realtek AC97\' Onboard Audio
JMW 17\" Flat \"Screen\" (not panel) Monitor
P4 Approved 450 Watt power supply

Im doing ok for a 15 year old, rit?
http://www.ratemypc.net/pictures/img40c64cbc90148.jpg
radguy is offline  
Old 02-17-2004, 10:30 PM   #8 (permalink)
Super Techie
 
Join Date: Dec 2003
Posts: 300
Send a message via Yahoo to mike11973
Default

http://toolbar.google.com/
__________________
NF7/S Rev2.0 : D25 Modded bios by -=Merlin=-(cpc on)
2500+M @ (250*10)
G.Skill ddr 400LA(TCCD)running 1:1@250
3-3-3-3
Saphire 9800 Pro
cpu-1.8v
ram-2.7v
chipset-1.6v

Knowledge IS power....dont be afraid to be open to it.


<a href=\"http://arc.aquamark3.com/arc/arc_view.php?run=1493626296\">My aquamark score</a>

overclocking 101
mike11973 is offline  
Old 02-17-2004, 10:31 PM   #9 (permalink)
Super Techie
 
Join Date: Dec 2003
Posts: 300
Send a message via Yahoo to mike11973
Default

sorry...didnt read all of your issue b4 rplying'.....have you scanned for a virus or for adware?
__________________
NF7/S Rev2.0 : D25 Modded bios by -=Merlin=-(cpc on)
2500+M @ (250*10)
G.Skill ddr 400LA(TCCD)running 1:1@250
3-3-3-3
Saphire 9800 Pro
cpu-1.8v
ram-2.7v
chipset-1.6v

Knowledge IS power....dont be afraid to be open to it.


<a href=\"http://arc.aquamark3.com/arc/arc_view.php?run=1493626296\">My aquamark score</a>

overclocking 101
mike11973 is offline  
Old 02-17-2004, 11:38 PM   #10 (permalink)
Junior Techie
 
Join Date: Dec 2003
Posts: 87
Send a message via AIM to radguy
Default

YESSSSSSS
__________________

__________________
<b><center>|My Current System ( till i get more money)|</center></b><p>
Ahanix Platinum XP Case (Modded)
S-ATA 80GB HD 7200 RPM
52X48X52 CDRW
16X DVD+r/-r
512 (2 x 256) PC 3200 DDR Ram 400 mhz
CP technologies i865APE Mainboard (ya i kno nobody has heard of it)
p4 2.66 800mhz WITH HT oc\'ed to 2.99ghz
geforce fx 5200 128 mb agp 8x (ya i kno bottom of the line but i oc\'ed it the best i could)
Windows XP Home Edition SP2 (SP2 in my opinion sucks when you first get it)
Realtek AC97\' Onboard Audio
JMW 17\" Flat \"Screen\" (not panel) Monitor
P4 Approved 450 Watt power supply

Im doing ok for a 15 year old, rit?
http://www.ratemypc.net/pictures/img40c64cbc90148.jpg
radguy is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 09:55 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.