Pop ups Galore!
-
Pop ups Galore!
A few days ago I got into something nasty while surfing the net.
Now when I open IE, I get that same toolbar everybody is complaining about, but it doesn't stop there. The popups just keep coming. I even get more popups about the popups, such as ones that say "The program you are using is trying to close the window. Do you want to close the window yes/no?" With all the popups flying around, it makes the computer really slow and eventually freeze......
I tried Ad-Aware and a google toolbar, but there are files Adaware can't delete, and popups google can't prevent....
I read some other posts about the nasty toolbar and popups, so here's my Hijack scan info....I was hoping you could tell me how and what exactly I need to delete. Thanks so much!
Rosa
Logfile of HijackThis v1.97.7
Scan saved at 2:36:47 AM, on 06/16/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 SP1 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\NORTON ANTIVIRUS\DEFWATCH.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\WINDOWS\SYSTEM\HPZTSB05.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\SIXTH PROXY WAY\HOPEFOURBIND.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\NIKON\NKVIEW6\NKVMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\KRBCC32S.EXE
C:\WINDOWS\SIDECAR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\BEAR ACCESS\WINBA\EUDORA\EUDORA.EXE
C:\PROGRAM FILES\HIJACK THIS\HIJACK THIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://allaboutsearching.com/passthr...//www.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
O3 - Toolbar: birdgridbase - {A705D642-C960-7C7E-5E96-02733426616A} - C:\PROGRAM FILES\MULTIHTMBIB\META GLOBAL.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IgfxTray] c:\windows\SYSTEM\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] c:\windows\SYSTEM\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [size knob] C:\PROGRA~1\SIXTHP~1\hopefourbind.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [defwatch] C:\PROGRA~1\NORTON~1\defwatch.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: TextBridge Instant Access OCR.lnk = C:\Program Files\TextBridge Classic\Bin\TBMenu.exe
O4 - Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM (HKLM)
O9 - Extra button: ICQ (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...624.9452199074
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub...sh/swflash.cab
O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.bundleware.com/activeX/DS3/DS3.cab
-
Hello,
Are these web poups or windows messenger popups? Also, try hitting CTRL + ALT + DELETE and then clicking 'proseeses', and then closing them all. If that doesn't work, you might want to shut down right after 'ending' all of the processes and then turn the machine back on. DO NOT RESTART, it is better to shut down, wait 10 seconds, and then turn the machine back on. I hope this helps, please let me know what kind of popups they are so I can be a little more helpful.
-Jeff
-
I had this problem:
I disabled all the programs that start up when the computer loads [start/run/type in msconfig and then click on the start tab]
Then I rebooted.
I then ran and up-to-date Adware program and then ran an up-to-date Search & Destroy program finished off by a scan from a couple of virus scanners.
I rebooted and the problem was fixed.
-
When you go into the MSCONFIG, also go to the services tab and uncheck Messenger. Had this issue once before and that resolved it.
