Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 31

Thread: Need help getting rid of pop-ups

  1. #11
    Senior Member JonnyFrond's Avatar
    Join Date
    Jan 2006
    Posts
    238
    Hi Chelle,

    IMHO you are definitely on the right track.

    Read this Cleaning a pest infected computer to give you some structure with your cleaning.

    In addition, get the latest version of this CCleaner

    and run it just before you reboot into safe mode and then again before you go back online again

    Then get the free version of this ewido

    and run in safe mode while you are doing all your safe mode stuff ie adaware. It may prompt you for action during the scan and just oblige, don't wait till the end of the scan. Keep the end log too. Don't bother running spybot in safe mode it is not designed for it as far as I know, and no-one here has yet told me otherwise. reboot into safe mode after each scan and keep scanning untill you get two consecutive clean scans for both ewidow and adaware.

    I would recomend an online scan too, there are quite a few good ones, these were the ones I used, though any scanners recommended by the fine dudes on this site are likely to be winners:

    http://www.kaspersky.com/af/globalstore
    http://www.pandasoftware.com/products/activescan.htm
    Keep the logs for these too.

    Make Hijack this the last thing you do!!!

    Then after you have done everything, post ewido log, online scan logs and hijack this log on here and the knowing folk can help you clean the last bits for you.

    Then finally, I would recomend thisHosts file though read what it does if you don't already know, and install it manually (easy) so that you know how to put the original host file back if it doesn't agree with your work. If you get a message pop up saying "the connection was refused...." that is the host file has blocked the site due to known malware.

    I think this should cover it.

    The ever very Frondification of the world
    Sarcasm is a way of life

  2. #12
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Sounds like Spyaxe or CoolWebSearch. You might try an online scan. I much prefer Panda software's scanner which will pickup both viruses and spyware. Panda's not going to remove much, but it's probably the best of the online scans. When you get badly infected with either spyware or viruses, you need to break it down to a two-step process. The first step is finding what you have in there, the second step is removing it. Panda will help you find it.

    http://www.pandasoftware.com/product...ACHEHINT=Guest

    As for pop-up blockers, both the Yahoo and the Google toolbars for Internet Explorer have built-in blockers. But they're not going to do you much good against pernicious spyware.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  3. #13
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    I came in to the world with nothing. I still have most of it.

  4. #14
    Junior Member
    Join Date
    Feb 2006
    Posts
    11
    Thanks all, I'll switch my net connection later when I'm done with work and give a few things a try and will definatly report back on the status of things.

    A couple things...
    I used SpyBot in safe mode yesterday and it picked up a large list of spyware and in fact removed some things that it hadn't been able to in normal mode. I'm unsure if it's designed to run in safe mode as I'd used it or not, but it seemed to have an impact.

    Also, I ONLY use IE for work, nothing more. I never do ANY browsing through it (I personally lothe IE). The web applications that I test in IE require that I have pop-ups enabled as well as ActiveX and a many other features that most would turn off as security measures (which is why I really don't like the site design - they should have taken this into consideration when building it). Most of the web apps I work with I have to use VPN to connect to the office network because they are intranet systems currently and not live; thus they are very secure (or at least should be). Other then these tasks I wouldn't even DREAM of touching IE... it's like a portal into direct evil... at least, from my perspective.

  5. #15
    Senior Member JonnyFrond's Avatar
    Join Date
    Jan 2006
    Posts
    238
    Hi Chelle

    I used SpyBot in safe mode yesterday and it picked up a large list of spyware and in fact removed some things that it hadn't been able to in normal mode. I'm unsure if it's designed to run in safe mode as I'd used it or not, but it seemed to have an impact.
    Interesting, if it works go with it, I could not get it to close down, and it did not pick anything up for me, so i assumed it was not really designed for safemode.

    Fronny
    Sarcasm is a way of life

  6. #16
    Junior Member
    Join Date
    Feb 2006
    Posts
    16

    Talking

    "I got Browser Hijack on my work pc also. It gets annoying real fast. http://hijack-this.net/ works good but im not ready to pay outta my own pocket for spyAlert for a computer that isn't mine. "
    i use Hj this as well as adaware and spybot and dont have many probs there isn't much they cant fix pls post a log i am interested also. Dunno if i'll be any help but- many hands as they say make lite work.
    Such is life,
    - Ned kelly

  7. #17
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Please note that hijack-this.net has nothing to do with the Hijack This application. It is owned by altertspy, a company listed as possible rogue antispyware :
    false positives work as goad to purchase; uses inadequate ref database; exploits name "hijack this" (1); exploits name "spybot" (1, 2); same app as AdwareDeluxe, AdwarePatrol, AdwareRemover, AdwareSafety, AdwareTools, Doctor Adware, Doctor Adware Pro, PestBot, PestProtector, SpyDestroy Pro, SpywareRemoval, & SpywareRemover; same company as MicroAntivirus; same company as MicroAntivirus
    http://www.spywarewarrior.com/rogue_anti-spyware.htm

    The correct link is http://216.180.233.162/~merijn/index.html.

    And a great parser can be found at http://www.hijackthis.de/. Both have been mentioned, but there seems to be some confusion.
    .

  8. #18
    Senior Member
    Join Date
    Dec 2004
    Posts
    320
    What it sound like to me, is that you D/L'd something that came with a [clandestine] downloader... At least that is what I suspect.
    Do you use kazaa, morpheus (if it is even still around) or maybe even some bit torrent ? Any type of P2P ? What about cursor or screen saver packs (as I've seen them to be some of the most common offenders) ? I think that could narrow it down a little. Just a thought.
    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare

  9. #19
    Junior Member
    Join Date
    Feb 2006
    Posts
    11
    Originally posted here by dmorgan
    What it sound like to me, is that you D/L'd something that came with a [clandestine] downloader... At least that is what I suspect.
    Do you use kazaa, morpheus (if it is even still around) or maybe even some bit torrent ? Any type of P2P ? What about cursor or screen saver packs (as I've seen them to be some of the most common offenders) ? I think that could narrow it down a little. Just a thought.
    No, the last time I used a P2P was when WinMX was still around - and the hard drive I have is brand new since then I also refuse to download things like screen savers or cursors or those horrid smilie packs that I constantly get ads for in my inbox. I've ultra careful about downloads and only use sites I know for a fact to be safe. This is why I'm so frustrated about this problem. I cannot for the life of me figure out where this might have come from. The only thing I can possibly think of is some files a friend of mine sent me a few weeks back with some stuff that she'd made for Sims2. Is it possible that these archives became infected during compression on her machine without her realizing it?

  10. #20
    Junior Member
    Join Date
    Feb 2006
    Posts
    11
    Originally posted here by .:front2back:.
    Well there's your problem, the simslice site is pack filled with extra goodies
    grab some Highjack this. also AdAware and also Spybot Search And Destroy
    Update all definition files, including your antivirus software. reboot into safemode and scan with the above software, then copy and paste a copy of the log file from hijack this once you have done the scans..

    f2b
    I'm sorry for not responding to this, I totally missed this post before though. I'm 100% positive that this did NOT come from SS's site. I've used his site for a VERY long time now and have never once had a problem. I'm even a paying member of his site (again, have been for a while now).

    Now, I've run AdAware and SpyBot multiple times each since this started (as I previously stated) and each time they find more and more new "goodies" to remove. As for hijack, I have yet to be able to get it to work.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •