Jump to content
Please note: You can easily log in to MPN using your Facebook account!

Popup adds when browser is closed!


Recommended Posts

I get these crazy popup adds on my home PC even when my Firefox browser is closed. It's even happened while tracking which interupted the take. I've since then physicaly disconnected my cable hookup in times like these though.

 

Any ideas what's happening?

 

XP Home

Firefox

 

All updated regularly...

SpyBot

AdAware

Microsoft Beta Anti-Spyware

The Ultimate Troubleshooter

Norton Corporate

Link to comment
Share on other sites

  • Replies 34
  • Created
  • Last Reply

SPYWARE.

 

Run Ad-Aware AND Spy-Bot Search and Destroy to try to get rid of it.

 

Microsoft also has a Beta Anti-Spyware application that they are making available for free.

 

Be sure to use all three programs. They're free.

 

Download Ad-Aware from this site.

 

 

Download Spybot Search and Destroy from this site.

 

Download Microsoft\'s Anti-spyware program from this site.

 

 

Tom

"Music expresses that which cannot be put into words and that which cannot remain silent." - Victor Hugo
Link to comment
Share on other sites

The first thing I'd do is run the free virus scan from Trend Micro because it will find things that nothing else will.

 

I've got a weird little problem too, maybe somebody can help me with. Everytime I reboot my computer, after it finishes starting, Internet Explorer pops up and tries to go to engagingphotos.com, which I think is a photography site. I can't find anything referencing engaging photos in my registry or anywhere on my computer's hard drive, so can't figure out what triggers it. It's no big deal I just close the window but it's annoying. Any ideas how to stop this?

Link to comment
Share on other sites

you may also have the latest version of the dreaded "elite toolbar" spyware on your system.

 

This thing migrates and "hides" in places that even the most thorough scans have a hard time finding.

 

Make sure you run Ad Aware and Spybot in "safe mode".

 

Then, do a search for Elite Tooolbar remover and download it to your computer.

 

This also needs to be run with your system in safe mode.

 

Wewus: this same thing can cause what's happening to you.

 

I use Spybot, AdAware SE, the Microsoft Beta for spyware protection, and I use Norton Systemworks/antivirus for my virus protection.

 

I also run Firefox as my browser for 99% of my online activities.

 

You might want to also do a search for HijackThis.

 

you can run this and it will show you what's running on our system, and you can have it analyzed by others who can tell you what to turn off, etc..

David

Gig Rig:Depends on the day :thu:

 

 

 

 

 

Link to comment
Share on other sites

Originally posted by EscapeRocks:

you may also have the latest version of the dreaded "elite toolbar" spyware on your system.

 

This thing migrates and "hides" in places that even the most thorough scans have a hard time finding.

 

Make sure you run Ad Aware and Spybot in "safe mode".

 

Then, do a search for Elite Tooolbar remover and download it to your computer.

 

This also needs to be run with your system in safe mode.

 

Wewus: this same thing can cause what's happening to you.

 

I use Spybot, AdAware SE, the Microsoft Beta for spyware protection, and I use Norton Systemworks/antivirus for my virus protection.

 

I also run Firefox as my browser for 99% of my online activities.

 

You might want to also do a search for HijackThis.

 

you can run this and it will show you what's running on our system, and you can have it analyzed by others who can tell you what to turn off, etc..

OK! This sounds interesting. How do I run safe mode, it's something at startup, correct?
Link to comment
Share on other sites

Oh, and also...

 

Go into the add/remove programs list. Sometimes you can remove crap from there.

 

The only caveat is that you're still depending on the malware writer's uninstall scripts, which may actually uninstall the software or may not, or may do other nefarious things.

 

So it's a crapshoot.

 

Goodluck

Dr. Seuss: The Original White Rapper

.

WWND?

Link to comment
Share on other sites

I ran Spybot and Adaware in Safe Mode, and IE still pops up on reboot. At the left side bottom it first says "connecting to site 65.38.168.180" then after a minute or two it switches to "connecting to site 67.18.100.132", and runs indefinitely. I'm stumped, I've tried everything I know.

 

Let me just go ahead and say this before somebody else does, We should all get Macs.

Link to comment
Share on other sites

Have you downloaded the Microsoft Spyware Beta?

 

just type that into a search and download and install it.

 

It tends to also find things that Spybot and AdAware don't.

 

 

I also really recommend downloading the ELite Toolbar Remover from here.

 

 

Follow the instructions.

David

Gig Rig:Depends on the day :thu:

 

 

 

 

 

Link to comment
Share on other sites

Whenever I get a pop-up that Spybot or AdAware doesnt delete (sometimes not even in the safemode), I look at the Run folder in Windows for suspicious applications. The folder can be accessed by running the Windows Regedit program. Any application in there that looks suspicious will get its name searched on Deja.com. Legitimate applications are quickly revealed from people who have already posted questions to various newsgroups regarding that applications name. The same thing applies for spyware applications. Deja.com is my first source for virtually any question in the world.

 

Applications that dont turn up any response are very suspicious. Its usually a spyware application that changed its name in order to hide from the anti-spyware programs.

 

I just delete the applications that I am sure are not suppose to be there. This procedure is not recommended for the novice computer user. Also, before trying this method, its best to research the internet on the proper way to manually remove spyware.

Link to comment
Share on other sites

Macs have never been immune to virii, spyware and so on. It's just that with so few us of percentage-wise, most attackers don't bother with us, going for the bigger populace.

 

In fact, attacks on the Mac are on an upswing over the past few years.

 

No one is safe.

 

- Jeff

Link to comment
Share on other sites

Originally posted by TheWewus:

The first thing I'd do is run the free virus scan from Trend Micro because it will find things that nothing else will.

 

I've got a weird little problem too, maybe somebody can help me with. Everytime I reboot my computer, after it finishes starting, Internet Explorer pops up and tries to go to engagingphotos.com, which I think is a photography site. I can't find anything referencing engaging photos in my registry or anywhere on my computer's hard drive, so can't figure out what triggers it. It's no big deal I just close the window but it's annoying. Any ideas how to stop this?

Add the following line to your hosts file:

 

 

127.0.0.1 engagingphotos.com

No signature required.
Link to comment
Share on other sites

Originally posted by TheWewus:

The first thing I'd do is run the free virus scan from Trend Micro because it will find things that nothing else will.

 

I've got a weird little problem too, maybe somebody can help me with. Everytime I reboot my computer, after it finishes starting, Internet Explorer pops up and tries to go to engagingphotos.com, which I think is a photography site. I can't find anything referencing engaging photos in my registry or anywhere on my computer's hard drive, so can't figure out what triggers it. It's no big deal I just close the window but it's annoying. Any ideas how to stop this?

Add the following line to your hosts file:

 

127.0.0.1     engagingphotos.com

No signature required.
Link to comment
Share on other sites

My wife & I have noticed this pop-up thing with both Firefox & Mozilla, lately. We run the major antispyware & antivirus apps. But, a few sights have managed to get them in, even with our avoiding IE.

 

I am thinking it is the "Java Runtime Environment". And, I've just uninstalled it, as of this morning. I also turned off "Enable Java" & "Enable Java Script" in the *Web Features* part of the *Tools - Options* menu in Firefox.

 

I haven't seen anything, yet. But, it'll take a few days before I know for sure if this works. Java is a great tool. But, it can be abused just like IE's Active-X.

 

Hope this helps!

 

"It's all about the... um-m-m, uh-h-h..."

Link to comment
Share on other sites

In fact, attacks on the Mac are on an upswing over the past few years.

 

Few days ago there was the article on slashdot:

Clonk It

 

about a website that is configured to exploit some holes in the Dashboard app in the latest OSX. I hesitated to share it here bc, considering my history of anti-mac ranting, some might mis-take it as me being snide. THIS instance is harmless- it is merely a proof of concept to wake everyone up to the danger, but fact of the matter is, someone could create something this afternoon that would use this process to hose any Mac with the latest OSX and Dashboard app.

 

Apple is still (characteristically) aloof about it, which isn't surprising.

 

Still, i thank the Internet Gods everyday that i don't use Windows.

Dr. Seuss: The Original White Rapper

.

WWND?

Link to comment
Share on other sites

Originally posted by phaeton:

about a website that is configured to exploit some holes in the Dashboard app in the latest OSX.

Which is yet another reason I'm waiting awhile before upgrading to Tiger, even though Dashboard seems to be very useful and cool and froody.

 

- Jeff

Link to comment
Share on other sites

Originally posted by Jon Doe:

127.0.0.1     engagingphotos.com


Could you clarify that? Add it where? In the registry. Anyway it's not actually searching for engagingphotos.com anymore it's just trying to connect to those addresses I gave, so I did something.

 

Do you think my computer is trying to harm me in some way? What if it's trying to optimize me, and corrupt my database.

Link to comment
Share on other sites

Also, keep in mind that there are a number of vulnerabilities in Firefox and Mozilla. Some of them have been partially fixed. There's a new "release candidate" (it may be a "final" as early as the end of the week) designed to address the most serious of the flaws -- which net security firm Secunia has called "Extremely Critical."

 

http://informationweek.com/story/showArticle.jhtml?articleID=163101130

Link to comment
Share on other sites

Look on your local HDD here ... C:\WINDOWS\system32\drivers\etc

 

This is for XP. Win2K will be... C:\WINNT\system32\drivers\etc

 

You may have to do a search/find on *host* to see the LMHOST & HOSTS files. Open them with NOTEPAD and you'll see how it is entered. Windows will check this file for a location before going to your ISP's DNS server.

 

It is a good idea to make the HOSTS file read only, as many farming/fisching techniques is to add a redirection address to it.

 

"It's all about the... um-m-m, uh-h-h..."

Link to comment
Share on other sites

Originally posted by Is There Gas in the Car?:

On a PeeCee, press F8 a few times during startup to get to SAFEMODE.

On my laptop running XP Home I have to hold F4 to get to safe mode on startup. F8 puts me to a load device option screen, DVD/CD ROM, HDD, & one other I can't recall.

 

Our Joint

 

"When you come slam bang up against trouble, it never looks half as bad if you face up to it." The Duke...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...