1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

popups

Discussion in 'All Other Software' started by grandpastan, Jan 28, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    I was subscribed to This Site Rocks. They said I needed to install their little program to keep viewing videos. I installed it and immediately started getting popups from them. :mad: I hate popups, so immediately unsubscribed. I tried to get a hold of them to see how I could get rid of it, but no way. I don't know if it is an active x or what it is. Any help would be appreciated.
     
  2. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi,

    Let's have you post a log from Hijackthis and maybe we can spot anything out of place:
    go to Click here to download HJTsetup.exe
    • Save HJTsetup.exe to your desktop.
    • Double click on the HJTsetup.exe icon on your desktop.
    • By default it will install to C:\Program Files\Hijack This.
    • Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
    • Put a check by Create a desktop icon then click Next again.
    • Continue to follow the rest of the prompts from there.
    • At the final dialogue box click Finish and it will launch Hijack This.
    • Click on the Do a system scan and save a log file button. It will scan and then save the log and then the log will open in Notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Paste the log in your next reply.
    • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


    Next:

    Open Hijack This and click on the "Open the Misc Tools Section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" botton. Copy and paste that list here please.

    You can add the list to a new reply here, or Edit your post and throw it in just after you post the HJT log
     
  3. MysticEyes

    MysticEyes Banned

    Joined:
    Mar 30, 2002
    Messages:
    4,825
    Did you look in Add/Remove to uninstall?
     
  4. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    Here is the uninstall list

    12Ghosts Password
    7-Zip 4.42
    Abassis Work Desktop 1.0
    Adobe Flash Player 9 ActiveX
    Adobe Shockwave Player
    AI RoboForm Adapter for Firefox/Mozilla/Netscape
    AJScreensaver
    Alt-Tab Task Switcher Powertoy for Windows XP
    AnalogX ITR Client
    AnswerMyPhone
    Apple Software Update
    ASUS Enhanced Display Driver
    ASUS SmartDoctor
    ASUS VideoSecurity Online
    AsusUpdate
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Control Panel
    ATI Display Driver
    ATI Parental Control & Encoder
    AttachmentOptions
    AVG Free Edition
    BitTorrent 5.0.3
    BrowserTraySwitch 1.02.01
    Browster
    Bubbles
    ButtonMonitor
    CardRd81
    CCScore
    Celestia 1.3.2
    CmdHere Powertoy For Windows XP
    CR2
    Creative PC-CAM Center Lite
    Creative WebCam Monitor
    Creative WebCam NX Driver (1.02.01.0827)
    Creative WebCam NX User's Guide (English)
    Cute Reminder Standard Edition 2.3
    DesktopEarth
    DFX for Windows Media Player
    DirMS-S
    Diskeeper Administrator Edition
    Dr Watson for Microsoft Windows OneCare Live v0.9.0944.26
    eCleaner 2.02
    eGames GameButler
    EPSON Printer Software
    ESSBrwr
    ESSCDBK
    ESScore
    ESSCT
    ESSEMAIL
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    essvcpt
    ESSvpaht
    ESSvpot
    FastStone Capture 4.2
    FileBox eXtender
    Foxit Reader
    Free Download Manager 2.0 - Free Downloads Center Edition
    FreshDownload
    FW LiveUpdate
    Google Desktop
    Google Earth
    Google Pack Screensaver
    Google SketchUp
    Google Talk (remove only)
    Google Updater
    GTK+ 2.6.9 runtime environment
    Hijackthis 1.99.1
    HijackThis 1.99.1
    HLPIndex
    HLPPDOCK
    HLPSFO
    Hotfix for Windows XP (KB896344)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB914811)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Humanized Enso
    IrfanView (remove only)
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    Java 2 Runtime Environment, SE v1.4.2_07
    JGoodies JDiskReport 1.2.4
    jv16 PowerTools 2006
    Kodak EasyShare software
    KSU
    Launchy 1.0 Beta
    LinkScanner
    MahJongg Master 6
    Messenger Plus! 3
    MetaFrame Presentation Server Web Client for Win32
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft .NET Framework 2.0
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Location Finder
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2000 SR-1 Disc 2
    Microsoft Office 2000 SR-1 Professional
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Mihov Image Resizer (remove only)
    Mozilla Firefox (1.5.0.9)
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 Parser and SDK
    MusicIP Mixer 1.6
    mvi
    My Key Ring!
    Nero Suite
    Notepad2 1.0.12
    Notifier
    Nvu 1.0
    OfotoXMI
    OTtBP
    OTtBPSDK
    Paint.NET v2.63
    Panda ActiveScan
    Password Safe
    PC Inspector File Recovery
    PC Inspector smart recovery
    Photo Story 3 for Windows
    Picasa 2
    PocketKnife Peek 1.2
    QuickTime
    RadarSync 2007 Standalone (remove only)
    Really Slick Screensavers 1.0
    Remind Me Attachments
    Safarp
    Security Update for Microsoft .NET Framework 2.0 (KB917283)
    Security Update for Microsoft .NET Framework 2.0 (KB922770)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917537)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB926247)
    Security Update for Windows XP (KB926255)
    SFR
    SFR2
    SHASTA
    Shavlik NetChk Protect
    SHOUTcast Source DSP 1.9.0 (remove only)
    SKIN0001
    SKINXSDK
    SlimBrowser (remove only)
    Sokoban YASC
    SoundMAX
    SpamBayes 1.0.4
    Spybot - Search & Destroy 1.4
    SpywareBlaster v3.5.1
    Streamload Uploader (remove only)
    Sunbelt CounterSpy
    TOD 072006
    Trogladite Software SendTo 1.6
    Tweak UI
    U.S. Robotics Modem Identification Wizard
    U.S. Robotics V.92 Fax Host Int
    Unlocker 1.7.9
    Update for Windows Internet Explorer 7 (KB928089)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB900930)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB912945)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    VIA Integrated Setup Wizard
    VIA Rhine-Family Fast Ethernet Adapter
    VPRINTOL
    Winamp (remove only)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Connect
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Format SDK Hotfix - KB891122
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB887797
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    WIRELESS
    Word Connect
    Xdrive Desktop
    ZoneAlarm
     
  5. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    Here is the HJT log.

    Logfile of HijackThis v1.99.1
    Scan saved at 8:00:58 PM, on 28/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\Program files\Nero\InCD\InCDsrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\ATKKBService.exe
    E:\PROGRA~1\Security\avgamsvr.exe
    E:\PROGRA~1\Security\avgupsvc.exe
    E:\Program files\Diskkeeper\DKSAdmin.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\LxrSII1s.exe
    E:\Program files\NetChk\5.6.0.446\HfNetChkProService.exe
    E:\Program files\PhoneTray\PhoneTray.exe
    E:\Program files\Security\CounterSpy\SBCSSvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    E:\Program files\MsgPlus.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\taskswitch.exe
    E:\Program files\Security\ZoneAlarm\zlclient.exe
    C:\Program Files\ExPLabs.com\LinkScanner\LinkScannerMonitor.exe
    E:\PROGRA~1\Security\avgcc.exe
    E:\Program files\Security\CounterSpy\SBCSTray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Google\Google Talk\googletalk.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    E:\Program files\Calendar\CuteReminder\CuteReminder.exe
    C:\Program Files\HumanizedEnso\Enso.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Launchy\Launchy.exe
    E:\Program files\Microsoft\DesktopEarth.exe
    E:\Program files\FileBX\FileBX.exe
    E:\Program files\Internet\AnalogX\ITR\itrc.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\Microsoft Hardware\Keyboard\Type32.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    E:\PROGRA~1\MICROS~1\Office\OUTLOOK.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\ExPLabs.com\LinkScanner\LinkScannerConnect.exe
    E:\Program files\Internet\FreshDownload\fd.exe
    E:\Program files\Microsoft\Office\WINWORD.EXE
    E:\Program files\Security\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.weatheroffice.ec.gc.ca/city/pages/sk-41_metric_e.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: DeskalertsBHO - {1F101905-C9C7-4b92-BDE6-4F8E76C5A7DB} - C:\WINDOWS\system32\Deskbar\deskbar.dll
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - E:\PROGRA~1\Internet\FRESHD~1\fdcatch.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\ExPLabs.com\LinkScanner\LinkScannerIE.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DeskalertsBHO - {67A8D847-B79F-403e-8D2B-D2CADE3A967F} - E:\Program files\Web\DeskAlerts\deskbar.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: BrwIEConnector Class - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - E:\Program files\Browster\Browster.dll
    O2 - BHO: (no name) - {FF344242-A1AF-4343-A223-FC3DA42990C8} - (no file)
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - E:\PROGRA~1\Internet\FRESHD~1\fdiebar.dll
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
    O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program files\MsgPlus.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "E:\Program files\Security\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [LinkScanner Monitor] C:\Program Files\ExPLabs.com\LinkScanner\LinkScannerMonitor.exe /auto
    O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Program files\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Security\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SBCSTray] E:\Program files\Security\CounterSpy\SBCSTray.exe
    O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
    O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program files\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [CuteReminder] E:\Program files\Calendar\CuteReminder\CuteReminder.exe
    O4 - HKCU\..\Run: [HumanizedEnso] C:\Program Files\HumanizedEnso\Enso.exe --disable-monologue-boxes
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Startup: BrowserTraySwitch.exe
    O4 - Startup: DesktopEarth AutoStart.lnk = ?
    O4 - Startup: FileBox eXtender.lnk = E:\Program files\FileBX\FileBX.exe
    O4 - Startup: ITR Client.lnk = E:\Program files\Internet\AnalogX\ITR\itrc.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
    O8 - Extra context menu item: Browster Prefetch On/Off - res://E:\Program files\Browster\Browster.dll/CustomPrefetchMenu.htm
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Download all with Free Download Manager - file://E:\Program files\Security\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://E:\Program files\Security\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download web site with Free Download Manager - file://E:\Program files\Security\Free Download Manager\dlpage.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://E:\Program files\Security\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Save to &Xdrive - res://E:\Program files\Internet\xdrive.exe/std.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Bubble This URL - {A3A0268C-3146-431d-84EE-2789B750ABD2} - E:\Program files\Internet\Bubbles\BubblesHBO.dll
    O9 - Extra button: FreshDownload - {A4ED4E4A-B200-4D7F-B951-BD5968E4B53E} - E:\Program files\Internet\FreshDownload\fd.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B7D3E479-CC68-42B5-A338-938ECE35F419} - http://laughnetwork.com/installer/videos/new_videos.cab
    O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Security\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Security\avgupsvc.exe
    O23 - Service: DirMS_Defragmentation - Unknown owner - E:\Program files\Tools\DirmsService.exe
    O23 - Service: Diskeeper Administrator - DiskeeperĀ® Corporation - E:\Program files\Diskkeeper\DKSAdmin.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - E:\Program files\Nero\InCD\InCDsrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
    O23 - Service: NetChk Patch Service (NetChkPatch) - Unknown owner - E:\Program files\NetChk\5.6.0.446\HfNetChkProService.exe
    O23 - Service: PhoneTray - Unknown owner - E:\Program files\PhoneTray\PhoneTray.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software, Inc. - E:\Program files\Security\CounterSpy\SBCSSvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  6. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, I've checked on all the programs you use, and the only thing that would produce popups, is MessengerPlus3, which can install the LOP bundled sponsor software, which is adware and does give popups...but it does not appear in your log at all, and when it is, it is plainly seen so I think you were careful installing MessngerPlus,and opted out of the sponsor software, that is the right thing to do.

    One other it could be coming through is Windows Messenger
    which is an old part of Windows, that pops up messages between networked office type computers, it is not the same as MSN Messenger so dont confuse it.

    We can disable the Windows Messenger this way:

    http://www.grc.com/stm/shootthemessenger.htm

    Read down the page, it's interesting.....under the picture of Shoot the Messenger there is a little blue link Click this Link

    That's the download, just double click to run and follow the prompt.

    let us know if the popups stop.
     
  7. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    I do have Windows messenger disabled. And yes I made sure to not allow other things with messenger plus.
     
  8. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    I did get popups as soon as I booted up today again. Is it likely an active x or bho?I thought IE7 had a place to manage active x to allow or disallow, but I can't find it.
     
  9. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, I took a look at This Site Rocks and as soon as you click on one of their pictures, it starts an Active X install, though I tested the site with McAfee's Site Advisor and everything was OK'd by them.

    The laughnetwork site is one they link to and use for videos....
    I don't see any other of the ones in your HJT log, so it appears it is:

    O16 - DPF: {B7D3E479-CC68-42B5-A338-938ECE35F419} - http://laughnetwork.com/installer/videos/new_videos.cab


    Run Hijackthis, in your scan window find the box next to the same item as I have above, when you have it checkmarked CLOSE ALL other open or minimized windows, including this one! Leave nothing but Hijackthis open, and click "Fix Checked" Hope that does it!
     
  10. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    Hey Byteman
    I followed your instructions on removing that entry from the registry. It came up today again. Any other ideas?
     
  11. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, No, unfortunately, if the things you have tried do not end the popups,and you cannot block them then you are kind of at a standstill. Have you tried blocking them in IE 7 or with any other popup blocking things? Google Toolbar, Yahoo toolbar, and many other 3rd party apps can block selected popups.

    Other than that, a System Restore to before you installed that Active X or whatever it was, might fix it the easiest.

    Exactly what was it that came up today? Popups from This Site Rocks, or what from where?
     
  12. Soxaholic

    Soxaholic Banned

    Joined:
    Jan 31, 2007
    Messages:
    69
    Use firefox as your browser and install the extension filtersetg. I haven't see a popup in 2 years.
     
  13. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    It is a 3x3 in box above my tray with links to videos to watch. Soxaholic suggests using FF,but my browser doesn't even need to be open.
     
  14. MysticEyes

    MysticEyes Banned

    Joined:
    Mar 30, 2002
    Messages:
    4,825
    Like this:

    [​IMG]
     
  15. grandpastan

    grandpastan Thread Starter

    Joined:
    Jan 27, 2007
    Messages:
    24
    Very much like that, but no identification on it of any kind. Just links to videos.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/539131

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice