WWW.POPUPPERS.COM !!! and reformatting/viruses
jenna4now2
Saint Marys, GA -- but originally from Virginia
:bringit:
I have NO IDEA what www.popuppers.com is, but I must get 100 + popups from this site every day! Does anyone know why, and how I can stop it? I also get a couple of other popups from the same couple of sites ALL the time! They are driving me crazy! I have run every program I know to run. I just totally reformatted my computer, and now, when I ran Trend Micro Housecalls PC, it said I had 18 trojan viruses!!! How is that possible, when I just reformatted, and I did a virus scan after I put all of my "stuff" back on, and there were NO viruses?! HELP!!! Please email me as well at jenna4now2@aol.com
Thanks!
Jennifer Z.
:loco:
I have NO IDEA what www.popuppers.com is, but I must get 100 + popups from this site every day! Does anyone know why, and how I can stop it? I also get a couple of other popups from the same couple of sites ALL the time! They are driving me crazy! I have run every program I know to run. I just totally reformatted my computer, and now, when I ran Trend Micro Housecalls PC, it said I had 18 trojan viruses!!! How is that possible, when I just reformatted, and I did a virus scan after I put all of my "stuff" back on, and there were NO viruses?! HELP!!! Please email me as well at jenna4now2@aol.com
Thanks!
Jennifer Z.
:loco:
0
Comments
Make sure your anti-virus software is up-to-date, also what software are you using? There is some debate but you can't go wrong with Norton Anti-virus or AVG, AVG is free so it's my personal choice.
Next get ad-aware the newest free version (6 or 7 not sure) install it updated it and run it.
Also don't ever EVER install those oh so helpful internet explorer toolbars. MSN has one Yahoo has one and google has one that are all basically legit. However only the Google one has a good working active pop-up blocker.
But beyond that if you don't want pop-ups don't use internet explorer you should use FireFox for your browser it's small it's fast and I've never gotten a pop up with it. There are a few sites that you need IE for and only use it for them.
As to your problems. If you had any viruses on the files you were putting back onto your system they could have come with them. Depending on what anti-virus software you are using a lot of times 'Trojans' are incorrectly reported and aren't specifically trojan viruses but are cookies that you get off the net that are mining data. Which is sounding more likely given what you have described.
Some things I would do to prepare first is go into Internet Explorer (if you use that), click on Tools, Internet Options.
- Click on the Security tab.
- Make sure the "Security level for this zone" is set to default / medium.
- Click on the Trusted Sites green circle, then click on the Sites button.
- Usually it should be completely empty; make sure bad websites aren't actually being "trusted." Once done, click OK.
- Click on the Privacy tab and make sure the settings are set to Medium.
- Click on the Advanced tab and uncheck the following:
1. Enable Install On Demand (Internet Explorer)
2. Enable Install On Demand (Other)
3. Enable third-party browser extensions (requires restart)
Like Kryyst mentioned, get LavaSoft Ad-Aware. The latest version is SE, and it is available here -> http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10319876.html?tag=lst-0-2. It's pretty straightforward to use.
After that's complete, download Spybot Search & Destroy here -> http://www.download.com/Spybot-Search-Destroy/3000-8022-10122137.html?part=dl-spybot&subj=dl&tag=but. It's not as straightforward, but please don't be discouraged by it if you have problems. We'll be here to help.
Next I would download HiJack This, located here -> http://www.spychecker.com/program/hijackthis.html. There's an option in there to save the log; once it's saved, post it on here so we can take a look at what's running.
Jennifer Z.
Try posting your HiJack This log.
Jennifer Z.
jenna4now2@aol.com
one last thing you can try, sometimes these scumbag adware developes will let you uninstall their shit software. look in add/remove programs to see if there's an entry for popuppers.com or not.
Jennifer Z.
Logfile of HijackThis v1.97.7
Scan saved at 7:21:48 PM, on 11/7/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\medload.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Diablo II\Game.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Dragon\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.comcast.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.google.com"); (C:\Documents and Settings\Dragon\Application Data\Mozilla\Profiles\default\mmb48654.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Dragon\Application Data\Mozilla\Profiles\default\mmb48654.slt\prefs.js)
O1 - Hosts: 3466709097 www.your.com
O1 - Hosts: 3466709097 your.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Comcast\BBClient\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [ComcastSUPPORT] C:\Program Files\Support.com\bin\tgkill.exe /cleaneahtioga /start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [loads.exe] C:\WINDOWS\medload.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [Boost XP Service] C:\Program Files\Boost XP\bxservice.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: iOpus Internet Macros (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: Help (HKCU)
O9 - Extra button: Support (HKCU)
O9 - Extra button: ComcastHSI (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://active.macromedia.com/director/cabs/sw.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {f760cb9e-c60f-4a89-890e-fae8b849493e} -
Thanx for the help.