Server Help :: View topic - Pop ups/Pop unders -- WTF.. Im using Firefox

Server Help

Trash Talk - Pop ups/Pop unders -- WTF.. Im using Firefox

Quan Chi2 - Sun Nov 27, 2005 10:24 am
Post subject: Pop ups/Pop unders -- WTF.. Im using Firefox

I downloaded a cracked version of Registry Toolkit to fix errors in my registry. All of a sudden, I've been getting random pop ups and redirects.

First firefox goes to budsinc.php or links.php, then it goes to a random Ad.

I downloaded the Adblock plugin for Firefox. I did an Adaware scan in safe mode. I did a hijack this scan(clicked fix and stuff). I did a spybot scan. I did a virus scan. I did all of that in safe mode. I don't understand what happened.

OS:Windows 98 SE

Someone help me out?

Purge - Sun Nov 27, 2005 10:32 am
Post subject:

Maybe because it's cracked, so it added a bunch of homepage redirects to your browsers?

I'd use CCleaner.

LearJett+ - Sun Nov 27, 2005 11:44 am
Post subject:

Just download your porn from Bearshare. Doesn't shit all over your computer with viruses (or would it be viri?).

newb - Sun Nov 27, 2005 12:16 pm
Post subject:

LearJett+ wrote:

Just download your porn from Bearshare. Doesn't shit all over your computer with viruses (or would it be viri?).

That's why I love BearShare. I don't understand why people actually still use Kazaa.
Bearshare is so much easier to use. User-friendly!

Quan Chi2 - Sun Nov 27, 2005 12:33 pm
Post subject:

CCleaner didn't work. Anyone else have any ideas? Im not reformatting. I refuse to.

Though, it may have. Wait.. Look at this

Code: Show/Hide

ANALYSIS COMPLETE - (7.708 secs)
------------------------------------------------------------------------------------------
0.24MB to be removed. (Approximate size)

Details of files to be deleted (Note: No files have been deleted yet)
------------------------------------------------------------------------------------------
IE Temporary Internet Files (2 files) 9.03KB
C:\WINDOWS\Cookies\gregory a. thompson@msn[1].txt 66 bytes
C:\WINDOWS\Cookies\gregory a. thompson@msn[1].txt 66 bytes
Marked for deletion: C:\WINDOWS\Temporary Internet Files\Content.IE5\index.dat
Marked for deletion: C:\WINDOWS\Cookies\index.dat
C:\WINDOWS\TEMP\A~NSISu_.exe 76.63KB
C:\WINDOWS\TEMP\GLB1A2B.EXE 0.14MB
Firefox/Mozilla cache cleaning was skipped.
Removed Cookie: - bunch of websites -
C:\WINDOWS\Application Data\Mozilla\Firefox\profiles\xdwo1uuq.default\formhistory.dat 185 bytes
C:\WINDOWS\Application Data\Mozilla\Firefox\profiles\lhomqe9w.quan\formhistory.dat 11.47KB
------------------------------------------------------------------------------------------

Thats gay. I hope it worked.

Dr Brain - Sun Nov 27, 2005 12:35 pm
Post subject:

Download a few more cracked apps. Then you won't have to reformat. They'll do it for you.

BDwinsAlt - Sun Nov 27, 2005 1:12 pm
Post subject:

You can see how quan deleted half his cookies. It was all gay porn.

Mine GO BOOM - Sun Nov 27, 2005 1:36 pm
Post subject:

BDwinsAlt wrote:

You can see how quan deleted half his cookies.

To prevent those websites from gaining Google ranking from links by these forums, I removed the cookie listing, which isn't useful anyways.

Quan Chi2 - Sun Nov 27, 2005 2:24 pm
Post subject:

Okay, that prevents one problem, but does anyone know how to get rid of this stuff? I usually know how to get rid of these things, but it has me beat.

I keep getting this pop up the most

http://www212.paypopup.com/networks/
budsinc2.php?rurl=
http%3A%2F%2Fpopunder.paypopup.com%
2Fprogress.php%3Fsn%3D841133119831%26serverfile%3
Dpopdirect%26siteid%3DBundleWare%26subid%3D23782%26data%3DrSe_2%25D1%25CD
%25CC%25CC%25CC
%25CC%25D2%25D1%25D4
%25D1%25C1%2529g%255E%255DcY
%25DD%25DE%252B%2524%257B%2524
%25FE%25F0%257E%252F%257C%25BFq_ZcY%25DD%25CE
%25CC%25D0%25D3%25CD%25BF%25237%25E3%2527
%252Bl%255Ejs2%25F5%25EF%25BF%25FB%252A%2527
%2522%25FA%252C%2524-%25FAeO5%2Bb6%25DF%257E
%252A1%25D8%25E0%2528%2523%257D%252C%25B9LO%255Be
%26adsid%3D4%26adsname%3Dbudsinc_prepopped
(I spaced out the URL just backspace each line one time to get it in full)

And this:
http://www.super-coupon.com/normal/yyy65.html

Does anyone know whats going on?

Heres my Hijack This log.

Code: Show/Hide

Logfile of HijackThis v1.99.1
Scan saved at 2:34:26 PM, on 11/27/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\STARTER.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\MSAGENT\AGENTSVR.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\4.BIN\MWSSRCAS.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN3\YT.DLL
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE" /autofix /autoclose
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: My IP Suite - {FB5F1910-F110-11d2-BB9E-80C04F795683} - C:\Program Files\My IP Suite\MyIPSuite.exe
O9 - Extra 'Tools' menuitem: My IP Suite - {FB5F1910-F110-11d2-BB9E-80C04F795683} - C:\Program Files\My IP Suite\MyIPSuite.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

R3 looks suspicious. Any ideas? I know that MPREXE.exe is a trojan. I'll get to that later. I had that before I began to have the ad problems.

Any ideas guys?

newb - Sun Nov 27, 2005 3:03 pm
Post subject:

Remove R3...

Gus. - Sun Nov 27, 2005 3:11 pm
Post subject:

ya know. ive had good luck with AVG Free and ewido security suite. They were both free. Yes im a bum and wont spend my precious cash on a scanner.

Anonymous - Sun Nov 27, 2005 3:53 pm
Post subject:

IE 6 here.
No pops, no jack.

Purge - Sun Nov 27, 2005 4:32 pm
Post subject:

MyWebSearch looks like it can be spyware. Ever tried using Spybot for that?

Anonymous - Sun Nov 27, 2005 5:23 pm
Post subject:

yyy65.html

I blocked the above. All I have to do is try and get Firefox to stop redirecting me periodically.

Donkano - Sun Nov 27, 2005 5:38 pm
Post subject:

And people wonder why I am so up-tight when it comes to security. I havn't had a virus in over 5 years.

Solo Ace - Sun Nov 27, 2005 6:21 pm
Post subject:

You're "up-tight" when it comes to security, and you're running Windows?
Are you trying to express irony or do you have no clue what you're talking about?

Anonymous - Sun Nov 27, 2005 6:41 pm
Post subject:

Im really learning to hate windows.

Anyway, can you guys stay on topic?

newb - Mon Nov 28, 2005 2:31 am
Post subject:

Well, you seemed to of solved one problem; So we decided to go a bit off topic and talk about how retarded Windows is.

Cyan~Fire - Mon Nov 28, 2005 4:16 pm
Post subject:

I'm not uptight about security. I don't have a virus scanner or even an adware scanner installed. I even once installed a virus on my computer purposefully to help a friend and it didn't do anything. Other than that, I have not had a virus on my computer ever.

Solid_Fire - Mon Nov 28, 2005 4:21 pm
Post subject: Re: Pop ups/Pop unders -- YAMS YAMS YAMS YAMS YAMS YAMS YAMS

Quan Chi2 wrote:

1) Don't download cracked versions of shit, unless you really know its "clean".

2) Upgrade your windows, Win98 sucks.

3) Ever try www.forum.majorgeeks.com ?

Donkano - Mon Nov 28, 2005 9:01 pm
Post subject:

Solo Ace wrote:

You're "up-tight" when it comes to security, and you're running Windows?
Are you trying to express irony or do you have no clue what you're talking about?

Sure Linux is more secure, but most zone owners detest ASSS because it is more complex, they want the easy stuff; subgame.

Dr Brain - Mon Nov 28, 2005 10:08 pm
Post subject:

Donkano wrote:

Sure Linux is more secure, but most zone owners detest ASSS because it is more complex, they want the easy stuff; subgame.

It's a good thing you're here to tell us what most zone owners detest.

Solo Ace - Tue Nov 29, 2005 1:30 am
Post subject:

How did what you and I said have anything to do with Subgame, ASSS and zone hosting? It didn't. You aren't "up-tight" when it comes to security if you run Windows.

Donkano - Tue Nov 29, 2005 5:09 pm
Post subject:

Solo Ace wrote:

How did what you and I said have anything to do with Subgame, ASSS and zone hosting? It didn't. You aren't "up-tight" when it comes to security if you run Windows.

What is Windows's rivals?
Mac and Linux

Does subgame run on mac and Linux? No.
Does ASSS run on mac and linux? I am certain it runs on Linux, not sure about Mac

If I go to either, then subgame would be out of the question. That is why it is Windows, and although Windows itsn't secure, I have applications to help protect the system.

Contempt+ - Tue Nov 29, 2005 5:11 pm
Post subject:

Don, your are just about as stupid as Grav, Quan, and Spayed.

Donkano - Tue Nov 29, 2005 5:13 pm
Post subject:

How does that make me stupid? It is the bare facts. Subgame can only run under a Windows environment.

Contempt+ - Tue Nov 29, 2005 5:14 pm
Post subject:

And your point? There's more to a computer than SubSpace/Continuum.

Purge - Tue Nov 29, 2005 5:21 pm
Post subject:

Like voyeur.

Solo Ace - Wed Nov 30, 2005 1:37 am
Post subject:

This thread wasn't in any way related to the game, ASSS or Subgame. Subgame not being able to run in a Linux environment has nothing to do with Windows being insecure.
You're using Subgame as an excuse for "having to use" Windows? Sure, but that still doesn't make it more secure...
You're like you are forced to run Subgame, thus run Windows. You're not, and the reason why you run Windows doesn't matter. "You aren't "up-tight" when it comes to security if you run Windows."

LearJett+ - Wed Nov 30, 2005 7:19 am
Post subject:

Are you 2/3 aware of what you're arguing about?

Donkano - Wed Nov 30, 2005 8:55 am
Post subject:

Solo Ace wrote:

Well, if Subgame only works under Windows meaning that Windows is my only option, what else am I to do other than make the best of it. And making the best of it is trying to fill in those cracks that Windows has by using applications such as: anti-viruses and anti-spyware.

Solo, if Windows had a competitor that has an environment capable of running Subgame and was more secure, I would use it, but there isn't so I am left with to make the best of what I got to use.

So stop your complaining about it unless you are going to attempt to make an OS that is more secure than Windows that will support Subgame.

Solo Ace - Wed Nov 30, 2005 10:41 am
Post subject:

I'm just stating a fact about Windows, which has nothing to do with you wanting to run Subgame. Why do you not understand this?

I'm not complaining about Windows, I'm complaining about you saying that you're "up-tight" about security, which you can't be if you run it.
That was my point, which you don't seem to understand.
There indeed is more to computers than running Subgame.
I'm not talking about running Subgame. I'm saying

Code: Show/Hide

if (User runs Windows)
{
// We don't care about the reason, but
User can't be up-"tight", if user says so, tell him wrong.
}

Hmm'k?

We're not arguing, Donkano just seems to be unable to understand what the point is of what I'm saying...

Anonymous - Wed Nov 30, 2005 8:40 pm
Post subject:

Im so fucking pissed off with "yyy65.html." Unfucking believable. Nothing has worked. I refuse to reformat! There has to be some dll or executable that I can't see running.