Why am I receiving so many Pop-ups even while I'm offline? I can't play video games without being interrupted. It's already annoying online but now offline! Give me a break! I just keep getting all of these Microsoft IE pop-up windows. My OS is Windows XP Home Edition.

It seems as if your browser was hijacked or something for you to be getting IE popups while offline. Are the offline ones always for the same site?

I don't actually know what you mean by "for the same site" but the pop-ups usually are all the same kinds of advertisements.

This wont stop the popups, but will help increase your personal control over your own computer and clean up the content in the popups
.
If you can find out where the popups are trying to take you, write down the address, which will probably turn out to be something like: "ads.x10.com" or something. after you compile a large list of these addresses, throw them in your HOSTS file in %system%/System32/drivers/etc folder using this format:

127.0.0.1 www.adbanneraddress.com (thats not a real addy, btw)

what this does is create a kind of DNS "busy signal" for your computer so that everytime the browser is told to go to one of the sites in your HOSTS file, it gets looped back to your local machine instead. done.

I have a rather large hosts file that I'd be willing to give you, you can also get then on the web in different places.

I found that this eliminated one hole through which browser hijackings could occur and proliforate. I hope it helps you.

-gkd

Hi eyeamdaman1

What cscgal is wondering is if they are Messenger pop-ups.......Does Messenger appear at the top of a box with them in. ?

Also if you really want to get your browser and comp sorted out, do this :-


Please Download hijackthis from

http://www.merijn.org/files/hijackthis.zip

Unzip, doubleclick HijackThis.exe, and hit "Scan".

After the scan has finished the "scan" button will turn into a "save log" button

save the log file and paste it here

Do not delete anything yet, as most things hijackthis finds are harmless and needed.

steam

Turn off active scripting or better yet use www.mozilla.com

Im trying to post the log but it won't let me.

Logfile of HijackThis v1.97.7
Scan saved at 7:59:27 PM, on 1/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Bargain Buddy\bin\bargains.exe
C:\Program Files\Media\Media\UpdateStats.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\uptodate.exe
C:\WINDOWS\rundll16.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\SuperBar\sbhc.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Downloaded Program Files\OELoader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\winservn.exe
C:\Program Files\ClockSync\Sync.exe
C:\Program Files\Alset\HelpExpress\Owner\HXIUL.EXE
C:\Program Files\Alset\HelpExpress\Owner\Client\HelpExp.exe
C:\WINDOWS\quicken.exe
C:\WINDOWS\editpad.exe
C:\Program Files\Alset\HelpExpress\Owner\HXDL.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\msCMTSrvc.exe
C:\Program Files\Alset\HelpExpress\Owner\Client\PrintMonitor.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\emsw.exe

C:\Program Files\America Online 8.0a\waol.exe
C:\Program Files\America Online 8.0a\shellmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.156\HijackThis.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.webcounter.cc/-/?newlx about:blank (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.webcounter.cc/-/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.webcounter.cc/-/?newlx about:blank (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://searchmyrequest.com/hp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50038
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = ,
R3 - URLSearchHook: (no name) - - (no file)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\bhs5xvdn.slt\prefs.js)
O1 - Hosts: 209.132.200.78 auto.search.msn.com
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll
O2 - BHO: (no name) - {0DDBB570-0396-44C9-986A-8F6F61A51C2F} - C:\WINDOWS\System32\msiefr40.dll
O2 - BHO: (no name) - {23BC1CCF-4BE7-497F-B154-6ADA68425FBB} - C:\WINDOWS\System32\expext.dll
O2 - BHO: Natural Language Navigation - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_5_0.dll
O3 - Toolbar: 7FaSSt Search - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Program Files\FS\7Search.dll