•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the Web Browsers section within the Tech Talk category of DaniWeb, a massive community of 427,097 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,317 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our Web Browsers advertiser: Programming Forums
Views: 6843 | Replies: 20
 |
•
•
Join Date: Dec 2003
Posts: 16
Reputation: 
Rep Power: 5
Solved Threads: 0
Newbie Poster
Microsoft IE Offline Pop-ups Why am I receiving so many Pop-ups even while I'm offline? I can't play video games without being interrupted. It's already annoying online but now offline! Give me a break! I just keep getting all of these Microsoft IE pop-up windows. My OS is Windows XP Home Edition.
•
•
Join Date: Feb 2002
Location: Lawn Guylen, NY
Posts: 10,926
Reputation:
Rep Power: 32
Solved Threads: 118
It seems as if your browser was hijacked or something for you to be getting IE popups while offline. Are the offline ones always for the same site?
Dani the Computer Science Gal
Do you run a computer-related website? Feature it in our niche link directory!
Do you run a computer-related website? Feature it in our niche link directory!
•
•
Join Date: Dec 2003
Posts: 16
Reputation:
Rep Power: 5
Solved Threads: 0
Newbie Poster
I don't actually know what you mean by "for the same site" but the pop-ups usually are all the same kinds of advertisements.
•
•
Join Date: Jan 2004
Location: OlyWa
Posts: 36
Reputation:
Rep Power: 6
Solved Threads: 0
Light Poster
Re: Microsoft IE Offline Pop-ups •
•
•
•
Originally Posted by eyeamdaman1
I don't actually know what you mean by "for the same site" but the pop-ups usually are all the same kinds of advertisements.
This wont stop the popups, but will help increase your personal control over your own computer and clean up the content in the popups
.
If you can find out where the popups are trying to take you, write down the address, which will probably turn out to be something like: "ads.x10.com" or something. after you compile a large list of these addresses, throw them in your HOSTS file in %system%/System32/drivers/etc folder using this format:
127.0.0.1 www.adbanneraddress.com (thats not a real addy, btw)
what this does is create a kind of DNS "busy signal" for your computer so that everytime the browser is told to go to one of the sites in your HOSTS file, it gets looped back to your local machine instead. done.
I have a rather large hosts file that I'd be willing to give you, you can also get then on the web in different places.
I found that this eliminated one hole through which browser hijackings could occur and proliforate. I hope it helps you.
-gkd
Last edited by gkdmaths : Jan 4th, 2004 at 2:40 pm. Reason: spleeing
•
•
Join Date: Oct 2003
Posts: 73
Reputation:
Rep Power: 5
Solved Threads: 1
Junior Poster in Training
Hi eyeamdaman1
What cscgal is wondering is if they are Messenger pop-ups.......Does Messenger appear at the top of a box with them in. ?
Also if you really want to get your browser and comp sorted out, do this :-
Please Download hijackthis from
http://www.merijn.org/files/hijackthis.zip
Unzip, doubleclick HijackThis.exe, and hit "Scan".
After the scan has finished the "scan" button will turn into a "save log" button
save the log file and paste it here
Do not delete anything yet, as most things hijackthis finds are harmless and needed.
steam
What cscgal is wondering is if they are Messenger pop-ups.......Does Messenger appear at the top of a box with them in. ?
Also if you really want to get your browser and comp sorted out, do this :-
Please Download hijackthis from
http://www.merijn.org/files/hijackthis.zip
Unzip, doubleclick HijackThis.exe, and hit "Scan".
After the scan has finished the "scan" button will turn into a "save log" button
save the log file and paste it here
Do not delete anything yet, as most things hijackthis finds are harmless and needed.
steam
•
•
Join Date: Oct 2003
Location: Your sisters house
Posts: 766
Reputation: 
Rep Power: 0
Solved Threads: 7
Banned
Turn off active scripting or better yet use www.mozilla.com
•
•
Join Date: Dec 2003
Posts: 16
Reputation:
Rep Power: 5
Solved Threads: 0
Newbie Poster
Im trying to post the log but it won't let me.
•
•
Join Date: Dec 2003
Posts: 16
Reputation:
Rep Power: 5
Solved Threads: 0
Newbie Poster
Logfile of HijackThis v1.97.7
Scan saved at 7:59:27 PM, on 1/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Bargain Buddy\bin\bargains.exe
C:\Program Files\Media\Media\UpdateStats.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\uptodate.exe
C:\WINDOWS\rundll16.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\SuperBar\sbhc.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
Scan saved at 7:59:27 PM, on 1/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Bargain Buddy\bin\bargains.exe
C:\Program Files\Media\Media\UpdateStats.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\uptodate.exe
C:\WINDOWS\rundll16.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\SuperBar\sbhc.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
•
•
Join Date: Dec 2003
Posts: 16
Reputation:
Rep Power: 5
Solved Threads: 0
Newbie Poster
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Downloaded Program Files\OELoader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\winservn.exe
C:\Program Files\ClockSync\Sync.exe
C:\Program Files\Alset\HelpExpress\Owner\HXIUL.EXE
C:\Program Files\Alset\HelpExpress\Owner\Client\HelpExp.exe
C:\WINDOWS\quicken.exe
C:\WINDOWS\editpad.exe
C:\Program Files\Alset\HelpExpress\Owner\HXDL.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\msCMTSrvc.exe
C:\Program Files\Alset\HelpExpress\Owner\Client\PrintMonitor.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\emsw.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Downloaded Program Files\OELoader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\winservn.exe
C:\Program Files\ClockSync\Sync.exe
C:\Program Files\Alset\HelpExpress\Owner\HXIUL.EXE
C:\Program Files\Alset\HelpExpress\Owner\Client\HelpExp.exe
C:\WINDOWS\quicken.exe
C:\WINDOWS\editpad.exe
C:\Program Files\Alset\HelpExpress\Owner\HXDL.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\msCMTSrvc.exe
C:\Program Files\Alset\HelpExpress\Owner\Client\PrintMonitor.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\emsw.exe
•
•
Join Date: Dec 2003
Posts: 16
Reputation:
Rep Power: 5
Solved Threads: 0
Newbie Poster
C:\Program Files\America Online 8.0a\waol.exe
C:\Program Files\America Online 8.0a\shellmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.156\HijackThis.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.webcounter.cc/-/?newlx about:blank (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.webcounter.cc/-/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.webcounter.cc/-/?newlx about:blank (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://searchmyrequest.com/hp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50038
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = ,
R3 - URLSearchHook: (no name) - - (no file)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\bhs5xvdn.slt\prefs.js)
O1 - Hosts: 209.132.200.78 auto.search.msn.com
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll
O2 - BHO: (no name) - {0DDBB570-0396-44C9-986A-8F6F61A51C2F} - C:\WINDOWS\System32\msiefr40.dll
O2 - BHO: (no name) - {23BC1CCF-4BE7-497F-B154-6ADA68425FBB} - C:\WINDOWS\System32\expext.dll
O2 - BHO: Natural Language Navigation - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_5_0.dll
O3 - Toolbar: 7FaSSt Search - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Program Files\FS\7Search.dll
C:\Program Files\America Online 8.0a\shellmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.156\HijackThis.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.webcounter.cc/-/?newlx about:blank (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.webcounter.cc/-/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.webcounter.cc/-/?newlx about:blank (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://in.webcounter.cc/--/?newlx (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://in.webcounter.cc/---/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://searchmyrequest.com/hp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://in.webcounter.cc/--/?newlx (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50038
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = ,
R3 - URLSearchHook: (no name) - - (no file)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\bhs5xvdn.slt\prefs.js)
O1 - Hosts: 209.132.200.78 auto.search.msn.com
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll
O2 - BHO: (no name) - {0DDBB570-0396-44C9-986A-8F6F61A51C2F} - C:\WINDOWS\System32\msiefr40.dll
O2 - BHO: (no name) - {23BC1CCF-4BE7-497F-B154-6ADA68425FBB} - C:\WINDOWS\System32\expext.dll
O2 - BHO: Natural Language Navigation - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_5_0.dll
O3 - Toolbar: 7FaSSt Search - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Program Files\FS\7Search.dll
|
•
•
•
•
•
•
•
•
DaniWeb Web Browsers Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
•
•
•
•
activation advertising ajax apple asp blog browser business c# code computer console development domains firefox game google internet ipod linux malware marketing microsoft mobile mozilla news nintendo novell office operating os pc privacy red hat report research search security software survey system upgrade vista web windows xbox 360 xml xp yahoo zune
- Previous Thread: No e-mail pulldown default in IE6
- Next Thread: IE Slow click response in Win98
