Pop-Up Stopper Help!

[sjm1027]

A few days ago I sent out a post about pop-ups and it was suggested to me that I install some type of Pop-Up stopper. Well I did and I am using Panicware Pop-Up Stopper (Free Version) on Win98 2nd Edition.
It seems to have some problems and one of them is in an attachment with this thread.http://

[sjm1027]

All,
I forgot to mention that in the morning I still have 6 popup windows accross my bottom banner and it is now even harder to clear this screen. any ideas?

[Dan]

I'm not sure your error message was caused by your popup program. It is more likely to be from the page explorer was trying to open.
I use a program from AnalogX called POW.
It allows you to choose what popups are killed. This requires deciding while the popup is opn, once registered in the program it won't open again. I find this much safer than using a program that stops all popups, and simpler too. I does require you to view the popup one time, but if you frequent sites that have repeated popups it's truly helpful.
www.analogx.com

[glc]

Control Panel, Internet Options - Advanced. Uncheck "display a notification about every script error" and check "disable script debugging". Download Spybot or Ad-Aware and do a spyware scan.

[sjm1027]

I ran the software and it found 19 infected files. Some are Dll Files

I will attach the log file to the bottom of this reply.
If anyone thinks it is worth it I will pick it up! I am just afraid of deleting a DLL did it before and was screwed by it

Thanks
Steve

Scan initialized on 06/09/2003 5:34:29 PM
=================================================
Started memory scan
====================
Processes Currently Running

#:1 (KERNEL32.DLL)


#:2 (MSGSRV32.EXE)


#:3 (SPOOL32.EXE)


#:4 (MPREXE.EXE)


#:5 (ATI2EVXX.EXE)


#:6 (wmexe.exe)


#:7 (MSTASK.EXE)


#:8 (NPROTECT.EXE)


#:9 (CSINJECT.EXE)


#:10 (SYMTRAY.EXE)


#:11 (TABLET.EXE)


#:12 (mmtask.tsk)


#:13 (EXPLORER.EXE)


#:14 (GWHOTKEY.EXE)


#:15 (STIMON.EXE)


#:16 (ATIPTAXX.EXE)


#:17 (INSTANTACCESS.EXE)


#:18 (CTNOTIFY.EXE)


#:19 (TASKMON.EXE)


#:20 (ICONFIG.EXE)


#:21 (HPSJVXD.EXE)


#:22 (MEDIADET.EXE)


#:23 (HPZTSB01.EXE)


#:24 (NAVAPW32.EXE)


#:25 (IMGICON.EXE)


#:26 (EM_EXEC.EXE)


#:27 (LOADQM.EXE)


#:28 (AHQTB.EXE)


#:29 (QTTASK.EXE)


#:30 (REALSCHED.EXE)


#:31 (WJVIEW.EXE)


#:32 (UPDATE.EXE)


#:33 (VIEW.EXE)


#:34 (RunDLL.exe)


#:35 (HXIUL.EXE)


#:36 (HELPEXP.EXE)


#:37 (PSFREE.EXE)


#:38 (WZQKPICK.EXE)


#:39 (CSINSM32.EXE)


#:40 (DDHELP.EXE)


#:41 (HOTSYNC.EXE)


#:42 (ALARMAPP.EXE)


#:43 (Monwow.exe)


#:44 (WKCALREM.EXE)


#:45 (PRINTMONITOR.EXE)


#:46 (WEBSEARCH.EXE)


#:47 (PSTORES.EXE)


#:48 (SPYNUKER.EXE)


Memory scan result :
Total modules found :49
Suspicious modules found:
Scan complete

Started registry scan
====================
Registry Key Type = Dialer - Other:

[HKEY_CURRENT_USER\Software\WebDialer\]

Registry Key Type = Gator:

[HKEY_CLASSES_ROOT\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C}\]

Registry Key Type = Gator:

[HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com\]

Registry Key Type = Gator:

[HKEY_LOCAL_MACHINE\Software\GatorTest\]

Registry Key Type = Gator:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/IEGator.dll\]

Registry Key Type = Alexa:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\]

Registry Key Type = Attune:

[HKEY_CURRENT_USER\Software\Aveo\]

Registry Key Type = Attune:

[HKEY_LOCAL_MACHINE\SOFTWARE\Aveo\]

Registry Key Type = iWon:

[HKEY_LOCAL_MACHINE\SOFTWARE\iWon\]

Registry Key Type = OrbitExplorer:

[HKEY_CURRENT_USER\CLSID\{0FDA4D2B-7975-405d-8D7C-F5E2247EAE80}\]

Registry Key Type = :

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/Downloaded Program Files/IEGator.dll\C:/WINDOWS/Downloaded Program Files/IEGator.dll]

Registry Key Value Type = Gator:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\]
"StashedGEF"=dword:00000600

Registry Key Value Type = Gator:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\]
"StashedGMG"="BC7FF8C2-6AB0-11D6-8735-D7E3C00CE0F7"

Registry Key Value Type = Web3000:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\]
"StashedGEF"=dword:00000600

Registry Key Value Type = Web3000:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\]
"StashedGMG"="BC7FF8C2-6AB0-11D6-8735-D7E3C00CE0F7"

Registry Key Value Type = Web3000:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\]
"StashedGMI"=dword:5778B27

Registry Key Value Type = Hijacker - Xupiter:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\]
"OrbitUpdate"="C:\\Program Files\\Orbit\\update.exe"

Registry Key Value Type = Hijacker - Xupiter:

[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\]
"OrbitView"="C:\\Program Files\\Orbit\\view.exe"


Registry scan result:
Suspicious keys found :18
Scan complete

Started Cookie scan
====================


Cookie scan results:
Suspicious cookies found:0
Scan complete

Started folder scan
====================
Hijacker - Orbit Explorer folder:C:\Program Files\Orbit
Hijacker - Orbit Explorer folder:C:\Program Files\Common Files\OE
Other folder:C:\Program Files\Aveo\Attune
Folder scan result:
Suspicious folders found :3

Started file scan
====================
Hijacker - Xupiter file:C:\Program Files\Common Files\OE\toolbar.dll
FileSize :72 kb
Last accessed :05/17/2003 8:42:44 AM
Build :1.0.0.1
OS :-DLL


Hijacker - Xupiter file:C:\Program Files\Common Files\OE\redirector.dll
FileSize :36 kb
Last accessed :05/17/2003 8:42:44 AM
Build :1.0.0.1
OS :-DLL


Hijacker - Xupiter file:C:\Program Files\Common Files\OE\search.dll
FileSize :28 kb
Last accessed :05/17/2003 8:42:44 AM
Build :1.0.0.1
OS :-DLL


KeyLogger - Golden Eye file:C:\_Steve\Junk\gesetup.exe
FileSize :7961 kb
Last accessed :12/10/2002 7:19:08 PM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GATORP~1.LOG
FileSize :3 kb
Last accessed :05/18/2002 10:45:48 PM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorPlugin.log
FileSize :3 kb
Last accessed :05/18/2002 10:45:48 PM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorPdpSetup.log
FileSize :15 kb
Last accessed :05/18/2002 10:55:48 PM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorUninstaller_cme.log
FileSize :0 kb
Last accessed :05/19/2002 6:15:24 AM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorUninstaller_cme_u.log
FileSize :3 kb
Last accessed :05/19/2002 6:15:28 AM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorPlugin.log
FileSize :3 kb
Last accessed :05/18/2002 10:45:48 PM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorPdpSetup.log
FileSize :15 kb
Last accessed :05/18/2002 10:55:48 PM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorUninstaller_cme.log
FileSize :0 kb
Last accessed :05/19/2002 6:15:24 AM
Build :1.0.0.1
OS :-DLL


Gator file:C:\WINDOWS\GatorUninstaller_cme_u.log
FileSize :3 kb
Last accessed :05/19/2002 6:15:28 AM
Build :1.0.0.1
OS :-DLL


Other file:C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\V2DN9WGV\hbe[1].js
FileSize :6 kb
Last accessed :03/18/2003 9:03:02 PM
Build :1.0.0.1
OS :-DLL


Other file:C:\WINDOWS\TEMP\Temporary Internet Files\Content.IE5\OHG94PSX\hbe[1].js
FileSize :5 kb
Last accessed :03/29/2003 4:37:32 PM
Build :1.0.0.1
OS :-DLL


Lop.com file:C:\WINDOWS\Favorites\Entertainment\Games.url
FileSize :0 kb
Last accessed :05/17/2003 8:42:44 AM
Build :1.0.0.1
OS :-DLL


Lop.com file:C:\Program Files\Real\RealPlayer\DataCache\webresources\dnserror.htm
FileSize :0 kb
Last accessed :07/17/2002 3:29:00 PM
Build :1.0.0.1
OS :-DLL


HelpExpress - Attune file:C:\Program Files\Alset\HelpExpress\steve\HXIUL.EXE
FileSize :89 kb
Last accessed :04/12/2003 4:18:58 PM
Build :2.3.0.0
OS :NT-Win32-Executable


HelpExpress - Attune file:C:\Program Files\Alset\HelpExpress\steve\Download\HXIUL.EXE
FileSize :89 kb
Last accessed :04/12/2003 4:18:58 PM
Build :2.3.0.0
OS :NT-Win32-Executable


File scan result :
Suspicious files found :19
Scan complete


==========================================================
Spyware components found total: 40
==========================================================

Task completed on 5:52:29 PM
Done


==========================================================
Application Version: 1.11.0
==========================================================
Major Version: 4
Minor Version: 10
Build Number Version: 2222
Platform ID: 1
Service Pack Major: 0
Service Pack Minor: 0
Suite Mask: 0
Platform: Windows 98
Platform Version: Windows 98 v4.10, Build 2222
OS Product Name: Unknown
CSD Version: A
Is Windows XP: False
Is Windows 2K: False
Is Windows NT: False
Is Windows 9x: True
Is Windows 95: True
Is Windows 98: True
Is Windows Me: False


==========================================================

[Dan]

what software did you run?
I would let the program correct the problems. Most of the files are from Gator, a spyware laden program...and should be deleted...but let the program do it for you....the keylogger is watching every keystroke yiou make, the sooner you get rid of it the better....
if you installed Gator yourself, be sure to uninstall it...

[glc]

You are seriously infected by malware. Let Spybot (NOT Spynuker) clean it up and hope it will still boot and get on the Internet - and stop clicking "yes" every time IE wants to install something for you.

http://security.kolla.de/index.php?l...&page=download

[sjm1027]

Well glc you were right.
I did what you suggested and cleaned up approx. 85 files of junk... My system seems much better and if I go away for an hour I come back and still see my desk top not 5 ads stacked up!

I appreciate all the help you all gave me.

Thanks,
Steve

[herrwitt(USA)]

May I suggest using the MOZILLA browser... I'm currently using ver . 1.2.1 ... Its free from mozillal.org ... Since I've been using it I haven't had pop-up probs @ all !!!
herrwitt(usa)!

[sjm1027]

Thanks,
I will give it a try

[pillainp]

Also try out Netcaptor at www.netcaptor.com. It's an IE shell that has its own built in pop-up killer.