- Thread starter
- #21
M
MEB
Okay, sorry for the top post but this is important enough ...
It appears you are infected/have some changes within your system.
Please understand, though your previous anti-spyware and AV scans found
nothing, you may still have browser hijacks and other to be concerned about
[running processes or other].
The Hijack This log would likely provide some answers, it lay for you to
run the test and post the log SOMEWHERE for review.
Likely it will also be relevant to post *Startup* and *run services*
entries SOMEWHERE, so they can also be reviewed.
Here or elsewhere, please provide these so SOMEONE can look through them.
If you have contact via email with Gary, then post to him,, he will
determine whether it needs posted here or elsewhere. BUT please do something
shortly.. again some of your settings are allowing too much through to your
system, something needs changed, you need more protection.
--
MEB
http://peoplescounsel.orgfree.com
________
"Angel" <angel@noway.com> wrote in message
news:%23pAeAyt0HHA.3940@TK2MSFTNGP05.phx.gbl...
| Hi MEB,
| I am going to try this again I hope it goes through. I have tried
about
| 5 times today to send this but it never showed up. The one that did, was
the
| one I sent to ask why I was having trouble. I sent a couple after that.
| No, I am not using firefox. I am using Internet explorer. Last night I
| was still receiving pop ups. I even had one when I was trying to use the
| site for the*fix* that PABear and Gary mentioned in their posts. I KNOW
that
| the pop up was not from that click on site. It was a Sexy Girl pop up. Of
| course I used the close button. Then I got the grey box titled Microsoft
| something. Whoever is doing it they are trying to mimic the Windows boxes.
| In the box it said that I have been visiting Adult Sites. Not true. They
| wanted me to download Drive Cleaner. I then did my routine even though it
| was 1:30AM I was tired. Nothing showed up on neither except except the
usual
| cookie that I did the *fix* on. I think that it was adrevolver. That was
| Spybot. AdAware had the usual cookies. Avast! showed nothing.
| You asked if when I used the 3 finger salute caused any problems. The
| thing that happened was one of my icons disappeared, the hotkey one.
| I tried to save the instructions to my desktop. All I got was the
| borders of it. I tried to do the print the only thing that came up was
page
| 1 with a side bar. That did not do me any good.
| I only have I computer, so I cannot type it out. My
| handwriting/printing I cannot sometimes read when it gets cold.
| I have another problem. I used to have my explorer buttons across
the
| top, now they are at the bottom when I open Outlook Express. When I type a
| post they are across the top. When I read the posts they are on the side
you
| have to click on a button at the top and the button is not marked in any
| way.
| Angel
|
| "MEB" <meb@not here@hotmail.com> wrote in message
| news:ed0FrJi0HHA.4476@TK2MSFTNGP06.phx.gbl...
| >
| >
| > "Angel" <angel@noway.com> wrote in message
| > news:Oub5Z%23e0HHA.5764@TK2MSFTNGP03.phx.gbl...
| > | Daave,
| > | No it did not look like that as seen on the link. I got away from
it
| as
| > | soon as I could. Then did my routine as seen in my last post to MEB.
| > Nothing
| > | but the cookies came up in Spybot. No virus showed up in Avast! I just
| > | wanted to know how to prevent it from coming up. I found that the only
| way
| > I
| > | could get rid of the Box that you could not click on the close button
| was
| > to
| > | use the Ctrl-Alt-Del routine. Others may want to know also that is why
I
| > | posted it. It almost demands that you download. Some may think that
| > because
| > | it does not let you click close button. So Ctrl-Alt-Del routine is the
| way
| > | to go to get out these situations. How did I know? Trying it. It was
the
| > | only thing that I could think of at the time and it worked! It just
| takes
| > a
| > | short time to do it and it is done.
| > | Angel
| >
| > Okay, as usual the group is here for whatever you need. Daave suggested
| an
| > issue note: there are other variant's that are used on the net. Also
note
| > that USUALLY it takes some input/participation from you to install,
which
| > you MAY have avoided using your crtl/alt/del. The *pop-up* and
*pop-under*
| > MAY have been successfully nullified.
| >
| > However: First do the suggestions [which you have already done some of
| the
| > normal local search/diagnostics] including *Hijack This* that were
| suggested
| > by knowledgable parties, just to be sure.
| > I believe, though, likely we [the group] can quickly scan what's found.
I
| > think this group is capable of such activity, noting of course, the
group
| is
| > not recognized as expert in this issue [HiJack This logs].... there are
a
| > number of parties that can and do research potentials, or are otherwise
| > competent in their fashion and others who would likely catch any errors
| ...
| >
| > As for your querry concerning how to stop this from occurring:
| > Once you get any issues taken care of, then there are several browser
| > settings that might be checked and changed pop-up blockers to discuss
| [and
| > various delivery methods and other blocking techniques] and several
other
| > issues. Gary T. [someone you trust] will of course be watching and
guiding
| > ...
| >
| > If I remember correctly: you have installed all OS updates, and are
using
| > FireFox as your browser, is this correct?
| > What version of browser [and if applicable, what browser] are you
using?
| > What email/newsgroup program(s) and version?
| >
| >
| > |
| > | "Daave" <dcwashNOSPAM@myrealboxXYZ.invalid> wrote in message
| > | news:e4XAeMa0HHA.3400@TK2MSFTNGP03.phx.gbl...
| > | > Angel wrote:
| > | > > Hi everyone,
| > | > > I was on the 'net and I received this pop up. It said to the
| > | > > effect Error alert. I think that is what it said at the top. A
| window
| > | > > popped up wanting me to download a registry cleaner. I click the
| > | > > close and then a gray box that wanted me download a program with
an
| > | > > ok button and all the buttons at top were grayed out you could not
| > | > > close. I was not about to do it. I then did the Ctrl-Alt-Del and
got
| > | > > it out that way. This happened a couple of times in 2 days. I had
| > | > > just opened a newsletter from a site I trusted and went to the
| > | > > website and shortly got that. I then unsubscribed the newsletter.
| Did
| > | > > it come from the website or someplace else? What else can I do to
| > | > > prevent this type of thing happening. Any suggestions would be
| > | > > appreciated. Angel
| > | >
| > | > Does it look anything like:
| > | >
| > | > http://www.adwarereport.com/mt/archives/Spyware.CyberLog-X.gif
| > | >
| > | > Is it "suggesting" you purchase a program? And if so, might the name
| of
| > | > the program be one of the following:
| > | >
| > | > 1. WinAntiSpyware
| > | > 2. AntiVirusGolden
| > | > 3. SpyHeal
| > | > 4. VirusBlast
| > | >
| > | > Describe the popup in detail--EVERYTHING about it.
| > | >
| > | > Sounds like you have a Smitfraud-type infection.
| > | >
| > | > If so, have a look at:
| > | >
| > | >
| > |
| >
|
http://forums.spybot.info/showthread.php?s=8f2f8c2b826ba30f99ee3c749c167e6c&t=10970
| > | >
| > | >
| > |
| > |
| >
| > --
| > MEB
| > http://peoplescounsel.orgfree.com
| > ________
| >
| >
| >
|
|
It appears you are infected/have some changes within your system.
Please understand, though your previous anti-spyware and AV scans found
nothing, you may still have browser hijacks and other to be concerned about
[running processes or other].
The Hijack This log would likely provide some answers, it lay for you to
run the test and post the log SOMEWHERE for review.
Likely it will also be relevant to post *Startup* and *run services*
entries SOMEWHERE, so they can also be reviewed.
Here or elsewhere, please provide these so SOMEONE can look through them.
If you have contact via email with Gary, then post to him,, he will
determine whether it needs posted here or elsewhere. BUT please do something
shortly.. again some of your settings are allowing too much through to your
system, something needs changed, you need more protection.
--
MEB
http://peoplescounsel.orgfree.com
________
"Angel" <angel@noway.com> wrote in message
news:%23pAeAyt0HHA.3940@TK2MSFTNGP05.phx.gbl...
| Hi MEB,
| I am going to try this again I hope it goes through. I have tried
about
| 5 times today to send this but it never showed up. The one that did, was
the
| one I sent to ask why I was having trouble. I sent a couple after that.
| No, I am not using firefox. I am using Internet explorer. Last night I
| was still receiving pop ups. I even had one when I was trying to use the
| site for the*fix* that PABear and Gary mentioned in their posts. I KNOW
that
| the pop up was not from that click on site. It was a Sexy Girl pop up. Of
| course I used the close button. Then I got the grey box titled Microsoft
| something. Whoever is doing it they are trying to mimic the Windows boxes.
| In the box it said that I have been visiting Adult Sites. Not true. They
| wanted me to download Drive Cleaner. I then did my routine even though it
| was 1:30AM I was tired. Nothing showed up on neither except except the
usual
| cookie that I did the *fix* on. I think that it was adrevolver. That was
| Spybot. AdAware had the usual cookies. Avast! showed nothing.
| You asked if when I used the 3 finger salute caused any problems. The
| thing that happened was one of my icons disappeared, the hotkey one.
| I tried to save the instructions to my desktop. All I got was the
| borders of it. I tried to do the print the only thing that came up was
page
| 1 with a side bar. That did not do me any good.
| I only have I computer, so I cannot type it out. My
| handwriting/printing I cannot sometimes read when it gets cold.
| I have another problem. I used to have my explorer buttons across
the
| top, now they are at the bottom when I open Outlook Express. When I type a
| post they are across the top. When I read the posts they are on the side
you
| have to click on a button at the top and the button is not marked in any
| way.
| Angel
|
| "MEB" <meb@not here@hotmail.com> wrote in message
| news:ed0FrJi0HHA.4476@TK2MSFTNGP06.phx.gbl...
| >
| >
| > "Angel" <angel@noway.com> wrote in message
| > news:Oub5Z%23e0HHA.5764@TK2MSFTNGP03.phx.gbl...
| > | Daave,
| > | No it did not look like that as seen on the link. I got away from
it
| as
| > | soon as I could. Then did my routine as seen in my last post to MEB.
| > Nothing
| > | but the cookies came up in Spybot. No virus showed up in Avast! I just
| > | wanted to know how to prevent it from coming up. I found that the only
| way
| > I
| > | could get rid of the Box that you could not click on the close button
| was
| > to
| > | use the Ctrl-Alt-Del routine. Others may want to know also that is why
I
| > | posted it. It almost demands that you download. Some may think that
| > because
| > | it does not let you click close button. So Ctrl-Alt-Del routine is the
| way
| > | to go to get out these situations. How did I know? Trying it. It was
the
| > | only thing that I could think of at the time and it worked! It just
| takes
| > a
| > | short time to do it and it is done.
| > | Angel
| >
| > Okay, as usual the group is here for whatever you need. Daave suggested
| an
| > issue note: there are other variant's that are used on the net. Also
note
| > that USUALLY it takes some input/participation from you to install,
which
| > you MAY have avoided using your crtl/alt/del. The *pop-up* and
*pop-under*
| > MAY have been successfully nullified.
| >
| > However: First do the suggestions [which you have already done some of
| the
| > normal local search/diagnostics] including *Hijack This* that were
| suggested
| > by knowledgable parties, just to be sure.
| > I believe, though, likely we [the group] can quickly scan what's found.
I
| > think this group is capable of such activity, noting of course, the
group
| is
| > not recognized as expert in this issue [HiJack This logs].... there are
a
| > number of parties that can and do research potentials, or are otherwise
| > competent in their fashion and others who would likely catch any errors
| ...
| >
| > As for your querry concerning how to stop this from occurring:
| > Once you get any issues taken care of, then there are several browser
| > settings that might be checked and changed pop-up blockers to discuss
| [and
| > various delivery methods and other blocking techniques] and several
other
| > issues. Gary T. [someone you trust] will of course be watching and
guiding
| > ...
| >
| > If I remember correctly: you have installed all OS updates, and are
using
| > FireFox as your browser, is this correct?
| > What version of browser [and if applicable, what browser] are you
using?
| > What email/newsgroup program(s) and version?
| >
| >
| > |
| > | "Daave" <dcwashNOSPAM@myrealboxXYZ.invalid> wrote in message
| > | news:e4XAeMa0HHA.3400@TK2MSFTNGP03.phx.gbl...
| > | > Angel wrote:
| > | > > Hi everyone,
| > | > > I was on the 'net and I received this pop up. It said to the
| > | > > effect Error alert. I think that is what it said at the top. A
| window
| > | > > popped up wanting me to download a registry cleaner. I click the
| > | > > close and then a gray box that wanted me download a program with
an
| > | > > ok button and all the buttons at top were grayed out you could not
| > | > > close. I was not about to do it. I then did the Ctrl-Alt-Del and
got
| > | > > it out that way. This happened a couple of times in 2 days. I had
| > | > > just opened a newsletter from a site I trusted and went to the
| > | > > website and shortly got that. I then unsubscribed the newsletter.
| Did
| > | > > it come from the website or someplace else? What else can I do to
| > | > > prevent this type of thing happening. Any suggestions would be
| > | > > appreciated. Angel
| > | >
| > | > Does it look anything like:
| > | >
| > | > http://www.adwarereport.com/mt/archives/Spyware.CyberLog-X.gif
| > | >
| > | > Is it "suggesting" you purchase a program? And if so, might the name
| of
| > | > the program be one of the following:
| > | >
| > | > 1. WinAntiSpyware
| > | > 2. AntiVirusGolden
| > | > 3. SpyHeal
| > | > 4. VirusBlast
| > | >
| > | > Describe the popup in detail--EVERYTHING about it.
| > | >
| > | > Sounds like you have a Smitfraud-type infection.
| > | >
| > | > If so, have a look at:
| > | >
| > | >
| > |
| >
|
http://forums.spybot.info/showthread.php?s=8f2f8c2b826ba30f99ee3c749c167e6c&t=10970
| > | >
| > | >
| > |
| > |
| >
| > --
| > MEB
| > http://peoplescounsel.orgfree.com
| > ________
| >
| >
| >
|
|