Hi There,

I appreciate being able to post even though I am not a registered member. I am hoping someone can enlighten me about a solution to a annoying and persistent problem that I am having.

I am having problems with Spyware and pop up add engines loading when I start IE. I have removed all traces from my general system using ad-aware and Spybot S&D and things are fine if I don't use IE. The first time I use IE, it seems to be downloading the offensive software again and the pop ups start. Any ideas how I can disable this.

Thanks,

Sounds like a BHO a browser helper object, either that or are they pop-ups boxes with just text in them they could be RPC pop-ups. You might want to download SpywareBlaster or one of the other free Prevention Spyware. Check Spyware Updates for the names of several and their update frequency.

Spybot S&D in the Tools Section there is a choice to list your BHO's. Read the section information.

RPC can be disabled unless you do a lot of printing over the internet. Do a search for "disabling RPC pop-ups" that should lead you to a website with instructions or a little batch file to change those settings.

Hi there Jamming,

I noticed there are two toolbars installed in my IE that have not text and just appear as a blank line in the toolbar list. I think they may be autoloading the files somehow. Any ideas on how to get rid of them?

I did try Spbot S&D and it didn't find this particular problem.

The Toolbars are probably added to your registry, number one: open your internet options in the IE toolbar, select it: then go to the advance tab at the top and select it: go down to browser section and make sure install on demand is not selected (both of them). This should help in the future.

To get rid of these problems I am going to need more information, so which Windows are you using?

You might also be able to get rid of them thru Add/Remove. I realize it sounds too simple but sometimes the "rogue" toolbars that install are listed. Possibly also removing them from startup thru MSCONFIG might work just to stop them from running.

Hi Jamming,

I am running Windows 2000 Server and IE 6.1 (the version that got infected was IE 5.5 SP2 I believe. Thanks again for all the help.
As part of my debugging efforts, I "repaired" Windows 2000 which uninstalled a bunch of stuff. I have disconnected the computer from the internet and I have noticed that a web browser window pops up during start up that attempts to go to the following URL: http://www.popupad.net/ats/switch.php. I have never installed anything that would use that resource and I am suspicious that this may be the culprit. I wonder if it tries to launch this every time I startup or just because I repaired Windows 2000 and now its trying to re-install itself. I have looked in the Add/Remove Programs under control panel and nothing obvious jumps out at me that needs to be un-installed.

rbk

rbk, I am not that familiar with Win2000, but I think that the idea to use MSCONFIG to remove them from the start up list is a good idea. Once you figure out which Registry Key that is starting it up form MSCONFIG, then you should go into regedit and do a registry search for any similar sort of entries, remember to back-up/export your original registry before making these changes.

http://securityresponse.symantec.com/avcenter/venc/data/trojan.bootconf.html

I had a similar problem and FINALLY fixed it! I have re-installed norton2003 with updates available. Run a scan and cleaned my computer

I hope this would help.

Hiyb7,

You could also give a try to Spywareguard(available at our "download "
section under "Spywares") it's a very effective preventive tool

I was working on a PC 2 days ago and I also ran into that URL. The only thing that fixed the computer was installing Norton 2003, getting all the updates and running a scan. Norton was able to clean it up well. For the rest of the critters that were on the PC Spybot and AdAware did a good job. That one URL redirector is a pain to get rid of though.

DK

This one is also a very effective preventive tool(freeware)

http://www.staff.uiuc.edu/~ehowes/resource.htm

Might l also suggest BHO Demon, a vey useful little tool for identifying BHO's that allows you to disable and re-enable if required.

It's free and you can get it from:

http://www.definitivesolutions.com/

Spybot S&D also includes a BHO Tool if you have all ready downloaded and installed that on your machine.

and yet another..........hi-jack this......is a good app to find these as well.......

hi jack this is here:

http://www.tomcoyote.org/hjt/