A New Way to Place Pop-Ups?/NSIS Media Pop-Ups
Moderator: Halleck
-
- Elite Venturer
- Posts: 757
- Joined: Tue Jun 07, 2005 9:58 am
- Location: somewhere in the middle of nowhere, under a tree, facing the sun...
A New Way to Place Pop-Ups?/NSIS Media Pop-Ups
Hi,
does anybody know anything about a new sort of pop-ups? I did experience a lot of pop-ups lately and start to worry about security. Especially because I never had problems with pop-ups befor, thanks to FireFox. And I'm not aware of any changes to my system or my browser right now...
does anybody know anything about a new sort of pop-ups? I did experience a lot of pop-ups lately and start to worry about security. Especially because I never had problems with pop-ups befor, thanks to FireFox. And I'm not aware of any changes to my system or my browser right now...
Last edited by Spaceman Spiff on Thu Jul 13, 2006 8:31 am, edited 1 time in total.
You are a newbie and need help? Check out the Wing Commander Universe and Privateer Remake Library Project
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
-
- Elite
- Posts: 7243
- Joined: Mon Apr 18, 2005 2:40 pm
- Location: LS87, Buenos Aires, República Argentina
I imagine you're running windows.
Try reading through HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/run
That's... with regedit.
Inspect every entry and try to identify it.
If you can't identify a (legal) subsystem it should belong to (and beware - windows update would not be there, lots of tojans mask themselves as windows update), then simply purge it (in the safe manner I purge - by appending "disabled" before in the command line - disabled is no command, so windows will just ignore the failed launch attempt).
Like:
Normal:
RoxioDragToDisc=""D:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe""
After:
RoxioDragToDisc="disable "D:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe""
(Ok - roxio's drag-to-disc is a legal app, but I don't like it so I disable it nonetheless)
Try reading through HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/run
That's... with regedit.
Inspect every entry and try to identify it.
If you can't identify a (legal) subsystem it should belong to (and beware - windows update would not be there, lots of tojans mask themselves as windows update), then simply purge it (in the safe manner I purge - by appending "disabled" before in the command line - disabled is no command, so windows will just ignore the failed launch attempt).
Like:
Normal:
RoxioDragToDisc=""D:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe""
After:
RoxioDragToDisc="disable "D:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe""
(Ok - roxio's drag-to-disc is a legal app, but I don't like it so I disable it nonetheless)
-
- Elite Venturer
- Posts: 757
- Joined: Tue Jun 07, 2005 9:58 am
- Location: somewhere in the middle of nowhere, under a tree, facing the sun...
Dunno... I'm really lousy in getting along with stuff like that... seems ok to me... Though, I don't know the three entries in the red frames. Can anybody tell me what they are?
You are a newbie and need help? Check out the Wing Commander Universe and Privateer Remake Library Project
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
-
- Elite
- Posts: 7243
- Joined: Mon Apr 18, 2005 2:40 pm
- Location: LS87, Buenos Aires, República Argentina
-
- Minister of Information
- Posts: 1895
- Joined: Fri Jan 31, 2003 9:40 pm
- Location: The land of tenure (and diaper changes)
http://www.processlibrary.com/directory ... index.htmlSpaceman Spiff wrote:Dunno... I'm really lousy in getting along with stuff like that... seems ok to me... Though, I don't know the three entries in the red frames. Can anybody tell me what they are?
http://www.processlibrary.com/directory ... index.html
http://www.what-process.com/process-inf ... 3.exe&r=mw
I'd say... Google can tell you what they are, probably
The above are some of the top hits thereof.
-
- Elite Venturer
- Posts: 757
- Joined: Tue Jun 07, 2005 9:58 am
- Location: somewhere in the middle of nowhere, under a tree, facing the sun...
Very nice Jack, thanks a lot!
Strange, but to google is always the last thing on my mind...
Strange, but to google is always the last thing on my mind...
You are a newbie and need help? Check out the Wing Commander Universe and Privateer Remake Library Project
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
-
- Elite
- Posts: 7243
- Joined: Mon Apr 18, 2005 2:40 pm
- Location: LS87, Buenos Aires, República Argentina
-
- Elite
- Posts: 1832
- Joined: Sat Jan 15, 2005 10:21 pm
- Location: State of Denial
- Contact:
For a more automatic and targeted search you can also try a spyware cleaning program... I find that Spybot Search & Destroy is pretty effective, Ad-Aware is another nice one.
-
- Elite Venturer
- Posts: 757
- Joined: Tue Jun 07, 2005 9:58 am
- Location: somewhere in the middle of nowhere, under a tree, facing the sun...
I tried Spybot. It came up with seven cookies in IE, which I haven't used for decades...
Right after I shot Spybot down, there was the next Pop-Up...
And to proof, that I'm not the biggest fool in the known VS universe:
Right after I shot Spybot down, there was the next Pop-Up...
And to proof, that I'm not the biggest fool in the known VS universe:
You are a newbie and need help? Check out the Wing Commander Universe and Privateer Remake Library Project
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
-
- Lead Network Developer
- Posts: 2560
- Joined: Sun Jan 12, 2003 9:13 am
- Location: Palo Alto CA
- Contact:
First of all, some Firefox popups can be caused by Flash, which seems to bypass the Firefox popup blocker, since it is a plugin.
You should install Flashblock ( http://flashblock.mozdev.org/ ) which will make you have to click on ads, and then you can play flash objects by clicking on them. It helps get rid of a lot of annoying ads.
Also, about the registry, if you don't know what something is, delete it -- you should pretty much only have one program (or set of related programs) for each system tray icon you want, and nothing more.
You can get rid of Java updates, TkBellExe (that is annoying) RealPlayer updates, definately the ones in red, and delete any others that you don't want starting up on boot (my registry file only has two startup items in it).
Also, you should check in that same registry path, but instead in HKEY_CURRENT_USER instead of HKEY_LOCAL_MACHINE, which will have user-specific programs on startup.
Also, the "msconfig" program if you happen to have it installed can be useful.
Also, I have seen stuff embeded into explorer (as a shell "extension") -- that's really nasty as there is no indicator where it is coming from... then you have to rely on a database like AdAware to find it.
Another option is to remove internet explorer (You can't delete it, but you can deny Full Control access from the "Everyone" group in the permissions tab)
Then, most annoying spyware that calls Internet Explorer for popups won't be able to start it.
You should install Flashblock ( http://flashblock.mozdev.org/ ) which will make you have to click on ads, and then you can play flash objects by clicking on them. It helps get rid of a lot of annoying ads.
Also, about the registry, if you don't know what something is, delete it -- you should pretty much only have one program (or set of related programs) for each system tray icon you want, and nothing more.
You can get rid of Java updates, TkBellExe (that is annoying) RealPlayer updates, definately the ones in red, and delete any others that you don't want starting up on boot (my registry file only has two startup items in it).
Also, you should check in that same registry path, but instead in HKEY_CURRENT_USER instead of HKEY_LOCAL_MACHINE, which will have user-specific programs on startup.
Also, the "msconfig" program if you happen to have it installed can be useful.
Also, I have seen stuff embeded into explorer (as a shell "extension") -- that's really nasty as there is no indicator where it is coming from... then you have to rely on a database like AdAware to find it.
Another option is to remove internet explorer (You can't delete it, but you can deny Full Control access from the "Everyone" group in the permissions tab)
Then, most annoying spyware that calls Internet Explorer for popups won't be able to start it.
-
- Elite Venturer
- Posts: 757
- Joined: Tue Jun 07, 2005 9:58 am
- Location: somewhere in the middle of nowhere, under a tree, facing the sun...
You are a newbie and need help? Check out the Wing Commander Universe and Privateer Remake Library Project
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
---------------------------------------------------
What's mind? No matter... What's matter? Never Mind!
Insanity is just a state of mind!
That which does not kill us, makes us stranger.
-
- Elite
- Posts: 1832
- Joined: Sat Jan 15, 2005 10:21 pm
- Location: State of Denial
- Contact:
-
- Artisan Extraordinaire
- Posts: 1269
- Joined: Tue Mar 21, 2006 10:55 am
- Location: Philippines
I use spybot myself, and It's good. It flushed a lot of sewage in my PC the first time i used it. And it also stopped one virus that managed to escape detection by my norton and avg - BronTok. I managed to cheat it by changing it's start-up path to SpyBot's blindman.exe A very nifty freeware.
A Step Into Oblivion
Dreams of things that will never be,
Songs of thoughts only I can hear,
Leave me be to sleep forever,
To dream my dreams,
And sing my hymns,
Of things that will never be...
Dreams of things that will never be,
Songs of thoughts only I can hear,
Leave me be to sleep forever,
To dream my dreams,
And sing my hymns,
Of things that will never be...