Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Coupon Pop-ups


  • This topic is locked This topic is locked
7 replies to this topic

#1 mhoss49

mhoss49

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Breese, Il.
  • Local time:01:47 AM

Posted 13 June 2012 - 08:38 PM

pop-up coupon from Amazon is not blocked, why?
Naturally I have pop-up blocker functional but there is a new and really, really annoying "coupon" pop-up that is always on Amazon but also on other sites. Close the coupon window and it pops up every time I navigate to look at any product. It really is bad and vexingly doesn't even offer anything that the Amazon template doesn't already offer ("free shipping" above a certain expenditure on some items etc.). It has a distinctive green border and appears on other sites as well. How did they get around your software? How can I make this stop? I think they are from a company named Viscom Media
Thanks mhoss49

BC AdBot (Login to Remove)

 


#2 NpaMA

NpaMA

  • Members
  • 635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Memphis, TN
  • Local time:02:47 AM

Posted 13 June 2012 - 09:51 PM

Sounds like it could be an infection. Especially considering that its the same popup on multiple sites. Normally a pop up and ad blocker is enough to block advertisements.

Which browser are you using? Can you run a MiniToolBox and post the results?

Also, as far as I know, Amazon does not use pop ups of any kind.

#3 mhoss49

mhoss49
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Breese, Il.
  • Local time:01:47 AM

Posted 14 June 2012 - 05:22 PM

Thanks NpaMa
Laptop>Toshiba Satellite L505-56946
Connection>Wireless
Distance Router From PC>8feet
Make/Model Router>Cisco/Linksys E2500
Browser>Firefox......Not sure how to check Version...Installed year ago

MiniBox Data>

MiniToolBox by Farbar Version: 09-06-2012
Ran by Mike (administrator) on 14-06-2012 at 16:56:43
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-22-FA-E6-E1-32
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5da9:5da2:cdda:5e59%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.149(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 12, 2012 9:41:59 AM
Lease Expires . . . . . . . . . . : Friday, June 15, 2012 4:51:03 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 24.217.0.5
24.217.201.67
24.247.15.53
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-1E-33-C4-FC-DD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{22BD4165-94C0-43B9-9728-AD289441637B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E72FFA0C-E74E-4824-816C-A497892BB172}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:10e6:3710:3f57:fe6a(Preferred)
Link-local IPv6 Address . . . . . : fe80::10e6:3710:3f57:fe6a%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: vip01olvemo.stls.mo.charter.com
Address: 24.217.0.5

Name: google.com
Addresses: 2607:f8b0:4009:802::1008
74.125.225.9
74.125.225.1
74.125.225.4
74.125.225.6
74.125.225.14
74.125.225.5
74.125.225.3
74.125.225.8
74.125.225.2
74.125.225.0
74.125.225.7



Pinging google.com [74.125.225.5] with 32 bytes of data:

Reply from 74.125.225.5: bytes=32 time=18ms TTL=54

Reply from 74.125.225.5: bytes=32 time=19ms TTL=54



Ping statistics for 74.125.225.5:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 19ms, Average = 18ms

Server: vip01olvemo.stls.mo.charter.com
Address: 24.217.0.5

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=33ms TTL=54

Reply from 209.191.122.70: bytes=32 time=35ms TTL=54



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 33ms, Maximum = 35ms, Average = 34ms

Server: vip01olvemo.stls.mo.charter.com
Address: 24.217.0.5

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 22 fa e6 e1 32 ...... Intel® WiFi Link 5100 AGN
8 ...00 1e 33 c4 fc dd ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
11 ...00 00 00 00 00 00 00 e0 isatap.{22BD4165-94C0-43B9-9728-AD289441637B}
14 ...00 00 00 00 00 00 00 e0 isatap.{E72FFA0C-E74E-4824-816C-A497892BB172}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.149 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.149 281
192.168.1.149 255.255.255.255 On-link 192.168.1.149 281
192.168.1.255 255.255.255.255 On-link 192.168.1.149 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.149 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.149 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:5ef5:79fb:10e6:3710:3f57:fe6a/128
On-link
9 281 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::10e6:3710:3f57:fe6a/128
On-link
9 281 fe80::5da9:5da2:cdda:5e59/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
9 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/14/2012 07:21:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1528

Error: (06/14/2012 07:21:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1528

Error: (06/14/2012 07:21:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/13/2012 08:40:53 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 00:55:28 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe_HPSLPSVC, version 6.0.6001.18000, time stamp 0x47918b89, faulting module SBLSP.dll_unloaded, version 0.0.0.0, time stamp 0x4d932f7f, exception code 0xc0000005, fault offset 0x00d73110,
process id 0x840, application start time 0xsvchost.exe_HPSLPSVC0.

Error: (06/12/2012 09:43:59 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 09:43:55 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 09:42:56 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 09:42:55 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 09:42:54 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (06/14/2012 04:31:46 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:31:44 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:31:38 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:31:24 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:31:23 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:31:00 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:30:54 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:30:53 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 04:30:52 PM) (Source: DCOM) (User: Mike)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}laptopMikeS-1-5-21-2662626755-181333421-3790822946-1000LocalHost (Using LRPC)

Error: (06/14/2012 06:04:07 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E72FFA0C-E74E-4824-816C-A497892BB172} because another computer on the network has the same name. The server could not start.


Microsoft Office Sessions:
=========================

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 2939.24 MB
Available physical RAM: 1411.55 MB
Total Pagefile: 6098.77 MB
Available Pagefile: 4035.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.11 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:231.42 GB) (Free:160.59 GB) NTFS

========================= Users: ========================================

User accounts for \\LAPTOP

Administrator Guest Mike


**** End of log ****

Edited by mhoss49, 14 June 2012 - 05:36 PM.


#4 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 18 June 2012 - 01:16 AM

Is Block pop-up windows checked in your FF browser? http://support.mozilla.org/en-US/kb/pop-blocker-settings-exceptions-troubleshooting

Tekken
 


#5 mhoss49

mhoss49
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Breese, Il.
  • Local time:01:47 AM

Posted 18 June 2012 - 09:57 AM

Pop-up blocks are turned on. I updated Firefox and that seemed too help. The coupons do fade out after a while. I also noticed that only left half of 2 identical coupons is seen. The activation side is missing.I have run malwarebytes and ccleaner. I guess it is just more of a nuisance than anything.

#6 NpaMA

NpaMA

  • Members
  • 635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Memphis, TN
  • Local time:02:47 AM

Posted 18 June 2012 - 07:44 PM

I've done some research for "visicom media popup" and it appears "Visicom Media" is spyware/adware. I would recommend you post in the Am I Infected? forum. Provide a link to this topic in your post there.

If you Google, "Visicom media adware" you get alot of results for "KeenValue" and "Visicom Media" which appear to be atleast semi-connected.

Also, your MiniToolbox report looks OK.

#7 mhoss49

mhoss49
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Breese, Il.
  • Local time:01:47 AM

Posted 18 June 2012 - 09:12 PM

As NpaMa suggested I moved to Security....I'm I infected. Thanks.

#8 Platypus

Platypus

  • Global Moderator
  • 15,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:05:47 PM

Posted 19 June 2012 - 04:05 AM

Continued here:

http://www.bleepingcomputer.com/forums/topic457471.html
Top 5 things that never get done:

1.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users