Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet popups and Adware


  • Please log in to reply
10 replies to this topic

#1 kyle25

kyle25

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 02 December 2012 - 01:05 PM

I am using windows 7 home premium and use CCCleaner and SUPERAntiSpyware. SUPERAntiSpyware always finds like 100 to 200 files to remove when i run it, and CCCleaner always finds like 250 to 500 MB of crap to get rid of when i run it(I run these usually in the morning after i have used my computer the previous day, but i always run both those atleast once a day). My question is why are these programs finding soo much stuff and how can i configure my internet to not save all these files. Also, I am constantly getting popups on websites that i was not getting them on before. I'm guessing this is some setting i changed, but i don't know which one it was or what to set to stop all these popups. Is there a free adware blocker or a specific setting i can set that won't mess up my web browsing but will stop all the popups and files saving to to the computer.

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,501 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:45 PM

Posted 02 December 2012 - 01:46 PM

Here is a link with instructions for blocking the third party ad/ tracking cookies that Super Antispyware is
finding and removing. Disable third-party cookies in IE, Firefox, and Google Chrome | How To - CNET
Once you have blocked the third party cookies you will need to run SAS one more time
to remove those already installed on your computer.

Ccleaner is not a security program. It only removes temporary files, log files in the programs and system that you
tell it to. It also removes cookies if you tell it to.

Firefox browser has the best addons for blocking unwanted ads and prevent driveby downloads of malware.
The two addons are NoScript and Adblock Plus.

If you still continue to get popup ads after blocking the cookies, let us know and we will instruct you on how to find
the adware and remove the culprits causing the popups.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:45 AM

Posted 02 December 2012 - 04:42 PM

Hi -
Just to add to the post from buddy215 ;

Can you list your usual internet browser (Firefox / Internet Explorer9 / Chrome / Opera / Safari ETC.)

Also please list your Antivirus and Firewall Programs -

Thank You -

#4 kyle25

kyle25
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 03 December 2012 - 04:39 PM

Thanks for the help,

I mostly use Google Chrome because it has been the most reliable for streaming on twitch.tv, which is a gaming website you can watch people play on, and youtube videos. I followed the steps buddy linked and then used SAS again to clean the computer of all the spyware. I have never used firefox but maybe i'll give it a try if it has the best security. For virus protection i use Microsoft Security Essentials and Malewarebytes Anti-maleware. I don't think my computer has a firewall unless it comes with one, but i have not installed one myself.

When i ran SUPERAntiSpyware after turning of the cookies, it found 297 items. I'm going to run CCCleaner after i'm done with this and restart.

#5 buddy215

buddy215

  • Moderator
  • 13,501 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:45 PM

Posted 03 December 2012 - 05:02 PM

Super Antispyware saves a log file that you can copy and post here.
Rather than me just assuming it is cookies, better to have a look.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 PM

Posted 03 December 2012 - 08:52 PM

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 kyle25

kyle25
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 09 December 2012 - 03:28 PM

Here's the log from the SUPERAntivirus

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/09/2012 at 03:25 PM

Application Version : 5.6.1014

Core Rules Database Version : 9707
Trace Rules Database Version: 7519

Scan type : Quick Scan
Total Scan Time : 00:04:22

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 773
Memory threats detected : 0
Registry items scanned : 60805
Registry threats detected : 0
File items scanned : 10990
File threats detected : 50

Adware.Tracking Cookie
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\YEJZSRG6.txt [ /at.atwola.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\FCPNYLG1.txt [ /tacoda.at.atwola.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\3J258ME4.txt [ /fastclick.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\J07XK4HX.txt [ /server.cpmstar.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\KRDO1V2B.txt [ /media6degrees.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\SH3OQS72.txt [ /ad.mlnadvertising.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\X32PZWM8.txt [ /atdmt.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\U4DTPXPO.txt [ /collective-media.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\61NHBYCI.txt [ /tribalfusion.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\R9RQ9JJ4.txt [ /ad.360yield.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\GMSCE9ZE.txt [ /serving-sys.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\L0LV4HP3.txt [ /advertising.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\6R0QV887.txt [ /apmebf.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\ATUC4G1S.txt [ /pro-market.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\YZ173RYK.txt [ /bs.serving-sys.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\96Q1YJAH.txt [ /mediaplex.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\X3CNCBL0.txt [ /doubleclick.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\HR7LT6NJ.txt [ /adtechus.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\N8ADBOV8.txt [ /imrworldwide.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\89U71U60.txt [ /ads.p161.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\XQ3ISBST.txt [ /adlegend.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\1108XADG.txt [ /ads.pubmatic.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\DXV3RS34.txt [ /adbrite.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\BUEH8JYT.txt [ /ad.yieldmanager.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\0T9QMUP1.txt [ /casalemedia.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\BLTY0T27.txt [ /ads.creative-serving.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\UZN72O0N.txt [ /revsci.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\SYU28NUJ.txt [ /a.intentmedia.net ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\7VXRX1NU.txt [ /invitemedia.com ]
C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Cookies\864MF29R.txt [ /ru4.com ]
C:\USERS\KYLE\Cookies\FCPNYLG1.txt [ Cookie:kyle@tacoda.at.atwola.com/ ]
C:\USERS\KYLE\Cookies\3J258ME4.txt [ Cookie:kyle@fastclick.net/ ]
C:\USERS\KYLE\Cookies\J07XK4HX.txt [ Cookie:kyle@server.cpmstar.com/ ]
C:\USERS\KYLE\Cookies\KRDO1V2B.txt [ Cookie:kyle@media6degrees.com/ ]
C:\USERS\KYLE\Cookies\SH3OQS72.txt [ Cookie:kyle@ad.mlnadvertising.com/ ]
C:\USERS\KYLE\Cookies\X32PZWM8.txt [ Cookie:kyle@atdmt.com/ ]
C:\USERS\KYLE\Cookies\61NHBYCI.txt [ Cookie:kyle@tribalfusion.com/ ]
C:\USERS\KYLE\Cookies\GMSCE9ZE.txt [ Cookie:kyle@serving-sys.com/ ]
C:\USERS\KYLE\Cookies\L0LV4HP3.txt [ Cookie:kyle@advertising.com/ ]
C:\USERS\KYLE\Cookies\6R0QV887.txt [ Cookie:kyle@apmebf.com/ ]
C:\USERS\KYLE\Cookies\YZ173RYK.txt [ Cookie:kyle@bs.serving-sys.com/ ]
C:\USERS\KYLE\Cookies\X3CNCBL0.txt [ Cookie:kyle@doubleclick.net/ ]
C:\USERS\KYLE\Cookies\HR7LT6NJ.txt [ Cookie:kyle@adtechus.com/ ]
C:\USERS\KYLE\Cookies\N8ADBOV8.txt [ Cookie:kyle@imrworldwide.com/cgi-bin ]
C:\USERS\KYLE\Cookies\XQ3ISBST.txt [ Cookie:kyle@adlegend.com/ ]
C:\USERS\KYLE\Cookies\DXV3RS34.txt [ Cookie:kyle@adbrite.com/ ]
C:\USERS\KYLE\Cookies\UZN72O0N.txt [ Cookie:kyle@revsci.net/ ]
C:\USERS\KYLE\Cookies\SYU28NUJ.txt [ Cookie:kyle@a.intentmedia.net/ ]
C:\USERS\KYLE\Cookies\864MF29R.txt [ Cookie:kyle@ru4.com/ ]
adserver.mmo-champion.com [ C:\USERS\KYLE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 PM

Posted 09 December 2012 - 07:32 PM

May I suggest you also run...

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


And Junkware Removal Tool
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 buddy215

buddy215

  • Moderator
  • 13,501 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:45 PM

Posted 09 December 2012 - 10:16 PM

If that log was made after you blocked the ad/ tracking/ third party cookies in IE then....great.
If you have not followed the directions for doing that then....here are the instructions given in the link I posted for blocking those cookies in IE.
open IE> click Tools > Internet Options > Privacy > Advanced. Select Block under Third-party Cookies and click OK twice.
Then run SAS again to remove the cookies presently installed on your computer.

Posted Image
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 kyle25

kyle25
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 10 December 2012 - 03:35 PM

Thanks for all the help!

I had only changed the Google Chrome settings before because i use that most of the time, but i followed the instructions in the post above and changed the settings for IE as well. I downloaded and ran both of the programs suggested in the other post too, Here are the logs.

# AdwCleaner v2.100 - Logfile created 12/10/2012 at 15:08:21
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : kyle - KYLE-PC
# Boot Mode : Normal
# Running from : C:\Users\kyle\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\kyle\AppData\LocalLow\MyWebSearch

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Users\kyle\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [851 octets] - [10/12/2012 15:08:21]

########## EOF - C:\AdwCleaner[S2].txt - [910 octets] ##########






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.0.4 (12.09.2012:4)
OS: Windows 7 Home Premium x64
Ran by kyle on Mon 12/10/2012 at 15:11:45.97
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\kyle\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\kyle\appdata\local\dealcabby"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\speedmaxpc"



~~~ Chrome

Failed to delete: [Folder] C:\Users\kyle\appdata\local\Google\Chrome\User Data\Default\Extensions\lenicmgjbmpgagkhghjmkikfoljdcbhi



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/10/2012 at 15:20:56.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#11 buddy215

buddy215

  • Moderator
  • 13,501 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:45 PM

Posted 10 December 2012 - 04:31 PM

According to those two scans you had some nasty adware at one time. Possibly SAS removed most
and left some bits.

One item in Chrome was unable to uninstall. Did either of those two programs ask you to reboot when finished?.....did you?

Suggest you edit your search engines in Chrome. Remove any you don't recognize or need.
Instructions for doing that: Manage search engines - Google Chrome Help

You can check Chrome extensions, too. Remove any that you don't recognize or need.

EDIT: you should go here Adobe - Flash Player : Settings Manager - Global Privacy Settings Panel
and click on each of the tabs select to delete cookies, block storage and any other setting changes you want to make.

Adware is most often downloaded with free apps/ programs these days. It is very common. Be sure to watch closely when
installing new free stuff to see if any are mentioned and uncheck when offered.

Edited by buddy215, 10 December 2012 - 04:46 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users