Pop-Up Ads

[sdimbert]

One last thing:

When I ran AdAware, it told me that it could not delete WINDOWS\SYSTEM\COMET.DLL. Should I do that on my own, or just leave the file there?

[sdimbert]

[Dominique Dunne]
They’re heeeeeeeeere…
[/Dominique Dunne]

They’re back, actually. I’ve run AdAware, yet the pop-up ads from winfreestuff.com are still popping. :mad:

Anyone have any other ideas or suggestions?

[cmkeller]

Here’s how you check your registry:

Press the “Start” menu, and then select “Run.”

In the box, type “regedit” and hit “OK”.

This will bring up an explorer-like window, with a folder view on the left and a list of values (if that folder is not empty) on the right. (subfolders are not listed on the right, unlike Explorer)

Open the folders to get to one that, in folder heirarchy, is named:

HKEY_LOCAL_MACHINE - Software - Microsoft - Windows - CurrentVersion - Run. (Depending on your Windows version, “My Computer” might be higher up than HKEY_LOCAL_MACHINE")

Once you’ve clicked on “Run”, the right-hand side will show you the names of all applications that run as soon as you start your computer. If any of those names seems unfamiliar or suspicious to you, that might indeed be the offending program.

Chaim Mattis Keller

[elfkin477]

*Originally posted by sdimbert *
**mrblue92, I think you misunderstood my question. So, I’ll give more information. I am using IE 5.50.something and the ads are not coming from my ISP.

I don’t even think that the ads are spawning from a website I visit, since my browser is closed when they appear - they pop-up at random. While I was writing that last sentence, an ad fro a 0% apr “get smart” Visa card appeared!

Can anyone help me? Please?? **

This is a long shot, but do you use the program Morphus? It generates an ad for credit cards once in a while all by itself, even when one isn’t using IE. Other programs might do something similar, too, I guess.

[CnoteChris]

*Originally posted by cmkeller *
HKEY_LOCAL_MACHINE - Software - Microsoft - Windows - CurrentVersion - Run. (Depending on your Windows version, “My Computer” might be higher up than HKEY_LOCAL_MACHINE")

Uh, I think something got edited out up there, cmkeller. Maybe the part right after the windows command?

CurrentVersion isn’t an option in that window on my machine (Win 98).

*And while I’m all for someone going in and doing stuff in the registry (It isn’t as scary as MS makes it sound), I’m still a bit hesitant to tell sd to start deleting unfamiliar keys- especially since you just told him how to get there.

The only reason I mention that part is not because I think sd can’t handle it, only that a large number of seemingly innocuous keys are, in fact, vital to windows operation.

I think a far easier and more idiot proof method for getting to what your after is going at it from the ‘msconfig’ angle.

That is, in the run window type ‘msconfig’. Once the control type panel comes up, click on the start-up tab. Start rooting around in there for things that “Don’t quite look right”. Click the check mark to have that item not load the next time you start your computer. Keep fiddling around with that tab, and the other tabs in that window, and see what happens.

On preview I should also add that if you do have Morpheus on your system, it’s a good idea to uncheck that item in the control panel I just talked about. It’s not worth having that program load on the start-up.

[CnoteChris]

My apologies, cmkeller.

I was mistaken in my above post. That heading does exist, and I was in error when I thought it didn’t.

It’s there. There’s nothing in it, but it’s there.

[sdimbert]

Newest Update:

I’ve run AdAware several times today and it has located nothing except Cookies.

BUT, the Pop-Up Ads continue.

I am investigating each of the companies named in the Cookies I’ve found - most of them have ad-related names like admonitor.com, adace.com and 180solutions.com.

I’ve sent each an email, received one back already and am getting ready to harass whoever is named as Admin Contact in the domain’s Whois Record.

Can anyone suggest anything else?

[Alphagene]

I use Pow!

When you run the program, it sits in your system tray thingie in the right hand corner. Whenever you get a pop-up add, you click on the Pow! icon.

This brings up a list of open windows. Select the one that is the annoying pop-up and it adds it to a list. the next time the pop-up add tries to pop up, Pow will recognize it and close it immediately.

You can save the list of annoying ads and IIRC, import lists of ads from other sources.

The down side is you have to build up a list of pop-ups as they, well, pop up, it’s not pre-programmed with a list. But this makes the pop-up killing process more specific. And over time, you’ll see fewer and fewer pop-ups.

[London_Calling]

If you’re not especially 'puter savvy, I can only repeat my earlier post (No 13-ish in the thread): Use Zone Alarm to discover what’s trying to connect to the web from your hard drive (part of another software application or free standing) - Zone Alarm will pop up with requests for access to the web from your machine - and, maybe, also try a Trojan programme.

Once something requests access, you have its name - after that; ‘search and destroy’

[sdimbert]

Alphagene,

This sounds a lot like something that IE can do on it’s own. Under Tools | Internet Options | Security | Restricted Sites, you can add domains that you don’t want to let in.

In other words, if I know (by looking at the contents of my Cookie Folder) that I’m getting unwanted traffic from admonitor.com, I just add that domain to the list. IE will then not allow traffic from that domain into my browser.

I’ve done that, and I’ve set IE to prompt me on Cookie acceptance. Boy is that an eye-opener!

Since taking those two steps, I haven’t seen a single Pop-Up.

So, until something else happens, things seem to be okey-dokey. Thanks, everyone, for your help.

[sdimbert]

:):D:):D:):D:):D:):D:):D:):D:)

My faith in human nature in general has been restored.

Earlier today, I sent angry emails to all of the companies named in the new Cookies on my PC. One company, 180solutions.com responded. They called me (on the phone!) and explained that they own a piece of software that they sell to software companies. The software company then bundles the offensive little nugget with their program and makes it available for download.

The little bugger hides on your PC and calls to admonitor.net to serve you Pop-Ups.

He told me how to get rid of it, too! Just head over to Add/Remove Programs in your Control Panel and Remove a program called “N-Case.”

That’s it. You’re done. Or, at least, I was.

I’m still going to check things periodically with Ad Aware and I am still going to pay more attention to stuff like this… but I am much, much happier.

As long as we’re talking about it, I went back into the Setup Program for the Application that put N-Case on my system to begin with and actually read it.

Man-o-man… have you ever read one of these things? Most of it can be found here in 180solution’s Privacy Policy. But, for the learning experience, check out some of what it says:

**

End User License Agreement file for XXX

[…]

NOTE: If you don’t like the adware included you can always uninstall the program.
**

I guess I should read things more carefully, though 3 days ago, I had no idea what “adware” was.

**

IMPORTANT

…with this application you will also install n-CASE by 180solutions. If you don’t like n-CASE you can uninstall the program by opening your Control Panel, start Add/Remove Programs, select the line where it says n-CASE then press the Install/Unintall button. If you uninstall n-CASE XXX will no longer work. For more information read below.
**

Here they tell me what the offensive application was. Of course, they don’t tell you what it does until later.

**

Privacy Policy 180Solutions

By downloading our software, you are consenting to the information collection, use and disclosure practices described in this policy as modified by us from time to time…**

Note that I did not, voluntarily, download their software - it came bundled. And, I did not have the opportunity to refuse it without disabling the software it came bundled with.

**

The 180Solutions private labeled 180Window provides a connection between the end user “You” and advertisers.**

I can tell you that I was subjected to this “180Window” for three days. It was not labelled as such. As a matter of fact, it gave no clue to its origins at all - it simply spawned. The title in the Title Bar was “Microsoft Internet Explorer!”

**

Tracking

When you run the 180Solutions 180Window, the software generates logs of your surfing activity, including web pages you have visited and the order in which you visited these pages.
**

This part made me a little uncomfortable. But read on… it gets really scary in the next part:

**

Desktop Programs

In order to prevent fraud, 180Solutions monitors which programs are running on your computer at the same time you run the 180Solutions software.
**

WTF?!?! “To prevent fraud”? What kind of a crock is that? Doesn’t anyone else find this disturbing?

I really don’t mean this to be a rant or Debate… I’m trying to share what was surprising news to me.

Anyone have any comments?

[teela_brown]

sdimbert, thank you for this thread. A few days ago, Mr. Pug asked me to start a thread asking exactly what you ask. Your thread already existed, so I showed it to him, and he immediately got to work to de-pop-up our computer. He has had some success; your last post, I believe, was particularly helpful.

However, as of this morning, I DO want this subject to be a rant. I heard an article on NPR all about this very subject, and I’m still pissed. I’m taking this to the Pit, and I hope I can write coherently about it, because I’m not a computer-competent person. Please check in over there to add your technical know-how, if you have the time.