I am constantly dealing with popups! I get two or three a minute! I run "spybot" search weekly. I run "pop up blocker professional" and use FireFox. What else can I do? I dont use any anti virus or firewall software b/c I dont know what to get. Is there any free virus software I should get? Anything else that could help? thanks in advance

Welcome to Speedguide JCosper :), please do the following:

Prior to doing anything XP users MUST disable System Restore!!! You can re enable it after you are clean.

1. Download, install and run CrapCleaner (http://www.ccleaner.com) to remove any temporary and junk files.

2. Download Ad-Aware SE 1.06 (http://www.majorgeeks.com/download506.html) and set it up as shown HERE (http://broadbandnuts.com/drtweak/index.php?board=4;action=display;threadid=40).

3. Download SpyBot Search & Destroy 1.4 (http://www.safer-networking.org/index.php?page=download) and set it up as shown HERE (http://broadbandnuts.com/drtweak/index.php?board=4;action=display;threadid=41).

4. Download and run CWShredder 2.15 (http://www.trendmicro.com/cwshredder).

5. Download, update and scan with Spy Sweeper 4.5 (http://www.webroot.com/wb/products/spysweeper/index.php), there is a FREE 30-day trial and it is an EXCELLENT product. There is no need to use it's real-time protection, so uncheck all of those options.

6. Download Ewido Security Suite 3.5 (http://www.ewido.net/en/download) and set it up as shown HERE (http://broadbandnuts.com/drtweak/index.php?board=4;action=display;threadid=126).

7. Unless you are already using Kaspersky Antivirus do a FREE online virus scan from Kaspersky Online Scanner (http://www.kaspersky.com/service?chapter=161739400), make sure to check the option to use the EXTENDED DATABASE option listed under "Scanning Options".

8. It it also a good idea to run the Winsock Fix (http://www.snapfiles.com/get/winsockxpfix.html) to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)

9. If after doing ALL of the above and you are still having problems please scan with HijackThis 1.99.1 (http://www.majorgeeks.com/download3155.html) as shown HERE (http://broadbandnuts.com/drtweak/index.php?board=4;action=display;threadid=58) and post a log here in this forum for us to look at.

10. Download SpywareBlaster 3.4 (http://www.javacoolsoftware.com/spywareblaster.html) and set it up as shown HERE (http://broadbandnuts.com/drtweak/index.php?board=4;action=display;threadid=42) to help stay spyware free.

11. Make sure you have ALL of the latest Windows Updates (only install SP2 for XP once you are spyware FREE).


As for what antivirus and firewall, I HIGHLY recommend Kaspersky Personal 5 (http://www.kasperskyusa.com/promotions/trialsregHOME.php?aw=ipcountry%3DUS&ref=&chapter=146481750) and set it exactly as I show HERE (http://broadbandnuts.com/drtweak/index.php?board=4;action=display;threadid=103) and Kerio Personal Firewall 2.1.5 (http://www.321download.com/LastFreeware/page7.html#Kerio%20Personal%20Firewall) which is FREE.

:) :thumb:

Wow.. great, thanks a lot. Hopefully this will help!

That crap cleaner took 224 mb of stuff from the machine!

Well.. the comp seems to run a lot better, the net is faster, it starts up faster etc.. BUT.. still have this gosh darn pop ups. A LOT less of them.. but still have a few show up if I leave the comp for a few hrs. I ran that program and this is what it said:

O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PicShow Class - {4487598C-2EC7-43A2-870E-6D8D720FDD9F} - C:\WINDOWS\system32\pkshnvlg.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: yyyy - {573E8D87-26A8-4FC3-8C89-2792E39F22C8} - (no file)
O2 - BHO: TalMgr Class - {70230839-555C-4862-8D42-BB1E2352502C} - C:\WINDOWS\system32\italbyab.dll (file missing)
O2 - BHO: JustForMonkeys.Bananas - {7977A6ED-C4BD-490E-8C58-AA0849CA03A4} - C:\WINDOWS\system32\{7977A6ED-C4BD-490E-8C58-AA0849CA03A4}.dll
O2 - BHO: cnt Class - {E10959A2-8862-4582-973A-05BDAF4E0FE9} - C:\WINDOWS\system32\ctcnt1.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [feugxvk] C:\WINDOWS\system32\lbiv\feugxvk.exe
O4 - HKLM\..\Run: [icpkpwst] C:\WINDOWS\system32\snhm\icpkpwst.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [18161A19181F1D2] EEECF0EFEEF5F.exe
O4 - HKLM\..\Run: [xnkqsrc] C:\WINDOWS\xnkqsrc.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [FCEngine] "C:\Program Files\FCEngine\FCEngine.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm117YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O18 - Filter: text/html - {8293D547-38DD-4325-B35A-F1817EDFA5FC} - (no file)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: feugxvklbiv - Unknown owner - C:\WINDOWS\system32\lbiv\feugxvk.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\raoxpxr.exe (file missing)

Have HijackThis fix the following. And I can't tell you enough how important it is for you to install the trial of Kaspersky Personal 5 and set it up as I pointed out above and do a full system scan.

O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll (file missing)
O2 - BHO: PicShow Class - {4487598C-2EC7-43A2-870E-6D8D720FDD9F} - C:\WINDOWS\system32\pkshnvlg.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: yyyy - {573E8D87-26A8-4FC3-8C89-2792E39F22C8} - (no file)
O2 - BHO: TalMgr Class - {70230839-555C-4862-8D42-BB1E2352502C} - C:\WINDOWS\system32\italbyab.dll (file missing)
O2 - BHO: JustForMonkeys.Bananas - {7977A6ED-C4BD-490E-8C58-AA0849CA03A4} - C:\WINDOWS\system32\{7977A6ED-C4BD-490E-8C58-AA0849CA03A4}.dll
O2 - BHO: cnt Class - {E10959A2-8862-4582-973A-05BDAF4E0FE9} - C:\WINDOWS\system32\ctcnt1.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [feugxvk] C:\WINDOWS\system32\lbiv\feugxvk.exe
O4 - HKLM\..\Run: [icpkpwst] C:\WINDOWS\system32\snhm\icpkpwst.exe
O4 - HKLM\..\Run: [18161A19181F1D2] EEECF0EFEEF5F.exe
O4 - HKLM\..\Run: [xnkqsrc] C:\WINDOWS\xnkqsrc.exe
O4 - HKCU\..\Run: [FCEngine] "C:\Program Files\FCEngine\FCEngine.exe"
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusear...?p=ZNxdm117YYUSO
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/...can_unicode.cab
O18 - Filter: text/html - {8293D547-38DD-4325-B35A-F1817EDFA5FC} - (no file)
O23 - Service: feugxvklbiv - Unknown owner - C:\WINDOWS\system32\lbiv\feugxvk.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\raoxpxr.exe (file missing)

:D :2cool:

Looking good so far... thanks agian for the help.

Glad to help, something else you might look into is using Trillian (http://www.trillian.cc) for your instant messenger program instead of AIM, ICQ and MSN. Trillian allows you to communicate with all of those in one program.

:)

Sygate Personal free firewall is the best

and Avast free Anti-virus too