Tech Support banner

Status
Not open for further replies.
1 - 11 of 11 Posts

·
Registered
Joined
·
4 Posts
Discussion Starter #1
My daughter-in-law is getting a a weird pop-up ad on her computer when she logs onto the internet. When it pops up it is an official looking message that is labeled "401 EVP WARNING" and goes on to say that your activity is being monitored and wants you to buy a program to stop it. It also has a lot of pornographic words in the message. If you close the pop-up window it locks up the browser window and you have to disconnect from the internet to continue.

I have tried anti-virus scans, Ad-Aware, SpyBot all with the latest additions. I have tried removing all internet temp files and cookies and it still returns. She has the latest Pop Up Stopper from Lavasoft and it doesn't stop it. I'm stumped!

The system is running Windows Me and Microsoft IE. I was going to try a different browser but haven't done that yet.

Anyone else run into this???


__________________
Equiner
 

·
Registered
Joined
·
5,955 Posts
I knew that I had seen this problem before, and I did some homework. Doesn't look like any one thing clearly solved the problem.

1st, it appears likely that this is one of those Microsoft Messenger problems, and messenger needs to be turned off. Actually, a lot of default setting in MS Products are troublesome. Rather than trying to explain this, I will refer you to Steve Gibson's site; he is a well-respected resource, and will help you make corrections without having to search your computer for the right "switches".

http://grc.com/default.htm

Since you are running latest versions of Adaware and Spybot, I sustpect that there might be a Browser Hijacker that these cannot find. I would recommend that you download Hijack This, a program that creates a log of your active processes and key registry items, and will repair as requested. The site I will give you will provide more information. If you download it, close all browser windows and ask it to scan. Copy the log and paste it here. Please don't try to fix anything. We can take a look at your log and, perhaps, make some good suggestions.

http://www.tomcoyote.org/hjt/
 

·
Registered
Joined
·
2 Posts
It is just a sneaky ad scheme to scare you! It popped up on my PC today. I started looking at it and noticed that the file was located in the system32 directory on my own PC. Somehow the file was downloaded to your PC and set as the home page for IE. You can go delete the file and change your home page & your set!

BTW

The list of provocative words is nothing more than randomly selected words from a predefined array. They don't realy exist in your 'System Files'
 

·
Registered
Joined
·
1 Posts
?

this happened to me as well - and i deleted the file from the system32 folder. is this all i have to do?

is there any validity to the claims made on this page? or is it just a sick way to try to push their product?

thanks for your help!
 

·
Registered
Joined
·
2 Posts
Deleting the file should be all that you need to do for now. However, the fact that this file can be put into the system32 directory in the first place is a little scary!! I don't know what to do about that though.
 

·
Registered
Joined
·
4 Posts
Discussion Starter #8
Thanks for all your ideas. This was an Internet Explorer Home Page Hijack. I deleted the line in Windos/System32 and put the desired homepage back in and it seems fine now.

Also, I installed Zone Alarm.

Thanks again.:winkgrin: :winkgrin:
 

·
Registered
Joined
·
51 Posts
Adaware

I use Adaware and it is great, I run it everytime I startup and it removes all the crap that was put on the machine when I was using it the day before.

Down with Ads and POPups that what I say.
 

·
Registered
Joined
·
4 Posts
Discussion Starter #10
I agree! I run AdAware a couple of times a week plus Spybot.

They always come up with some crap!

Thanks
 

·
Registered
Joined
·
5,955 Posts
Folks, the best defense is a good offense. Check our both Spyware Balster and Spyware Guard from the list below. Since I started running thse, the amount of poopware that SB and AA come up with is, some weeks, zero!

jgvernonco’s
recommended
security
software

Zonealarm Firewall (free edition) Zone Labs:

http://www.zonelabs.com/store/conte...reeDownload.jsp

Free antivirus software

http://www.avast.com/i_idt_153.html


Spyware blocking programs (free):

Spyware Blaster and Spyware Guard (the link will take you to the Blaster page. The menu bar at the top will take you to the Guard page. These two programs, written by the same developer, work hand-in-hand to protect you from invasions).

http://www.javacoolsoftware.com/spywareblaster.html


Spyware Killers (free)!

Spybot Search & Destroy

http://download.com.com/3000-2144-1...&tag=button

Adaware
Ad-aware - Software - Lavasoft

http://www.lavasoftusa.com/software/adaware/

I run both of these, as they occasionally find something that the other did not.

Additionally, Microsoft has made some poor choices about default settings in the OSs, resulting in multiple security weaknesses. Gibson Research has a number of little programs that will help you close security holes without having to edit your registry, wander My Computer, etc., just to get secure. I highly recommend this resource.

Gibson Research Corporation Home Page

http://grc.com/default.htm

The secret to running these programs is to update at least weekly! Update Adaware and Spybot before you run a scan every time. Don’t forget to update Blaster and Guard when you are doing your maintenance. Make sure the antivirus software us up-to-date. Put a note on your computer reminding you to do it!

Last, but not least, if you are a Microsoft user, update, update, update! Put it on your list! The only Trojan that ever made it through my security did not take me down because I was current on my security patches, which limited what the Trojan could do. (It was still a big pain, though). Most of you will have a Windows Update selection when you click “start”, but if you do not, here’s a link:

Microsoft Windows Update

http://v4.windowsupdate.microsoft.com/en/default.asp

Stay safe! Enjoy the WWW!
 
1 - 11 of 11 Posts
Status
Not open for further replies.
Top