Have you changed servers? My wife changed servers to one of those 9.99 a month deals . We soon found we would rather pay a little more and get alot less pop ups. I wasn't aware that the server made most of their money from adds. Kind of like the no call law. I paid for my phone, I paid to have it installed, I pay a monthly fee to keep it hooked up just so some credit card company can enterupte my diner.Go figure.
If you are running XP, there is a service running that allows them. However, the service just exposed the window into your computer that MS was nice enough to include.
You can prevent these pop-ups by installing a real firewall such as Zone Alarm. Turning off the service does nothing except prevent you from knowing they are hacking your computer.
The second kind is when you visit a web page. That is NOT what you have. However, you may also encounter these as you surf, so to prevent them you can use two products, both of which are very good.
Popup Stopper or the Google Toolbar. I used to use Popup Stopper, and it did a good job. Google is better, and I trust Google more than I trust an unknown company.
As of today there are no other types of popups. However, there is the possibility that you have a trojan horse on your system which could exibit behavior like you are seeing. Back Orifice is an example of a trojan horse. It allows the hacker to do things on your system that you are unable to do. Not something you want.
The only way to insure you are clean is to run a very good anti-virus program, and if you are infected, the anti-virus software can be compromised. If there is any question about this being true on your system, the only solution is to boot from a CD such as the one Norton ships, and then scan, then update, then re-scan, and finally reboot from your hard drive. Do NOT TRUST mcafee, as it does NOT catch a huge number of virii. I have scanned systems and networks where companies depended on mcafee, and in every case have found virii that they did not know they had.
By the way, I missed earlier discussions, so, this only happens while you're connected? You have thought about trying another browser (eg Opera or even any of the IE clones)? And when you removed the Favorite man files, you did boot to DOS and do them the old-fashioned way, that is using DOS to navigate to the file and delete it?
You re-installed the virus!, windows is the virus :) sorry,old joke!
>I uninstalled and reinstalled Explorer
DId you totally uninstall and reinstall windows or just part of it, or reinstall copies you have maybe on a zip disk or whatever?
While I agree format and reinstall is a drastic temp fix, if you can't fix the problem like NOW after all this, you really have no idea what this might be, it could be a trojan backdoor thing monitoring your every keystroke, passwords, banking activities if you use a web bank access, and on-line activities.
In this case I would format the drive and reinstall just the default windows from your CD or whatever you have that you know can't possibly be contaminated, don't reinstall after-market software or stuff you might have saved on floppies, second drive or CD's you burned, for a little bit.
Then see how it goes a couple or three days maybe? THEN reinstall some of your after-market software if any.
I kind of feel you are reinstalling something that is contaminated with the problem, it might be your outlook express with it's in-mailbox you are saving, a game, maybe a nifty free calculator or word processing software, or an email in your email box on your server /ISP thatis being re-downloaded after reinstalling your email software, in that case make sure your email software is set to DELETE mail on the server after download and not leave it up there.
That's about all I can think of.
Someof this chit is getting more sophisticated, I got an email last week and again this week, and this one pissed me off and I reported it as spam, but tonight with the second one I went back to the web site and noticed it's on AOL and is an identical copy of the page at 1800flowers.com
The fake one on AOL asks for your screen name and PASSWORD, I typedin the spammer's AOL screen name :)
I entered a random word for the password and clicked submit, and gee,the real 1800flowers.com page came up- noticed the address change in the URL bar from members.aol.com to www.1800flowers.com/
Same chit going on with Ebay, I got two mails that were dead ringers for Ebay customer service asking toverify my info, well like a good sport I went to the page and entered a whole bunch oif random chit and clicked send about 40 times :)
It was pretty obviously a scam, it asked for user, password, checking acct # with the ATM card and PASSWORD for the ATM card!!! Asked for birthdate, SS#, mother's maiden name, driver's license #, address, phone and more besides all that, but how can anyone fall for THAT??
In a message dated 10/5/03 3:49:16 PM, LckyNic writes:
<< Dear AOL Member,There has been a purchase added to your AOL account on October 5th, 2003. This purchase took place at 1-800-Flowers.com. If this order was unauthorized and you would like to cancel, please Click Here. http://members.aol.com/ SNIP
Below is listed information about your order:Product - Love's Embrace Roses
32 dozen long stem red roses
Price - $29.99
Shipment Type - 3-5 Day Ground
Shipping and Handling - $7.99
Total Price - $37.98
Marc: I would agree with Randall concerning a format. Part of the windows installation procedure attempts to optimize the input/output (I/O) operation by not re-copying or reinstalling some modules if it has to. If it is an upgrade version instead of a complete reinstallation into an empty disk, then the upgrade sometimes checks to see what you have in a particular directory on the installation process and if it can avoid re-doing a module copy, it will. For example; an upgrade into an existing copy on disk will not necessarily refresh all the modules for the mouse for example. It makes sure the directory is there, but does not completely refresh its content.
I usually partition my disks and put all my user data saved on a separate partition and keep all my install disks and ducomentation handy. I also keep al my downloaded files on CD's, so that they can be reinstated easily too.
The occasional format keeps the process clean and in mind and this is done every 9-12 months as a matter of habit. Helps performance and cleans up the hard drive too.
You may have already tried this or something like it. If not, this is a small download (93KB). Extract the ZIP file contents to the location of your choice. There is no install program--just start PrcView.exe and look at the processes that are running on your PC.
Next, you find one of the processes that are running that you don't understand and then you open your browser, go to google, and do a search on, for example, ctfmon.exe, and find out it is a useless but safe Windows XP process.
In PrcView, look at the bottom of the Process Menu. It says "kill" which means "stop the process". Go ahead and "kill" ctfmon.exe. You will get a warning. For this process you can safely ignore the warning. But, as a general warning, I wouldn't go killing processes while I was working on some critical info in another window.
See if you can 'kill' something and stop your pop-ups -- they may come back and if so, you go back to prcviewer and see what's running. Once you get some ideas, then it's off to google.