P
P. Jayant
I have a peculiar pop-up messages problem: peculiar because the pop-ups are
not ads but Windows XP generated boxes saying “you or a program have
requested information from” followed by one of the following addresses which
keep coming by rotation. Probably, there are some others in the kitty of a
spy-program hiding somewhere which I have not trapped visually. The
cyclically r-appearing addresses are:
www.budweiser1.servebeer.com
www.fu2.deejay-fuzion.net.nz
www.pwned.ph33r.info
www.rit.edu and
irc.bogde.info
These pop-ups start as soon as Windows XP is started even before the PC is
on-line to my ISP or a program like Ineternet Explorer is opened.
I can stop the popping up by asking Windows not to show me the message until
next log-in but I can hear the audio beep signal in the background which I
have configured to be heard every time a new program is opened. Besides,
once the pop-ups start and I am connected to my ISP, without opening any
web-page, the spyware is hogging the outgoing kilobits capacity as can be
seen from the modem’s send blinking light.
I have been monitoring pop-up ads using AdAware 6.0 and also using the
Search and Destroy program for detecting and removing spyware. They do
detect suspicious programs and I do delete them but they have not been able
to find the program which seems to have these embedded web addresses. I am
regularly deleting all temporary Internet files and have asked I. E. 6 to
delete all cookies Windows Explorer has not been able to tell me any
location where these addresses are strored.
I also have a program named Process Explorer which can list the active
processes at any time but I do not know how to detect the culprits using
this software.
Could anyone suggest the method of detecting the source of these pop-ups and
destroying the spy software?
P. Jayant
not ads but Windows XP generated boxes saying “you or a program have
requested information from” followed by one of the following addresses which
keep coming by rotation. Probably, there are some others in the kitty of a
spy-program hiding somewhere which I have not trapped visually. The
cyclically r-appearing addresses are:
www.budweiser1.servebeer.com
www.fu2.deejay-fuzion.net.nz
www.pwned.ph33r.info
www.rit.edu and
irc.bogde.info
These pop-ups start as soon as Windows XP is started even before the PC is
on-line to my ISP or a program like Ineternet Explorer is opened.
I can stop the popping up by asking Windows not to show me the message until
next log-in but I can hear the audio beep signal in the background which I
have configured to be heard every time a new program is opened. Besides,
once the pop-ups start and I am connected to my ISP, without opening any
web-page, the spyware is hogging the outgoing kilobits capacity as can be
seen from the modem’s send blinking light.
I have been monitoring pop-up ads using AdAware 6.0 and also using the
Search and Destroy program for detecting and removing spyware. They do
detect suspicious programs and I do delete them but they have not been able
to find the program which seems to have these embedded web addresses. I am
regularly deleting all temporary Internet files and have asked I. E. 6 to
delete all cookies Windows Explorer has not been able to tell me any
location where these addresses are strored.
I also have a program named Process Explorer which can list the active
processes at any time but I do not know how to detect the culprits using
this software.
Could anyone suggest the method of detecting the source of these pop-ups and
destroying the spy software?
P. Jayant