HELP NEEDED - ARRSE JAMMING on the home front

Discussion in 'ARRSE: Site Issues' started by pensionpointer, Sep 15, 2008.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. Not sure where to post this but thought there might be some techies in here that might be able to assist.

    I have recently moved house and changed from Tiscali to BT as my ISP. I am using a BT wireless hub and both my laptop and home PC are now beset with a problem that threatens my ability to ARRSE.

    As soon as my PC or Laptop is logged on to Windows XP I am bombarded with adverts that open seperate Explorer applications and freeze the computer. Many of these adverts are from web addresses prefixed CiD or Adserver and are for reputable companies such as Staples, Landrover, Dell and car insurance, none are offering me penis extensions or improved lovemaking abilities (more's the pity says Mrs PP!).

    I have current anti-virus protections and firewalls running and pop-ups blocked but to no avail. BT state it is not their problem but I didn't have any of this before i contracted to BT. BT state that it may be an issue caused by the wireless mouse and keyboard I recently connected (bought from Staples so there may be a link) but state that I need to subscribe to their IT support service if I want them to help.

    I thought I would see if any fellow ARSERs could advise before I throw the computers in the bin (- which one black, brown or green - computers are recyclable aren't they?) and consign my self to an ARSEless existence (well at home anyway - Mrs PP will be pleased but less amused by the lack of Ebay and iTunes).

    Yours in fervant anticipation,

    uqfegd

    pp
     
  2. You have adware/malware on your PC. Go to www.lavasoft.de and install adaware. This may get rid of it. Failing that backup what you want, and re-image your PCs from the installation dics, it can be quicker!
     
  3. Flippin'ell Smudge - rapido response. Thanks.

    Why would it get on both computers when they share no connection other than both using the wireless, ie I have not transferred any files by disc or data stick, ether cable or wirelessly?

    Could it have come with the wireless mouse and keyboard and if so can I get any redress from Staples?

    uqfegd

    pp
     
  4. If they run as soon as you log on, then it sounds like you've installed something that runs at startup (usually annoying adverts that come with driver CDs etc).

    You could try downloading 'Glary Utilities' (freeware from somewhere like downloads.com).

    Open up the main program and select 'optimise and improve', then select 'startup manager'.

    This will bring up a list of all the bloody annoying things that try to open every time you start up windows - and you can turn them off. Just disable anything that looks suspicious. Even if this doesn't fix the immediate problem, it will speed up your startup sequence anyway.
     
  5. msr

    msr LE

    Personally I would recommend running http://www.malwarebytes.org

    The CiD stuff you can stop by uninstalling messenger plus live and sponsor from Add/Remove Programs.

    And if you want to see what is running at startup the best program to use is StartUpCpl (get the standalone exe version) from http://www.mlin.net

    msr
     
  6. msr

    msr LE

    Probably because you have installed the same software on both PCs

    I very much doubt it.

    msr
     
  7. I'd be very suprised if it had come from staples. Have you installed any software recently eg messenger?

    Sometimes people don't untick the box that can install extra "toolbars" for you. One toolbar in particular that I looked at once was really nasty, and took me a long time to get rid of it. It wasn't a usual one like google. Will try and remember what it was called.

    The adware looks at your files, such as your temp internet files, and uses the data in them to open pop ups...hence you're getting a staples one, as you probably went on to their website to look for your mouse etc.

    You can search your C drive for *.exe files. Get a list of them and look for some that could be suspicious. Some are glaringly obvious, some are a bit more cunning. Use google to search for the .exe name, and you will see what it does. If it's a sys exe then leave it well alone. If it's not then you will have to delete it or rename it. Some of the exe files will have a service running as part of their setup, so you won't be able delete/rename with going into ctrl/alt/del task manager - processes, and stopping the proccess that is running for that exe.

    Again....use google to search through the process list. Watch out for the spelling of the processes, some look genuine but use a i instead of an l so they look similar. Stop the process, then delete/rename the exe file.

    It can be a long winded process, but it's not that hard. Just time consuming. Stopping a wrong process won't harm your PC, but you may need to reboot it after.
     
  8. msr

    msr LE

    Please don't... just run malwarebytes and let it do that for you.

    msr
     
  9. Agreed....but if you're too tight to purchase the software then there's other ways of doing it :)

    It depends on how confident you are with your PC?
     
  10. Try the obvious and eay first.

    It sounds to me that it may be an Internet Explorer add on. In order to prove this, click "start", "all programs", "accessories", "system tools" and then "internet Explorer (No add ons)". See if you have the same problem. If you DON'T, then it proves that IE has an annoying add on installed on it. To see this away, open a new Internet Explorerer Window, click "Tools", "Manage Add Ons", "Enable or Disable Add Ons". Find the guilty party and disable it.

    If you can't identify the program that is causing it, do a google for a piece of software called Procmon.exe

    This is a live process monitor that shows apps and programs as they start. With some clever fast mouse clicking (you need to stop it "listing" as soon as the guilty pop up appears), you will identify the app (as long as it is a seperate one and not an IE add on) that is causing the issue.

    Once identified, go to "start", "run", type in "MSConfig" and enter.

    Look in the "services" and "start up" colums and if you can see the guilty application, uncheck the box.

    When you restart the application will not automatically restart with your machine.

    Worse case scenario is that you have a Registry resident application that needs to be killed using Regedit. Not something I can help with unless I have a lot more info.

    Try the above and let us know.
     
  11. msr

    msr LE

  12. msr

    msr LE

    Malware bytes is free

    msr
     
  13. This seems the simplest advice from the CA site- will it work?

    ITS VERY SIMPLE. GO TO START - CLICK ON SEARCH - TYPE REGEDIT - GO TO EDIT - CLICK ON FIND - TYPE CiD - CLICK ON FIND NEXT - ON THE LEFT SIDE LISTING FIND CID AND DELETE. RESTART YOUR COMPUTER AN HEY PRESTO. GONE FOR EVER. PLS LET ME KNOW HOW YOU GET ON.

    uqfegd

    pp
     
  14. That will do it.