I did not install this program, nor have I ever heard of this program until the da** Pop Ups keep kicking me out of Full Screen modes when I'm playing PC Games.
Apparently some random website somehow installed an Ad pop up thing INTO my computer. Every now and then I get a pop up trying to fool me that says in a Window dialogue box (with information icon):
_________________________
Messenger Service <- Title
Stops popups, kills adaware and spyware, erases cookies and history. Protect your privacy. Download only award-winning software now. Find out what you really need.
__________________________
I knew it was a scam from the moment it came up, so eventually I just tried and hit the OK option instead of the CANCEL option to see where it took me.
Internet Explorer opened up and brought me to a site:
http://www2.palsol.com/spyrem_offer/index.html?hop=microseft
Can someone please help me remove this pop up message thing? Ad aware and Spybot S&D can not detect it and so can't remove it. This thing is crippling me ><
Full Version: Help - PAL Spyware Remover
It seemed to have worked. But after coming out of a PC games MMORPG and using internet explorer I was once again hit by the Windows Popup. I'm going insane.
I really don't know what to do. It seems like there is no way to get rid of this problem other than by reformatting my harddrive.
Everytime I turn off Tea Time (Spybot S&D) Norton immediatly comes up with a warning about Bloodhound.exploit.6
I also tried blocking the palsol site, but that doesn't work either. I still get redirected randomly to that site.
Everytime I turn off Tea Time (Spybot S&D) Norton immediatly comes up with a warning about Bloodhound.exploit.6
I also tried blocking the palsol site, but that doesn't work either. I still get redirected randomly to that site.
palsol is an affiliate marketer that flogs questionable products.
Please post a HijackThis log here.
Please post a HijackThis log here.
Here is my HijackThis Logfile:
Logfile of HijackThis v1.97.7
Scan saved at 9:25:43 PM, on 5/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Security\HijackThis.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8008.8984259259
Logfile of HijackThis v1.97.7
Scan saved at 9:25:43 PM, on 5/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Security\HijackThis.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8008.8984259259
has anyone figured out how to get rid of this... i have the same problem...
The pop ups are due to not running a firewall. ZoneAlarm free is OK.
http://www.firewallguide.com/
http://www.firewallguide.com/
WARNING!!!!!!!
That link above to close the DCOM vulnerability contains the virus "RpcDcom.b" when you go and try to download it. McAfee 7.0 snatched it quickly when I tried to download it.
That link above to close the DCOM vulnerability contains the virus "RpcDcom.b" when you go and try to download it. McAfee 7.0 snatched it quickly when I tried to download it.
Guest_John ->
McAfee now and then find this when downloading DCombobulator. Only McAfee find this. It is a false positive.
Try to use an onlinescanner (Panda or Housecall) and they will not find the mentionened virus.
McAfee now and then find this when downloading DCombobulator. Only McAfee find this. It is a false positive.
Try to use an onlinescanner (Panda or Housecall) and they will not find the mentionened virus.
My word this is a giant sized problem isnt it??
I get told that my computer is infected with software that normal virus scanners cannot pick up. The link is to the PAL spyware adware website. The problem is, I get this pop up about 3 times every five minutes! Switching my Windows firewall on helps but i cant leave it on as it leaves my ID too low for downloading anything. Surely with all these new international spam laws, what PAL is doing is illegal?? (PS Message came up three times while i was writing this message).
Its a shocker and with my limited computer knowledge, i dont know what else to do but reinstall windows.
I get told that my computer is infected with software that normal virus scanners cannot pick up. The link is to the PAL spyware adware website. The problem is, I get this pop up about 3 times every five minutes! Switching my Windows firewall on helps but i cant leave it on as it leaves my ID too low for downloading anything. Surely with all these new international spam laws, what PAL is doing is illegal?? (PS Message came up three times while i was writing this message).
Its a shocker and with my limited computer knowledge, i dont know what else to do but reinstall windows.
Cataclysm,
If you feel you need help, refer to this post and follow the instructions to post a HijackThis log in the HijackThis forum:
http://forums.maddoktor2.com/index.php?showtopic=321
Note that HJT has a newer version now, available at these sites:
http://aumha.org/downloads/hijackthis.exe
http://tools.radiosplace.com/HijackThis.exe
Deb
If you feel you need help, refer to this post and follow the instructions to post a HijackThis log in the HijackThis forum:
http://forums.maddoktor2.com/index.php?showtopic=321
Note that HJT has a newer version now, available at these sites:
http://aumha.org/downloads/hijackthis.exe
http://tools.radiosplace.com/HijackThis.exe
Deb
PAL Solutions are a U.K. based Limited Company. In relation to another similar issue concerning them and their affiliates I did a company search and paid to download their company details, so if anyone has a problem with their software I suggest you contact them directly at
Registered Office: THE MEDIA CENTRE, 7 NORTHUMBERLAND STREET, HUDDERSFIELD, WEST YORKSHIRE HD1 1RL
or you can contact the Company Director himself:
Director: CHAMPION, CHRISTIAN
Appointed: 18/07/2002 Date of Birth: 29/03/1980
Nationality: BRITISH
No. of Company Appointments: 2
Address:
FLAT 6
71 SAINT JOHNS ROAD
HUDDERSFIELD
HD1 5DX
Ha! No hiding place!
Registered Office: THE MEDIA CENTRE, 7 NORTHUMBERLAND STREET, HUDDERSFIELD, WEST YORKSHIRE HD1 1RL
or you can contact the Company Director himself:
Director: CHAMPION, CHRISTIAN
Appointed: 18/07/2002 Date of Birth: 29/03/1980
Nationality: BRITISH
No. of Company Appointments: 2
Address:
FLAT 6
71 SAINT JOHNS ROAD
HUDDERSFIELD
HD1 5DX
Ha! No hiding place!
PAL? No pal of mine! My Norton Internet Security 2004 firewall doesn't stop the da** thing popping up to tell me to go to various websites. And to rub salt into the wound there are mistakes in the English in several of the bloody things!
Has anyone risked downloading PAL's spyware program to see if it can get rid of its own spyware?
Thanks for the director's address. I'm looking for some really shocking junk to have sent to him. Makes me feel a little better but won't solve the problem. Does anyone know what will?
Has anyone risked downloading PAL's spyware program to see if it can get rid of its own spyware?
Thanks for the director's address. I'm looking for some really shocking junk to have sent to him. Makes me feel a little better but won't solve the problem. Does anyone know what will?
QUOTE (Pissed off by PAL @ Oct 10 2004, 05:11 PM)
PAL? No pal of mine! My Norton Internet Security 2004 firewall doesn't stop the da** thing popping up to tell me to go to various websites. And to rub salt into the wound there are mistakes in the English in several of the bloody things!
Has anyone risked downloading PAL's spyware program to see if it can get rid of its own spyware?
Thanks for the director's address. I'm looking for some really shocking junk to have sent to him. Makes me feel a little better but won't solve the problem. Does anyone know what will?
Has anyone risked downloading PAL's spyware program to see if it can get rid of its own spyware?
Thanks for the director's address. I'm looking for some really shocking junk to have sent to him. Makes me feel a little better but won't solve the problem. Does anyone know what will?
Hello Pissed Off by Pal, Welcome tot eh Forum
Please go to the HijackThis Logs and Assistance and read the Pinned topics.
Download HiJackThis and install it to it's own folder. Run HJT and Post a log of what it found in a new Thread, do not fix anything and one of our log readers will be along to assist you . Please be patient.
Hi,
Just found this forum from a Google search on PAL spyware remover. I loaded PAL on my system today and have had a bad feeling about it ever since. I am now worried that I have instead installed spyware instead of a spyware remover. What is the deal with this PAL?? Can I just use the PAL uninstall command and be OK? I have not had any pop ups, or other noticable problems since I installed it. It did not find or remove any problems on my system.
Thanks for any insight you have on this...
Linda
Just found this forum from a Google search on PAL spyware remover. I loaded PAL on my system today and have had a bad feeling about it ever since. I am now worried that I have instead installed spyware instead of a spyware remover. What is the deal with this PAL?? Can I just use the PAL uninstall command and be OK? I have not had any pop ups, or other noticable problems since I installed it. It did not find or remove any problems on my system.
Thanks for any insight you have on this...
Linda
Hey ppl! i loaded Pal but you have to register it to use it. The bloody window kept popping up so i tried installing it finally. The only was to get back at these guys is to laod this software and try registering it for free with a crack or a serial and then though haath thy revenge! ANd in case any of u guys find a serial please mail me [b]edited out e-mail address. Best of luck guys 
[/b]
Please do not post your e-mail address in you posts unless you like alot of spam from e-mail harvesters.
[/b]Please do not post your e-mail address in you posts unless you like alot of spam from e-mail harvesters.
Hi guys, yes i downloaded PAL too. It didn't show up anything even though webroot spysweeper did, so i uninstalled it....but i think there are bits of it around still doing strange things......have they installed their own spyware??
Thx
Thx
Finally I find some information on this, I am so completely annoyed with this thing, my pop up stopper blocks it but its still annoying. I sent an abuse message to their domain registrant go-daddy explaining what they are doing.
http://www.dnsmadeeasy.com
and godaddy.com
Everybody complain to this dns server and domain server about:
win-clean.com
XP-FIX.com
and godaddy.com
Everybody complain to this dns server and domain server about:
win-clean.com
XP-FIX.com
QUOTE (jedi @ Sep 8 2004, 01:12 AM)
PAL Solutions are a U.K. based Limited Company. In relation to another similar issue concerning them and their affiliates I did a company search and paid to download their company details, so if anyone has a problem with their software I suggest you contact them directly at
Registered Office: THE MEDIA CENTRE, 7 NORTHUMBERLAND STREET, HUDDERSFIELD, WEST YORKSHIRE HD1 1RL
or you can contact the Company Director himself:
Director: CHAMPION, CHRISTIAN
Appointed: 18/07/2002 Date of Birth: 29/03/1980
Nationality: BRITISH
No. of Company Appointments: 2
Address:
FLAT 6
71 SAINT JOHNS ROAD
HUDDERSFIELD
HD1 5DX
Ha! No hiding place!
Registered Office: THE MEDIA CENTRE, 7 NORTHUMBERLAND STREET, HUDDERSFIELD, WEST YORKSHIRE HD1 1RL
or you can contact the Company Director himself:
Director: CHAMPION, CHRISTIAN
Appointed: 18/07/2002 Date of Birth: 29/03/1980
Nationality: BRITISH
No. of Company Appointments: 2
Address:
FLAT 6
71 SAINT JOHNS ROAD
HUDDERSFIELD
HD1 5DX
Ha! No hiding place!
Hey,
Where did you get the company information? I'm interested in knowing how much they make...
Thanks.
Well, from what you said it seems to be through net send, all though I will admit i am to lazy to read all the replyes so disregard this if someone suggested it allready, command prompt the type net stop messenger. it should say net messenger stopping..... then it will rambel on about how it stopped for you. hope i could be of some help
One quick note that I didn't see here.......If you really wanna get rid of your ad-aware and spyware run ad-aware or spybot in SAFE MODE that way none of those that try to run on start up will do so ..you will rid of them easy also if you know a bit about the registry get rid of those BHO and anything that was meant to run on start up.
I realise this is an old post but I imagine the problem could have been solved by disabling Windows Messenger Service from your Control Panel, or if thats a bother then go to Gibson's- www.grc.com and d/l Shoot the Messenger. 
Hi. Images are not loading.
Hey guys, my name is Sam, I am a 24 year old player from San Michel, USA. I've been reading here for a few months and just want to be registered. I play online a lot xxxxxxxxxxxxxxxxI am very excited, I hit my first Straight Flush a few minutes ago!!! in the beginning of my poker hobby.. can somebody tell me about other online places I could parctise?
Edited just to take out the url
Edited just to take out the url
I am closing this topic but ask all that have problems to start a topic of your own as posing in another users topic can and does lead to confusion
(manly for the elderly around here
)
As a start can you make sure that you are using
Ad-aware SE Build 106 (Free/Personal)
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
(SE1R.90.03.02.2006) then scan doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature
GR@PH;<'S
(manly for the elderly around here
)As a start can you make sure that you are using
Ad-aware SE Build 106 (Free/Personal)
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
(SE1R.90.03.02.2006) then scan doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature
GR@PH;<'S
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.