CID pop up help

By candyx ยท 7 replies
Jun 14, 2008
  1. Hi I noticed that CId pop ups are common. I'm having trouble removing it so I need someone's help please. It's been slowing down my computer and I don't want to accidentally delete something that would cause my computer to not function properly.
    I already followed all the instructions from here [] and I attached my Hijackthis log.
  2. raybay

    raybay TS Evangelist Posts: 7,241   +10

    You have way too much junk installed... good programs that become junk when there are too many. I see you weighted down by
    AOL security
    Google Toolbar
    Spy Bot
    Windows Live
    PCTools (probably because of Spyware Doctor)
    Spyware Doctor
    Web Root Spysweeper
    AVAST Alwil
    Tea timer (Spybot)
    Yahoo Search
    SD Helper
    McAfee Spam Killer
    Windows Defender?
    You are just loaded down with stuff.
    If you use AOL, Drop a lot of the rest... or Drop AOL
    Do not use more than one AntiVirus and Two Spyware programs. Do not use both Spy Sweeper, and Spyware Doctor
    SpyBot is practically useless if you have Adaware. It never finds any real problems.
    If you use Spyware Doctor, you don't need any others. If you use SpySweeper, you do not need the others.
    You don't have enuff memory to handle all this
    Think it through. Decide what you want to do and get rid of these others.
    Use Firefox and you won't have the popups.
    The slowdown is because of all this "good stuff"
    I do not see any evil infestations.
  3. candyx

    candyx TS Rookie Topic Starter

    Okay. I'll try to remove them. Mainly my sibling installs those things. I think i do have a problem because I have a lot of CID pop ups.. regardless of the computer slowing down. thanks
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Hi candyx,

    And welcome to Techspot.

    You have what is known as a LOP infection, we will have to look deeper but first, we need to disable some real time protection before fixing it. (Afterwards re-enable active protection) please follow my instructions in order and ask questions if you are unsure how to proceed at any point.

    Step 1

    Uninstall - AOL Active Security Monitor

    Disable Spyware Doctor Active protection
    1. From within Spyware Doctor, click the "OnGuard" button on the left side.
    2. Uncheck "Activate OnGuard".

    Disable Teatimer
    • Right click the Spybot -SD Resident Icon located in your system tray, Select Exit Spybot - S&D Resident
    • Open Spybot S&D
    • Click on Mode at the top and make sure that Advanced is checked
    • Expand the Tools tab in the left pane
    • Single click on the Resident Icon also in the left pane
    • Uncheck Resident "TeaTimer" (Protection of over-all system settings) Active
    • Close spybot


    Step 2

    Remove bad HijackThis entries
    • Run HijackThis
    • Click on the System Scan Only button
    • Put a check beside all of the items listed below (if present):

      O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (file missing)
      O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (file missing)
      O4 - HKLM\..\Run: [Support audio cool poll] C:\Documents and Settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO\fast film.exe
      O4 - HKCU\..\Run: [license error] C:\DOCUME~1\SALLY1~1\APPLIC~1\GLUEGR~1\anti iso.exe
      O16 - DPF: {FA463B6E-93D5-4E02-B7F2-E0BA98DA73FC} (SHLaunch Control) -
    • Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.


    Step 3
    Please download the Killbox by Option^Explicit.

    Note: In the event you already have Killbox, this is a new version that I need you to download.
    • Save it to your desktop.
    • Please double-click Killbox.exe to run it.
    • Select:
      • Delete on Reboot
      • then Click on the All Files button.
    • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

      C:\Documents and Settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO
      C:\DOCUME~1\SALLY1~1\APPLIC~1\GLUEGR~1\anti iso.exe

    • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
    • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt

    If your computer does not restart automatically, please restart it manually.

    If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.


    Step 4
    After the computer is restarted we need to check on one of those folders

    Show hidden files through windows explorer
    • Access Windows Explorer by clicking Start, point to All Programs, Accesories, and then click Windows Explorer. Or hold the windows key and press E
    • On the Tools menu in Windows Explorer, click Folder Options
    • Click the View tab.
    • Under Hidden files and folders, click Show hidden files and folders
    • Remove the checkmark from the checkbox labeled Hide protected operating system files
    • Remove the checkmark from the checkbox labeled Hide file extensions for known file types
    • Put a checkmark in the checkbox labeled Display the contents of system folders.

    Now launch windows explorer (double click my computer)
    Navigate to - C:\Documents and Settings\SALLY1~1\Application Data\GLUEGR~1 <-It will be a random named folder that starts with GLUEGR and will contain the file anti iso.exe

    If there manually delete the folder GLUEGRxxxx


    Step 5
    Download and Run ATF Cleaner
    Download ATF Cleaner by Atribune to your desktop.

    Double-click ATF Cleaner.exe to open it.

    Under Main choose:
    Windows Temp
    Current User Temp
    All Users Temp
    Temporary Internet Files
    Java Cache

    *The other boxes are optional*
    Then click the Empty Selected button.

    Firefox or Opera:
    Click Firefox or Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program.


    Update your Java Runtime Environment
    • Click the following link
      Java Runtime Environment 6 Update 6
    • The 5th option down is the one you want (click Download)
    • Check the box to agree to terms of service
    • Check the box for your operating system and click 'Download selected'at the bottom
    • After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    • Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_06 folder


    Step 6

    Run Kaspersky Online AV Scanner

    Order to use it you have to use Internet Explorer.
    Go to Kaspersky and click the Accept button at the end of the page.

    Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
    • Read the Requirements and limitations before you click Accept.
    • Allow the ActiveX download if necessary.
    • Once the database has downloaded, click Next.
    • Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
    • Click on "My Computer"
    • When the scan has completed, click Save Report As...
    • Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
    • Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.
    Attach the report into your next reply

    After all of that please run a fresh Hijackthis scan and attach the log here with the kaspersky scan,

    Also make sure that you update your protection and activate the realtime protection we disabled in step 1. I recommend leaving Tea-timer off though, as I will recommend an alternative that will save you on resources
  5. candyx

    candyx TS Rookie Topic Starter

    Thank you for all your help. Here is the kaspersky scan and my hihackthis log.
  6. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    How is the computer doing now?

    The only issue I still see is a Norton entry and a Mcafee entry while you have Avast as you antivirus protection. I am going to post instructions for removing Mcafee and Norton, you let me know if there is a reason why you do not want to do this.

    If everything is going good with the computer we can clean up and secure the system.


    Remove Mcafee products
    1. Click Start, Settings, Control Panel.
    2. Double-click Add or Remove Programs.
    3. Select the McAfee SecurityCenter product.
    4. Click Remove and follow the steps provided.
    5. Download the Mcafee removal tool from
    6. Click Save and save the file to your desktop
    7. Make sure all McAfee windows are closed.
    8. Double-click MCPR.exe to run the removal tool. (Vista users need right click and run as administrator)
    9. Restart your computer after receiving the message CleanUp Successful.

    To remove norton run this Norton removal tool found
  7. candyx

    candyx TS Rookie Topic Starter

    okay I did everything you said. It seems a lot faster and so far no pop ups. thank you very much.
  8. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Make sure all of your protection is up to date and that you aren't missing any microsoft updates.

    In place of tea timer I am going to recommend Winpatrol. It won't eat up so much resources. You can download it through my signature.

    Once installed right click the scotty dog in your system tray and select -> startup info...

    From there you can control what programs start when you boot your computer. This way you can disable programs that you don't need every time you turn on the machine.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...