• Hi Guest, welcome to TCG 2.0. Please refer to the FAQ in User Support before you do anything else. It will make the transition MUCH easier.

    IF YOU ARE SEEING AN "OOPS" ERROR PAGE, IT IS LIKELY BECAUSE YOUR BROWSER HAS NOT UPDATED YOUR CACHE. YOU CAN EITHER CLICK FORUMS AT THE TOP LEFT OR VISIT THECHICAGOGARAGE.COM AND BOOKMARK THAT. - Love, Mook

Pop ups...how are they still happening?

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
Ok..

I have

spybot
adaware
and i ran both.

cleaned the computer and have updated both of them. YET I still am getting popups.

I ran symantec virus scan and had no viruses. and i updated taht as well.

yet...with NO explorer windows open pop ups are still happening. I had just turned the computer on and got on before even doing anything.

HELP please
 

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
I can't.


Its a work laptop and am only able to use internet explorer

i went to a car domain webpage via a link from clubgp and its when it all started. symantec popped up someithing about a threat, I chose to delete the threat

and now I get popups when no explorer windows are open....
 

GTPj

Well-known member
Joined
Nov 10, 2008
Messages
423
Reaction score
0
Location
Chicago
i know there is a port you can close that stops ads....but i for got how to do it....sorry
 

frankenstinesy

Well-known member
Joined
Nov 14, 2008
Messages
426
Reaction score
0
why can't you use mozilla. it's the same basically as internet explorer but without the popups
 

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
its my work laptop.


I am not allowed to install ANYTHING on it. Technically its for my installs and service calls and used to capture signatures. But when we're traveling like now when I'm stuck in indiana for a week in the snow we are allowed to have web access.
 

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
and thanks for that other spyware program, but my company only approces spybot and adaware currently.
 

Kustomkid54

Well-known member
Joined
Oct 21, 2008
Messages
107
Reaction score
0
I run Norton Internet Security. Never had any pop ups. :lolsign:



Originally posted by dole21@Jan 22 2005, 08:56 PM
and thanks for that other spyware program, but my company only approces spybot and adaware currently.
[snapback]68543[/snapback]​
 

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
What the heck is something called

Ceres?


I am getting lots of popups that say that...then switch to something else.


I search for the file and keep deleting it....yet it keeps coming back....

anyone know?
 

ThaLord

Well-known member
Joined
Dec 2, 2008
Messages
1,291
Reaction score
0
Location
Cicero
download hijackthis.exe

it doesn't install.. just runs (perfect for corp laptops) report your results here.
 

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
Originally posted by ThaLord@Jan 23 2005, 09:39 PM
download hijackthis.exe

it doesn't install.. just runs (perfect for corp laptops) report your results here.
[snapback]68618[/snapback]​

Logfile of HijackThis v1.99.0
Scan saved at 10:35:02 PM, on 1/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cusrvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\lotus\notes\ntmulti.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\SysCheckBop32.exe
C:\Program Files\dlsmgr\dlsmgr.exe
C:\WINDOWS\system32\adl_zeno.exe
C:\Program Files\hpdll\hpdll.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\wsxsvc\wsxsvc.exe
C:\WINDOWS\system32\Omugpq.exe
C:\WINDOWS\win32070751550417.exe
C:\WINDOWS\mmups.exe
C:\Documents and Settings\DELLTEST\Application Data\osoa.exe
C:\WINDOWS\system32\r?gedit.exe
C:\WINDOWS\SYSfit.exe
C:\WINDOWS\system32\rac230mt.exe
C:\WINDOWS\system32\prutlct.exe
C:\WINDOWS\system32\ctfmon.exe
C:\MOBILECLIENT\WebToGo\webtogo.exe
C:\WINDOWS\system32\prutlct.exe
C:\WINDOWS\system32\winejbe32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\DELLTEST\Local Settings\Temporary Internet Files\Content.IE5\Y8AHZPK0\hijackthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://checkpointsystems.com/default.aspx?page=default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Checkpoint Systems, Inc.
R3 - Default URLSearchHook is missing
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [CSV10P70] C:\Program Files\CSBB\CSv10P070.exe
O4 - HKLM\..\Run: [suthhc] C:\WINDOWS\system32\suthhc.exe
O4 - HKLM\..\Run: [SystemCheck] C:\WINDOWS\SysCheckBop32
O4 - HKLM\..\Run: [dlsmgr] C:\Program Files\dlsmgr\dlsmgr.exe
O4 - HKLM\..\Run: [App32dll] C:\WINDOWS\system32\adl_zeno.exe 0
O4 - HKLM\..\Run: [HPNT] C:\Program Files\hpdll\hpdll.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [Dvx] C:\WINDOWS\system32\wsxsvc\wsxsvc.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\system32\Omugpq.exe
O4 - HKLM\..\Run: [win32070751550417] C:\WINDOWS\win32070751550417.exe
O4 - HKLM\..\Run: [C:\WINDOWS\fyqtw.exe] C:\WINDOWS\fyqtw.exe
O4 - HKLM\..\Run: [mediamotor.exe] C:\WINDOWS\mmups.exe
O4 - HKCU\..\Run: [Ncao] C:\Documents and Settings\DELLTEST\Application Data\osoa.exe
O4 - HKCU\..\Run: [Dakg] C:\WINDOWS\system32\r?gedit.exe
O4 - HKCU\..\Run: [DR_S] C:\Program Files\DR_S\DR_S.exe
O4 - HKCU\..\Run: [SYSfit] C:\WINDOWS\SYSfit.exe
O4 - HKCU\..\Run: [dBvERQHtV] rac230mt.exe
O4 - HKCU\..\Run: [prutlct] C:\WINDOWS\system32\prutlct.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: Oracle Web-to-Go.lnk = C:\MOBILECLIENT\WebToGo\webtogo.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Sametime Meeting Room Client ST25 - http://usathormail1/sametime/stmeetingroom...gRoomClient.cab
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} (Microsoft VM) - http://usathormail1/sametime/MSJavX86.exe
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = checkpt.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = checkpt.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = checkpt.com
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Client Update Service for Novell - Novell, Inc. - C:\WINDOWS\System32\cusrvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Multi-user Cleanup Service - Unknown - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown - C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe (file missing)



THere ya go....

and If I had a clue what all that meant...
 

dole21

Well-known member
Joined
Nov 9, 2008
Messages
2,620
Reaction score
0
Location
South Carolina
and a FYI


I've run spybot on startup

then adaware

restarted

same process 4 times without connecting to the internet.

and i quarantined stuff every time....about 10 things via spybot a time and 50 or so on adaware, yet the names were different on each scan.

BUt on my 5th log both said the system is clean, but I'm still getting random popups, not as many as I was though

Thanks everyone for the help
 

ThaLord

Well-known member
Joined
Dec 2, 2008
Messages
1,291
Reaction score
0
Location
Cicero
those spyware programs don't get certain types of programs...

There are a couple of things in your log, that shouldn't be there.

If you would like me to try and help walk you through getting rid of them, call me.

John
 
N

neto_d

Guest
HEY WHATS UP MY NAME OR WHAT THEY CALL ME IS NETO D , SORRY ABOUT YOUR CAR IT LOOKS BAD ASS. I AM A NEW MEMBER , AND HOPING I CAN SEE YOU GUYS SOON, I HAVE A RED 98 GTP. :D :D
 

Fish

From the mean streets....
Joined
Aug 3, 2007
Messages
36,117
Reaction score
21
Location
Chiraq
Alright dude, unless your running AS400 or some other program that requires caps lock, please turn off caps lock. It looks like this.
 

hueygt

Well-known member
Joined
Nov 11, 2008
Messages
418
Reaction score
0
Location
some where on earth
I have maxthon or MYIE2
its cool i had the same problmes i have spybot and adaware and i dont have any problems anymore.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Top Bottom