Home > Please Help > Please Help! S.clkoptimizer Popups!

Please Help! S.clkoptimizer Popups!

Brutal. Click here to download FindIt9xME.zip. I use no extensions, and half the posted links display no popups for me. The files seem to go away for good with a greater probability when I replace them with dummies than when I just kill them.

Click the link for the pop-up window you'd like to see. I will ask you to delete the dummy files at the end. Also, VX2finder didnt find anything, but when i hit make log, nothing happens. Not everyone gets that gift but is common.

Comment 13 Dan M 2004-08-01 10:31:52 PDT You know this bug serves the same purpose as bug 165523. Go here: (works only for IE) http://www.pandasoftware.com/activescan/com/activescan_principal.htm When scanner is loaded...click "scan whole computer" When scan starts....Leave scanner window open.... Block pop-ups from a site On your computer, open Chrome.

If you are encountering sites that manage to hit you with unrequested pop-ups, note the URL here and any information necessary to reproduce the problem. We need them all to get a fix for this infection. __________________ Please do NOT PM me. Sorry for the erroneous posting. http://66.230.145.49/xit.js Comment 128 u88484 2004-09-21 10:53:12 PDT These popups get through on Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3) Gecko/20040917 Firefox/0.10 [url=http://popuptest.com/popuptest8.html]Drop down Popup - This one drops into your

The first defence against infection is a properly patched OS.Windows Update: http://v4.windowsupdate.microsoft.com/en/default.aspOr, with Internet Explorer open, click Tools>Windows Update.2. User Name Remember Me? Comment 173 Derek 2004-10-31 06:45:24 PST www.packetnews.com consistantly gets popups when doing searches and jumping from one page to another. c:\windows\system\winlspak.dll C:\WINDOWS\hnhcog.dll C:\WINDOWS\eiepna.dll C:\WINDOWS\hlhuaq.exe C:\WINDOWS\clcuqp.dll C:\WINDOWS\pwpukv.dat C:\WINDOWS\wvwugk.exe C:\WINDOWS\Start Menu\Programs\StartUp\hkhgin.exe C:\WINDOWS\SYSTEM\ffInst.exe C:\WINDOWS\SYSTEM\NYWRSZHT.DLL C:\WINDOWS\SYSTEM\wxpcore.dll C:\WINDOWS\SYSTEM\IZX32d56.dll Exit the Killbox.

Go to http://www.popuptest.com/popuptest12.html or http://www.popuptest.com/popuptest2.html or http://www.popuptest.com/popuptest1.html 2. Thompson 2004-10-30 11:59:59 PDT I find that very frequently when I go to the Onion (www.theonion.com), after I go through the splash page and get to the real home page (http://www.theonion.com/index.php?pre=1), O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - s.clkoptimizer popups!

Started by dkcshadow , May 06 2005 09:13 AM Page 1 of 2 1 2 Next Please log in to reply 16 replies to this topic #1 dkcshadow dkcshadow Members 38 http://en.community.dell.com/support-forums/virus-spyware/f/3522/t/16943027 ADAWARE still reports VX2 problems with the host file and the hosts still show on the HiJack log. If I have helped you in any way, please consider a donation: Member of UNITE and ASAP. It will ask if you want to view the logfile.

Back to top #10 smackattack smackattack Member Full Member 13 posts Posted 06 January 2005 - 06:16 PM Is there anywhere with a good tutorial on killbox? Thank you very much, colordive Logfile of HijackThis v1.99.0 Scan saved at 7:42:34 PM, on 1/22/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe You have to do more then load the page for the pop up to occur but it is there. Empty the Recycle BinClick to expand...

You will be taken to the link, and a popup will open. To see it, go to the index.php link above, view source, and search for trafficmp. Comment 68 Christian 'CeeJay' Jensen 2004-08-20 16:39:57 PDT Some of the Gamecopyworld mirrors have pop-ups or pop-unders even though the gamecopyworld.com front page state that they must not and if they Under "Privacy," click Content settings.

Is anybody else seeing this? It only breaks when I copy over the prefs.js from my old profile to my new one. The kalvsys O4 entry is often seen along with the new VX2, which sometimes hides itself from HijackThis, so that could explain your problems.Please run HijackThis and click "Scan." Place checks

Be sure to only add sites if you can reproduce the problem with the latest nightly Firefox branch builds at Comment 1 AJ Bourg 2004-07-31 08:01:02 PDT Goto http://www.sitepoint.com/ click

Instructions on how to do this can be found here:How to see hidden files in WindowsRun Hijackthis again, click scan, and Put a checkmark next to each of these. Comment 94 Pat Voce 2004-09-03 08:49:50 PDT www.drudgereport.com Univ of PHX getting through Comment 95 José Jeria 2004-09-03 11:45:16 PDT Last 20 comments mention websites that manage to give you a Have a good weekend---------Joan 0 #23 don77 Posted 28 March 2005 - 06:37 AM don77 Malware Expert Retired Staff 18,526 posts Thanks I had a good weekend hope your was good Guess we were lucky enough to not get the most recent one.

Most major motion picture sites don't seem to detect linux's flash plugin. Go To http://www.popuptest.com/popuptest4.html 2. Dont know/cant guess how the pop-up blocker is defeated by these jerks. Comment 133 ultramancool 2004-09-27 14:41:08 PDT www.tk sites pop ups aren't blocked!

Several functions may not work. Help us fight Enigma Software's lawsuit! (Click on the above link to learn more) Become a BleepingComputer fan: FacebookFollow us on Twitter! Wait a few seconds and then click on the Compare button. Now Open Hijackthis, take another scan and tick the check-box beside to this entry.

Here is the log:Log for VX2.BetterInternet File Finder (ver126)Files Found---User Agent String---{85E7353D-3C65-F820-323C-18187FB7BE01} +++++Here is the latest HJT log:Logfile of HijackThis v1.99.1Scan saved at 1:15:28 PM, on 3/29/05Platform: Windows 98 SE (Win9x Confirming. (In reply to comment #117) > http://www.the-sopranos.com/cast/annabella.htm > > Try to ctrl-click on one of the links. Still can't get rid of those #$%$# 01's!Logs follow:Logfile of HijackThis v1.99.1Scan saved at 2:09:22 PM, on 3/23/05Platform: Windows 98 SE (Win9x 4.10.2222A)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\SYSTEM\MDM.EXEC:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXEC:\PROGRAM Comment 18 David Harper 2004-08-02 05:24:02 PDT http://uk.launch.yahoo.com/59/index.html A large flash banner scrolled into the middle of the screen.

http://www.nytimes.com/2004/10/17/magazine/17EATING.html Comment 162 Kevin Hjelden 2004-10-24 13:41:47 PDT I searched for "vfapi" on google, and clicked on the first link: http://www.divx-digest.com/software/vfapi.html I somehow got a dialog with no status bar and The two it allowed through was the [url=http://www.popuptest.com/popuptest8.html]Drop Down Popup[/url] and the [url=http://www.popuptest.com/popuptest6.html]Sticky Popup[/url]. Looks like some of the items you wanted "fixed" are still there. This will run the System Cleanup program.

Comment 84 Worcester12345 2004-08-26 15:33:05 PDT (In reply to comment #79) > ok, great! :) > > Firefox 0.9.3: > http://www.againsthunger.org/ opend one pop-up and then the same one about one Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder. I would like to try online scanner to show em all to me.

Anyway, appreciate your help. To disable such windows on your system you must disable the javascript window.open function. Comment 35 Eric Portelance 2004-08-07 21:09:41 PDT On popuptest.com, the sticky and drop down both fail for me with the latest nightly.