Pop Ups

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

washton

Thread Starter
Joined
Jun 24, 2004
Messages
217
I get persisting popups . Adds for Anti spyware etc.,adult friends,privacy guard .Some have a header with a solitary large e.

A yellow triangle containing an exclamination mark in the task bar with a balloon saying,"system alert-Syy detected.'. system has detected 4 active spyware etc.etc.etc..click the icon to get rid of unwanted spy ware."
With several anti- spyware programs I have found nothing.
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 

washton

Thread Starter
Joined
Jun 24, 2004
Messages
217
Logfile of HijackThis v1.99.1
Scan saved at 9:27:03 AM, on 8/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IntCodec\pmsngr.exe
C:\Program Files\IntCodec\pmmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\Setups & Appls\SetPoint\SetPoint.exe
E:\Setups & Appls\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
D:\ServerProxyService.exe
C:\Program Files\Laplink\winShadow\shwSrvc.exe
E:\Setups & Appls\NoAdware4\NoAdware4.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\msdtc.exe
C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe
C:\WINDOWS\system32\mspaint.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\internet explorer\iexplore.exe
E:\Setups & Appls\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myplace.westnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://myplace.westnet.com.au/
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {a2595f37-48d0-46a1-9b51-478591a97764} - (no file)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "E:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - Global Startup: Logitech SetPoint.lnk = E:\Setups & Appls\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O18 - Protocol: bw+0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Setups & Appls\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {DFFCBD13-2617-4699-9C39-9FE1E73FBA17} - E:\Setups & Appls\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Setups & Appls\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: rpcapd - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ServerProxyService - Unknown owner - D:\ServerProxyService.exe
O23 - Service: winShadow - OmniCom Technologies - C:\Program Files\Laplink\winShadow\shwSrvc.exe
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm
 

washton

Thread Starter
Joined
Jun 24, 2004
Messages
217
sorry .Just a black dialog box flashes on/off.



extra;The bubble says ;your computer is infected with spyware managing advertisements.When i click its icon it delivers anti-malware products etc.
 

washton

Thread Starter
Joined
Jun 24, 2004
Messages
217
No Icant .Iget as far as the Icon smithfraudfix.comand.and that as far. When I click on the icon a black dialog box flashes on then off.
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
* Click here to download Webroot SpySweeper.

(It's a 2 week trial.)

* Click the Free Trial link under "SpySweeper" to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits

o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply.

Also post a new Hijack This log.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top