1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

spyware terminator popup ????

Discussion in 'General Security' started by yvesj, Apr 13, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    vista home premium.
    hi am new here .fisrt time posting .my wrigting is not to good .here is my problem .am using spyware terminator and some time i get this popup asking is i want to allow this site or block it .is there a way to stop that popup to show up .it do not happen often but it a pain when it do show .some time i have to click on alow 2 to 3 time before it go away .thank you for your help .
    yvesj
     
  2. Jason

    Jason

    Joined:
    Jan 1, 2008
    Messages:
    261
    What is the website?
     
  3. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    well i cant not really tell you the sites .but it depend what am doing .it do not happen a lot but it get to me some time .i say out of 50 i get that popup about 5 time .and it only when i open a new site .but to tell you wish one i dont know because i never did pay attention at the site .but next time it do happen i will let you know .it will happen again today some time .now what i did is i lower the allow site setting to the minimum .it was at the center setting .if you have spyware terminator you know what i mean by that .
     
  4. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    now i do remenber of one .when i was installing avg antispyware .and you have that blue bar telling the progress of the installing the popup from spyware terminator come in asking me to allow it or block it .in the mean time the progress stop on till i allow it .but i have to click on it allow it about 3 time before it go away .is that normal with spyware terminator ????
     
  5. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    Yes, one part of the real time protection called 'Application Guard' will send an alert pop-up every time a new .exe or .dll starts up. Once you say allow you won't get a pop-up for that program any more. So whenever you install a new program there will usually be quite a few pop-ups.

    But the good thing about it is if some malware tries to install something, you'll know about it and you can block it before it installs.
     
  6. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    thank you for fast reply .really good forum .is there a way to set it so i dont get all the popup .because before i use the antispware terminator . because before i use anti spyware terminator i never a program that did ask me to allow any thing and my computer was runnig perfectly .cant ask one more thing or do i have to start a new thread .i did try to run hihjack this .but it do not work any more this morning .uninstall it or ????
     
  7. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    You can turn off those types of pop-ups by going to Real-Time Protection and under Application Guard, uncheck 'Threats shield'. But that kind of defeats the whole purpose of having real-time protection. Another option would be to temporarily turn it off when you install a program.

    Try uninstalling HJT and reinstall to see if you can get it to run. You can get it here: http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
     
  8. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    thank you .i will do what you just said .as for hijack this i will uninstall it and download it again .do i have to go to the c/drive and remove it from there to ???? i cant not figure that out because it was working good before .a well this is a good way to learn about all that stuff .it is really hard for me because i do not have any school .grade 6 in 1959 and only been using a computer for 4 years now and never had any one to show me how to use one .only click with one finger lol.
    yvesj
     
  9. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    The uninstall should get rid of it, but you could also do a search for HijackThis.exe and delete any older versions that you might have.
     
  10. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    thank .i will get back to you later .
    yvesj
     
  11. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    i did every thing you toll me to do .but i cant get the scan to work .is it because i still have the last scan result and none of them are check .cant i delete the last scan .or do i check all of them and delete them .am not to good with that stuff sorry .is it safe to check all of them ?????
     
  12. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    When you run HJT and save the log file, the file is called hijackthis.log and it's in C:\Program Files\Trend Micro\HijackThis. If you have an old log out there and run the program again it will create a new log that replaces the old one.

    When you run HJT and click on 'Do a system scan and save a logfile' does the log open up in Notepad?
     
  13. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    yes this is what happen every time i try to do a new scan it the old log that show up .so i never get a new scan done .so right now it use less .so what is next .i will go in the c/drive and delete the old log .is that ok .
     
  14. yvesj

    yvesj Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    238
    this is the old logLogfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:20:48 PM, on 13/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\sttray.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mdg.ca
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)

    --
    End of file - 8025 bytes
     
  15. stantley

    stantley

    Joined:
    May 22, 2005
    Messages:
    7,091
    The first thing I would suggest is uninstall Windows Defender, since it could interfere with AVG antispyware. Is that the paid version of AVG antispyware?

    Another thing you can do is turn off some of the statup programs, like:

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

    There are probably some more you could turn off, look them up here: http://www.lafn.org/webconnect/mentor/startup/PENINDEX.HTM

    This explains how to turn off startups: http://www.netsquirrel.com/msconfig/msconfig_vista.html

    Other than the problem with HJT, how is your system running?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/703221

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice