Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Sunday 24.11.2024 / 14:24
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > infected with some security popup on taskbar
Show topics
 
Forums
Forums
Infected with some security popup on taskbar
  Jump to:
 
Posted Message
jerrold3
Newbie
_ 		21. May 2006 @ 11:12 _ Link to this message    Send private message to this user   
I have this red shield trimmed in white with a white "X" in it. I know it's not supposed to be there, can't get rid of it. Keeps popping up saying security out of date. Sometimes it says update windows, sometimes it mentions my antivirus. Please help.

Here's a fresh HJT log & Fresh Ewido Report:

Logfile of HijackThis v1.99.1
Scan saved at 3:09:55 PM, on 5/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\Common Files\AOL\1142158243\ee\aolsoftware.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
c:\program files\common files\aol\1142158243\ee\aim6.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\common files\aol\1142158243\ee\aexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://charter.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.suscc.cc.al.us/CFIDE/classes/CFJava.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Con...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/m...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe


---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 4:28:40 PM, 5/21/2006
+ Report-Checksum: 2F6D9D75

+ Scan result:

C:\!KillBox\dcomcfg.exe( 3) -> Downloader.Zlob.nw : Cleaned without backup
C:\!KillBox\dcomcfg.exe( 6) -> Downloader.Zlob.nw : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@advertising[1].txt -> TrackingCookie.Advertising : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned without backup
C:\Documents and Settings\Guest\Cookies\guest@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@2o7[2].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@allstarhealth.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@data1.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wfk4oidzgbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wfkochc5mgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wgkoukcjakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wjkykjajabp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wjmigncjelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wjny-1jcjod.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wjny-1sczmd.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@e-2dj6wjnyakd5obo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned without backup
C:\Documents and Settings\Jerrold\Cookies\jerrold@vitacost.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@2o7[2].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned without backup
C:\Documents and Settings\Rocky\Cookies\rocky@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned without backup
C:\WINDOWS\SYSTEM32\1024\ld374A.tmp -> Downloader.Zlob.ju : Cleaned without backup
C:\WINDOWS\SYSTEM32\1024\ldFC25.tmp -> Downloader.Zlob.ju : Cleaned without backup


::Report End
[ + quote]

This message has been edited since posting. Last time this message was edited on 21. May 2006 @ 12:30
Advertisement
_ 		__
JaPK
Senior Member
_ 		21. May 2006 @ 21:26 _ Link to this message    Send private message to this user   
Hi jerrold3.

Download SmitfraudFix.zip to your desktop -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Unzip it (folder named SmitFraudFix) to your desktop:

Open the folder SmitfraudFix and doubleclick smitfraudfix.cmd
Choose option #1 - Search by typing 1 and pressing "Enter"; a textfile opens and lists the infected files (if those exist)

Post the contents of this textfile to here.

(Some antiviruses recognises process.exe as a malware. It is not malware, it is a program that stops processes)
[ + quote]
jerrold3
Newbie
_ 		22. May 2006 @ 10:27 _ Link to this message    Send private message to this user   
I've downloaded the program an unzipped it; however I can not run the program. I've had the same problem with SmitRem. The Command prompt icon will appear on my taskbar for less than a second....then it disappears. I've never been unable to open SmitFraudFix. Are there any setting I may change or another option? I've already disabled my antiviruses and even tried opening in safe mode but neither worked.
[ + quote]

This message has been edited since posting. Last time this message was edited on 22. May 2006 @ 10:32
JaPK
Senior Member
_ 		22. May 2006 @ 10:57 _ Link to this message    Send private message to this user   
Ok try downloading and extracting smitfraudfix again. If McAfee alerts about virus inside the zip file, don't allow it to remove it.

Then disable Spybot S&D Teatimer -> http://wiki.castlecops.com/Malware_Removal:_Temporarily_Disable_R...

Then try to run smitfraudfix.cmd file again and follow the instruction s on my last message.

Download F-Secure Blacklight and save it to your desktop -> http://www.f-secure.com/blacklight/try.shtml

Doubleclick blbeta.exe, accept the agreement, click Scan, then click Next

You'll see a list what have been found. A log will appear to your desktop, it is named fsbl.xxxxxxx.log (xxxxxxx will be random numbers).

DON'T choose Rename if something was found!

Post the contents of fsbl.xxxx.log to here (blacklight log from your desktop)
[ + quote]

This message has been edited since posting. Last time this message was edited on 22. May 2006 @ 11:00
jerrold3
Newbie
_ 		23. May 2006 @ 00:23 _ Link to this message    Send private message to this user   
Blacklight turned up zip.

05/23/06 04:15:12 [Info]: BlackLight Engine 1.0.36 initialized
05/23/06 04:15:12 [Info]: OS: 5.1 build 2600 (Service Pack 2)
05/23/06 04:15:12 [Note]: 7019 4
05/23/06 04:15:12 [Note]: 7005 0
05/23/06 04:15:15 [Note]: 7006 0
05/23/06 04:15:15 [Note]: 7011 1156
05/23/06 04:15:15 [Note]: 7026 0
05/23/06 04:15:16 [Note]: 7026 0
05/23/06 04:15:18 [Note]: FSRAW library version 1.7.1015
05/23/06 04:19:44 [Note]: 7007 0


SmitFraudFix will not open. I redownloaded and reextracted. I disabled McAfee, TeaTimer, Spyware Doctor, etc. but a comman prompt window opens for about a 1/2 second and closes. There are now two icons on the task bar that should not be there. Both are shiedls with white borders. one is red with a white "X" in the center and the otheer is yellow with a black ! in the center. Please tell me I hav esome other option that SmitFraudFix as it just won't work for me and I have no idea what else I could change.
[ + quote]
Advertisement
_ 		__
 
_
JaPK
Senior Member
_ 		23. May 2006 @ 03:08 _ Link to this message    Send private message to this user   
Ok, lets run one scanner first....

Download eScan to your desktop -> http://www.spywareinfo.dk/download/mwav.exe
Run the file mwav.exe and unzip it to its default location, C:\Kaspersky

1. Updating the scanner (close the eScan window if open)
-> Go to My Computer
-> C:\
-> Kaspersky
-> Run the file kavupd.exe, it starts downloading updates
-> When downloading is finished, go to C:\Downloads
-> Copy all the files in the Downloads folder by pressing CTRL+A and then CTRL+C
-> Then go back to the C:\Kaspersky folder and paste the files by pressing CTRL+V
-> Answer Yes to all when it asks about replacing files
-> Now the scanner has been updated

2. Scanner settings
-> Go to folder C:\Kaspersky and run the file mwavscan.com (or mwavscan.exe)
-> The scanner window opens
-> Select the same settings than in this picture -> http://koti.mbnet.fi/pattaya1/eScan6.jpg
-> When ready, press the Scan Clean button
-> Scanning for infections begins

3. Posting the results
-> When the scan has finished (scan may take a quite long time), you'll need to post the findings
-> Copy all the text in this field -> http://koti.mbnet.fi/pattaya1/eScan10.jpg
-> Click the field, press CTRL+A, CTRL+C
-> Then open Notepad and paste the findings into a new document by pressing CTRL+V
-> Save the document to your desktop
-> Post the contents of that textfile to here
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > infected with some security popup on taskbar
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork