ok last night, out of nowhere i was on blizzsector and i got like 10 pop-ups. then i got a whole bunch of warnings from microsoft antispyware that viruses were trying to install. then i ran a scan and i had so many viruses. so i went to delete them and 3 couldn't be treated. then i ran a scan again and all the spyware came back. then i downloaded spybot - Search & Destroy and it said a few couldn't be treaed because they were running programs. being online is really bad now and i have to turn off my monitor when i want to type something as its that bad. firefox isn't really doing shit as i have adblock and i still get extra tabs opening in firefox or just ie adds. wtf is going on and how can i get my current spyware which is pretty good most of th time to treat it or are there any others that are actually good and can help me? please help since last night its grown to be pretty bad.

If they say they are in use, restart your computer, then when it loads back up run a scan and try to delete them then.

yea do what shift said, use spybot i been using it since it came out and it works wonders for me, but if u restart ur comp and they still there id say your best bet is to reformat your hard disk and reinstall windows

does that mean deleting everything or whatever? and it says for one to put windows in safe mode. how do i do that and what is safe mode?

You seem to be having way to many problems, sounds like it's gone too far. Maybe it's time to call a technician or bring your computer in for repair.
If you let it get that bad, it may take hours for a professional to fix (instead of reinstalling Windows). Back-up all of your files and get Windows reinstalled (it's the cheepest and fastest method in this case).

how do i back up my files and if i do that then i won't lose them right? i need some kind of really good firewall when i reinstall windows too.

Why do you need a professional technician to rip you off? The best thing to do would be to go and buy (if u wnato do it legt) a spyware and antivirus programs or download them and reinstall your windows so yuo can start fresh and know there isnt anything bad on ur comp

Save your files (NOT PROGRAMS) to a floppy disk or flash drive and reformat.

well what about all the programs i paid for(or should have anyways). also, i ran thw scan 3 times in a row and i'm down to 9 things it can't get rid of. it said something about running a scan i safe mode so i'm wondering how to do that.

I agree with tigetoip, you need to be really careful about getting professional help. I am a certified tech myself, and most of the people I work with don't know too much (I'm always wondering how they keep their job???).
I found a web site that may help you whit this:
http://www.windowsreinstall.com/

To get your compy into safe mode, restart your computer, and before any screens load up press F8 (I'll assume you use Win XP). Now a screen will come up and select Safe Mode.

Dont go buying dumb useless software which in all honesty alot of them are spybot does very little to what problems u have right now. I have an idea of what you have and it would be a good idea to get rid of those fast they can hurt ur memory a little and can bring on more and more viruses if left unchecked. what you need to do is find out exactly what it says when it goes to that microsoft popup screen sometimes it will say things like mozilla, amena, or winfixer. Find out exactly what the popups are saying then tell me.

well i took care of winfixer, i remember that one. but the pop-ups are all different and i ussually delete most before i can look at them. and its wierd i get ff pop ups and ie pop ups. it tells me to search in safe mode, what is different from safe mode and regular start up?

This is what I want you to do

Download HiJackThis (http://www.merijn.org/files/hijackthis.zip) and extract it from the ZIP. Open the HiJackThis.exe and choose to Do a system scan and save a logfile. You should get a log pop up in notepad. Reply here with it or send me a pm and I can help you get rid of the viruses and the spyware.

DO NOT REMOVE ANYTHING IT FINDS. IT LISTS BOTH BAD AND GOOD THINGS, AND YOU NEED SOMEONE THAT CAN READ THE LOG FILES LIKE ME TO LOOK OVER IT

ff ie popups???? funny thing about winfixer not only is it a single adware but it goes and gets a bunch of its adware friends to come along with it. You will see about a million popups and they look all different i am assuming but there is a core where it branches off of and thats where u need to find it try downlading hjack this if u already dont... Dont unless there is no other way reinstall windows bad badddddd idea. I just need to know what the big adware u have on ur computer is and i should be able to help u delete it.

i can't send the pm of the log because i get this:

Warning: parse_url(file://c:\eied_s7.cab): Unable to parse url in /includes/class_bbcode.php(149) : eval()'d code on line 38

Warning: parse_url(file://c:\ex.cab): Unable to parse url in /includes/class_bbcode.php(149) : eval()'d code on line 38

Warning: parse_url(file://c:\ex.cab): Unable to parse url in /includes/class_bbcode.php(149) : eval()'d code on line 38


could i maybe copy/paste it onto this page?

sure go ahead and copy and paste if u can u should be able too.

Logfile of HijackThis v1.99.1
Scan saved at 11:41:53 PM, on 5/29/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\RWxpemFiZXRoIEpvYW5uIEJhcm9uZQ\command. exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svhost.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\System32\slk8x2peu.exe
C:\WINDOWS\System32\swintqag.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\sys034649047-99.exe
C:\WINDOWS\CCZoop05.exe
C:\WINDOWS\xload.exe
C:\Program Files\ipwins\ipwins.exe
C:\WINDOWS\win3207047-994649.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\m?dtc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\CURITY~1\regsvr32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE
C:\WINDOWS\System32\msrnsv.exe
C:\PROGRA~1\COMMON~1\zrqi\zrqim.exe
C:\PROGRA~1\COMMON~1\AOL\112937~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\112937~1\EE\AOLServiceHos t.exe
C:\DOCUME~1\BETTYJ~1\LOCALS~1\Temp\9baf0efc2eaa432 1a8640582d58881ec.exe
C:\WINDOWS\System32\msrnsv.exe
C:\DOCUME~1\BETTYJ~1\LOCALS~1\Temp\60a932763f5a40a b8d3d6150924ac996.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\PROGRA~1\MOZILL~1\FIREFOXX.EXE
C:\Documents and Settings\Betty Jo\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oso.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\cgajc.exe
F3 - REG:win.ini: run=C:\WINDOWS\System32\svhost.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,mchnmej. exe
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll
O2 - BHO: Yvakt Class - {98B9F201-C701-41F1-B338-7E5E0E6D768F} - C:\WINDOWS\System32\ejrwx8drl.dll
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [System backup] C:\WINDOWS\System32\msxmidi.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1129373351\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [gjZC2XV] "C:\WINDOWS\System32\slk8x2peu.exe"
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\System32\swintqag.exe FI002
O4 - HKLM\..\Run: [{6D-DC-C2-29-ZN}] c:\windows\system32\dwdsregt.exe FI002
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [w0c34d7f.dll] RUNDLL32.EXE w0c34d7f.dll,I2 000436f800c34d7f
O4 - HKLM\..\Run: [sys034649047-99] C:\WINDOWS\sys034649047-99.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\CCZoop05.exe
O4 - HKLM\..\Run: [xload] "C:\WINDOWS\xload.exe"
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [defender] C:\\defender24.exe
O4 - HKLM\..\Run: [win3207047-994649] C:\WINDOWS\win3207047-994649.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [System backup] C:\WINDOWS\System32\msxmidi.exe
O4 - HKCU\..\Run: [Fmdgrv] C:\WINDOWS\System32\m?dtc.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Ltho] "C:\PROGRA~1\CURITY~1\regsvr32.exe" -vt mt
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /A "C:\WINDOWS\System32\E_S209.tmp"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [msrnsv] C:\WINDOWS\System32\msrnsv.exe
O4 - HKCU\..\Run: [zrqi] C:\PROGRA~1\COMMON~1\zrqi\zrqim.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\RunOnce: [msrnsv] C:\WINDOWS\System32\msrnsv.exe
O4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\psdsregp.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\swintqag.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV0 2.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUxdm020YYUS
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: *.sxload.com
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.2.5.28/mahjong/mahjong-ob-assets.cab
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} (Web Browser Applet Control) - http://whackdown.pogo.com/applet-5.8.5.21/jvmtest
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {37C0D091-EDEB-4701-8873-B358A4368210} - http://media.euniverse.com/cursorzone/files/pumpkin_setup_td035.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {539DA0E0-74A7-11D9-9669-0800200C9A66} - http://www.ouchvideo.com/mmviewer_ic13.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.gamehouse.com/games/mjolauncher.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures04.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://goldenriviera.microgaming.com/goldenriviera/FlashAX.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FDCC1518-6A63-11D9-AAC8-91EC5E497716} - http://www.ouchvideo.com/mmviewer_emg11.cab
O18 - Filter: text/html - {0FA7FD6B-47C3-425B-AE30-36383F1C4503} - C:\WINDOWS\System32\ejrwx8drl.dll
O20 - AppInit_DLLs: repairs303169587.dll
O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\u0ru0a99ed.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - C:\WINDOWS\System32\vbsys2.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\RWxpemFiZXRoIEpvYW5uIEJhcm9uZQ\command. exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe







well here it is couldn't pm it though