This Spy Dawn Bubble when I'm trying to work on "anything" opens up Internet Explorer to the Spy Dawn site. I'm am so tired, pissed :mad: and sick of the wasted time when I'm working and BOOM, :sick: I click on that darn thing again.

How in God's name do I get rid of this little icon that displays in the lower right corner of the monitor (goes from a blue and white question mark to a red circle with a slash thru it) which from time to time turns into a clickable bubble (god forbid if you click on "system alert" when it suddenly appears), and get rid of this anti-spyware website once and for all?

I sure hope someone out there can help me. :sad:

Thank you for all of your consideration in this.:)

Hi msdazlr

Use this (http://downloads.malwareremoval.com/hijackthis_sfx.exe) link to get HijackThis.
Save it to your desktop and then double-click to run it.
It will install the program in c:\program files\HijackThis.
Browse to that location with windows explorer, and double click on the HijackThis.exe program to run. Choose the 'Do a system scan and save a logfile'
That will allow you to save the log to the desktop (or some other place) and leave open a notepad file with the HijackThis log in it.

Now post your HijackThis log into this topic.

I got to the unzip and it said it was located in program files/hijack something another. How do I get to windows explorer to open that file? :sick:

Now how do I post it and what will that do for me? It shows I shouldn't go into smut sites anymore! Hahaha:D:

Ok, I got it, I think. Let me know what we can so to take care of the Bubble. Thank you for at least trying to help me. I really appreciate it. That thing is so anoying!

Hi

Follow these (http://forums.spybot.info/showthread.php?t=4015) instructions and post back corresponding logs, please :)

Thank you for helping me get rid of that REAL frustrating spyware. I put the log on here for you to see.

Now, can you help me with a hopefully free GOOD virus remover since I think it got in through the Active X on the smut site. If you could I would deeply appreciate it!

One virus I am aware of is titled:
C:\Windows\System32\geplxss.dll

America Online's McAffee had sent a bubble from time to time saying it can't delete it. I tried manually to delete it and I can't either. What do you suggest for all the little creepy virus's I got from my bad move of going into the smut sites.......LOL I know, don't go there anymore! LOL

Hi

Please run smitfraufix option 2 in safe mode, post it's log along with a fresh HijackThis log :)

How do I put the computer into a Safe Mode? I use to know how and forgot.

Hi

See here (http://www.computerhope.com/issues/chsafe.htm)

I was unable to log on for a couple days. I will try to do that stuff you requested tonight.

My virus settings for AOL says I have AVG7.5.446 loaded n the computer. I unistalled those files. At least I think I did. Will running those logs for you determine if I still have a part of that virus program on here? That's what I get for trying to do a virus thing without your help! :oops:

Thank you for your time in helping this frustrated person over here!:sick:

Hi

Yes, they will, just follow my previous instructions, please :)

I ran Smitfraudfix in safe mode then did the Hijack This log. We also put on Norton Antivirus last night. It fixed only one problem out of two.

Hi

Could also send smitfraudfix report? It's here -> C:\rapport.txt.

Smitfraud

Hi

Did you run it in safe mode with option 2?

I ask because that's option 1 log in normal mode :)

Yes, I ran it in safe mode then did the search option to put the log on. It wouldn't let me give you a log in the safe mode. OK?;)

Hi

Then you will have to do it again, because that log you attached is ran on normal mode and with option 1 :)

Happy Easter! I will do that today later on. And again, thanks so much for taking "your" time to help me.:bigthumb:

How is it going msdazlr. :)

I feel like my head is a blimp! I have a horrible, really horrible cold. I'm sorry I haven't gotten to your request. If I tried anything at this point I would probably screw it up, big time! LOL

Thank you for asking and if you'de like write to me at my email address :red:

Hi

That's ok, reply when you have recovered :)

Hi

How's it going msdazlr?

Ah, I'm finally getting rid of that cold and got a couple big things out of the way that really had to that now I can concentrate on why AOL keeps freezing up and driving me absolutely bonkers! :rolleyes:

I'll get with you tomorrow or in the next couple days. Thanks for not giving up on me!:bigthumb:

Hi

Great news, I'll be waiting :)

Still with us msdazlr? :)

I totally forgot to get done what my buddy on here suggested to do. I'll do it in just a bit here. I had a problem being able to post the log in Safe Mode from HijackThis. Hope I can get it done.

We downloaded a new anti virus software that seems to be working the computer a little faster nowadays, thank God. But funny I should read this tonight and my computer was running as slow as molasis again.

Time to get a handle on this.

Thanks for asking!;)

I finally got it done!:D:

Here is both of the things you wanted in Safe Mode. Let me know what to do next. Thank you for helping me get this computer in order as well as learn something at the same time!:bigthumb:

Hi

That is still smitfraudfix option 1 log.

Please do this:

Reboot your computer in Safe Mode.
If the computer is running, shut down Windows, and then turn off the power.
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe Mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
Login on your usual account.
______________________________

Double-click on SmitfraudFix.exe
Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually. Reboot in Safe Mode.

The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

Reboot in Normal Mode.
______________________________

Please post:
c:\rapport.txt
A new HijackThis log
You may need several replies to post the requested logs, otherwise they might get cut off.

It didn't prompt me in Safe Mode, #2 of Smitfraud to do the Registry Clean, and I don't know if it checked the wininet.dll automatically.

Also, it won't let me post a file .log so I saved the HijackThis log to a disk and posted it by just changing the .log to a .txt file. Is that OK? Hope so. :red:

Here is what I have so far.:rolleyes:

Just wanted to make sure I ran the HijackThis in the Safe Mode. As I stated above, I saved it to disk just to change the .log so it will upload to this post.

What do you find out when you look at these files? Maybe I can learn something if you tell me.

Why does my computer in the start up mode show the System 32 and a Dell folders? I don't know how to get those not to show up when booting up the computer.

Thanks again if you can help me maximize this computer! You're an :angel:

Hi

Your copy of Smitfraudfix is outdated, my bad :oops:

First delete it, then download a fresh copy from here (http://siri.urz.free.fr/Fix/SmitfraudFix.exe)

Then run it again in safe mode with option 2 as instructed before :)

I looked in the Smitfraud file folder and there isn't an uninstall file. How do I make sure I get rid of ALL the files to that.:scratch:

How come Smitfraud-C came up on my SpyBot scan? It showed 5 enteries. I didn't fix them or immunize them cause I wasn't sure what to do.:red:

Hi

Just delete that entire smitfraudfix folder :)

Okie dokie. Will do.:bigthumb:

I went and did the new Smitfraud in Safe Mode and it won't let me create a log or it didn't ask me to clean the registry. So, I'm stuck on what to do now. :sad: After Smitfraud starts what looks like a scan then it goes to the blank safe mode screen and that's it. Nothing. I have to turn off the computer and start it again, which takes forever. Let me know what could be the problem.:sick:

Hi

Then we do it manually:

First we'll need to backup registry:

Start -> Run -> regedit -> ok. Then File -> Export. Give it a name and press Save.

Save text below as fix.reg on Notepad (save it as all files (*.*)) on Desktop

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{b59f3ba4-98da-4b5f-8a2d-7b56fb11140b}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{2016a466-91a2-43c6-97d8-2fd380f065ef}"=-

[-HKEY_CLASSES_ROOT\CLSID\{2016a466-91a2-43c6-97d8-2fd380f065ef}]

[-HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2016a466-91a2-43c6-97d8-2fd380f065ef}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{aed6f6a3-183c-488d-9f90-23db99f56e7f}"=-

[-HKEY_CLASSES_ROOT\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}

[-HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}]


It should look like this -> http://users.telenet.be/bluepatchy/miekiemoes/images/reg.gif

Doubleclick fix.reg, press Yes and ok.

(In case you are unsure how to create a reg file, take a look here (http://www.nellie2.co.uk/file.htm#How_to_Make_a_.Reg_File_) with screenshots.)

Reboot

Run smitfraudfix with option 1 in normal mode

Post:

- a fresh HijackThis log
- smitfraudfix report

I'll get right on it tomorrow. I'm going to go and watch a movie. I'm tired of looking at scholarships on here! Hahaha Trying to find more money for school. Sure would help! Got any? :funny:

By your instructions I shouldn't have any trouble.:sick:

I did what you said and got an error message. It reads, "Cannot import C:\Documents and Settings\Ed&Connie\desktop\fix.reg. The specified file is not a registry script. YOu can only import bnary registry files from within the registry editor."

What did I do wrong?:sad:

Hi

Is there also this line -> Windows Registry Editor Version 5.00 <- in fix.reg?

It's essential.

Sorry I've been a little distracted with getting you the info back. I'm getting ready to break a new tent in camping and been getting all the stuff ready to go.

The answer to your question, no. It doesn't say that when I click on it from the desktop icon.:sick:

Hi

Then you will need to add it to that file.

You will also need to save it as all files (*.*) (not eg. as txt file), otherwise it won't work.

msdazlr, how is it going?

I just got back from my awesome camping trip in Cook Forest, AA Convention. 2,000 X drunks running around in the woods! Hahahaha:laugh:

I'm trying to finish this paper due for school so I can finish doing what my buddy on here wants me to do to clean up this computer. :eek:

I hope to get to it REAL soon! :bigthumb:

This topic has been moved to archives to prevent others with similar issues posting to it.

If you need the thread re-opened, please send me a private message (pm) and provide a link.

Applies only to the original poster, anyone else with similar problems please start your own topic.