Hi !

First excuse me for my poor english...

Each time that i run Spybot, i have the "Fake.Wget" (2 entries) problem even if i fixed them many times !!!

How can i remove them definitively ???

I was infected lately by multiple trojans and spywares... !!!

I attached the log of hijackthis and the report of spybot.

Thank you very much for helping me.

I forget to tell you that i didn't fix the 3 entries of WindowsSecurityCenter because they are not a spyware i think ??? It's true ???

Hi !

I hope that someone of the spybot team can help us how to remove this...

Thanks

Hi castillofr, Sorry for the delay

The WindowsSecurityCenter will show if you have changed it to other that default .

Could i see a SpyBot report after checking for problems, i can then see what its finding.

Open SpyBot 1.4, check for and get any updates available, close all browsers, check for problems and fix everything found. Then on the toolbar menu select mode and switch to advanced mode, on the left lower down select tools,and view report, ensure all the options are select near the bottom except
Uncheck[ ] do not report disabled or known legitimate Items,
uncheck[ ] Include a list of services in report.
Uncheck[ ] Include uninstall list in report.
Now select (near the top) view report, Press export, in the save in box choose a place such as your my documents folder, then in your next post near the bottom select the "manage attachments" button , navigate to and attach or post that report please.

Hi !

Thanks LonnyRJones.

Here is the report that you requested:

Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.UpdateDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0

Fake.Wget: Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-583907252-764733703-682003330-1003\Software\Wget

Fake.Wget: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Wget

Hi

Are you running SpyBot in an account with administrative rights ?
what group is your account in ?

Hi !

Yes, I have 3 accounts in my PC. All of them have administrative rights.

I have created these accounts only for users preferences not for to restrict access to anyone who uses the PC.

Thanks.

Lets see if a simple reg import will remove it

Launch Notepad (not wordpad), and copy and paste the contents of the code box below into a new text file.
Save it as file name: "fixme.reg" (not including the quotes). Save as file type: All files (*.*) and save it on your Desktop.


REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wget]
[-HKEY_USERS\S-1-5-21-583907252-764733703-682003330-1003\Software\Wget]


Now double-click on the fixme.reg file you saved and click on the Yes button when it asks if you would like to merge the information. Once you get a successful message delete fixme.reg.

Restart your PC.

Hi !

It works very well !!!

Now the result of spybot scan show only this:
--------------------------------------------
Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.UpdateDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0
--------------------------------------------

Thank you very much LonnyRJones.

Great

Im Glad we could help
Since the problems are solved Im going to close the topic now, this keeps others with similar problems from posting there logs/question here, they should start a new topic.
If you should need to post another log for the same PC let Me or Tashi know.