• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
feign

windows error service

3 posts in this topic

Can anyone please help?

 

I just joined and this is my first post here, I apologize in advance for ant mistakes.

 

I keep getting this pop-up approx. every 5 minutes for a "Windows Error Service" telling me that it has detected spyware on my computer and I should download the removel program. I have not clicked ok. I also keep getting miscellaneous pop-ups and my home page keeps getting hijacked to some junk search page bu the address bar list it as about blank. I have already run Norton Anti-Virus, Ad-Aware, SpyBot S&D, CWShredder, and HijackThis.

 

Please help I'm desparate.

 

Here is my hijackthis log:

 

Logfile of HijackThis v1.97.7

Scan saved at 10:00:38 AM, on 6/21/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,

O2 - BHO: (no name) - {0CF104D9-67B3-C384-C897-04658501B6A0} - C:\WINDOWS\System32\dmwhxexk.dll

O2 - BHO: (no name) - {712E6EC9-BB87-6C17-2829-952F9514D2AB} - C:\WINDOWS\System32\gagkzqws.dll

O2 - BHO: (no name) - {876C6F54-5149-42AA-BDC2-BAE1D60462BE} - C:\WINDOWS\System32\pggm.dll

O2 - BHO: (no name) - {8A63234B-0541-8288-4F17-BB1B04A419C6} - C:\WINDOWS\System32\gaxqvyvq.dll

O2 - BHO: (no name) - {8B69B167-3DB6-FDE0-D0AC-7525CDE573EA} - C:\WINDOWS\System32\njivdvzr.dll

O2 - BHO: Curl - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - C:\WINDOWS\System32\NDrv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\ConMgr.exe"

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE

O4 - HKLM\..\Run: [superBar.Component] C:\WINDOWS\system32\inetsrv\services.exe

O4 - HKLM\..\Run: [AdRotator.Application] C:\WINDOWS\system32\drivers\csrss.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [NDrv] C:\WINDOWS\System32\NDrv.exe

O4 - HKCU\..\Run: [WNST] C:\WINDOWS\System32\wnsapisu.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Create Mobile Favorite (HKLM)

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)

O15 - Trusted Zone: http://*.mt-download.com

O16 - DPF: {12B574CE-A702-E7AD-358C-597D3BCEA9FA} (IEplugin Class) - http://www.mrketing.biz/IE_plugin.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/7b77298...all/xscan53.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

Any help is greatly appreciated.

Share this post


Link to post
Share on other sites

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {0CF104D9-67B3-C384-C897-04658501B6A0} - C:\WINDOWS\System32\dmwhxexk.dll

O2 - BHO: (no name) - {712E6EC9-BB87-6C17-2829-952F9514D2AB} - C:\WINDOWS\System32\gagkzqws.dll

O2 - BHO: (no name) - {876C6F54-5149-42AA-BDC2-BAE1D60462BE} - C:\WINDOWS\System32\pggm.dll

O2 - BHO: (no name) - {8A63234B-0541-8288-4F17-BB1B04A419C6} - C:\WINDOWS\System32\gaxqvyvq.dll

O2 - BHO: (no name) - {8B69B167-3DB6-FDE0-D0AC-7525CDE573EA} - C:\WINDOWS\System32\njivdvzr.dll

 

O15 - Trusted Zone: http://*.mt-download.com

 

these are the things that are safe to remove. then reboot run ad-aware and spybot clean up whatever might be left. then run hijackthis again and post log.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0