PC-Antispyware message on desktop

[TwiztedTwit]

I tried to open a link on a childrens medical site. Bam, got porn popping up. Avg caught this and I quarantined it. Now I keep getting a message popping up stating System Integrity Scan Wizard...warning: your computer may have critical errors in windows registry and file system.

Ive ran Ad-Aware, it did find quite a few things that I had it fix. I ran spybot, it only found one. I ran Trend Micro's housecall, it found 5 cookies only. Ive ran windows defender, it came back clean.

I have this message stuck in the middle of my desktop:

Warning: Spyware threat has been detected on your PC. Your computer has several fatal errors due to spyware activity. Click here to scan your pc for spyware.

Please advise as to how I might get rid of this.

Thank you for your help

Running Windows Xp SP2

 

[cichlidkeeper91]

Well do not download any of the software that they ask you to on the popups. As they are viruses as well.

 

[ravi_9793]

Those pops are itself virus.

Just use search and destroy, and lavasoft adware

 

[Redmo0n]

Just use search and destroy, and lavasoft adware

He already did that.

Go through Osiris's guide and post a Hijackthislog - http://www.techist.com/forums/f70/spyware-removal-guide-osiris-165848/

 

[TwiztedTwit]

Okay, I'll make sure all these programs are up todate and then post again.

What happened to Warez Monster? Wasnt he a member of these forums?

 

[Ewc1307]

Yeah! - Click here and we'll clean your PC! - Almost as bad as "You are the 1,000,000th visitor to this page and you have won!" popup...

Just don't click them...ever!

Also run CCleaner too...here's a link CCleaner - Download

 

[carnageX]

Okay, I'll make sure all these programs are up todate and then post again.

What happened to Warez Monster? Wasnt he a member of these forums?

Warez = Osiris now, lol. He changed his username on here (had the admins do it for him).

Just go through his guide, and then you should be good to go. Most important tool on there is TrojanRemover for your problem; HiJackThis would be next. TR could care of a nasty infection that I had to get rid of on a system I was working on last week for a customer; same thing for one of my friends who had a lot of trojans; ran that, and took care of 'em right away.

 

[TwiztedTwit]

testing........ having trouble posting replys....... keeps coming up as page cant be found.

 

[TwiztedTwit]

LOL..... Warez- Osiris....... sneaky devil isnt he. Well, Im glad to hear hes still around. Hes been plenty of help for me before.

Ok, I ran MSConfig Cleanup, Smitfraudfix, Vundofix, CCleaner, Cleanup!, AVG Anti-Spyware (boy that one took awhile) and Trojan Remover.

The pesky spyware is gone from my desktop now, but here is a copy of my HiJackThis Log.

Thanks in advance for all your help! ( I do see a C:\Windows\izqfodax.exe, no clue what that is) PART1

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:48:27 PM, on 3/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\My Downloads\Computer Repair\Ad-aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\izqfodax.exe
C:\MYDOWN~1\AVG472~1\avgcc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\MYDOWN~1\AVG472~1\avgamsvr.exe
C:\MYDOWN~1\AVG472~1\avgupsvc.exe
C:\MYDOWN~1\AVG472~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

 

[TwiztedTwit]

For some reason, I cant post the complete message as 1 message, keep getting "page cannot be displayed message"

HiJackThisLog........ Part 2

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 200.124.131.116 casinocontroller.com
O1 - Hosts: 200.124.131.116 casinocontroller.com
O1 - Hosts: 200.124.131.116 casinocontroller.com
O1 - Hosts: 200.124.131.116 casinocontroller.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\MYDOWN~1\COMPUT~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\MYDOWN~1\AVG472~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TrojanScanner] C:\My Downloads\Computer Repair\TrojanRemover\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Policies\Explorer\Run: [3bPwd3Hcu7] C:\WINDOWS\izqfodax.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\MYDOWN~1\AVG472~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\MYDOWN~1\AVG472~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MSOFFI~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\MYDOWN~1\COMPUT~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\MYDOWN~1\COMPUT~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://spe.atdmt.com
O15 - Trusted Zone: http://www.iwon.com
O15 - Trusted Zone: www.mytributecard.com
O15 - Trusted Zone: Orchard Bank Credit Card Application - Log in for Account Services
O15 - Trusted Zone: www.yahoomail.com
O15 - Trusted Zone: East County Family YMCA