I've run multiple anti-spyware checks with Adaware and Spybot, but after i delete them, more and more popups seem to be appearing on my computer. I've also begun to get "Security alerts" that tell me that my computer has been infected and prompt me to buy their products. How do I stop this? I've attatched a Hijackthis log. Please help!

Hi Xombie,

Welcome to the PC Help Forum.

To get the ball rolling, please follow the Prewok instructions in my signature. One of our security experts wil get to it once they come online.

I wouldn't worry about the popups that give you error messages and try to sell you a product unless you get them without having your web browser open. They're usually ads on sites. Some popups just get past some blockers. Especially if they are a sites sole/main form of advertisment. Just close them and do not click on them.

I'm sure it's more serious than that. I get popups even when I don't have a browser open. I also get error messages accompanied by an MS DOS window every few minutes. There's also icons on my toolbar that are appearing that I didn't put there myself.

The error message is like this:

16 bit MS-DOS Subsystem
C:\WINDOWS\TEMP\h91746.exe
The NTVDM CPU has encountered an illegal instruction.
CS:0dc7 IP:01d4 OP:6368 65 2f 31 Choose 'Close' to terminate the application.

It then gives me the option to Close or Ignore.
It also has a MS DOS window that pops up with it.

I saw someone post a very similar problem on your boards earlier, but i tried following the instructions and i couldn't find the same programs under Hijackthis that the reply told him to fix. Any ideas?

Hya Xombie.

Yup , it is indeed alot more serious. You have a hole bunch of infections on there. First please run Smitrem:


Download Smitrem to your desktop:

http://noahdfear.geekstogo.com/click...click.php?id=1

Run the installer and then press Start to Extract the
files to the desktop, Do not run it yet.

Reboot into safe mode (Reboot and keep tapping F8 then
choose safe mode from the list)

Run SmitRem:

Open the SmitRem folder and double click the "RunThis.bat"
file to start the tool , Follow the prompts on
screen. Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of the drive that you ran the batch file on, eg; Local Disk C: or partition where your operating system is installed. Please attach this log to your next reply



You will need to reload your wallpaper as the SmitRem
tool will reset it, you can do this by right clicking
desktop and choosing properties, First check Theme and
set it to Windows XP then click the Desktop tab and
choose the one you want to use and press apply.



After that please follow the "Prework" instructions , see the link below in my sig , and then post the Smitrem log , the Ewido log and a new hjt log.

Alot should be cleaned up already after that.