Hey I gotta problem...spyware. Adaware doesn't detect it...its in the notification area, an upside-down yield sign with an exclamation point in it that blinks and occasionally notifies me that I have a virus...like I didn't figure that out already. It also has pop-ups! Yay! Anyway, HJT log attatched

Attached Files

hijackthis.log (5.4 KB, 3 views)

Hi gmsdrmmrboi

You will need to uninstall this folder.Check for it in Add/Remove first.

F:\Program Files\IntCodec

Hi guys.

That Intcodec folder should be targeted and removed by the Smitfraudfix, manual removal could proove to be difficult.


Please download SmitfraudFix (by S!Ri)

Extract the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consultin...rocessutil.htm

It was a bit of an experiment.I wanted to see if it would remove by uninstalling.If not I was then going to hit it with Smit.

Well, here it is.

Attached Files

rapport.txt (1.4 KB, 2 views)

Sorry about that PC.


@Gmsdrmmrboi, have you tried the uninstaller in add/remove programs as PC mentioned before making this log?



Please print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please reboot your computer in Safe Mode. (hit f8 before Windows loads when booting up)

Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new HijackThis log.

The report can also be found at the root of the system drive, usually at C:\rapport.txt