Sound like a nuisance? This is how Adware and Spyware work - they are computer programs that attach themselves like glue to whatever files you download online. They are designed to track you wherever you go online. Adware, sometimes referred to as freeware, goes the extra step to 'pop-up' ads when you open a website or web page or open a program.
Spyware are somewhat similar in that they are also freeware, but spyware programs have embedded tracking programs which report your activities on the web to the spyware agent, which in turn provides the information to advertisers and web developers. Armed with your web surfing information, advertisers and web developers can feed your computer with any information they want without your consent and even without you noticing it.
The best course of action is to consistently employ some precautionary measures to keep your machine free from spyware and adware. These measures include disabling automatic installation of software programs in your internet browser, and the use of pop-up blockers and a robust firewall program. Then, purchasing and installing a reputable anti-adware/spyware program will provide you protection against data-mining, parasites, aggressive advertising, scumware and some traditional viruses and tracking systems like trojans, dialers, malware and browser hijackers.
Other popular and handy anti-spyware software include Spyware Doctor, an advanced adware and spyware removal program; Free Spyware Scanner, which tells the user how their computer got infected and the best solution for spyware removal; Spy-Ad Exterminator Free, which searches your machine's hard drives and registry for spyware, adware, worms, hijacks, keyloggers; and Spy Cleaner Lite, which identifies and removes programs that have been secretly installed in your system without your consent.
Generally, these anti-spyware scanner and removal utilities will locate spyware and adware on your machine and delete, or quarantine each of them. Some anti-spyware programs will remove spyware automatically while other provides a user interface option where you can customize specific actions to take, like ignoring the detected file.
It's your call which software you use to combat the adware/spyware threat. With all of the programs available, it's not hard to pick one - just ensure it's reputable and up to your particular needs. For a thorough review of some of the best programs available and to help you decide which to use, try http://WebBiz.bezoogle.com/pp/adware
About the Author
Gerard Espinashttp://www.MyOnlineComputerTech.com
http://www.GerardEspinas.com
A Technology Specialist in the field of Open Source Computing, PC Desktop Security and Support, Web 2.0 Application and Programming, Robotics and Automation, Electronics and Embedded Controls, System Analyst and Design, and System Integration.
Copyright © Gerard Espinas 2008 All Rights Reserved.
Napster,
This is Azhar. I have scan my notebook using HijackThis and below is the log. I would appreciate your advise on what to do. I noticed lately, even to boot up takes so long.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:56:24 PM, on 10/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\UBSSTK90\NETWORK\USB\USBLAN_Ldr.EXE
C:\UBSSTK90\NETWORK\USB\UsbServer2K.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Vodafone\Vodafone Zuhause EasyBox\ic~cfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [pdfFactory Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Vodafone Zuhause EasyBox Konfigurator.lnk = C:\Program Files\Vodafone\Vodafone Zuhause EasyBox\ic~cfg.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: USBLAN_Ldr - McAMOS TECHNOLOGY CORP - C:\UBSSTK90\NETWORK\USB\USBLAN_Ldr.EXE
--
End of file - 8029 bytes
Sorry being late reply, kinda busy now days,
1. C:\WINDOWS\system32\spoolsv.exe ain't critical for the system, but slows it down imensly by taking up more than 50% of cpu. quitting it using the task manager will allow you to get back to normal speed, but important system processes are still getting blocked. ( prevents dhc client, getting network adress ).
2. C:\WINDOWS\system32\nvsvc32.exe = I found it on an infected PC, some nvidia service and it generated a lot of networktraffic disturbing surfing and mailing. Just turn it of this service on task manager or for unselect this service on "msconfig"...type this word on startmenu, run without quote..
3. Ok, I found a virus on your pc codename Trojan virus and you got text "Hacked by Godzilla" Title bar on Internet Explorer. Am i right?...How to remove this virus?
4. ok this example article you can take the step to remove this virus or service too..go link here,
http://www.interstraits.biz/virusms32.htm
5. SpyBot its a good program but sometimes some malware or trojan can't detect it so download Ad-Aware, Update definition, Do a scan..
6. Also use your AVG, Update to new definition and scan..
7. Some download manager can take your high bandwidth when you do a downloading file...so when you do a surfing just turn it off Free Download Manager on task manager.
8. Post HijackThis log after do all intruction above...
3. This virus on your HijackThis log file>>
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs
Napster,
Cant see task manager...it says "Task manager has been turned off" How? Azhar
Task manager has been turned off or Task manager has been disabled by your administrator?
you are right...it says "Task Manager has been disabled by your administrator." How to go about it? Thanks
This happen because your computer effected by a virus. Ok first go to cmd then type regedit
how to go to cmd?
you can use Smart Virus Remover google it, its restore back your task manager but it will not get delete such virus... i used to have those virus and the only solution is to reformat your computer.
- Click Start, All Programs, Accessories, then click Commant Prompt.
- On Commant Prompt type regedit then hit enter
Hello Anonymous,
no need to reformat your computer unless you can't open your computer on safe mode...
The situation's pretty simple. If you right click on the clock in the Windows taskbar, the Task Manager item is grayed out or, if you try to run taskmgr.exe manually, you get this message.
So, how did this happen?
As we'll see in a moment, there are settings you can access as an administrator that would allow you to disable and enable Task Manager in this way.
You didn't do that, you say?
Then a virus probably did.
Disabling Task Manager is one way viruses try to make it harder for you to deal with their infections. Before proceeding any further, you should run a complete and up-to-date anti-virus scan of your machine. It's possible, perhaps even likely, that you've been infected.
Once you come back virus-free, you can proceed with the fix, no need reformat your pc!!
oh napster i deal with this problem like 4 months ago.. i have taskbar right click problem, task manager problem and regedit.. what i do..
1. i use R.R.T (restricted remover tool)i dont know where if i still have them.. but it can make my task manager working back to normal only...
2. R.R.T just tool to remove virus from effect the system, but the virus still there. then i just use a full scan with NOD32 then all back to normal.. all virus gone..
p/s : maybe "disk heal" can do a work too.. i heard about gpedit setting but if u deal with virus its not gpedit problem..
just sharing
-Hazeem-
-Thanks for the info Hazeem, its very greatfull tips. However task manager, regedit can be disabled manually, but more commonly it's disabled by a virus. It's easy to re-enable once you're virus-free. I have deal with this problem before about many times/years through pc or laptop which is use a OS environment from Microsoft and successful done with it.
-Before change any setting highly important must do virus-free on your pc and by enabled this you can do on Group Policy Editor in Windows XP Professional or delete the restriction in the registry manually or if you have seriously problem like regedit, task manager has been disabled, just run third party software like tuneup utilities.