Spydawn Malware???

You did not attach the other required logs from:

• CounterSpy - only for Windows XP, 2K, & NT users
• AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
• newfiles.txt - the log from ShowNew.bat
• HijackThis

You should also run the below tool:

RogueRemover

Let me know if this tool helped!

 

Why didn't you allow CounterSpy to fix what it found? You ignore everything. The purpose of running to tools is to fix the problems they find. Do not re-run right now though. We will fix a few things manually first and I will ask you to run it later.

Uninstall the below old versions of software:
J2SE Runtime Environment 5.0 Update 6
System Alert Popup <-- should have been uninstalled in step 0 of the READ ME

Make sure you reboot after uninstalling the above!

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Continue by downloading a tool we will need - Pocket KillBox

Save it to its own folder somewhere that you will be able to locate it later.

Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now run Pocket Killbox by doubleclicking on killbox.exe

• select File, Cleanup, Delete All Backups
• Choose Tools > Delete Temp Files and click Delete Selected Temp Files.
• Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue.

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\WINDOWS\system32\geplxss.dll

• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt.

If you receive a PendingFileRenameOperations prompt, just click OK to continue (But please let me know if you receive this message!).

If Killbox does not reboot just reboot your PC yourself.

After reboot locate the below folder and delete if found:
C:\Program Files\Video Access ActiveX Object

Now run Ccleaner!

Now run CounterSpy again and if it detects any problems, allow it to Quarantine or Delete what it find. Save a new log.

Now attach the below new logs and tell me how the above steps went.

1. CounterSpy
2. GetRunKey
3. ShowNew
4. HJT

Make sure you tell me how things are working now!

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

Uninstall the Sunbelt CounterSpy trial since we are finished with it now! Then delete the below two folders which may be left behind by the uninstall:
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software

Now shutdown all other protection software like McAfee, Spyware Doctor, ...etc before continuing with below.

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: (no name) - ¨ô - (no file)
O2 - BHO: (no name) - °$ô - (no file)
O2 - BHO: (no name) - Ð=ô - (no file)
O2 - BHO: (no name) - €>ô - (no file)

After clicking Fix, exit HJT.
Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me whether you receive a success message about adding the above to the registry. This is important.

Now reboot in normal mode

Now attach the below new logs and tell me how the above steps went.

1. GetRunKey
2. HJT

Make sure you tell me how things are working now! Are you having any malware problems?