Hi,
I apparently have several spywares on my pc the pop up alerts are driving me crazy. I have run spyhunter and an antivirus but they aren't going away. Here is the Hijackthis log thank you for any help you can give.
These are the ones that are popping up:
ALEXA
ADWARE
VR32
HOMESEARCH
SDBOT
TRANSPONDER
TROJAN:URLRESOLVER
WINFAVORITES
TELLS ME 8 SPYWARE MODULES HAVE BEEN DETECTED BUT NOTHING GETS RID OF THEM THAT I TRY.
Logfile of HijackThis v1.99.1
Scan saved at 11:12:57 AM, on 5/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\mysql\bin\mysqld-nt.exe
C:\VIRUSfighter\Bin\Zanda.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe
C:\PROGRA~1\VCOM\SYSTEM~1\mxtask.exe
C:\WINDOWS\Explorer.EXE
C:\VIRUSfighter\Nvc\bin\nvcoas.exe
C:\VIRUSfighter\bin\NJEEVES.EXE
C:\VIRUSfighter\Nvc\BIN\NVCSCHED.EXE
C:\VIRUSfighter\Nvc\BIN\nipsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\VIRUSfighter\bin\ZLH.EXE
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\CIA\callwaveaccel.exe
C:\VIRUSfighter\Nvc\bin\cclaw.exe
C:\VIRUSfighter\Nvc\BIN\NIP.EXE
C:\Program Files\CallWave\IAM.exe
C:\WINDOWS\wupdmgr.exe
C:\WINDOWS\osaupd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\CIA\PBHelper.dll
O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [xviksgqbbyqb] C:\WINDOWS\System32\tmbirn.exe
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\SYSTEM~1\MemCheck.exe
O4 - HKLM\..\Run: [cacat] C:\Program Files\CACAT\cacat.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Adware.Srv32] C:\WINDOWS\system32\runsrv32.exe
O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\VIRUSfighter\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Owner"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Owner"
O4 - Startup: spywaresheriff.lnk = C:\Program Files\SpywareSheriff\spywaresheriff.exe
O4 - Global Startup: CallWave Accelerator.lnk = C:\Program Files\CIA\callwaveaccel.exe
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Show All Original Images - res://C:\Program Files\CIA\callwaveaccel.exe/250
O8 - Extra context menu item: Show Original Image - res://C:\Program Files\CIA\callwaveaccel.exe/227
O16 - DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} (LREGameLoaderCtrl Class) -
http://media.grab.com/media/6364d3/g...ameloader6.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) -
http://media.grab.com/media/fbd793/g...utLauncher.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} -
http://www.azebar.com/1/sux.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://antu.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5243AE0-F0FE-4662-AF9E-337721BC3542}: NameServer = 205.152.132.23 205.152.37.23
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\VIRUSfighter\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\VIRUSfighter\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\VIRUSfighter\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\VIRUSfighter\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\VIRUSfighter\Nvc\BIN\NVCSCHED.EXE
O23 - Service: SystemSuite Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe
Unsolved 
Offline 
