Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Message alerts

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 3 posts
Message alert sending to wupdate.net and others
Help me. I keep getting these messages althoug I formatted my hard drive twice

Attached Files

  • 0




    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Logfile of HijackThis v1.99.1
Scan saved at 22:59:46, on 30-08-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Programas\Ficheiros comuns\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programas\Ficheiros comuns\Softwin\BitDefender Scan Server\bdss.exe
C:\Documents and Settings\Administrador\Ambiente de trabalho\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Microsoft Update] wuamk032.exe
O4 - HKLM\..\Run: [Microsoft Intrenet Explorer] lmk.exe
O4 - HKLM\..\Run: [Win32 Info] windowsnfo.exe
O4 - HKLM\..\Run: [BDMCon] C:\Programas\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Programas\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Programas\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Programas\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamk032.exe
O4 - HKLM\..\RunServices: [Microsoft Intrenet Explorer] lmk.exe
O4 - HKLM\..\RunServices: [Win32 Info] windowsnfo.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Win32 Info] windowsnfo.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunServices: [Win32 Info] windowsnfo.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1125424007359
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6ECD904-4FD4-4DF1-AF2E-A0A358FA78BD}: NameServer =
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programas\Ficheiros comuns\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Programas\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Programas\Ficheiros comuns\Softwin\BitDefender Communicator\xcommsvr.exe

Posted the HijackThis log for all to see

  • 0



    retired HiJack Helper

  • Retired Staff
  • 5,080 posts
Welcome bbadaboum to Geeks to Go!

Download CleanUp!.
If that doesn’t work, use this link.
Here is a tutorial which describes its usage:

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options"
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Scan local drives for temporary files
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program.

Once it's done, press Close. Reboot the system. This will remove files that were in use during the scan.


Please download, install, and update the free version of Ewido trojan scanner:
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Run Ewido --- When you run it for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • From the main ewido screen, click on update in the left menu, then click the Start update button.
  • After the update finishes (the status bar at the bottom will display "Update successful")
  • Exit Ewido. DO NOT scan yet.

Download the Killbox.
Unzip it to the desktop

Double-click on Killbox.exe to run it. Place the following lines (complete paths) in bold in the "Full Path of File to Delete" box in Killbox, and click the red button with the white X on it after each


For these file, put a mark next to "Delete on Reboot". Copy and paste each file into the file name box, then click the red button with the X after each. It will ask you if you want to reboot each time you click it, answer NO until after you've pasted the last file name, at which time you should answer Yes.
Click "No" at the Pending Operations prompt.

If your computer does not restart automatically, please restart it manually.


Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:


Open HijackThis
Place a check against each of the following, making sure you get them all and not any others by mistake:

O4 - HKLM\..\Run: [Microsoft Update] wuamk032.exe

O4 - HKLM\..\Run: [Microsoft Intrenet Explorer] lmk.exe

O4 - HKLM\..\Run: [Win32 Info] windowsnfo.exe

O4 - HKLM\..\RunServices: [Microsoft Update] wuamk032.exe

O4 - HKLM\..\RunServices: [Microsoft Intrenet Explorer] lmk.exe

O4 - HKLM\..\RunServices: [Win32 Info] windowsnfo.exe

O4 - HKCU\..\Run: [Win32 Info] windowsnfo.exe

O4 - HKCU\..\RunServices: [Win32 Info] windowsnfo.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

Close all programs leaving only HijackThis running.
Click on Fix Checked when finished and exit HijackThis.


Next, run Ewido again.
  • Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
  • If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
  • When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.

Reboot back to normal mode.


Post back in this topic using the button 'add reply' with a fresh HijackThis log and the Ewido log.

As there has been no reply from the original poster for more than two weeks this topic is now closed.

If you are the original poster and still need assistance, please send me a PM.

Edited by g2i2r4, 10 September 2005 - 11:19 AM.

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP