Hello I keep getting this circle/x alot it flashes in the bottom I also get a yellow triangle with( ! )in the center with pop ups that say

Windows has detected an internet attack attempt sombodys trying to infest your pc......

Then If I click it. it takes me to a webpage to buy/download there program I am running xp sp2 Here is the hijack this below

Logfile of HijackThis v1.99.1
Scan saved at 9:16:59 PM, on 4/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\Common Files\AOL\1207959997\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
C:\Program Files\DefenderPro\TSAntiSpy.exe
C:\WINDOWS\system32\twzytadq.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\common files\aol\1207959997\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
c:\program files\common files\aol\1207959997\ee\aolsoftware.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3418
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3418
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3418
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T3418
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/apps/virusscan/10.0/testvs.asp?langid=en-us
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DVA Storm - {069E8B19-0EAC-45D6-A5B3-A10FF9B69F4C} - C:\WINDOWS\lgmxvpatfbo.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: DVA Storm - {D80F83DA-6FDC-4432-B350-29AABB316D2B} - C:\WINDOWS\lgmxvpatamk.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: qtvglped - {16B35F26-7FBC-45AD-83E2-4991CB73F477} - C:\WINDOWS\qtvglped.dll
O3 - Toolbar: qtvglped - {74E5E4E8-79DD-49AC-B64B-E74822D5F3CD} - C:\WINDOWS\qtvglped.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1207959997\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [LaunchAntiSpy] C:\Program Files\DefenderPro\TSAntiSpy.exe /startup
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [cvsbzohw] C:\WINDOWS\system32\twzytadq.exe
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\owner\LOCALS~1\temp\TE6A99~1.ZIP c:\DOCUME~1\owner\LOCALS~1\temp\TEMPOR~4.ZIP c:\DOCUME~1\owner\LOCALS~1\temp\TEMPOR~3.ZIP c:\DOCUME~1\owner\LOCALS~1\temp\TEMPOR~2.ZIP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{53E1C6F1-AF56-4E57-B70D-76021256EC56}: NameServer = 205.188.146.145
O20 - AppInit_DLLs: C:\PROGRA~1\DEFEND~1\DEFEND~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: pmsoarbf - {3A7FB1BF-82EA-4EE2-8C34-CC7FA2469D28} - C:\WINDOWS\pmsoarbf.dll
O21 - SSODL: omlbpkaw - {2E0DFF3D-63B5-4859-9F2E-F6A027D84ECE} - C:\WINDOWS\omlbpkaw.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Defender Pro Internet Security (AVP) - Unknown owner - C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe" -r (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

ric, to break into clearing up that infection please start with these tools:
==Get CCleaner from http://www.ccleaner.com/ - and install it in a new folder. You should keep this one for general use. I set the installation checkboxes only to open from the recycle bin. It's neater that way.
Now run CCleaner from the recycle bin rclick menu using its default settings [if you set up CCleaner as i suggested, rclicking the bin icon should give you the Open CCleaner option...].
If you have FireFox open the Applications tab and ensure at least that Cookies and Cache are checked.
Select the Cleaner icon, press Run Cleaner.
[For future quick temp file cleaning select the options you wish to use via the Windows and Applications tabs ..]
==GET AVG antispyware 7.5 here.. http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
-Install it and UPDATE it.
Start AVG a-s 7.5;
-under Scanner/ Settings please change the default action from Recommended Actions to QUARANTINE, and run the complete system scan.
-press Apply all Actions and Save the log file. Post the log file.
==Download this file to your desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- to run it dclick combofix.exe and follow the prompts to start it. When finished, it will produce a log, C:\Combofix.txt - post that log in your next reply.
A word of caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs reboot to restore the desktop.
Post those two logs along with a fresh hijackthis log.

Come on dude, don't click on this thing ever...ever. just try to get a few scanning softwares and scan you pc to get rid of any infections. CLickin on em is basically givin them permission to install whatever the heck they want.

Make sure you use a firewall to keep yourself safe from these things, Free version of zonealarm is good and comodo is a good one as well. Use them.

try the virus and nasty section. Use the scanners recommended there and you should be able to sort it out.

Also check yourself, see if you find anything unusual installed on your pc at roundabout the time when you started experiencing the problem, If something has been installed and you do not recognise it, then that could be part of the problem. Check it and delete it if its not something you authorised. Make sure you check out the virus and spyware section as you can get real help from there. Good luck.

Raj

Oh yeah, almost forgot... wrong hijackthis. Delete your copy from your desktop and follow these instructions, please.
==download hijackthis: http://www.majorgeeks.com/download5554.html
-copy it to a new FOLDER placed either alongside your program files or on your desktop and then... rename hijackthis.exe to imabunny.exe
-in that folder start HijackThis by dclicking the .exe; now close ALL other applications and any open windows including the explorer window containing HijackThis.
-click the Scan and Save a Logfile button. Post the log here.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.