[BigH]

Me too I got rid of it once with SmitfraudFix but this time I can't get rid of the flashing icon in the system tray or the silly popup warning sign. I hope someone comes up with something soon it's driving me potty.

[BigH]

Yes ! Got rid of it _ I read GTO's message to butterfly and found reglogs.dll in C:\WINDOWS\system32 then renamed it reglogs.dll.txt then deleted it.

Many thanks GTO

[Jaxxx]

On May 4, 2006 I was infected with the Spy Falcon spyware. I had a new copy of Spyware Doctor and immediately used it. It didn't clear it completely. I still had the tray wheel chair and the "about:blank" home screen. I also googled for Spy Falcon and used Tech Spot, and in turn Panda's freeware, hijackthis, and smitfraud.exe. I still had the wheel chair w/balloon warnings and the diverted home page. This morning I ran Spyware Doc again and it removed 28 more items. My e-mails to Spyware Doctor and malware report sendings were never answered. I was stilll not completely cured. I googled "about:blank" and accessed 2-Spyware.com. Boy, am I glad. I looked up all the items on your main removal page, deleted a few (easily) .exe, and .dll. Then found the called evil reglogs.dll. It was 173K and I knew he was the one. So, I followed your cmd directions and the response was very disappointing: I got a popup with a yellow triangle w/exclamation point that said:
RegSvr32
"reglogs.dll was loaded, but the DllunregisterServer entry point was not found.
This file can not be registered."

I was crestfallen ,but determined. I went into your forum until I saw a way that was recommended for someone else: killbox.exe. I followed the directions and it did the job. Then I ran Spywear Doctor again -- nothing further came up. Now I am waiting for the other shoe to drop. Question 1: Am I really clean? How can I verify this -- run hijackthis and submit it to 2-Spyware? Question 2: What did I do wrong when I could not remove the dll in the cmd function? Question 3: How do I avoid this happening again? Question 4: I doubt seriously that I will curtail my eclectic curosity anytime soon, so is it inevidable that something like this will happen to me again? Question 5: The run...commands remind me of old DOS. Is there a book that you can recommend that covers them or should I just unearth that old DOS ver. 6 book for Dummies? Thanks for the neat site, and all the help. Jaxxx

[GTO]

Hi, Jaxxx. Welcome to the 2-Spyware.com forums!

Here are the answers to your questions:

Question 1: Am I really clean? How can I verify this -- run hijackthis and submit it to 2-Spyware?

Answer: Download the HijackThis program and run a system scan. Then create a new topic in the HijackThis log analaysis section and post your log there. It will be checked by the HJT Analyzer, an automatic analyzer and forum responders.

Question 2: What did I do wrong when I could not remove the dll in the cmd function?

Answer: The unregistering procedure provided in removal instructions is not necessary. Well, even some removal steps aren't necessary too. They are provided for all possible situations. This means that if you cannot delete/terminate the file, try unregistering it. If you cannot unregister - delete or terminate it and vice versa. Furthermore, not all the files provided in removal instructions might actually be in your system. Just make sure you have none of those files.

Question 3: How do I avoid this happening again?

Answer: Use the most safest software available. Browser the Internet with Mozilla Firefox or Opera instead of Internet Explorer. Install an advanced firewall like Zone Labs ZoneAlarm. Use up-to-date antivirus and anti-spyware software. And of course, you should know how to avoid spyware infections.

Question 4: I doubt seriously that I will curtail my eclectic curosity anytime soon, so is it inevidable that something like this will happen to me again?

See the answer to Question 3.

Question 5: The run...commands remind me of old DOS. Is there a book that you can recommend that covers them or should I just unearth that old DOS ver. 6 book for Dummies?

The Command Prompt understands the same old commands that was used under the MS-DOS 6 environment. The book you have is more than enough.

[readersdigest]

[r0an]

Hi guys

Seems im in the same boat. Tried all the above to noavail. Tried system restore, but it wont allow me. Got to the stage where I thought I would reinstall but I get this stop msg:

[readersdigest]

WgaTray.exe, a process in task manager

anyone else have that ? i end it and it keeps poping up again. was thinking that it might be somehting to do with it............this is begining to annoy me now.

i hope some gets back to this soon.

[GTO]

Hi, readersdigest.

The wgatray.exe file is a legitimate system component. It is a part of Windows Genuine Advantage Notification, a special tool that checks whether your copy of Windows is genuine, or pirated. You shouldn't terminate this process.