Author Topic: Antivirus 2010,,,,,,,,,,,,,, (Read 12257 times)

72GSX · « **on:** January 02, 2010, 12:02:28 PM »

Hello, This morning the wife's PC got infected with this AV2010 crap. I have been working all morning trying to get rid of it by using removal tools and stuff I learned from doing some searching on another PC.

Well I can't do a thing with the wife's PC, It won't let me run system restore, task manager, download anything on line because it won't connect because AV2010 says it shut down the PC because its infected.

It has Spybot SD and Malware bites installed but they won't detect the 2010. I downloaded spyware DR to a disk and got that installed and its running right now and has found AV2010 but I need to pay for it to remove whatever it finds. I am not giving any credit card numbers out on a infected PC.

Any one have any good ideas on what to do with this mess?

I am on a different PC right now just to be clear, not the infected one.
The wife says she didn't install this 2010 junk and didn't open anything strange so I don't know where it came from.

HELP!!!!!!

Tom

harry 48 · « **Reply #1 on:** January 02, 2010, 12:18:42 PM »

http://www.computerhope.com/forum/index.php/topic,46313.0.html

go to above and complete and post the 3 logs here an expert will see them

download avira free and run first http://www.free-av.com/

please do not pay

d/load to a disc or memory stick on a clean pc and run on your wife's pc

where it came from will be found from 1 of the logs , harry

72GSX · « **Reply #2 on:** January 02, 2010, 12:25:06 PM »

Hi, The PC has Avira free on it already. I will try and do what it says and get back to you here.

72GSX · « **Reply #3 on:** January 02, 2010, 02:06:32 PM »

Hello, The trial ver of spyware Dr blocked all the junk from AV2010 so Super Anti and Malwarebytes could detect the AV2010 and got rid of it. I am running SuperAnti right now and it found more of the AV2010 stuff, I hope it will be OK now. Super Anti wanted a reboot to get rid of stuff it found the first time so I did and the AV2010 popups have not come back, So its working well enough again so I can at least do something with it.

I don't know if I will have any logs to show where it came from though. I don't even know what to look for on that.

Tom

harry 48 · « **Reply #4 on:** January 02, 2010, 02:43:58 PM »

malware;click logs, click recent, click open, copy and paste here

sas; preferences,logs,click logs then view , copy and paste here

hjt; when its finished it will bring a log up , copy and paste here

did you do as my 1st post said , these 3 logs are needed

72GSX · « **Reply #5 on:** January 02, 2010, 04:20:39 PM »

Here is one log,,,,

Malwarebytes' Anti-Malware 1.41
Database version: 3038
Windows 5.1.2600 Service Pack 3

1/2/2010 1:32:08 PM
mbam-log-2010-01-02 (13-32-07).txt

Scan type: Quick Scan
Objects scanned: 122152
Time elapsed: 15 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 7
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\critical_warning.html (Trojan.FakeAlert) -> Quarantined and deleted successfully.

72GSX · « **Reply #6 on:** January 02, 2010, 04:22:37 PM »

another log

Malwarebytes' Anti-Malware 1.43
Database version: 3458
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/2/2010 5:05:05 PM
mbam-log-2010-01-02 (17-05-05).txt

Scan type: Quick Scan
Objects scanned: 130391
Time elapsed: 9 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\41.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

72GSX · « **Reply #7 on:** January 02, 2010, 04:29:55 PM »

one more,,

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/02/2010 at 03:09 PM

Application Version : 4.32.1000

Core Rules Database Version : 4441
Trace Rules Database Version: 2265

Scan type : Quick Scan
Total Scan Time : 00:20:54

Memory items scanned : 505
Memory threats detected : 0
Registry items scanned : 528
Registry threats detected : 1
File items scanned : 5974
File threats detected : 4

Rogue.InternetSecurity2010
HKU\S-1-5-21-3852255402-2106517767-3757435101-1006\Software\IS2010
C:\Documents and Settings\Yvonne\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
C:\Documents and Settings\Yvonne\Start Menu\Internet Security 2010.lnk

Adware.CouponBar
C:\WINDOWS\SUFC19.TMP

Trojan.Agent/Gen-Rogue[Installer]
C:\WINDOWS\SYSTEM32\WINLOGON86.EXE

72GSX · « **Reply #8 on:** January 02, 2010, 04:31:17 PM »

And another,,,

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/02/2010 at 02:34 PM

Application Version : 4.32.1000

Core Rules Database Version : 4379
Trace Rules Database Version: 1978

Scan type : Complete Scan
Total Scan Time : 00:47:55

Memory items scanned : 528
Memory threats detected : 1
Registry items scanned : 5059
Registry threats detected : 0
File items scanned : 5831
File threats detected : 408

Trojan.Dropper/Sys-NV
C:\WINDOWS\SYSTEM32\WINHELPER86.DLL
C:\WINDOWS\SYSTEM32\WINHELPER86.DLL

Adware.Tracking Cookie
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][4].txt
C:\Documents and Settings\Tom\Cookies\[email protected][5].txt
C:\Documents and Settings\Tom\Cookies\tom@specificclick[7].txt
C:\Documents and Settings\Tom\Cookies\[email protected][4].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\tom@specificclick[5].txt
C:\Documents and Settings\Tom\Cookies\[email protected][4].txt
C:\Documents and Settings\Tom\Cookies\tom@specificclick[6].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][5].txt
C:\Documents and Settings\Tom\Cookies\tom@interclick[1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\[email protected][5].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\tom@kontera[4].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][5].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\[email protected][4].txt
C:\Documents and Settings\Tom\Cookies\tom@adultadworld[2].txt
C:\Documents and Settings\Tom\Cookies\tom@adlegend[2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\tom@adlegend[3].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\tom@coolsavings[2].txt
C:\Documents and Settings\Tom\Cookies\tom@insightexpressai[2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\tom@247realmedia[1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\tom@apmebf[1].txt
C:\Documents and Settings\Tom\Cookies\tom@apmebf[2].txt
C:\Documents and Settings\Tom\Cookies\tom@apmebf[3].txt
C:\Documents and Settings\Tom\Cookies\tom@apmebf[4].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\tom@b5media[1].txt
C:\Documents and Settings\Tom\Cookies\tom@collective-media[1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\tom@insightexpressai[1].txt
C:\Documents and Settings\Tom\Cookies\tom@kontera[2].txt
C:\Documents and Settings\Tom\Cookies\tom@kontera[3].txt
C:\Documents and Settings\Tom\Cookies\tom@media6degrees[1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\tom@revsci[2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt
C:\Documents and Settings\Tom\Cookies\[email protected][3].txt
C:\Documents and Settings\Tom\Cookies\[email protected][4].txt
C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom\Cookies\tom@specificclick[1].txt
C:\Documents and Settings\Tom\Cookies\tom@specificclick[2].txt
C:\Documents and Settings\Tom\Cookies\tom@specificclick[4].txt
C:\Documents and Settings\Tom\Cookies\tom@specificmedia[1].txt
C:\Documents and Settings\Tom\Cookies\tom@tribalfusion[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@traveladvertising[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@traveladvertising[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@huntingdogsbeartracks[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][9].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][8].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][6].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][7].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@trafficmp[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@indextools[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][6].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][7].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][7].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@imrworldwide[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][8].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][9].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@yeprevenue[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@azjmp[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@bizrate[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@bizrate[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@247realmedia[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@pointroll[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@windowsmedia[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@christmasscreensavers[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@insightexpressai[5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@insightexpressai[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@insightexpressai[6].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@insightexpressai[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@insightexpressai[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@insightexpressai[4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@healthleadersmedia[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@2o7[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@2o7[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@2o7[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@2o7[4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@questionmarket[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@questionmarket[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@adinterax[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@atwola[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@atwola[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificclick[6].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificclick[5].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificclick[4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificclick[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificclick[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificclick[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@oddcast[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@adinterax[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][10].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@countryinns[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@interclick[4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@interclick[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@interclick[5].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@invitemedia[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@invitemedia[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@holidayscreensaver[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@interclick[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@crossmediaservices[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@trafficdashboard[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@dmtracker[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@interclick[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][11].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@indexstats[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@*censored*.122.2o7[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@adbureau[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@kontera[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@roiservice[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@roiservice[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@adlegend[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@wiitracker[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@roiservice[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][6].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@kontera[4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@kontera[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@overture[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@linkstattrack[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][7].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][8].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@optimost[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][8].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][7].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][6].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][9].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@clickshift[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[7].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@bevscountrycottage[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@collective-media[6].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@onrampadvertising[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@tacoda[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@tacoda[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@realmedia[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@nextag[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@qnsr[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][5].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@revsci[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificmedia[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificmedia[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificmedia[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificmedia[4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][10].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@revsci[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@chitika[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@chitika[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@tribalfusion[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][11].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@revsci[4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@serving-sys[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@nextag[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@realmedia[2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@lynxtrack[1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@thefind[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@thefind[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@specificmedia[6].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@chitika[4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@chitika[3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@nordictrack[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@bigdiscountrv[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][3].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][4].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@coolsavings[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@media6degrees[5].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@media6degrees[3].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@media6degrees[2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@media6degrees[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][2].txt
C:\Documents and Settings\Yvonne\Cookies\yvonne@fasttrackwatcher[1].txt
C:\Documents and Settings\Yvonne\Cookies\[email protected][1].txt

72GSX · « **Reply #9 on:** January 02, 2010, 04:35:06 PM »

I don't have hijackthis {sp} installed.

harry 48 · « **Reply #10 on:** January 02, 2010, 05:10:24 PM »

http://www.computerhope.com/forum/index.php/topic,46313.0.html

ok , you must go to above and run hjt and post the log it tells a lot and complete what ever you did not do

if it will not run right click the icon and rename it " snipper.exe " and run it

72GSX · « **Reply #11 on:** January 02, 2010, 07:14:51 PM »

Hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:38 PM, on 1/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Yvonne\Application Data\Smilebox\SmileboxTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centurytel.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by CenturyTel
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Yvonne\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Forget Me Not.lnk = C:\Program Files\Mindscape\AGPrint\PMREMIND.EXE
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.keyboardmall.com
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1221722911949
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221744970192
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O24 - Desktop Component 0: (no name) - http://www.thenorthwestern.com/gcicommonfiles/sr/graphics/palette12/bkgd_main.gif

--
End of file - 8945 bytes

SuperDave · « **Reply #12 on:** January 02, 2010, 07:36:54 PM »

Hello 72GSX and welcome to Computer Hope Forum. My name is Superdave but you can just call me SD. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

I noticed in your HJT log that you are running a P2P file-sharing program (Limewire) on your computer. While the program itself is probably safe, the files you download with this program are a major source of infections. Therefore, I strongly urge you to uninstall it.

Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the desktop.

Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.

ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.

In your next reply please include the ESET Online Scan Log

72GSX · « **Reply #13 on:** January 03, 2010, 12:01:44 AM »

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Desktop.htt Win32/TrojanDownloader.FakeAlert.AED virus deleted - quarantined
C:\Documents and Settings\Tom\Application Data\Microsoft\Internet Explorer\Desktop.htt Win32/TrojanDownloader.FakeAlert.AED virus deleted - quarantined

Here is what ESET found

72GSX · « **Reply #14 on:** January 03, 2010, 12:05:25 AM »

And the latest HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:04:08 AM, on 1/3/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centurytel.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by CenturyTel
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Yvonne\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Forget Me Not.lnk = C:\Program Files\Mindscape\AGPrint\PMREMIND.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.keyboardmall.com
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1221722911949
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221744970192
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O24 - Desktop Component 0: (no name) - http://www.thenorthwestern.com/gcicommonfiles/sr/graphics/palette12/bkgd_main.gif

--
End of file - 8530 bytes

72GSX · « **Reply #15 on:** January 03, 2010, 12:28:46 AM »

I got rid of limewire and windows messenger also

harry 48 · « **Reply #16 on:** January 03, 2010, 06:43:21 AM »

you have a few things that a malware expert will help you with so wait for one to get in touch please

i'm not an expert and can only help a little

you did right removing limewire

avg takes up a lot of room and tends to slow the pc , try avira or avast both free if you do ask here for avg removal tool

72GSX · « **Reply #17 on:** January 03, 2010, 09:52:26 AM »

I had Avira on it for a while, I like the AVG better, or maybe I am just more used to it.

harry 48 · « **Reply #18 on:** January 03, 2010, 10:11:16 AM »

ok you will have to wait for an expert for the rest , harry

cervantes100 · « **Reply #19 on:** January 03, 2010, 10:40:04 AM »

Did the Antivirus 2010 get removed?

SuperDave · « **Reply #20 on:** January 03, 2010, 12:36:05 PM »

Hello 72GSX. It looks like your computer is clean. If there are no other issues, let's do some clean-up.

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

To turn off Windows XP System Restore:

NOTE: These instructions assume that you are using the default Windows XP Start Menu and have not changed to the Classic Start menu. To re-enable the default menu, right-click Start, click Properties, click Start menu (not Classic) and then click OK.

1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore" or "Turn off System Restore on all drives"
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
8. Restart the computer and follow the instructions in the next section to turn on System Restore.

To turn on Windows XP System Restore:

1. Click Start.
2. Right-click My Computer, and then click Properties.
3. Click the System Restore tab.
4. Uncheck "Turn off System Restore" or "Turn off System Restore on all drives."
5. Click Apply, and then click OK.

Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

Safe Surfing.

harry 48 · « **Reply #21 on:** January 03, 2010, 12:44:40 PM »

sorry dave i did not see you on before , harry

72GSX · « **Reply #22 on:** January 03, 2010, 03:06:06 PM »

The computer that had the problems has a router card installed in it and is connected to the DSL, I have my PC and sometimes another PC hooked into the router card, A small home network I guess I would call it.

If I put a firewall on the main PC will it protect other PC's plugged into it? Or will it block the other PC's from working on line?

Tom

harry 48 · « **Reply #23 on:** January 03, 2010, 03:34:19 PM »

hi tom , me again , a good question

if you have completed everything that dave asked you to do , i would ask that question in the software forum

on the home page , you will get experts there for that type of thing, harry

72GSX · « **Reply #24 on:** January 08, 2010, 11:04:17 PM »

Hi, Sorry for not getting back right away. I did most everything suggested to the PC, the only problem I had was when I installed a firewall, I couldn't get it to let my other computer go on line, so for now I just removed it. It was the On line Armor that I tried. It didn't say anything about it but do I have to turn off or disable the windows firewall when adding a different one?

No more problems with the 2010 scam deal popping up and its working good again so it must not have damaged anything while it was on it.

Tom

harry 48 · « **Reply #25 on:** January 09, 2010, 01:49:07 PM »

just use windows firewall it is good 5 years iv'e had it just keep windows up to date

Computer Hope Forum

News:

Author Topic: Antivirus 2010,,,,,,,,,,,,,, (Read 12257 times)

72GSX

harry 48

72GSX

72GSX

harry 48

72GSX

72GSX

72GSX

72GSX

72GSX

harry 48

72GSX

SuperDave

72GSX

72GSX

72GSX

harry 48

72GSX

harry 48

cervantes100

SuperDave

harry 48

72GSX

harry 48

72GSX

harry 48