Hello, i have been experiencing a multitude of program crashes on a daily basis also Explorer mysteriously shuts down as well as my instant messenger. Here is the log file. Thank you for any assistance you can grant me.



Logfile of HijackThis v1.99.1
Scan saved at 2:09:47 AM, on 6/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A18E55C-EF6F-4EDE-AC71-F9AA20E3644C}: Domain = domain.invalid
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe



Also my comp recently began to Blue screen of death on me. Heres the specifics on that.




IRQL_NOT_LESS_OR_EQUAL

Technical information... STOP: 0x0000000A (0x0000000C, 0x000000FF, 0x00000000, 0x804D93BE)

BAD_POOL_CALLER

with an additional exception in code.

Beginning dump of physical memory...
Physical memory dump complete.

This post has been edited by Milena: Jun 15 2008, 07:41 PM

Hello

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

• Close all other windows before proceeding.
• Double-click on dss.exe and follow the prompts.
• If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
• When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner and click Accept

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  Extended (if available otherwise Standard)
  • Scan Options:
  Scan Archives
  Scan Mail Bases
• Click OK
• Now under select a target to scan:
  Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

Deckard's System Scanner v20071014.68
Run by User on 2008-06-26 22:11:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
95: 2008-06-27 03:11:20 UTC - RP357 - Deckard's System Scanner Restore Point
94: 2008-06-24 23:45:30 UTC - RP356 - System Checkpoint
93: 2008-06-23 22:46:27 UTC - RP355 - System Checkpoint
92: 2008-06-22 22:06:09 UTC - RP354 - System Checkpoint
91: 2008-06-21 21:38:16 UTC - RP353 - System Checkpoint


-- First Restore Point --
1: 2008-03-27 15:17:37 UTC - RP263 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as User.exe) ------------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-26 22:12:04
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\User\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{9A18E55C-EF6F-4EDE-AC71-F9AA20E3644C}: Domain = domain.invalid
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe


--
End of file - 5092 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------

backup-20071002-171914-274 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20071002-171914-460 O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
backup-20071002-171914-472 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
backup-20071002-171914-991 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
backup-20071002-171915-550 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1184707755953
backup-20071002-171933-158 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
backup-20071002-171933-544 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\WINDOWS\Icons\genesis2\Genesis 2.icl,48
.cmd - cmdfile - DefaultIcon - C:\WINDOWS\Icons\genesis2\Genesis 2.icl,49
.ini - inifile - DefaultIcon - C:\WINDOWS\Icons\genesis2\Genesis 2.icl,45
.txt - txtfile - DefaultIcon - C:\WINDOWS\Icons\genesis2\Genesis 2.icl,41


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sisidex - c:\windows\system32\drivers\sisidex.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R0 sisperf (Add Performance Filter Driver) - c:\windows\system32\drivers\sisperf.sys <Not Verified; Silicon Integrated Systems Corp.; SiS Filer Driver>

S3 GMSIPCI - d:\install\gmsipci.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-13 17:15:37 388 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job


-- Files created between 2008-05-26 and 2008-06-26 -----------------------------

2008-06-15 01:36:23 0 d-------- C:\Documents and Settings\User\Application Data\Malwarebytes
2008-06-15 01:36:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-15 01:36:21 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-15 01:35:30 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-14 23:44:45 0 d-------- C:\Program Files\Registry Cleaner
2008-06-02 11:35:48 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-06-02 10:21:40 0 d-------- C:\Program Files\QuickTime
2008-06-02 10:20:48 0 d-------- C:\Program Files\Apple Software Update
2008-05-29 03:31:34 0 d-------- C:\Program Files\Common Files\Adobe


-- Find3M Report ---------------------------------------------------------------

2008-06-25 20:04:02 0 d-------- C:\Program Files\SiSLan
2008-06-24 02:54:20 0 d-------- C:\Documents and Settings\User\Application Data\dvdcss
2008-06-20 12:46:37 0 d-------- C:\Program Files\Yahoo!
2008-06-15 01:35:30 0 d-------- C:\Program Files\Common Files
2008-06-14 22:59:22 0 d-------- C:\Program Files\Lavasoft
2008-06-14 22:58:24 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-04 15:09:19 0 d-------- C:\Program Files\TuneUp Utilities 2007
2008-06-02 11:38:14 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-02 10:56:56 0 d-------- C:\Documents and Settings\User\Application Data\Apple Computer
2008-06-02 10:38:12 0 d-------- C:\Program Files\Java
2008-05-19 07:02:25 0 d-------- C:\Program Files\Realtek AC97
2008-05-02 22:46:00 1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-02 22:46:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-02 22:46:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-02 22:46:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-02 22:46:00 1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-02 22:46:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-02 22:46:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-02 22:46:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-04-22 02:29:53 2320000 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/02/2008 10:46 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 06:19 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [07/12/2002 06:15 PM]
"nwiz"="nwiz.exe" [05/02/2008 10:46 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/02/2008 10:46 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 11:34 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"SoundMan"=SOUNDMAN.EXE
"Frontier Search Helper"=rundll32 C:\PROGRA~1\FRONTI~1\SrchHelp\frSrcAs.dll,S

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
AutoRun\command- I:\LaunchU3.exe -a




-- Hosts -----------------------------------------------------------------------

127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com

6343 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-06-26 22:12:47 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ XP 3000+
Percentage of Memory in Use: 27%
Physical Memory (total/avail): 1023.48 MiB / 742.39 MiB
Pagefile Memory (total/avail): 3998.14 MiB / 3752.96 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.51 MiB

A: is Removable (Unformatted)
C: is Fixed (NTFS) - 149.05 GiB total, 112.01 GiB free.
D: is CDROM (UDF)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD1600BB-55RDA0 - 149.05 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 149.05 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: avast! antivirus 4.8.1201 [VPS 080626-1] v4.8.1201 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\NeverwinterNights\\NWN\\nwmain.exe"="C:\\NeverwinterNights\\NWN\\nwmain.exe:*:Enabled:Neverwinter Nights"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\NeverwinterNights\\NWN\\nwserver.exe"="C:\\NeverwinterNights\\NWN\\nwserver.exe:*:Disabled:Neverwinter Nights Server"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Documents and Settings\\User\\Desktop\\IEXPLORE.EXE"="C:\\Documents and Settings\\User\\Desktop\\IEXPLORE.EXE:*:Enabled:IEXPLORE.EXE"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\User\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OWNER-E47753B7E
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\User
LOGONSERVER=\\OWNER-E47753B7E
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\User\LOCALS~1\Temp
TMP=C:\DOCUME~1\User\LOCALS~1\Temp
USERDOMAIN=OWNER-E47753B7E
USERNAME=User
USERPROFILE=C:\Documents and Settings\User
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

User (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
56Kbps Internal Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
HijackThis 1.99.1 --> C:\Program Files\HijackThis\HijackThis.exe /uninstall
iTunes --> MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Neverwinter Nights Platinum Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1583439-B034-4881-819C-D52A0587662B}\Setup.exe" -l0x9
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
SiS 900 PCI Fast Ethernet Adapter Driver --> C:\Progra~1\SiSLan\Uninst.exe
SiSAGP driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x9
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG


-- Application Event Log -------------------------------------------------------

Event Record #/Type16164 / Success
Event Submitted/Written: 06/26/2008 10:02:24 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type16157 / Success
Event Submitted/Written: 06/26/2008 09:29:56 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type16150 / Success
Event Submitted/Written: 06/26/2008 05:22:47 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type16143 / Success
Event Submitted/Written: 06/26/2008 05:19:39 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type16135 / Success
Event Submitted/Written: 06/26/2008 03:44:58 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type9328 / Error
Event Submitted/Written: 06/26/2008 10:12:17 PM
Event ID/Source: 7016 / Service Control Manager
Event Description:
The SmartLinkService service has reported an invalid current state 0.

Event Record #/Type9301 / Error
Event Submitted/Written: 06/26/2008 10:00:41 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.254.1 for the Network Card with network address 001BB9681A0E has been
denied by the DHCP server 192.168.254.254 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type9269 / Error
Event Submitted/Written: 06/26/2008 09:28:39 AM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.254.1 for the Network Card with network address 001BB9681A0E has been
denied by the DHCP server 192.168.254.254 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type9182 / Error
Event Submitted/Written: 06/26/2008 03:42:22 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service usnjsvc with arguments ""
in order to run the server:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}

Event Record #/Type9181 / Error
Event Submitted/Written: 06/26/2008 03:42:09 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service usnjsvc with arguments ""
in order to run the server:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}



-- End of Deckard's System Scanner: finished at 2008-06-26 22:12:47 ------------

There you go for Deckards scanner.

just how long does Kaspersky run? Like two or more hours? I mean it seemed to run quick until it got to the 386.drivers then it started lagging my comp worse and worse until my mouse wouldnt even respond. the files scanned counter stopped when it hit those driver files and stayed that way for two hours and twenty mins. then i had a power outage here lol...just my luck.

Thanks for taking the time to assist me by the way.

Milena

Leave Kaspersky then

Run DSS again, using these instructions:

Click START> Run - then copy the following bold blue text and paste it into the Run box & click OK

"%userprofile%\desktop\dss.exe" /daft

Read the disclaimer and click OK.

Click on Scan.

Place a checkmark next to the entries displayed when the scan is finished then Click on Fix.

Repeat the scan; you should get a message "All Associations OK!"

Next, click Save Log, and post this log in your next reply.




Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it.
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  CODE
  [kill explorer]
  HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I
  I:\LaunchU3.exe
  purity
  EmptyTemp
  [start explorer]
  
  
• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.



Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
• Click Start
• When asked, allow the ActiveX control to install
• Click Start
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
• Click Scan (This scan can take several hours, so please be patient)
• Once the scan is completed, you may close the window
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
• Copy and paste that log as a reply to this topic

DAFT Log saved on 2008-06-27 13:51:24
-----------------------------------------------------------------------


All associations okay!Explorer killed successfully
< HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I >
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I\\ deleted successfully.
File/Folder I:\LaunchU3.exe not found.
< purity >
< EmptyTemp >
File delete failed. C:\DOCUME~1\User\LOCALS~1\Temp\~DF996A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\User\LOCALS~1\Temp\~DF997F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\User\LOCALS~1\Temp\~DFEFC7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\User\LOCALS~1\Temp\~DFEFDE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_500.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 06272008_135629

Files moved on Reboot...
File C:\DOCUME~1\User\LOCALS~1\Temp\~DF996A.tmp not found!
File C:\DOCUME~1\User\LOCALS~1\Temp\~DF997F.tmp not found!
File C:\DOCUME~1\User\LOCALS~1\Temp\~DFEFC7.tmp not found!
File C:\DOCUME~1\User\LOCALS~1\Temp\~DFEFDE.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_500.dat not found!
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!




Eset scan came back clean and only took a few seconds. Followed instructions to the letter. After the scan was finished Explorer crashes before a log could be made.

This post has been edited by Milena: Jun 27 2008, 01:35 PM

Your logs are clean

• Make sure you have an Internet Connection.
• Double-click OTMoveIt2.exe to run it.
• Click on the CleanUp! button
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OtMoveit2 to rech the Internet, please allow the application to do so.
• Click Yes to beging the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Now we need to create a new System Restore point.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.




Below I have included a number of recommendations for how to protect your computer against malware infections.

* Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com/
This will ensure your computer has always the latest security updates available installed on your computer.

* To reduce re-infection for malware in the future, I strongly recommend installing these free programs:

SpywareBlaster protects against bad ActiveX
IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all
Have a look at this tutorial for IE-Spyad here

* SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.

Make Internet Explorer more secure

• Click Start > Run
• Type Inetcpl.cpl & click OK
• Click on the Security tab
• Click Reset all zones to default level
• Make sure the Internet Zone is selected & Click Custom level
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
Here

* Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here

Thank you for your patience, and performing all of the procedures requested.

Thank you for your help...it is truly appreciated

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.