• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.   EDIT: I have asked our hosting service to do the restore at 9 PM Central time and it looks like it will go forward at that time.  Please prepare whatever you need to prepare so that we can restore your topics when the forum is stable again.
Sign in to follow this  
Followers 0
flamingfox101

HijackThis Log

4 posts in this topic

Was on a website this morning, clicked a link and then had loads of popups coming up trying to get me to install programs. Pressed no on them all and closed the browser windows as fast as I could, but it looks like something got installed as straight away my firewall kept saying that helpw.exe was trying to access the internet.

 

I've ran ad-aware and search and destroy but neither of them has got rid of it.

 

My HijackThis log is below and i'd really appreciate if anyone could give me some advice on which files/entries I need to delete.

 

Logfile of HijackThis v1.98.0

Scan saved at 21:55:36, on 07/07/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

D:\Program Files\Norton Personal Firewall\NISUM.EXE

D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

D:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe

D:\WINDOWS\Mixer.exe

E:\DVD\INSTAN~1\INSTAN~1\IWCTRL.EXE

D:\Program Files\Common Files\Symantec Shared\ccApp.exe

D:\Program Files\Common Files\Real\Update_OB\realsched.exe

E:\Utilities\HighCriteria\TotalRecorder\TotRecSched.exe

D:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

D:\WINDOWS\helpw.exe

D:\WINDOWS\System32\RUNDLL32.EXE

D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

D:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Norton Personal Firewall\ccPxySvc.exe

D:\WINDOWS\system32\crypserv.exe

D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Program Files\Norton AntiVirus\navapsvc.exe

D:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

D:\WINDOWS\System32\nvsvc32.exe

D:\Program Files\Norton AntiVirus\SAVScan.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

D:\WINDOWS\System32\taskmgr.exe

E:\MICROS~1\MICROS~2\Office10\OUTLOOK.EXE

E:\Microsoft\Microsoft Office\Office10\WINWORD.EXE

D:\Program Files\Internet Explorer\iexplore.exe

G:\Applications\Utilities\Hijack This\HijackThis.exe

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Utilities\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\UTILIT~1\SPYBOT~1\SDHelper.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [VOBRegCheck] D:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [PinnacleDriverCheck] D:\WINDOWS\System32\PSDrvCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "E:\Utilities\Media\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "E:\CDRW\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [iW Controlcenter] E:\DVD\INSTAN~1\INSTAN~1\IWCTRL.EXE

O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] D:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe

O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [TotalRecorderScheduler] E:\Utilities\HighCriteria\TotalRecorder\TotRecSched.exe

O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

O4 - HKLM\..\Run: [helpw] "helpw.exe"

O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 3.9\THGuard.exe"

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [symantec NetDriver Monitor] D:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: UD Agent.lnk = E:\Utilities\United Devices\UD.EXE

O8 - Extra context menu item: Download with GetRight - E:\Internet\GetRight\GRdownload.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - E:\Internet\GetRight\GRbrowse.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\System32\msjava.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/plugins/en_US/Dj...ntrol_en_US.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2135c41deeafe3...ip/RdxIE601.cab

O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F5063533-0503-47B6-977B-E02CC0428498}: NameServer = 62.241.160.200 158.43.240.3

Share this post


Link to post
Share on other sites

Hello,

 

NOTE: Please print a copy of these instructions because you will be working with all windows closed except HijackThis.

 

Please run HijackThis and place a check mark next to the following items then, WITH ALL OTHER WINDOWS CLOSED, select “fix checked.” Please note that the items in BLUE are optional suggested fixes that will not remove the programs, only keep them from running at start-up, and may have the added benefit of freeing up some of your system’s resources.

 

O4 - HKLM\..\Run: [QuickTime Task] "E:\Utilities\Media\QuickTime\qttask.exe" -atboottime

 

O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

 

O4 - HKLM\..\Run: [helpw] "helpw.exe"

 

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2135c41deeafe3...ip/RdxIE601.cab

 

O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_aac.cab

 

Reboot into safe mode, this way:

Restart the computer

Immediately begin tapping the <F8> key.

Use the arrow keys to highlight Safe Mode and press the <Enter> key.

 

Also, enable the ”Show Hidden Files and Folders” option:

Click Start.

Open My Computer.

Select the Tools menu and click Folder Options.

Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.

Uncheck: Hide file extensions for known file types

Uncheck the Hide protected operating system files (recommended) option.

Click Yes to confirm.

Click OK.

 

Now, search for, and delete if found, (some files may not be present after previous steps) the following:

 

helpw.exe < file

 

Please delete your temporary files by deleting all files and folders that are in those folders (do not delete the temp folder itself) like for example:

 

C:\WINDOWS\Temp\

 

C:\Temp\

 

C:\Documents and Settings\username\Local Settings\Temp\

 

Also delete your Temporary Internet Files, be sure to also select "delete all offline content."

 

Empty your Recycle Bin.

 

Reboot.

 

Proceed to the Windows Update site (see link below) download and install ALL critical updates.

 

Reboot when finished.

 

If you are not running version 1.3 of Spybot S & D, click here to download Spybot Search & Destroy v1.3 - install, update, scan and fix all RED items it finds. Reboot when done.

 

Perform a customized Ad-aware scan in Safe Mode........

 

If you do not have the latest version of Ad-aware, version 6, Build 6.181, click here to download Ad-Aware and install. Before scanning click on "check for updates now" to make sure you have the latest reference file. Then boot into Safe Mode, start the program, and click the gear wheel at the top and check these options to configure Ad-aware for a customized scan:

 

General> activate these: "Automatically save log-file" and "Automatically quarantine objects prior to removal"

 

Scanning > activate these: "Scan within archives", "Scan active processes", "Scan registry", "Deep scan registry", "Scan my IE Favorites for banned sites" and "Scan my Hosts file"

 

Tweaks > Scanning Engine> activate this: "Unload recognized processes during scanning."

 

Tweaks > Cleaning Engine: activate these: "Automatically try to unregister objects prior to deletion" and "Let Windows remove files in use after reboot."

 

Click "Proceed" to save your settings, then click "Start", make sure "Activate in-depth scan" is ticked green then scan your system. When the scan is finished, the screen will tell you if anything has been found, click "Next". The bad files will be listed, right click the pane and click "Select all objects" - this will put a check mark in the box at the side, click "Next" again and click "OK" at the prompt "# objects will be removed. Continue?" Reboot when finished.

 

Next, perform online virus and Trojan scans, using the links in my signature below. Allow the programs to delete all that they may find. Reboot after each scan.

 

Scan with HijackThis and post a fresh log into this same thread.

Share this post


Link to post
Share on other sites

Thanks for the help. Have done the stuff you said and my new HijackThis log is below.

 

Logfile of HijackThis v1.98.0

Scan saved at 18:58:07, on 08/07/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

D:\Program Files\Norton Personal Firewall\NISUM.EXE

D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

D:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe

D:\WINDOWS\Mixer.exe

E:\DVD\INSTAN~1\INSTAN~1\IWCTRL.EXE

D:\Program Files\Common Files\Symantec Shared\ccApp.exe

E:\Utilities\HighCriteria\TotalRecorder\TotRecSched.exe

D:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

D:\WINDOWS\System32\RUNDLL32.EXE

D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

D:\WINDOWS\system32\spoolsv.exe

E:\Utilities\United Devices\UD.EXE

D:\Program Files\Norton Personal Firewall\ccPxySvc.exe

D:\WINDOWS\system32\crypserv.exe

D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Program Files\Norton AntiVirus\navapsvc.exe

E:\Utilities\United Devices\ud_7174683.exe

D:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

D:\WINDOWS\System32\nvsvc32.exe

E:\Utilities\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe

D:\Program Files\Norton AntiVirus\SAVScan.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

D:\Program Files\Messenger\msmsgs.exe

G:\Applications\Utilities\Hijack This\HijackThis.exe

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Utilities\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\UTILIT~1\SPYBOT~1\SDHelper.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [VOBRegCheck] D:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [PinnacleDriverCheck] D:\WINDOWS\System32\PSDrvCheck.exe

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "E:\CDRW\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [CnxDslTaskBar] D:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [iW Controlcenter] E:\DVD\INSTAN~1\INSTAN~1\IWCTRL.EXE

O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] D:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe

O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [TotalRecorderScheduler] E:\Utilities\HighCriteria\TotalRecorder\TotRecSched.exe

O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 3.9\THGuard.exe"

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [symantec NetDriver Monitor] D:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: UD Agent.lnk = E:\Utilities\United Devices\UD.EXE

O8 - Extra context menu item: Download with GetRight - E:\Internet\GetRight\GRdownload.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - E:\Internet\GetRight\GRbrowse.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\WINDOWS\System32\msjava.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/plugins/en_US/Dj...ntrol_en_US.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{F5063533-0503-47B6-977B-E02CC0428498}: NameServer = 62.241.160.200 158.43.240.3

Share this post


Link to post
Share on other sites

Hello,

 

You're very welcome! :D

 

Your log is clean now, and here's a few tips to help you keep it that way......

 

The next time you get an evil pop-up, don't click on "No" or "Close" or the "X." Some of these nasties are set up so that no matter which part of the pop-up you click on, you get invaded. Instead, hold down the Alt key and press F4. That should shut down the offending windows without you having to "touch" them.

 

Download IE-SPYAD here: https://netfiles.uiuc.edu/ehowes/www/resource.htm

 

It will place over 5000 sites in your restricted zone so that you don't accidentally visit innocent appearing sites that aren't really innocent, even if you accidentally click on a link or mis-type a web address.

 

There's also a small program, called RegistryProt that will warn you when a program attempts to make changes to your registry and will ask you if you want to allow the change. You'll find it here, under "freeware": http://www.diamondcs.com.au/index.php?page=products The newest version of Spybot S&D has a similar feature.

 

Scan often with Spybot Search and Destroy and Ad-aware to remove malware before it gains a foothold on your computer. (Links below). Install SpywareBlaster and SpywareGuard to keep baddies from invading your system. (Links below).

 

Make sure you keep your system updated by frequent visits to the Windows Update site (see link below). Always install ALL critical updates.

 

Please take a minute or two to read the short article, "How did I get infected in the first place?" (See link in my signature below). You will find good information on keeping your system clean in the future, as well as links for excellent free anti-spyware tools.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0