Starbuck

Can you check the clock settings and make sure that the correct date and time are set. Edit: I've just checked the OTL report you sent, yes the clock settings are set wrong. The system is set to 2002 .... this isn't helping at all. Please reset to the correct date and time and run the CF scan again. Thanks.

Hi Yockie, Let's move on to 'plan b' then. This next program is very good at removing this. You will have to download it to the other system and then transfer it using a usb stick. (but rename it before downloading). It will ask about the recovery console, if you have it installed... then no problem. If you don't, the program won't be able to install it ( as it needs an active internet connection) but the program should still run without it. Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop. Link 1 Link 2 http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_FF.gif http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_rename.gif This is an example, you may rename ComboFix to anything you want. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with the running of ComboFix. For more information read: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs Then: Double click on Combo-Fix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. If running Vista, you may not see this screen Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. http://img.photobucket.com/albums/v708/starbuck50/cf1.png Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: http://img.photobucket.com/albums/v706/ried7/whatnext.png Click on Yes, to continue scanning for malware. Note: Do not mouseclick combofix's window while it's running. That may cause it to stall When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Hi Yockie, ok, have taken this from your report: This actually shows that you placed OTL on the 'G' drive instead of the 'C' drive. Take a look there for the report. Btw: security tools always run better when placed on the main drive (the one that the OS is located on).

Ok, have you run the OTL fix yet? obviously you will have to transfer the fix to the bad system so that you can paste the fix in to the program. Once we know if the fix ran ok, i'll give you the next part. We always have a backup plan lol

Sometimes anti virus programs see a program and because of how it works... thinks it's malware, when in fact it isn't. Norton 360 isn't one of my favorite programs, but that's just my opinion. If an AV gives a warning to any program we ask you to download, it's best to temporary close down the AV. We never ask you to install anything that we wouldn't use ourselves ( we always try out all of these programs and give them our full recommendation)

Hi Andrewr, Is this using Internet Explorer? Have you tried another browser? (Firefox, Opera etc)

Hi Yockie, Edit: Thanks for the PM about the new system. as it's xp, still use the same instructions for the MBAM part. but first you will need to install mbam on the new system: Please download Malwarebytes Anti-Malware and save it to your desktop. Make sure you are connected to the Internet. Double-click on Download_mbam-setup.exe to install the application. When the installation begins, follow the prompts and do not make any changes to default settings. When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-Malware Launch Malwarebytes' Anti-Malware [*]Then click Finish. [*]MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. [*]On the Scanner tab: Make sure the "Perform Full Scan" option is selected. Then click on the Scan button. [*]If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. [*]The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient. [*]When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found". [*]Click OK to close the message box and continue with the removal process. [*]Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found. [*]Make sure that everything is checked, and click Remove Selected. [*]When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below) [*]The log is automatically saved and can be viewed by clicking the Logs tab in MBAM. [*]Copy and paste the contents of that report in your next reply and exit MBAM. Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware. Don't worry about a report from the new system. With this 1st fix, we'll clean up some registry items and remove that 'Securus' program. There's a lot of missing files from Avira, so we'll remove that as well. We'll get a fresh AV sorted once the system is back on online. We'll also get MBAM updated (using the laptop) and get a fresh scan done for any leftovers. Step 1 Double click on OTL.exe to run it. Copy the lines in the codebox below. (make sure that :Otl is on the first line ) :Otl PRC - C:\Program Files\securus\SecurusClient\securusn.exe () MOD - C:\Program Files\securus\SecurusClient\support.dll () SRV - (AntiVirService) -- File not found SRV - (AntiVirSchedulerService) -- File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) O4 - HKLM..\Run: [avgnt] H:\Personal Data\Avira\AntiVir Desktop\avgnt.exe File not found O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe File not found O4 - HKLM..\Run: [securus Network Client] C:\Program Files\securus\SecurusClient\securusn.exe () O4 - HKLM..\Run: [uSBScan.exe] H:\Personal Data\USBScan\USBScan.exe File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38173.1592361111 (Reg Error: Key error.) O33 - MountPoints2\{d1473aa9-1fd4-11dc-9ead-4d6564696130}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found [2010/04/03 13:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.GMS-3IBDCJ3IZYP\Application Data\Avira [2009/12/17 20:43:34 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2009/12/17 20:43:33 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009/12/17 20:43:33 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2009/12/17 20:43:33 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2009/12/17 20:43:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2009/12/17 20:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira [2009/12/03 13:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee [2008/04/16 17:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared :Files C:\Program Files\securus :commands [emptytemp] [purity] [EMPTYFLASH] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png OTL will reboot your system once the fix has completed. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles Step 2 Run the MBAM update on the laptop and get the latest definitions.( my update today shows database version 4059) Then close MBAM Now we need to transfer the 'rules.ref' file from the laptop to the other m/c. (either by usb stick or cd) Step 3 Perform this step on each system: Make sure that you can see hidden files. Click Start. Click My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Uncheck the Hide file extensions for known file types. Click OK. Step 4 Perform this step on the laptop: We need to navigate to: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Rules.ref Click Start. Click My Computer. Click on the C drive Click Documents and Settings folder Click All Users folder Click Application Data folder Click Malwarebytes folder Click Malwarebytes' Anti-Malware folder You will now see the 'rules.ref' file Right click on the 'rules.ref' file ... hold the right button in on the mouse and drag the file to the 'Desktop' When you release the button a menu will appear.... select 'Copy Here'. You will now have a copy of the 'Rules.ref' file on your Desktop. Insert your USB stick and transfer the file to the USB stick. Step 5 Perform this step on the 'infected system': Insert the USB stick. open the USB stick contents and transfer the 'rules.ref' to the desktop. (using the same right click method as before) Now navigate to: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware using the same method as before. After you open the last folder you will see the old rules.ref file. Now using the right click method as before.... transfer the file from your Desktop to the same folder that the old rules.ref is in. (only this time select... Move here) You will get a message asking if you want to replace the old file with the new one.... click yes to overwrite the old file. Now close all the windows and start MBAM and run a scan. It will now scan using the new definitions. Don't forget: Step 6 Perform this step on each system: Hide System Files Click Start. Open My Computer. Select Tools menu Click Folder Options. Select the View Tab. Uncheck Show hidden files and foldersin the Hidden files and folders section. Select Hide protected operating system files (recommended) option. Check the Hide file extensions for known file types option. Click Yes. Click OK. In your next reply, please submit: OTL fix report new MBAM report Thanks.

Hi yockie, Ok, the best thing to do is to return to the other forum and let them know that you are receiving help here. As you have removed McAfee, let me have an up to date OTL report using the following instructions and let me have the reports using the email i gave you in the PM. I'll then be able to see if there's any leftovers from McAfee and we'll fix those at the same time. Double click on OTL.exe to run it. Under Extra Registry section, select Use SafeList. Don't check the boxes beside 'LOP Check' and 'Purity Check' this time. Make sure that the 'File Age' is set to 30 days. and 'Files Created Within' and 'Files Modified Within' is set to 'File Age'. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. Please post the contents of these 2 Notepad files in your next reply. Thanks

Hi Yockie, you can only receive help at one site. Getting help from more than one will only confuse matters and will also waste one 'helpers' time: cant go online after XP malware : Spyware Removal | My Antispyware Forums

Thanks, i've got the reports. Have just noticed in the report that avira is showing a lot of files missing.... are you using this or McAfee for the anti virus? if using McAfee, uninstall avira.

Hi Yockie, Follow the instructions in the PM i sent. Also, go into add/remove and uninstall the following: Securus Client McAfee VirusScan Enterprise let me know if they uninstall ok. this is actually a known problem with SP2, once we have run the fix and get you back online .... we'll take care of this.

Hi Yockie Sorry about that, for some reason i didn't get a message to say you had replied. you'd be surprised at some of the reports i've seen before :) The logs are difficult to read in 'Word' format, could you please post the notepad versions as attachments. Also let me know the programs you want to get rid but can't... i'll add them to the fix then.

I'm not a big fan of McAfee, but i have to give them credit for offering to help pay for any damage caused. Now if we could only get Microsoft to do the same! :D

Just to follow on from what BeeCeeBee stated: download this program and run it ... it'll take care of your temp files ( and any other rubbish) Download TFC by OldTimer to your desktop Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). It will close all programs when run, so make sure you have saved all your work before you begin. Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion. Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Hi Yockie This sounds more like SuperAntiSpyware. Ok, let's get a lot more info on your system then we'll take it from there. Anything you can't remove.... we'll be able to do with this program. Can you try downloading this program to another system and then transfer it to the broken one, by use of a usb stick etc. You'll then have transfer the 2 reports back again so that you can post them. Download OTL to your desktop. if you have problems, try this download link: OTL Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. . http://img.photobucket.com/albums/v708/starbuck50/new/newOtl2.png Now copy the lines below. netsvcs msconfig %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles CREATERESTOREPOINT right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png . Click the Run Scan button. http://img.photobucket.com/albums/v708/starbuck50/runscan.png Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply. Thanks

Hi Yockie according the MBAM report, nothing was removed. What was removed and by what or by who? In your first post, you said: so i assumed that MBAM had removed the infection and would have shown in the report.

@Tootech It's not a program that i've used, so couldn't say for sure. @Yockie Like i say, i've never used it... but it's certainly worth a try. As this started after you ran Malwarebytes ..... can you let me have the report. Start MBAM, click on the Logs tab. The reports will be date stamped. double click on the one you ran and it'll open in notepad. If you can then transfer that to another m/c so that you can post the report in your next reply, that would be great. For all we know MBAM may have removed a legit file ( does happen sometimes) Thanks

Security firm offers 'reasonable expenses' to customers affected by update gaffe. McAfee is offering technical and financial assistance after releasing a faulty update file last week that crashed thousands of Windows XP SP3 systems. The company released the update on Wednesday, and quickly scrambled to make good after complaints poured in. "I want to apologise on behalf of McAfee, and say that we're extremely sorry for any impact the faulty signature update file may have caused you and your organisations," said Barry McPherson, McAfee's executive vice president of support and customer service, in a blog post on Friday. McPherson added that it was McAfee's belief that only a small number of PCs had been affected. The firm updated its position on the problem late last night, and offered a worldwide recovery service for inoperable of severely impaired PCs, again suggesting that these would be in the minority. Affected users can contact the firm's qualified technicians through a local free phone number: Customer Service Contact Numbers except in the UK where other charges may apply. The technicians are "standing by" to diagnose and fix problems. If this is not successful, McAfee will offer a fix via download, or will express deliver a CD to the user's home or office. The company is also offering "reasonable expenses" to any home or home-office users who have incurred costs as a result of the update. For example, it will reimburse users who had to visit a local tech support specialist. Details of how to claim, and what to claim for, will be released in the next few days. McAfee is also offering a free two-year extension on users' current subscription. Source: McAfee offers damages for faulty update - V3.co.uk - formerly vnunet.com

Hi Yockie and welcome to FreePcHelp. Have you tried the obvious things first: Try one or both of these and see if your connection comes back. Click Start...Run... Type in (or copy and paste) ipconfig /flushdns (don't forget the space) then click the 'enter' key. You'll get a confirmation that the flush was successful. FOR CONNECTION PROBLEMS : Click on Start... Control Panel, select the 'Network and Internet Connections' category or double click on Network Connections, depending on which View you are using. Then right click on your default connection, usually 'local area connection' for cable and dsl, and left click on properties. Double-click on the 'Internet Protocol' (TCP/IP) item. Write down the settings in case you should need to change them back. Select the radio dial that says 'Obtain DNS servers automatically'. Press OK twice to get out of the properties screen and reboot if it asks. If it does not prompt you to reboot go ahead and reboot manually. If that doesn't get it, try this one: Go to Start ... Run and type in cmd A dos Window will appear. Type in the dos window: netsh winsock reset Click on the 'enter' key. Reboot your system to complete the process.

Hi nuley If anything does get left behind, just right click on it and then select 'delete'. Empty your recycle bin once completed. There's no harm in removing any leftover icons.... they're not needed now.

McAfee's popular antivirus software broke down on Wednesday, causing Windows XP computers to have networking problems or repeatedly reboot. By midday Wednesday, reports began to indicate just how widespread and damaging the McAfee update was. McAfee has posted a Web page on a separate site with detailed instructions on how to fix XP computers that have been crashing because of Wednesday's update. It recommends manually downloading and installing an "EXTRA.DAT" file, and then restore files that have been incorrectly quarantined. McAfee KnowledgeBase - False positive detection of w32/wecorl.a in 5958 DAT Early reports attributed the widespread problems to a routine McAfee update that caused computers with Microsoft's Service Pack 3 installed to incorrectly identify a legitimate operating system component as containing a virus. The update did not seem to cripple computers running Windows Vista or Windows 7. Source: Buggy McAfee update slams Windows XP PCs | Security - CNET News

Hi nuley I apologise for the delay in response to your repy. I've been away. If everything is still running fine, we'll remove the programs we downloaded and finish off. Step 1 Please double-click OTL.exe to run it. You should see a CleanUp! button, press that button, http://img.photobucket.com/albums/v708/starbuck50/cleanupbutton.png This will remove any programs we have asked you to download along with there associated folders.. plus itself. Note: MBAM will not be removed Step 2 Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is: Go to Start > Programs > Accessories > System Tools and click "System Restore". Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore. Then go to Start > Run and type: Cleanmgr Click "OK". Select the drive for cleaning then click OK (usually 'C' drive) Click the "More Options" Tab. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

mmm interesting. Let's see if anything is trying to stop it..... Try this: Please download: Rkill and save it to your Desktop. Run the tool by clicking on it. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the malware when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself . If the malware is persistant, you may have to RKill a number of times. When it has finished, the black window will automatically close and you can continue with the next step. Note Please do not reboot your system until you have completed the following step, or the Malware will restart itself: Now try and download Combofix and run the scan..... while RKill has the processes/programs stopped.

To finish off, we just need to remove the programs we had you to download and then clear your restore points. I normally ask just to make sure there's no new issues. Step 1 Please double-click OTL.exe to run it. You should see a CleanUp! button, press that button, http://img.photobucket.com/albums/v708/starbuck50/cleanupbutton.png This will remove any programs we have asked you to download along with there associated folders.. plus itself. Note: MBAM will not be removed Step 2 Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is: Go to Start > Programs > Accessories > System Tools and click "System Restore". Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore. Then go to Start > Run and type: Cleanmgr Click "OK". Select the drive for cleaning then click OK (usually 'C' drive) Click the "More Options" Tab. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one. To find out how you may have been infected....read this topic: So how did i get infected? Not all of the following information will be applicable to you, but it's still best to read it all. Now that you are clean, please follow these simple steps in order to keep your computer clean and secure: Use an AntiVirus Software Avira AntiVir Avast free Bitdefender Free MS Security Essentials ... see note* Note*: Upon installation MS Security Essentials will check that your OS is a legal copy. Only install one AntiVirus program [*]Update your AntiVirus Software regularly [*]Use a 3rd party Firewall Online Armor Free ZoneAlarm ...Important note below Outpost Firewall Free Sunbelt Personal Firewall NOTE: If choosing Zone Alarm be aware that the free version also installs ZoneAlarm Spy Blocker. It is recommended however that you UNcheck this option. Only install one software Firewall Some 3rd party Firewalls will turn off the windows firewall when they are installed. It's always best to check that the Windows Firewall is turned off: How to turn off Windows Firewall: Start ... Control Panel ...click on 'Classic View'. now select Windows Firewall. When the Windows Firewall box opens, put a tick against .. Off (not recommended) and then click Ok [*]Scan regularly with a 'Stand Alone' Anti-Malware scanner: Installing another scanner that you can run once or twice a week is always beneficial. Something like: Malwarebytes Anti-Malware SUPERAntiSypware Remember to update these programs each time before running. You can install more than one of these if you only run them as stand alone programs. [*] Use an alternative browser: Some excellent alternatives to MS Internet Explorer are: Firefox For added security, add the NoScript extension to this browser: Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks also consider adding: WOT - Safe Browsing Tool Web of Trust warns you about risky sites that cheat customers, deliver malware or send spam. Millions of members of the WOT community rate sites based on their experience, giving you an extra layer of protection when browsing or searching the Web. Btw: you don't have to make a contribution. Opera They offer better security, more stability, and better speed. [*]Keep a backup of your registry Keeping a regular backup of your registry will help when something goes wrong. Use a program like: Erunt A full tutorial on how to set up and use Erunt can be found here: Erunt tutorial [*]Keep your system clean of temp files etc, using a 'Cleaner': Cleaners are programs that will help to clean out your: Windows temp files Current user temp files Cookies Temporary Internet flies Browser history Recycle bin Etc....... In other words.... all the rubbish that you accumalate over the course of your browsing and day to day usage of your pc. Programs like: CCleaner TFC by OldTimer ATF Cleaner [*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. [*]Install SpywareBlaster - SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A tutorial on installing & using this product can be found here: Using and installing SpywareBlaster [*]Update all your 'Security' programs regularly - Without regular updates you WILL NOT be protected when new malicious programs are released. Follow this list and your potential for being infected again will reduce dramatically. Glad I was able to help. Safe surfing. http://fc08.deviantart.net/fs71/f/2010/033/b/3/Computer_addict__by_Sinister_Starfeesh.gif

Glad things are running better now. Are you ready to complete the cleaning process now?