Tomk_

Meagan, You are very welcome. Happy Holidays to you and yours. Good Luck and be Well.

Yes. Select normal startup

It's not unusual for Bamital to bork some system files. Let's have windows check them. Be sure to to have your Windoes XP disk handy in case it is requested. Click Start, then Run In the run box type sfc /scannow (note the space) The program will then check your system files and restore them from your windows disk if needed. This process will take anywhere from 20 minutes to several hours. There is no report. Let me know how it goes.

Have you checked your power management settings? They are found in your control panel under Performance and maintenance. Then select Power options.

You can remove them, or you can choose to keep. They won't run unless you want them to - though SuperAntiSpyware could be configured to. When they aren't running, they really aren't using resources. I would probably delete them just because they tend to make things look messy.

That did it. Log looks good Time for some housekeeping Click START then RUN Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there. The above procedure will:Implement some cleanup procedures. Reset System Restore. Now to remove most of the tools that we have used in fixing your machine: Make sure you have an Internet Connection. Download OTC to your desktop and run it A list of tool components used in the cleanup of malware will be downloaded. If your Firewall or Real Time protection attempts to block OTC to

help&get_help_motive, You are very welcome (and I'm sure JonTom would say the same. Happy Holidays to you and yours. Good Luck and be Well.

Well.... it's back. Odd's are your router is infected. I need you to reset the router, and then run the exact same ComboFix-script we just ran. Run the CFscript on your computer before connecting it to your router.. and don't connect it to your router until after the router has been reset.

help&get_help_motive, Not dangerous. Nothing wrong. Nothing to be gone. Time for some housekeeping Click START then RUN Now type Combofix /Uninstall in the runbox and click OK Note the space between the X and the U, it needs to be there. The above procedure will:Implement some cleanup procedures. Reset System Restore. Now to remove most of the tools that we have used in fixing your machine: Make sure you have an Internet Connection. Download OTC to your desktop and run it A list of tool components used in the cleanup of malware will be downloaded. If your Firewall or

They both look to be legitimate and clean. I am not seeing any malware at this point. However, I also am not seeing any reason that your system should be slower than normal. Reinstall some Anti-virus and give it a test drive. Let me know tomorrow how it's going (especially if it gets worse). By then, I'll have either came up with something more to try... or we'll clean up.

Well... That looks good. How's it running now?

Yep... It for sure is bad. I asked the question about other computers because sometimes these type of infections change the router settings in the router. I'm not seeing anything in your computer that would account for the settings being changed, and once you've reset your router - it should no longer be a problem. Therefore, if the issue keeps returning, it might be because the root of the infection is in another computer that is connected to the router - infects the router - which then passes the problem back to your computer. At the time you posted that log... the proxy is gone.

Please download and run the AVG Removal Tool The AVG removal tool will locate and remove all traces of AVG products from your computer. To download the tool, click here and save the file (called avgremover.exe) to your desktop. Right click on the avgremover.exe icon and select "Run as Admnistrator" to run the program. Follow any prompts you receive. Once you have run the removal tool you may delete it from your machine.

I'm not seeing the problem. So.. Drag combofix to the recycle bin and redownload it (again) this time saving as a different name like you did earlier. Then please run it.

Well then... please give me a new DDS log and maybe I can see what's going on.

Meagan, JonTom has been called away and won't be available for some time. I'm going to see if I can help get you finished up. They are the lines that I've included in the script below. I need a little information please. Why kind and model is your router (at home)? Are there other computers hooked to the router? Please reset your router before doing the following: COMBOFIX-Script Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: dds:: uInternet Settings,ProxyServer

help&get_help_motive, JonTom is away and won't be available for a couple weeks. I'm going to step in and see what I can do in his absence. I'd like you to drag your current copy of ComboFix to your recycle bin, download a fresh copy, run it and post a new log please.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

rocknblues81, You are very welcome. If I don't hear anything in the next day or two, I'll go ahead and close this thread. Good Luck and be Well.

rocknblues81, Please open HijackThis and run Do a system scan only Check the boxes next to ONLY the entry listed below(if present): O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - (no file) Close all programs except for HijackThis. Click on Fix checked A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis. With that done. Log looks good Time for some housekeeping Click START then RUN Now type Combofix /Uninstall in the runbox and click OK Note the space between the

rocknblues81, Try reinstalling Spybot and see if that straightens up. Please post a new HijackThis log. Let me know how it goes with TeaTimer and if you are having any other problems at this time.

Let's do an online scan to make sure we got everything. This scan will take several hours probably so let's clean temp files first. Download TFC to your desktop Close any open windows. Double click the TFC icon to run the program TFC will close all open programs itself in order to run, Click the Start button to begin the process. Allow TFC to run uninterrupted. The program should not take long to finish it's job Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean Then Please go to Kaspersky website and per

rocknblues81, Maybe... Typically ClickPotato comes when downloading from movie sites. COMBOFIX-Script Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: File:: C:\Documents and Settings\Rhonda\Desktop\Lucas\TW lucas\XvidSetup.exe Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.

Your Java is out of date. Java 6 can be updated from the Java Control Panel. Go Start > Control Panel(Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now. An update should begin; follow the prompts. Please go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settin