NEED HELP!!!!!.....LOTS.....

[Vern]

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11:24:00 AM, on 1/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\a la mode\Sched\eSched.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\acovcnt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: BiblePro Toolbar Helper - {6A3EBAF8-C030-4E10-9D09-DB76740E85B1} - C:\Program Files\BiblePro Toolbar\v3.2.0.0\BiblePro_Toolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BiblePro Toolbar - {4D053320-23CF-417F-B498-0DCF8EBF49C3} - C:\Program Files\BiblePro Toolbar\v3.2.0.0\BiblePro_Toolbar.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [XeroxBackgroundTask] C:\WINDOWS\system32\x85xbgnd.exe 1
O4 - HKLM\..\Run: [XeroxRegistation] "C:\DOCUME~1\VERNON~1\LOCALS~1\Temp\Xerox\EReg\opbreg.exe" /Startup
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [The Assistant] "C:\Program Files\a la mode\Sched\eSched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MyGarminAgent] C:\Program Files\Garmin\MyGarminAgent.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/DSL/Verizon%20High%20Speed%20Internet%20Installer.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} (RSClientPrint 2005 Class) - http://map.ezlistmls.com/PUBLICREPORTS/Reserved.ReportViewerWebControl.axd?ExecutionID=w204oyabxhgojvy5kjltlo45&ControlID=4c408ae5170f4ebb961ec70748e2dabf&Culture=1033&UICulture=9&ReportStack=1&OpType=PrintCab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A7DB6550-3269-11D4-8C30-0001023CA9DC} (Vault Files Downloader) - https://vault.alamode.com/cab/vfd.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FA91DF8D-53AB-455D-AB20-F2F023E498D3} (RSClientPrint Class) - http://map.ezlistmls.com/PUBLICREPORTS/Reserved.ReportViewerWebControl.axd?ExecutionID=o5cpzdyyk5m150qxduzvah55&ControlID=e73e9dac-b8b6-4bae-9d91-14d5dbf2f004&Culture=1033&UICulture=9&ReportStack=1&OpType=PrintCab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 10214 bytes

[NJ]

Hello Vern and welcome to Pctorium, before we begin I have a few preliminary steps we need to take.

Please set your system to show all files and folders;

• Click Start.
  
• Open My Computer.
  
• Select the Tools menu and click Folder Options.
  
• Select the View Tab.
  
• Under the Hidden files and folders heading select Show hidden files and folders.
  
• Uncheck the Hide protected operating system files (recommended) option.
  
• Click Yes to confirm.
  
• Click OK.
  

.
.
.

Backup Your Registry with ERUNT

• Please use the following link and scroll down to ERUNT and download it.

http://www.snapfiles.com/get/erunt.html

• For version with the Installer:

Use the setup program to install ERUNT on your computer

• For the zipped version:

Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe


P2P PROGRAMS

IMPORTANT!!!
I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

• LimeWire

.
.
.
I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above.

If you choose not to remove them, please do not use them until this computer is clean.


Next....

Jotti File Submission:

Please go to Jotti's Malware scan
Copy and paste the following file path into the "File to upload & scan" box on the top of the page:

C:\WINDOWS\system32\acovcnt.exe

Click on the submit button

Please post the results of the scan in your next reply.

If Jotti is busy, try the same at VirusTotal

[Vern]

Jotti's malware scan
This file has been scanned before. The results for this previous scan are listed below.





--------------------------------------------------------------------------------

Filename: acovcnt.exe
Status: Scan finished. 0 out of 20 scanners reported malware.
Scan taken on: Thu 31 Dec 2009 09:42:50 (CET) Permalink

[NJ]

Hi Vern,

Run Hijackthis and choose scan:

• Close all programs and browsers leaving only HijackThis running.  Place a check against each of the following, making sure you get them all and not any others by mistake:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)


Click on Fix Checked when finished and exit HijackThis.


Next......

• Download Superantispyware[/color]

• Load Superantispyware and click the check for updates button.
  
• Once the update is finished click the scan your computer button.
  
• Check Perform Complete Scan and then next.
  
• Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
• Make sure that they all have a check next to them and press next.
  
• Click finish and you will be taken back to the main interface.
  
• Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  
• Copy and paste the log onto the forum.

[Vern]

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/19/2010 at 04:45 PM

Application Version : 4.33.1000

Core Rules Database Version : 4494
Trace Rules Database Version: 2309

Scan type       : Complete Scan
Total Scan Time : 00:36:58

Memory items scanned      : 583
Memory threats detected   : 0
Registry items scanned    : 6676
Registry threats detected : 7
File items scanned        : 22929
File threats detected     : 12

Adware.Gamevance
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}

Adware.Tracking Cookie
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@doubleclick[1].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@ads.pointroll[1].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@atdmt[1].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@ad.wsod[2].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@questionmarket[2].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@pointroll[2].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@invitemedia[2].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@msnportal.112.2o7[1].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@cdn4.specificclick[1].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@specificclick[1].txt
   C:\Documents and Settings\Vernon Carter\Cookies\vernon_carter@specificmedia[2].txt

Adware.MyWebSearch/FunWebProducts
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\SOFTWARE\FunWebProducts

Rogue.Component/Trace
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\Software\71183808325200971818006243462518\Options
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\Software\71183808325200971818006243462518\Options#Aff
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\Software\71183808325200971818006243462518\Options#AdvancedScanType
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\Software\71183808325200971818006243462518\Options#FirstRunUrl
   HKU\S-1-5-21-1047977145-2377698864-860578662-1004\Software\71183808325200971818006243462518

Trojan.Agent/Gen-Nullo[Short]
   C:\SYSTEM VOLUME INFORMATION\_RESTORE{B5A51509-D372-4D5A-BE83-91239E347B1C}\RP774\A0047556.DLL

[NJ]

Hello Vern,

CNGRATULATINS! at last, your system is clean and free of spyware! Want to keep it that way?

Here are some simple steps you can take to reduce the chance of infection in the future. Please do these steps as soon as possible if you haven't already.

• Clean out Temporary Files etc.

This program is for Vista, XP and Windows 2000 only

Please download ATF Cleaner by Atribune.

• Double-click ATF-Cleaner.exe to run the program.
  
• Under Main choose: Select All. Then remove the check mark for cookies
  
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  
• Click the Empty Selected button.
• Remove the check mark for Cookies
  
• NOTE: If you would like to keep your saved passwords, please click No at the prompt if asked .
  

If you use Opera browser

• Click Opera at the top and
  
• choose: Select All.
  
• Remove the check mark for Cookies
  
• Click the Empty Selected button.

It is a good idea to do this every few weeks as a lot of junk collects there over time.

• Create a new, clean System Restore point which you can use in case of future system problems:
  
  Press Start->All Programs->Accessories->System Tools->System Restore
  Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
  
  Now remove old, infected System Restore points:
  Next click Start->Run and type cleanmgr in the box and press OK
  Ensure the boxes for Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  Press OK and Yes to confirm
  
  
  
• Set correct settings for files that should be hidden in Windows XP
  
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
    
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
    
  • If unchecked please checkHide protected operating system files (Recommended)
    
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
    
  • Click OK
  .
  .
  .
  
  
• Online Virus Scans - Run these on a regular basis(I usually do about once a month or suspect a problem):
  • a. http://www.pandasoftware.com/activescan/co...n_principal.htm
    
  • b. http://www.windowsecurity.com/trojanscan/
    
  • c. http://housecall.trendmicro.com/
    
  • d. http://www.bitdefender.com/scan/licence.php
    
  .
  .
  .
  
• Alternative Browsers - Using an alternative browser other than IE will IMMENSELY reduce the risk of infection:
  • a. Firefox
    
  • b. Google Chrome
    
  • c. Opera
    
  .
  .
  .
  
• Use GoogleToolbar - It's free, blocks popups and takes seconds to install. Use the toolbar without the advanced features enabled(check this during install), the toolbar is completely inert--it doesn't send any information to Google whatsoever as you surf.
  a. GoogleToolbar
  .
  .
  .
  Download and install the following free programs
  a. SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
  .
  .
  .
  
• Download and install the free version of WinPatrol. This program protects your computer in a variety of ways and will work well with your existing security software. Have a look at this tutorial to help you get started with the program. If you want to help the developer of the program and get more information about what the programs that you see in Winpatrol please check out Winpatrol Plus. It does not need a new download.
  
  
• Download and install the free version of Malwarebytes' Anti-Malware to your desktop. Check for the latest updates and perform a full system scan. This is an on-demand scanner and runs very well with Winpatrol.
  
  
• If you are using Internet Explorer v. 7 please read and follow the recommendations at this site. Surf the Internet Safely
  
  
• if you are using Internet Explorer v. 6

Make your Internet Explorer more secure -  This can be done by following these simple instructions:

• From within Internet Explorer click on the Tools menu and then click on Options.
  
• Click once on the Security tab
  
• Click once on the Internet icon so it becomes highlighted.
  
• Click once on the Custom Level button.
  
  • Change the Download signed ActiveX controls to Prompt
    
  • Change the Download unsigned ActiveX controls to Disable
    
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
    
  • Change the Installation of desktop items to Prompt
    
  • Change the Launching programs and files in an IFRAME to Prompt
    
  • Change the Navigate sub-frames across different domains to  Prompt
    
  • When all these settings have been made, click on the OK button.
    
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    
• Next press the Apply button and then the OK to exit the Internet Properties page.
  

There are good reasons to upgrade to Internet Explorer v. 7. Do look into this. You can find a lot of information about it on Microsoft's website.

• Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine.  This alone can save you a lot of trouble with malware in the future. 
  
  
• Update your Anti Virus Software - It is imperative that you update your Anti virus software at least a few times a week (Once a day is a good idea).  If you do not update your anti virus software it will not be able to catch new variants that come out.
  
  
• Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.  Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. Windows Firewall is not recommended.
  Be restrictive with granting access to  the Internet. If you are unsure if the program really needs the access,  test it by denying the access and see if this has any negative effects. If not, make the block permanent.
  
  
• Never run two Antivirus programs or two Firewalls  at the same time. They can interfere with each other and cause problems.
  
  
• Visit Microsoft's Windows Update Site Frequently  or better yet set computer for automatic updates.
  
  
• Update all these programs regularly - Make sure you update all the programs I have listed regularly.  Without regular updates you WILL NOT be protected when new malicious programs are released.
  
  
• Read and follow the suggestions given at this web site by Miekiemoes How to prevent Malware that will give you more information on some of the points above.
  
  
  
• Please check out Tony Klein's article "How did I get infected in the first place?"
  

Good luck, and thanks for coming to our forums for help with your security and malware issues.