Sorry, I’m really NOT a techy person at all, but I started getting a message yesterday - malware found in C Documents and Settings HP Administrator Local Settings Temp JS Shelcode DL [EXPL] …Not sure what to do as if I click on delete or move to chest it just tells me it cannot process the file…I tried scanning the temp folder itself and nothing was found though. Should I be worried?

any help greatly appreciated!
TIA!
Bernie x

PS I need any replies in idiot-speak please if I’m to understand them:D Thank you!!!

Hi Bernie

Try this, download and run ATF cleaner http://www.geekstogo.com/forum/ATF-Cleaner-file21.html
How to http://www.tgbcomputing.com/howTo-Info/How%20to%20use%20ATF%20Cleaner.pdf

extra cleaning if you have opera or firefox installed

If you have opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.

If you have firefox
Click Firefox at the top and choose: Select All
Click the Empty Selected button.

If this does not work try,

i guesse you have avast 4.8 ? If you have avast 5, boot scan will show just under the scan tab when you click it

Boot time Avast Antivirus Scanning
http://www.digitalred.com/avast-boot-time.php

MBAM http://filehippo.com/download_malwarebytes_anti_malware/
update and run quick scan, click on “remove selected” after scan to quarantine anything found and restart

you may post the scan log here

Thanks for the replies! Yes, I have 4.8.

Am just d/l the spyware doctor now. I have spyware terminator already on the pooter…is this OK to have both?!

The cleaner…I have CCCleaner which I ran last night and cleaned out all my temp internet files. Is the cleaner you mentioned something similar…should I get the one you mentioned also…?!

TIA!

Bernie x

OK, hopefully here is a jpeg of a screenshot showing the results. Hopefully it can be read! When I try to delete the things found, it takes me to a registration screen and tells me I have to pay for the full version…is this right?!

OK, hopefully here is a jpeg of a screenshot showing the results. Hopefully it can be read! When I try to delete the things found, it takes me to a registration screen and tells me I have to pay for the full version..is this right?!

The program i wanted you to download is Malwarebytes Antimalware and it will remove infections for free, see the link in my second post

You can use CCleaner, go to Options > Advanced > and remove the tic on " only delete files older then 24 hours"
I see that after running CCleaner on my system, ATF cleaner still found 18mb to remove…

when you have run Malwarebytes post the log here

sorry i thought the link in the 2nd post MWBAM was the link to that!
I’ll use the link in the first post now and see what i get!!

bernie x

sorry second post, this link

MBAM http://filehippo.com/download_malwarebytes_anti_malware/
update and run quick scan, click on “remove selected” after scan to quarantine anything found and restart

well I just d/l the ATF Cleaner anyhow and it cleaned something like 1748.000KBs, which I assume is good!

I see what i did with the MBAM…when you click on the d/l latest version, there’s a d/l button for spyware Dr right in the middle of the screen, which I’d clicked. This time I clicked on the top tiny link for if the d/l doesn’t start, s have got the correct program now I hope!!!

BRB! I do appreciate all your help!
Bernie x

OK, I’ve run the MBAM and then clicked on remove selected and this log popped up…
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 95
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) → Quarantined and deleted successfully.

and the rest!!

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Security Tools (Trojan.Zlob) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger Service (Trojan.Zlob) → Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) → Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator (Adware.MyWebSearch) → Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator\avatar.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator\register.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator\zbucks.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Favorites\Online Security Test.url (Rogue.Link) → Quarantined and deleted successfully.

Thank you!
Bernie x

Wooooow…that is the biggest MBAM log i have ever seen…you sure had som s… in there

run again and see if the next run comes up clean…

fame at last!!
OK will do!
Bernie x

And XP SP2 may be a reason, since SP3 has been out for over 18 months, closing a number of vulnerabilities, etc. etc.

@ Bernie

• I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.

here’s the result!
Malwarebytes’ Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

29/01/2010 21:32:00
mbam-log-2010-01-29 (21-32-00).txt

Scan type: Quick Scan
Objects scanned: 124839
Time elapsed: 8 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Thanks for that link - will check it out…these new things can’t be automatic then…?!

Bernie x

MBAM PRO is automatic, it is a one time fee for a liftime license www.malwarebytes.org

you say you have SpywareTerminator ?
I would replace it with SUPERAntiSpyware free http://filehippo.com/download_superantispyware/

Update your XP SP2 to SP3 http://technet.microsoft.com/en-us/windows/bb794714.aspx

When you have the time, do a full scan with MBAM and avast just to be sure you are clean
(the full scan may find bugs that are not active)

The warning you got from avast earlier is it gone.?

OBS: i see one thing in your MBAM log, the database is 3510…the latest is 3659 so you forgot to update before the scan!
MBAM is updated several times a day, always run update before scan

Thank you so much for all your help!
I’ll remember about updating first! I’ve never been told that before, and it didn’t occur naturally to me!

I’m running a full scan now as it happens - I was just being nosey really, LOL!

I’ll get to work on those other things too.

The avast warning from first thing this morning hasn’t popped up again at all…

Thank you again so much - to have it explained so I could actually understand is fantastic!!!

I’ll be singing your praises for days!!!

Bernie x