Hello :wave:

I think I have accidently deleted programs improperly, and believe part of these programs are still in my computer. Is there a way to find them and delete them. So they don't ruin my computer. I keep getting a virus alert on spybot but I know longer have that program?

Thank you kindly for taking the time to help me. I've inclosed a copy from highjackthis:
Logfile of HijackThis v1.97.7
Scan saved at 11:38:16 PM, on 8/30/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ZERO KNOWLEDGE\FREEDOM\FREEDOM.EXE
C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\INTEGRATOR.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAM FILES\BELL\ACCESS MANAGER\APP\TANGOMANAGER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\COMMON FILES\COMMAND SOFTWARE\DVPAPI9X.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/?lang=en-ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sympatico.ca/homepage.html?blink,static
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sympatico
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\PROGRAM FILES\ZERO KNOWLEDGE\FREEDOM\FREEBHOR.DLL
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\PROGRAM FILES\ZERO KNOWLEDGE\FREEDOM\PKR.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O4 - Startup: Zoom.lnk = C:\Program Files\Dachshund Software\Zoom\Zoom.exe
O8 - Extra context menu item: Fill Forms &] - file://C:\Program (file://C:Program) Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program (file://C:Program) Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program (file://C:Program) Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RoboForm &2 (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.sympatico.ca/homepage.html?blink=static
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38094.9654050926
O16 - DPF: Showbiz Slots by pogo - http://showbiz.pogo.com/applet-5.8.1.28/slots/showbiz-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://showbiz2.pogo.com/applet-5.8.1.28/slots/showbiz2-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet-5.8.6.20/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-5.9.0.18/jumbee/jumbee-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-5.8.6.20/gin/gin-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://squelchies.pogo.com/applet-5.8.6.20/squelchies/squelchies-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game6.pogo.com/applet-5.8.6.20/turbo21/turbo21-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-5.8.6.20/whackdown/whackdown-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://swashbucks.pogo.com/applet-5.9.2.38/piratesgold/piratesgold-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet-5.8.6.20/greenback/greenback-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-5.9.2.31/holdem/holdem-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong2.pogo.com/applet-5.8.6.20/mahjong/mahjong-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-5.8.6.20/popfu/popfu-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://pool2.pogo.com/applet-5.8.6.20/pool2/pool-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet-5.8.1.28/poppit/poppit-ob-assets.cab
O16 - DPF: Keno by pogo - http://keno.pogo.com/applet-5.8.1.28/keno/keno-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://superbingo.pogo.com/applet-5.9.1.18/superbingo/superbingo-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://slots.pogo.com/applet-5.8.1.28/slots/alibaba-ob-assets.cab
O16 - DPF: Top Down Baseball Challenge by pogo - http://topdown2.pogo.com/applet-5.8.2.19/topdown2/topdown2-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://peaks.pogo.com/applet-5.8.6.20/peaks/peaks-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet-5.9.1.28/worldclass/worldclass-ob-assets.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet-5.8.2.19/checkers2/checkers-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://whomp.pogo.com/applet-5.8.2.19/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet-5.8.2.19/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://flinger.pogo.com/applet-5.8.6.20/flinger/flinger-ob-assets.cab
O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet-5.9.2.21/euchre/euchre-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-5.9.2.21/sweettooth/sweettooth-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://freecell.pogo.com/applet-5.8.6.20/freecell/freecell-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-5.8.4.24/spades/spades-ob-assets.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1585c456317a4eba2e03/netzip/RdxIE601.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040427/qtinstall.info.apple.com/saba/us/win/QuickTimeInstaller.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: Dominoes by pogo - http://domino.pogo.com/applet-5.8.5.21/domino/domino-ob-assets.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://66.179.32.121:8005/Java/cfs31235.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://activation.sympatico.ca/wizlet/SympaticoWebflow/static/controls/BellCanadaActiveX.cab
O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-5.8.5.28/hearts/hearts-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.0.25/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - http://ca.encarta.msn.com/encnet/external/MSSurVid.cab
O16 - DPF: Cribbage by pogo - http://crib.pogo.com/applet-5.8.6.20/cribbage/cribbage-ob-assets.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_3_18_0.cab
O16 - DPF: Backgammon by pogo - http://gammon.pogo.com/applet-5.9.0.18/backgammon/backgammon-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://solitaire.pogo.com/applet-5.9.0.18/solitaire2/solitaire2-ob-assets.cab
O16 - DPF: Ricochet by pogo - http://game3.pogo.com/applet-5.9.0.18/ricochet/ricochet-ob-assets.cab
O16 - DPF: Chess by pogo - http://chess2.pogo.com/applet-5.9.0.25/chess2/chess2-ob-assets.cab
O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-5.9.2.21/canasta/canasta-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.18/nascar/nascar-ob-assets.cab
O16 - DPF: {05CE4481-8015-11D3-9811-C4DA9F000000} - http://www.care2.com/go/z/3578/C2GTU.cab

I used freedom from sympatico.ca for firewall and virus scanner now which I think is really good> I see an old program or I think it is in this list? I Know I also deleted housecall and symantec I I'm not to sure on but if its a viurus scanner I must have removed it also. I hope I have done this right and provided you with the information you need to help me. I thank you kindly for your time with helping in advance!! ;) :wave: Toni

Hi Toni, which programs are your referring to? Also, there is a worm called Spybot and although I cannot see any obvious malware in your log, it might be a good idea if you run the online scanner here (http://housecall.antivirus.com/housecall/start_frame.asp).

Your ActiveX Controls could do with a jolly good cleanup (I'm referring to the entries below). Have a look through them and post which ones can go and I'll talk you through the removal. Even if you only go to the site occasionally, it can go because you will be prompted to download a new ActiveX Control if its needed.

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/...ash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pu...ector/swdir.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...8094.9654050926
O16 - DPF: Showbiz Slots by pogo - http://showbiz.pogo.com/applet-5.8....z-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://showbiz2.pogo.com/applet-5.8...2-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/apple...g-ob-assets.cab
O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-5.9.0...e-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-5.8.6.20...n-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://squelchies.pogo.com/applet-5...s-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game6.pogo.com/applet-5.8.6....1-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-5....n-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://swashbucks.pogo.com/applet-5...d-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet-5....k-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-5.9....m-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong2.pogo.com/applet-5.8...g-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-5.8.6....u-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://pool2.pogo.com/applet-5.8.6....l-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet-5.8.1...t-ob-assets.cab
O16 - DPF: Keno by pogo - http://keno.pogo.com/applet-5.8.1.2...o-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://superbingo.pogo.com/applet-5...o-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://slots.pogo.com/applet-5.8.1....a-ob-assets.cab
O16 - DPF: Top Down Baseball Challenge by pogo - http://topdown2.pogo.com/applet-5.8...2-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://peaks.pogo.com/applet-5.8.6....s-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet-5.9...s-ob-assets.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet-5.8...s-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://whomp.pogo.com/applet-5.8.2....p-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet-5.8.2...k-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://flinger.pogo.com/applet-5.8....r-ob-assets.cab
O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet-5.9.2...e-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-5...h-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://freecell.pogo.com/applet-5.8...l-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-5.8.4...s-ob-assets.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1585c45...ip/RdxIE601.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: Dominoes by pogo - http://domino.pogo.com/applet-5.8.5...o-ob-assets.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://66.179.32.121:8005/Java/cfs31235.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://activation.sympatico.ca/wiz...nadaActiveX.cab
O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-5.8.5...s-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5...l-ob-assets.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - http://ca.encarta.msn.com/encnet/external/MSSurVid.cab
O16 - DPF: Cribbage by pogo - http://crib.pogo.com/applet-5.8.6.2...e-ob-assets.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah...utocomplete.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.com...bio5_3_18_0.cab
O16 - DPF: Backgammon by pogo - http://gammon.pogo.com/applet-5.9.0...n-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://solitaire.pogo.com/applet-5....2-ob-assets.cab
O16 - DPF: Ricochet by pogo - http://game3.pogo.com/applet-5.9.0....t-ob-assets.cab
O16 - DPF: Chess by pogo - http://chess2.pogo.com/applet-5.9.0...2-ob-assets.cab
O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-5.9....a-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1...r-ob-assets.cab
O16 - DPF: {05CE4481-8015-11D3-9811-C4DA9F000000} - http://www.care2.com/go/z/3578/C2GTU.cab

Sorry it took so long to get back to you I've had a very busy day. Thank you kindly AnnMarie for helping me.

Anything you can suggest and wish me to delete I will. As I believe your right on getting those xcontrols back. When I play those games.

I had spybot to find spyware and I deleted it but I don't think it all came out of my computer.

I also think I had the symantec virus program which I believe I deleted too. But it's down here so not sure.

Any help would be greatly appreciated AnnMarie..

By the way my middle name is Marie Ann.. sort of interesting I thought when I seen your name.

And I will run that scanner now.. Thank again for your time!! :wave:

Hi again Toni, post back and let us know what Housecall found (if anything).

Yes it found a few Troj: eeek!! With the program you told me to run. :upset:

Here is what it says:

Troj imiserv.c noncleanable file c:\windows\temp\wupdt.exe

Troj funweb.A Can not Access c:\_restore\temp\A0017365

Troj Imser V C Can not Acess c:\_restorer temp\A0028186

I'm lossed now AnnMarie don't know what to do.

I still think I may have deleted only part of these programs and left the the one's above behind :upset: programs behind somehow.

Hope this helps!! and again thank you kindly for your time. :wave:

Yes it found a few Troj: eeek!! With the program you told me to run. :upset:

Here is what it says:

Troj imiserv.c noncleanable file c:\windows\temp\wupdt.exe

Troj funweb.A Can not Access c:\_restore\temp\A0017365

Troj Imser V C Can not Acess c:\_restorer temp\A0028186

I'm lossed now AnnMarie don't know what to do.

I still think I may have deleted only part of these programs and left the the one's above behind :upset: programs behind somehow.

Hope this helps!! and again thank you kindly for your time. :wave:
_restore stuff are to do with yer system restore.. have you tried turning it off? rebootin so it clears it out then turning it backon? just a thought!

Kattman & AnnMarie

By what I've been told rebooting or restoring will not fix this problem. Also by what I'm gathering, I may have to reformat my computer. Well not me unless I learn how to do it. Is there any place on the net that can teach this?

Again thank you both for taking the time to read my post! :wave: I look forward to more suggestions.

Toni

Toni, that virus is no biggie and can be easily removed. What concerns me more is when you say you have "deleted programs". Exactly how did you do this?

To get rid of the virus, boot into Safe Mode (restart your PC and keep tapping F8 as it restarts). Make sure that you can view hidden files and folders (http://www.xtra.co.nz/help/0,,4155-1916458,00.html), open Windows Explorer, navigate to C:\windows\temp. Open the Temp folder and look for wupdt.exe. When you find it, delete it and restart your computer. That's all there is to it.

The other files are in your System Restore Folder and are not active on your drive now. They will not be reactivated, unless you restore your PC to an earlier time. To get rid of them, disable System Restore and then re-enable it.. See instructions here (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?OpenDocument&src=sec_doc_namThis).

Ok I've got your instruction's and will apply everything you said. But I thought I'd better ask some more question so I don't mess up more. :blush:

As for putting my computer into safe mode I do it by restarting and pressing ctrl and pressing number #3 then it goes into safe mode.

Now did you not want me to do it that way? I'm not sure I understand sorry to say.
As for window explorer do you mean my computer or the internet explorer icon? or do I got to find files and folder?
I wish I was more adapt to learning computer's please forgive my egnorance, over this.

And you also asked how I deleted programs I delete either by control panel or the program uninstall on the program it's self.

Again thank you kindly for your time!

Toni:wave:

Hi Toni, there is more than one way to start in Safe Mode, you do it anyway that you feel comfortable with. :)

I delete either by control panel or the program uninstall on the program it's self.

Great, you are doing it correctly so I dont think that there will be much wrong with your PC once we have got rid of the virus.

Kattman & AnnMarie

By what I've been told rebooting or restoring will not fix this problem. Also by what I'm gathering, I may have to reformat my computer. Well not me unless I learn how to do it. Is there any place on the net that can teach this?

Again thank you both for taking the time to read my post! :wave: I look forward to more suggestions.

Toni
you missread doll, i mean turnin of ya system restore, rebooting then turning it back on.. that clear's all the _restore files out :)

Toni, that virus is no biggie and can be easily removed. What concerns me more is when you say you have "deleted programs". Exactly how did you do this?

To get rid of the virus, boot into Safe Mode (restart your PC and keep tapping F8 as it restarts). Make sure that you can view hidden files and folders (http://www.xtra.co.nz/help/0,,4155-1916458,00.html), open Windows Explorer, navigate to C:\windows\temp. Open the Temp folder and look for wupdt.exe. When you find it, delete it and restart your computer. That's all there is to it.

The other files are in your System Restore Folder and are not active on your drive now. They will not be reactivated, unless you restore your PC to an earlier time. To get rid of them, disable System Restore and then re-enable it.. See instructions here (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?OpenDocument&src=sec_doc_namThis).
ann, some pc's use CTRL to initiate safemode :P

:wave: Hello

Well I think I did it right but I was unable to find the file wupdt.exe

I did find wuauboot - wuaucct - wuaures and wupdmgr that's it and I searched everywhere. lol..

Umm I re-did house call and now I only have one its called:
troj imserv.c c:\_restore temp\A0028186


While looking around in those area's you recommended. I came a cross a program I used to have called called spysweeper and its in there.
Also I would like to remove anything not needed. On my computer. If at all possible.

Again I thank you kindly for the time you've all spent with me.

Hi Toni, all you need to do now is to disable and the re-enable System Restore. See instructions in my earlier post.

If you have uninstalled SpySweeper, you can remove any files still on your drive provided you are certain they are SpySweeper files.

Your startups are minimal, all that needs fixing are your ActiveX Controls. Go through the list I posted earlier and tell me what you want to get rid of. If you are still playing all those Pogo games, there is no point in removing them as they will only be replaced.

You do not have an AntiVirus program running on your PC and you do need one. You can download a free AV from here (http://free.grisoft.com/freeweb.php/doc/2/lng/us/tpl/v5).

:wave: I got it right this time.. lol I forgot to put the program back on. And I went back to house call! And I'm now clean.

Yes I do have a fire wall and virus scanner on my computer and I just added a spyware addware program which should help. Or at least I hope so. lol

Yes I actually go to pogo regularlly so I guess I will leave them alone. The other items in there I don't know what they are so don't know if I should even touch them.

AnnMarie I'd like to thank you so much for all your help!! I couldn't have done it with out you!! (((hugs))) from a Canadian!!

kattman I'd also like to thank you for your help!! ((hugs)) again from a Canadian.

Let's hope I don't need to do this again.

Ps I tell everyone how great you all are and recommend this site to all the time!!

I couldn't keep my computer running with out you!!

God bless you and yours :wave:

I'm glad we could help Toni and you are very welcome. :D