I don't understand, so you got the original problem fixed and now secureonlinetags.com is another different problem? That doesn't even appear to be a valid website. Have you run SpyBot, AdAware, Spyware Terminator, etc.? If not, you need to run ALL of them, and be sure they are setup correctly to scan for everything and everywhere. Run HJT, CWShredder, and CCcleaner again. Did you do a manual scan with AVG, after getting it setup properly and updating it? Before you do any scans, under "Folder Options", and the "View" tab, make sure "Show hidden files and folders" is dotted, and UNCHECK "Hide protected OS files". Did you examine **very carefully** the Start Up tab in Msconfig? Also scan your HD here and see if they find anything: http://www.kaspersky.com/virusscanner http://www.ca.com/us/securityadvisor/virusinfo/scan.aspx http://www.bitdefender.com/ (bottom left) http://global.ahnlab.com/ (right side of page; virus and malware scanners) http://www.commandondemand.com/ http://support.f-secure.com/enu/home/ols.shtml http://us.mcafee.com/apps/vsfreescan/en-us/ http://www.pandasecurity.com/activescan/index/ http://www.pcflank.com/ http://www.pcpitstop.com/antivirus/default.asp http://housecall.trendmicro.com/ http://security.norton.com/sscv6/default.asp?productid=zdtv_cc&langid=ie&venid=zd http://www.windowsecurity.com/trojanscan/ And there's probably more listed here: http://www.johannrain-softwareentwicklung.de/e_online_antivirus_scan.htm Hopefully these will find something odd on the PC. NONE of these will find EVERYTHING. Some will miss what others will find. -Clint God Bless Clint Hamilton, Owner http://www.OrpheusComputing.com http://www.ComputersCustomBuilt.com ----- Original Message ----- From: "LarryB" I really appreciate all the information late or not and obviously I will learn from all this. Presently I have kinda got it our of the systray but still get the yellow triangle with "System Alert: Trojan-Spy-Win32@mx" Then the moment I try to go to the Internet I get railroaded to "secureonlinetags.com" and have to use Task Manager to stop the initiated system scan that also starts. The site comes up with M$ colors and starts the scan. again the Task Manager stops it for the moment. When and If I get this thing resolved I'll be back for other setup instructions. Again Thanks for your time and effort all. Larry Browning K & L Electronics Anderson, SC Clint Hamilton-PCWorks Admin wrote: > I can't find your post now, but yesterday you asked about > Spyware Blaster and SpyBot and how they block things. I > forgot > to answer that in my reply. I thought I already said this, > but > Spyware Blaster does not have to be running in the > background, > in fact, it can't. It works by simply placing thousands of > bad > URL's and websites in the browser's Restricted Sites zone (FF > too), and using thousands of registry tags, downloaded > program > files blockers, hosts file protection, etc., etc. All these > things prevent its detected malware from ever getting on your > PC. You have to be sure to "Enable all protection" with it, > and be sure to make backups with it. It can make a "System > snapshot", and backup important things that can be restored. > > SpyBot does it BOTH ways. In addition to what Spyware > Blaster > does (using the "Immunize" button), it has two 'scanners' > so-to-speak. One is some kind of DLL, "Resident SD Helper" > that blocks all downloads from sites in its database. You > did > not have it active, because like I said yesterday, I couldn't > even get to that website, it blocked me from it. The other > is > a great one, "Resident TeaTimer" which DOES have to be > running > in the background. It shows in the System Tray. This > protects > you from things being added to the Start Up folder, and that > "Run-" area in the registry where things are added to startup > in Msconfig's area, as well as many other forms of > protection. > NEITHER of these are checked by default, you have to check > both > boxes in SpyBot's Tools > Resident area. Like a firewall, > TeaTimer will ask if you want to allow or deny action it > detects, and if you want it to remember the action. Then > there's also the "IE Tweaks" area that can "Lock the Hosts > file........." as protection against hijacks. > > None of this ever would have happened if you would have had > those areas active. But, now you know. ;-) Even if you > click > on something bad, nothing will happen with these programs and > ALL of their features active (as long as the malware or > website > is in its def's and database of course). But both the SD > Helper and TeaTimer also work off of heuristics and detection > of suspicious behavior, so even if something is not in their > def's, they can still protect you from the "actions" of said > malware. > > Regarding the firewall, regardless of how complicated they > may > be, everyone should still use one. Even at their default > settings they are still better than nothing. Yes, like > anti-malware programs, one router is not enough. I guess two > is enough, anymore than that could lead to conflicts. A > hardware firewall (like from the router) is good for certain > things, but not for others. You will also get no warnings > from > it when it blocks or allows traffic. A software firewall > adds > another *configurable* layer of protection that protects > against far more things than just traffic. Using both, and > having both setup CORRECTLY, you have the best chance of > protecting yourself. It's sort of like a bulletproof vest; > level II is fine for most handguns (sort of like maybe the > router firewall), level III is fine for all but the most > powerful of handguns, and the new "dragon skin" type or level > III+ with the ceramic shield will stop anything except the > .50 > cal or magnum sniper rifles at close range, which is in a > manner of speaking what you want to achieve with your PC. > -Clint > > > ----- Original Message ----- > From: "LarryB" > > Thanks for the input Hugh. > You are probably right in that I clicked on something that > triggered > this whole mess. Time pushing is often the culprit and > slowing > down > would be the cure. > I have done the "immunize" in Spybot on all 3 of my computers > so that's > done. I have also installed Comodo Firewall Pro on just one > so > we'll see > how that works. It appears to be easier to understand vs > Sygate > so far. > > > LarryB > Have a great day > > > Hugh Vandervoort wrote: >> No firewall or router can protect you from packets you >> allow. >> You were >> enticed, somehow, to click on something malicious, and no >> firewall can >> protect from that. The only protection is to be more >> careful, >> and that's >> not always easy as these guys are very clever (Click here to >> Feed the >> Homeless!) >> I have found home firewalls to be a source of far more >> irritation than >> protection. While they have come a long way, they are still >> a >> source of >> confusion and irritation to many, and not worth it for the >> average user. >> If you haven't used Spybot's "Immunize" feature yet, I >> encourage you to >> do so. >> >> >> It also got by my routers firewall! I remember someone >> saying >> if you >> have a router you do not need a firewall on your computer >> also. At this >> point I might add another one then I'll have 3 of them ;-) ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-