Tarun

If you still have the download, can you host it on a website/ftp (rapidshare, etc) or send out a copy?

I agree, but I wondered this: Why do websites so stupidly publish these things? They should be directly reported to Microsoft and not put all over the Internet for script kiddies and other malicious users to exploit.

Igor Franchuk has discovered a weakness in Microsoft Windows, which can be exploited to hide certain information. The weakness is caused due to an error in the Registry Editor Utility (regedit.exe) when handling long string names. This can be exploited to hide strings in a registry key by creating a string with a long name, which causes this string and any subsequently created strings in the key to be hidden. Successful exploitation e.g. makes it possible for malware to hide strings in the "Run" registry key. However, these hidden strings created after the string with the overly long name will still be executed when the user logs in. The same problem reportedly also exists for overly long registry keys. The weakness has been confirmed in fully updated Windows XP SP2 and Windows 2000 SP4 systems. Other versions may also be affected. Solution: It's possible to see hidden registry strings with the "reg" command line utility. The "regedt32.exe" utility on Windows 2000 is not affected. Ensure that systems have up-to-date anti-virus and spyware detection software installed. Provided and/or discovered by: Igor Franchuk http://secunia.com/advisories/16560/

Voted Other. Cause all techs like that suck. There are at least three or four levels of techs when you call into Gateway, Dell, etc. Do it yourself, it's that easy. I still remember calling Gateway about a simple bug. Windows ME machine, the Start > Documents > My Docs/Pictures broke. So, I called support to fix it and sat there and listened to them say "blah blah do this do that" to which none of it was related. Since I was at my pc I was fiddling around with it trying to fix it myself. I fixed it well before they had a clue. Start > Run > regsrv32 C:\Windows\System\MyDocs.dll The tech asked ME how I fixed it, what I did and wanted all kinds of information. I never call tech support anymore, I just fix it myself.

Spinrite, worth every penny.

Linux.

Yeah, it's called posting in the proper forum and reading this posting.

Nailfix will kill it all. Do as Wick said, use the three above scanners plus CWShredder.

There are also services that can more than likely be disabled.

You must not have been a gamer then.

McAfee installed, though I never really use it.

CCleaner gets my vote. Registry cleaner has always worked and fixes tons of issues. Though it's best paired with RegCompact 1.8.

UltraISO is a great ISO creating application. Supports many formats, even Mac.

If they made these things cheaper a lot more people would buy them. They may not make quite as much but you never know. Also, the minimum wage is roughly 5.25 - 9.60 an hour in the US. Depends on where you live, etc.

I'm saying that what they claim is not true. Firefox is still more secure.

As I purposely went to an infected site on my test computer while running IE7 and it got spyware.

The only thing that is getting past Firefox are some popup ads which are built into Flash and some rare javascript. It's far more secure than IE, still. Even more secure than IE7. I agree with your signature - isnt FF meant to be perfect and not get attacked with spyware and stuff. As for you problem most of the people here have given you great answers to help you as the same as one up there i would have said about the check Task Manager or run IE to see if it happens Have you had any luck yet? <{POST_SNAPBACK}> Firefox hasn't been hit with spyware yet. Only a few sparse rumors or when there was an exploit people misinterperted it as spyware, adware, etc. If shadowfla will move his/her post to the Malware Prevention forum when they post their HijackThis log the malware infection can be cleaned and removed. All of the IE fans gloating about the name of this topic, note this: shadowfla does not have Firefox spyware. As of this date there still is no known Firefox spyware.

Read this posting then, with your HijackThis log post a new topic here. I deal with malware all the time, what you have is an external malware application that is opening your default browser (firefox) to these malware sites. I'll clean your HijackThis log, just be sure to follow the PC Maintenance directions before you post your log.

The subject matter relates generally to instant messaging and more specifically to custom emoticons. BACKGROUND Emoticons have acquired immense popularity and hence importance in new email, chatroom, instant messaging, and even operating system applications. The variety of available emoticons has increased tremendously, from a few types of "happy faces" to a multitude of elaborate and colorful animations. In many cases, an increase in the number of available emoticons has been a selling feature for new releases of communications products. However, there are now so many emoticons available that some applications may be reaching a limit on the number of pre-established ("pre-packaged") emoticons that can be included with or managed by an application. There is an exhaustion point for trying to provide a pre-packaged emoticon for every human emotion. Still, users clamor for more emoticons, and especially for more nuanced emoticons that capture the subtleties of human emotions and situations. Source: U.S. Patent Office

I've said it before, I'll say it again. You really need to use Microsoft AntiSpyware, Ad-Aware and Spybot to get them all.

Generated by Tarun's HijackThis Converter v0.36 Beta. Created registry value. Safe to remove: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/...://my.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com Created extra registry value where only one should be. Safe to remove: R3 - URLSearchHook: (no name) - _{0026AD90-C86F-4269-97F3-DAB4897C6D06} - (no file) Enumeration of suspicious auto-loading registry entries. Safe to remove: O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [checkrun] C:\winnt\system32\elitecae32.exe O4 - Global Startup: Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe Extra IE context menu items. Safe to remove: O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm Extra "Tools" menu items and buttons. Safe to remove: O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe Downloaded Program Files item. Safe to remove: O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://leapnyc.org/CFIDE/classes/CFJava.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/03cc05d837dc28e77223/...ip/RdxIE601.cab O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://www.smgradio.com/core/player/abasetup144.cab O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_1_6_0.cab O4 - HKLM\..\Run: [checkrun] C:\winnt\system32\elitecae32.exe is a part of EliteBar Adware. I also recommend switching to Quicktime Alternative and Real Alternative.

This should be in the Malware Prevention part of the forums. There's information on how to clean your pc there.

Thunderbird makes emailing safer, faster, and easier than ever before with the industry's best implementations of features such as intelligent spam filters, built-in RSS reader, quick search, and much more. Download: Thunderbird 1.0.6 | Other Systems & Languages Homepage: Thunderbird - Reclaim Your Inbox Changelog: Restore API compatibility for extensions that did not work in Thunderbird 1.0.5, including Enigmail.

Nope. It's 1.0.615.

Try Quicktime Alternative and Real Alternative. They use Windows Media Player Classic.