Hi Excalibur...

Ok...I ran Regseeker 3 times and on the final time it found nothing.

Here is the Activescan log report:


Incident Status Location

Adware:Adware/WinTools No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\11623954.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\15032605.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\15034428.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\21787168.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\21787839.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\21787859.asw
Adware:Adware/WinTools No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\22400540.asw
Adware:Adware/Envolo No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\22401181.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\37297431.asw
Adware:Adware/IPInsight No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\37299231.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41319511.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41320411.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41321111.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41321711.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41322311.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41323111.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41323821.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41324421.asw
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\41325021.asw
Adware:Adware/WinTools No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\65153583.asw
Adware:Adware/Envolo No disinfected C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle05282005193326203178.asw
Adware:Adware/nCase No disinfected C:\WINDOWS\180ax.log
Adware:Adware/nCase No disinfected C:\WINDOWS\180axau.dat
Adware:Adware/nCase No disinfected C:\WINDOWS\180ax_gdf.dat
Spyware:Spyware/Virtumonde No disinfected C:\WINDOWS\bsx32.ini
Adware:Adware/WinTools No disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\QDow_AS2.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\casino-ico.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\casino.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\dating-ico.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\dating.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\drugs-ico.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\drugs.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\fav-ico.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\fav.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\virus.bmp
Adware:Adware/Gator No disinfected C:\WINDOWS\FT2_0_0_629_GEPFAH.EXE
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\inf\payload2.inf
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\system\QBUninstaller.exe
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\retpdat32.xml
Adware:Adware/AdLogix No disinfected C:\WINDOWS\system32\sp32.xml
Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\SWin32.dll
Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.008
Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\winupdt.bin

As far at the computers performance, it's sluggish on shutdown and startup...but after startup it seems to run fairly quick.

Questions: After we complete all the process and everything is working fine, what do I do with all the programs we have installed...should I keep them on her computer or delete them? Should I also re-install spybot search and destroy?? And...how do we stop this from happening again?

Ok bud...waiting for the next step!!! thanks excal

peace out,
daddy

Hi Daddy,

Download ETRemover Here
save it to your desktop, please do not use yet

This should be it

Check to see if there is a way to empty out the you AOL Spyware Protection quruntine/Backup folders. If you don't, they will still show up in other spyware detectors has infections.

As far as the programs we downloaded, u can delete/unistall all of them. I would suggest keeping CleanUp! and AdAware because you should still use those 2 programs regulary.


Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.

1. Click this link to be sure you can view hidden files.

2. Ensure you are NOT connected to the internet.

3. Reboot into safe mode.

Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

4. Please remove these entries from Add/Remove Programs in the Control Panel(if present):

EliteToolBar

5. Please remove the following folders using Windows Explorer (if present):

C:\WINDOWS\EliteToolBar

6. Please remove just the files from the following paths using Windows Explorer (if present):

C:\WINDOWS\180ax.log
C:\WINDOWS\180axau.dat
C:\WINDOWS\180ax_gdf.dat
C:\WINDOWS\bsx32.ini
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\QDow_AS2.dll
C:\WINDOWS\FT2_0_0_629_GEPFAH.EXE
C:\WINDOWS\inf\payload2.inf
C:\WINDOWS\system\QBUninstaller.exe
C:\WINDOWS\system32\retpdat32.xml
C:\WINDOWS\system32\sp32.xml
C:\WINDOWS\system32\SWin32.dll
C:\WINDOWS\system32\winupdt.008
C:\WINDOWS\system32\winupdt.bin

7. Extract the EliteBar Removal Tool zip file into the suggested folder and run the file ETRemoverV130.exe Click "Kill Elite Toobar" button.

Let me know if you had any problems with this.


Thanks,



Excal

Thank you bro...everything is back to normal and running great. You were an awesome instructor. Thank you again from saving us from a re-install. Look for a nice tip very soon

peace out,
daddy

BTW...how do you learn how to do this? I would really like to learn if you could point me to some tutorials or something. Thanks.

Hi Daddy!

Great to hear its back to normal!

IF you are interested in learning, we have a great Program called GeekU here that you can do at your own pace and we have plenty of tutorials to read thru

GeekU



Great job, it appears your computer is clean

Ensure you rehide your “hidden files and folders” back to the way they were.

Now that your system is Malware Free, it is important to reset your system Restore. Click Here to learn how to.

Might I suggest the following Free Spyware programs for added security, you can download them at the following links. These programs work great for detection:

Ad-aware SE

Spybot S&D


If you are unhappy with your current antivirus and want to replace it or if you dont already have one, I suggest one of these free programs:
*Note - do not use more than one anti-virus program as it will more than likely cause conflict.

AVG
Avast


The following free programs are great for prevention:

SpywareBlaster 3.4

Spywareguard

IE/Spyad


A Firewall is a must! Here are 2 good free versions:

Sygate

ZoneLabs

There are other options other than Internet Explorer for a browser, which some say have better security. Two of them are:

Firefox

Opera

This site is a great source for tightening up security on Internet Explorer settings.

Make sure that you keep your Operating System and IE updated with the latest Critical Security Updates from Microsoft...they usually come out once a month, on the 2nd Tuesday of each month.

Be sure and give the Temp folders a cleaning out now and then as well, Make sure after you clean your Temp files to empty out your Recycle bin as well.
For ease use the following program:

Cleanup
Run "Cleanup" and when it has finished, Reboot

To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial and use the tools provided.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.