HI, My name is Deborah and I live in SC and I am having serious issues with spyware and Malware and I can't figure out where on here to post My HJT log. Can someone help me please???

hello and welcome to techspot :wave: :wave: Deborah

http://www.techspot.com/vb/topic19133.html

this tell u how to post Hijack this log; between did u try ad-aware try downloading it and giving it a try

Yes, I have run AdAware SE, AVG, spybot, spyware blaster and registry mechanic to no avail

Hello and welcome to Techspot.

First go HERE (http://www.techspot.com/vb/topic17297.html) and follow the instructions exactly.

Once you have done that, go HERE (http://www.techspot.com/vb/topic19133.html) for instructions on how to post your Hijackthis log.

Regards Howard :wave: :wave:

I followed the instructions, and deleted all the files on the list that I had on my computer, I even deleted all of my IE favorites hoping that would help. I am still getting the casino ad popups and several more. Here;s my last HJT Log..

Let HJT fix this R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local> Only if you don`t use a proxy overide, or you don`t recognise it.


O18 - Filter: text/html - {8293D547-38DD-4325-B35A-F1817EDFA5FC} - C:\Program Files\Cas\Client\casmf.dll This one requires special attention, and is the source of your popup problem. Go HERE (http://www.symantec.com/avcenter/venc/data/adware.casinoclient.html) for removal instructions.

When you have finished, please post a fresh HJT log.

Regards Howard :)

I am attaching a copy of the new log and I have another question..everytime I reboot AVG is finding all these trojan viruses and I am moving them to the vault but it's the same ones over and over..I am also attaching a txt document of those files as well maybe you can explain how to get rid of them, they keep reappearing.. Thanks
Deborah

Boot in Safe Mode.
Press Ctrl/Alt/Del simultaneously, select Taskmanager/Processes, select the process (if there), click "End Process" for:
userinit.exe
PSof1.exe
CFD.exe
2portalmon.exe
buddy.exe <<==(might not be there)
nipk.exe

Next, run a HJT scan and place a tick-mark in the little square before (if still there):
........................................................................... ........................
C:\WINNT\system32\userinit.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hometab.bellsouth.net/
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINNT\ceres.dll
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINNT\cfgmgr52.dll
O4 - HKLM\..\Run: [PSof1] C:\WINNT\system32\PSof1.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINNT\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire HomePortal Monitor\2portalmon.exe
O4 - Global Startup: [B]nipk.exe
........................................................................... ........................
Now click on the Fix Checked button in HJT.

When done, from between the dotted lines, delete ONLY the highlighted bold files.
Also delete buddy.exe if you can find it.
Delete all files and directories from: C:\Documents and Settings\[username]\Local Settings\Temp
Repeat this for ALL [usernames].

Check also on this path: C\DOCUME~\DEBORA1~\LOCALS\Temp (from your attached virusfault-list)
LOCALS could be a typo (instead of LOCALS~) and mean the same as the previous Temp directory, OR it is not.
If a new or different one, DELETE it with all its contents.

Now go empty the Virus-vault of AVG.

Boot normal.

I went ahead and did a clean install of Windows 2000 but reformatted my hard drive first. I put Norton back on and did the live updates, I also downloaded all the programs you instructed before and None of them are showing any problems so I have my fingers crossed this has fixed it. Thanks so much for your help.

Deborah

That was rather drastic, and probably not necessary.
Anyway, a clean install is always the best.
Make sure you install SP4 and then get the 35-40 Windows-updates from MS.
Install Firefox as well and use that instead of IE.

A shame you put Norton's bloatware on, instead of AVG!