hi joe5
the link that you sent me xcp was an udate link..couldn't find the program you wanted me to install


That is a good thing , that means that the program is not present.

as for the unhackme i got a reference to fm2order.exe and cous2 32.exe under the process line
i tried to right click and "kill process" but it keep comming up if unhack me is on. but on the top corner of the program it states "ATTENTTION, an invisible software service is found. It suspicious to the torjan class: AFX2005 or FU rootkit. i also pressed stop which told me that i needed to restart my computer for it to delete. which i did, but still give me the same message

Thats what i was afraid of... and that Unhackme cant do anything with them also isn;t a good sign i think..

Try to remove them with these apps:

http://www.pchelpforum.com/anti-viru...-revealer.html

http://www.pchelpforum.com/anti-viru...aler-beta.html


i also downloaded a program to remove www.ad-a-w-a-r-e.com, but it part of my start up, then it tells me that i have to uninstall norton for it to run. how can i remove this program from my start up?

Im not sure what you mean here , did you download ad-a-w-a-r-e? Or an uninstaller for it? The url you posted doesn't go anywhere.

do you mean this app?

http://www.lavasoftusa.com/software/adaware/

But don't uninstall Norton ofcourse , you can disable startup items trough start/run/msconfig , but first if you could please explain exactly whats going on.

AFX RootKit uses the driver "mc21.tmp" located in the Temp folder.

i've tried to place (sorry don't know how to use the quote box on the forums)
C:\PROGRAM FILES\NOIAHOO! on killbox, but nothing happens when i press the red sign with the white x on it, does nothing at all.

but i do get a startup file everytime i boot how do i remove it? not sure what it is or the name of the file is, so i cannot trace it. is there a way to check startup files and delete it?

is there some advice that might help me prevent this from happening
some program that i need to get rid of or help my computer run a little better?

i recently ran spyware doctor in safe mode and it seem to get rid of a lot and then i ran blacklight and it didn't find anything.
now im hoping that nothing happens from here on

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html

Close all open windows/programs/folders and then run Ewido.* Have nothing else open while ewido performs its scan!

• Click on Scanner , Settings
• Under "How to scan" all boxes should be selected
• Under "Possibly unwanted software" all boxes should be selected
• Under "What to scan" select scan every file
• Click OK, Complete system scan
• Let the program scan the machine
• If ewido finds anything, it will pop up a notification.*

NOTE:* We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one.* If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged.* In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action.*

DO NOT check "Perform action with all infections."* If you are unsure of an entry, select "none" for the time being.* We will see that in the log when you post it later and let you know if ewido needs to be run again.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report.

Click Save report. Save the report to your desktop, exit ewido


Note:

If during your scan Ewido "crashes" or "hangs", please try scanning again. Before running the scan, click on 'Scanner' (the 3rd bar from the top on the left) and Choose 'Settings'. Uncheck 'Scan in NTFS Alternate Data Streams' as this can cause problems in overly infected systems. Click 'OK' and run a new scan.