Norton identifies it as the "Bloodhound" virus, AVG supposedly gets rid of it but it won't load for me right now. :( I have gotten about a thousand popups in the last 20 minutes. Ugh. :mad: I already had fits with this stupid thing earlier.

Also, there's a suspicious toolbar from "mirar" which I've never heard of that installed.

Norton refers to it as "Bloodhound Virus", but it's really spyware. Do you have AdAware? It should be able to knock at some of the spyware running.

That DEFINITELY just happened to me earlier today! I ran AdAware and it went away though.

Can you do an antispyware scan with all the antispyware progs you have available?

Also, if you don't have this prog yet, can you download HijackThis (direct download available here (http://dw.com.com/redir?pid=10379544&merid=6238250&mfgid=6238250&ltype=dl_dlnow&lop=btn&edId=3&siteId=4&oId=3120-8022_4-10379544&ontId=8022_4&destUrl=http://www.download.com%2F3001-8022_4-10379544.html), from download.com) and post a scan log here? Robyrob hasn't replied to this thread yet, but that's what he would tell you to do.

I just got rid of a bunch of suspicious processes in the Task Manager and deleted some stuff off HijackThis, here's a log:

Logfile of HijackThis v1.99.1
Scan saved at 12:35:12 AM, on 5/29/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\MSW5E.tmp
C:\Program Files\mIRC\mirc.exe
c:\windows\system32\dwdsregt.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\R3JlZyBOb2JibGV5\command.exe
C:\WINDOWS\SYSC00.exe
C:\DOCUME~1\Owner\APPLIC~1\ECURIT~1\javaw.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\win320818-3931451.exe
C:\PROGRA~1\COMMON~1\rwmz\rwmzm.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\thiselt.exe
C:\WINDOWS\?racle\?poolsv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\aviric.exe
C:\WINDOWS\System32\aviric.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.therandolphleader.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meloco.com/index.php?i=sm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://srch-us6.hpwis.com/
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\xtqju.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,iowmfme.exe
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NAV CfgWiz] c:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [defender] c:\\defender23.exe
O4 - HKLM\..\Run: [keyboard] c:\\keyboard23.exe
O4 - HKLM\..\Run: [newname] c:\\newname23.exe
O4 - HKLM\..\Run: [{11-14-4E-E2-ZN}] c:\windows\system32\dwdsregt.exe GID003
O4 - HKLM\..\Run: [pop06ap] C:\WINDOWS\pop06ap2.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\System32\mwinrqez.exe GID003
O4 - HKLM\..\Run: [uoihgeuA] C:\WINDOWS\uoihgeuA.exe
O4 - HKLM\..\Run: [sys0293145118-3] C:\WINDOWS\sys0293145118-3.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [win320818-3931451] C:\WINDOWS\win320818-3931451.exe
O4 - HKLM\..\Run: [w07f65e4.dll] RUNDLL32.EXE w07f65e4.dll,I2 0011b80b007f65e4
O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [pop06apelt] C:\WINDOWS\thiselt.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Notn] "C:\DOCUME~1\Owner\APPLIC~1\ECURIT~1\javaw.exe" -vt yazr
O4 - HKCU\..\Run: [aviric] C:\WINDOWS\System32\aviric.exe
O4 - HKCU\..\Run: [rwmz] C:\PROGRA~1\COMMON~1\rwmz\rwmzm.exe
O4 - HKCU\..\Run: [Lgvz] C:\WINDOWS\?racle\?poolsv.exe
O4 - HKCU\..\Run: [irssyncd] C:\WINDOWS\System32\irssyncd.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\RunOnce: [aviric] C:\WINDOWS\System32\aviric.exe
O4 - HKCU\..\RunOnce: [Del17404] cmd /c del C:\DOCUME~1\Owner\LOCALS~1\Temp\BundleInstall.exe
O4 - Startup: BHODemon 2.0.lnk = C:\Program Files\BHODemon 2\BHODemon.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\mwinrqez.exe
O4 - Startup: Z_Start.lnk = C:\ZIGID003.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: yrlgb.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - AppInit_DLLs: repairs303169587.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\scftpub.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\R3JlZyBOb2JibGV5\command.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\uoihgeu.exe

yeah, you are badly Hijacked - there's a whole list of stuff in there that needs to come out; reboot into SAFEMODE (http://www.pchell.com/support/safemode.shtml) and run Spybot (http://www.safer-networking.org/en/download/) and AdAware (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5), then make sure you have ALL programs closed and run CCleaner (http://www.ccleaner.com/download129.asp) (it is EXTREMELY important to get rid of ALL the TEMP files here) and boot back into normal mode and post a new Hijack this log.

you may want to read over this too: http://www.pchell.com/virus/bloodhound.shtml

I had the BraveSentry virus (+867 files of Spyware) and used SpyDoctor... the greatest program! For good results though, you've gotta get the full version. IT's expensive, so I just stole a registration key *shifty eyes* but it works!

I had the BraveSentry virus (+867 files of Spyware) and used SpyDoctor... the greatest program! For good results though, you've gotta get the full version. IT's expensive, so I just stole a registration key *shifty eyes* but it works!
not soo fast there! SpyDoctor is on the list of Rogue Spyware Programs, so BUYER BEWARE!

http://netrn.net/spywareblog/archives/2004/08/01/spy-doctor-and-spyware-doctor/
http://spywarewarrior.com/rogue_anti-spyware.htm

always RESEARCH any "free" software before you install it - there are PLENTY of EXCELLENT FREE antspyware programs out there, you should NEVER have to PAY for it :)

Well my mom did a system recovery earlier before I woke up and everything's fine now(lost some files, but I'll live).

Another way of knowing spyware's on your computer is when you can't log into message boards.

Definitely infected - can't really add anything on top of what Roby already said, but to say:

http://www.intmed.vcu.edu/inm/resources/soft/Firemonger/firefox/protection.jpg

Definitely infected - can't really add anything on top of what Roby already said, but to say:

http://www.intmed.vcu.edu/inm/resources/soft/Firemonger/firefox/protection.jpg

:brent

Yeah... unprotected gets you everytime. :p