Posted 20 January 2010 - 12:39 PM
First let me say that I am an older engineer so not necessarily a computer whiz - so I will need instructions on how to "do" the logs. But I learn quickly! I am in charge of our home network, which includes one wired desktop and 2-3 wireless laptops (all running Windows XP). We have a (HP Home Server) network server for backup. It appears that we had a security breach - possibly due to the Java update. I have used Norton Antivirus and 360, McAfee, and Malware Bytes. I have also tried Kaspersky and GMER. Oddly, there is no virus or Malware on my computer. Now, the GMER shows some invalid registry entries under HKEY_LOCAL_MACHINE Security Policy "secrets", but I am not allowed to delete these from the registry even if I change the permissions. The main thing that I have noticed, though, is that this blasted thing has declared itself a "Default User" of my system and has full priviledges to run what it wants to. I cannot figure out a way to remove this "User" and as such I guess everything it does can hide from the virus and spyware removal programs.
Please tell me how to get that "log" you ask everyone to send. I am not sure if these machines can be fixed without reinstalling windows, and if so, how? I will have to debug all three computers, one at a time, and then debug the server. I have purchased the Norton 360 for all three machines and have purchased Malwarebytes with the protection as well, and would like advice on any case if that is "enough". I do update Windows and whichever Anti-Virus Program regularly, as well as run CCleaner. I am not sure how this thing got in here in the first place - it is my first time!
Thank you so much for your help, I have been tearing my hair out for two weeks now!!!!1