Well, I have somethign that I cannot get rid of. It started early this week.

This crap takes control of the PC pretty well, and even the GREAT load of McAfee has not cleared it. (I do see that that cleared some other crap, Thanks!)

here are a couple of shots of what I see all the time....

http://thumbnails2.imagebam.com/2400/e43f2523999622.gif (http://www.imagebam.com/image/e43f2523999622)
http://thumbnails11.imagebam.com/2400/fab6be23998807.gif (http://www.imagebam.com/image/fab6be23998807) http://thumbnails.imagebam.com/2400/597dad23998811.gif (http://www.imagebam.com/image/597dad23998811)


Also, the Link that comes up to clean this crap is (the pic of Yahoo, with the red Warning)..

http://antivirusxppro2009.com/cgi-bin/download.pl?code=49

I have not clicked on the link, as I have no doubt it is part of the problem.

Has anyone seen this?

Go to your main drive program files and look for a folder like avxp09 or something written like that. It is spyware installed on the computer. If you can find the folder just delete it and reboot. The reason McAfee doesnt find it is because it makes it act like another scanner that isnt a threat. Let me know what you find. If you cant find it just go to task manager and on processes you will find it in there what it is running as.

Thanks for the tips, I could not find any files or folders with that name or anything close. I am still doing a search.

My Task Manager has been disabled.

Any other possible ideas?

Thanks

Possible - ?

Web Guardian-

File Name: ntdll64.dll
Display Name: WEB Guardian
Description: Not Available
Publisher: Not Available
Digitally Signed By: NOT SIGNED
File Type: Application Extension
File Path: C:\WINDOWS\TEMP\ntdll64.dll
File Size: 51712
File Version: Not Available
Date Installed: 01/15/2009 5:24:38 PM
Classification: Not yet classified
Ships with Operating System: No
SpyNet Voting: Not Available
LSP Type: Transport Provider
GUID: {6DBCA3F0-ACCF-4F0E-8998-F976BB4FA56D}

and

WEB Guardian over [MSAFD Tcpip [TCP/IP]]
File Name: ntdll64.dll
Display Name: WEB Guardian over [MSAFD Tcpip [TCP/IP]]
Description: Not Available
Publisher: Not Available
Digitally Signed By: NOT SIGNED
File Type: Application Extension
File Path: C:\WINDOWS\TEMP\ntdll64.dll
File Size: 51712
File Version: Not Available
Date Installed: 01/15/2009 5:24:38 PM
Classification: Not yet classified
Ships with Operating System: No
SpyNet Voting: Not Available
LSP Type: Transport Provider
GUID: {3F16C1F0-292D-4E24-858A-E28FE65BA789}

The only other option is stopzilla. Download the free scan and see what it comes up with.

You can run this program works great plus it is updated daily.

http://www.malwarebytes.org/mbam.php

Yes the malwarebytes program is very good - Jackie-0 often has to remove spyware from her clients' PC's and that program is the first one she recommended to me when I recently had issues on my PC at home. It found & removed a lot that other programs I tried did not.

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Have you had any success solving your problem?? Well it sounds like your computer somehow got hijacked by a rogue antispyware program. You will have to do some work to get rid of this thing. You should download and run the program HijackThis from the above link. HijackThis examines certain key areas of the Registry and Hard Drive and lists their contents. These are areas which are used by both legitimate programmers and hijackers. Some items are perfectly fine. You should not remove them. Never remove everything. Doing that could leave you with missing items needed to run legitimate programs and add-ins. HijackThis will quickly scan your system.The results of the HijackThis scan, should be saved in Notepad.
Once you have done this go to one of the FORUMs listed below and follow their instructions. It’s very important to post as much information as possible, and not just your HJT log. This will increase your chances of receiving a timley reply. The people who will read your HJT log and help you are volunteers and have extensive experience doing this kind of thing. Please, do not post your log to more than one forum at a time. Do not get discouraged if they don't responed quickly. I hope this helps.

http://forums.techguy.org/54-malware-removal-hijackthis-logs/
http://spywarewarrior.com/viewforum.php?f=5

I use Avast in conjunction with Ad-Aware, but the paid Pro version of Avast. It's found some stuff in the past that other scanners I had didn't.

Install Avast, schedule a boot-time scan, and reboot. It should grab the pesky little file, since it won't be running it's trickery yet.