I don't know if i'm posting in the right place or not.

Last evening while doing nothing at the time, alerts and warnings started appearing on my screen and now i can't get rid of them or have the know how.

"Windows Security Alert" Windows has detected an Internet attack attempt...Somebody's trying to infect your PC with spyware or harmful viruses. Run full system scan ow to protect your PC from Internet attacks, hijacking attempts and spyware! Click here to download spyware remover for total protection.

Icons appear on the screen even after I delete them. They are: Error Cleaner (http://virusprotectionproonline.com/shandler.php?sg=1), Privacy Protector (http://virusprotectionproonline.com/shandler.php?sg=0), Spyware&malware Protection (http://virusprotectionproonline.com/shandler.php?sg=2
SPYWARE ALERT Trojan.w32.Looksky detected on your machine. This virus is distributed via the Internet through email and Active-X objects. The worm has it's owm SMTP engine which means it gathers emails from your computer and re-distributes itself. In worst cases this worm can allow attacker to access your computer, stealing passwords and personal data. This should be be removed from your system.
Type: Virus
System Affected: Windows 2000,NT, ME, XP, Vista
Security Risk (0-5): 5
Recomendations: Click Yes to remove it from your PC immediately. (Yes, No choices) and there is a red stop sign shapped flashing icon in my system tray and pops up system alerts saying system detected virus activities. I am unable to do anything with this. Does not recognize mouse commands.

I have disconnected and isolated my system from the internet and network (Laptop). I ran Norton, it didn't pick up anything. I ran Spy Sweeper, it picked up two trojans (cannot remember one but the other is Trojan-Ace-X & appears to be replicating itself).

Any suggestions anyone.

Thanks

efran

I would try Adaware 2007 and Spybot Search & Destroy. Update both those programs before using. You may need to run them from Safe Mode.

You could try a System Restore from the Start menu. I you get it working OK again set a new restore point.

Thanks for those, I will try them. System restore will not work, it starts but then i get a message saying unable to complete, so somehow it must have disabled or affected the restore program as well.

efran

YOUR COMPUTER IS INFECTED!!!!!

Download, install and update these tools and KEEP THEM!! These are all FREE tools and they will replace all of your other security programs:

Note YOU MUST Uninstall Norton, McAfee, Webroot Spysweeper, etc.

http://www.download.com/3000-2239_4...

http://www.download.com/3000-8022_4...

http://www.personalfirewall.comodo....

http://www.microsoft.com/downloads/...

Then, run a scan with AVG, Ad-Aware 2007, and Windows Defender

Thank you will try these. once i'm completed i will let you know how it went.

efran

Curious ... is your firewall up & running? If not you can make it go away (look HERE) - then get a FW!

i_Xp/VistaUser

Well I appear to have it fixed but using the above programs didn't help. thank you for the suggestions though and I can use the programs anyway. the program that help me was SDFix and can be obtained by going here: http://downloads.andymanchesta.com/...

Instructions:
Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt

Thank you everyone who offered help. Greatly appreciated.

efran

Thank You….Thank You……..Thank You…..it worked
Thanks to efran and Andy Manchesta and whoever put SDFix together
Coupla comments…it does take a little patience (about 10 minutes) I watched it on Windows Task Manager.
It seems to use several processes csrss.exe, swreg.exe, rtvdm.exe, findstr.exe, and md5file.exe and a few others.
The first several minutes it didn't have much, it any c-drive activity and then it seemed to scan the c-drive

The following is the report it put out....Tanks again

SDFix: Version 1.97

Run by Owner on Sat 08/11/2007 at 09:17 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default IE HomePage
Restoring Default Desktop Components Value

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\S.EXE - Deleted
C:\WINDOWS\SYSTEM32\IEEV32.DLL - Deleted
C:\Documents and Settings\Owner\Desktop\Error Cleaner.url - Deleted
C:\Documents and Settings\Owner\Favorites\Error Cleaner.url - Deleted
C:\Documents and Settings\Owner\Desktop\Privacy Protector.url - Deleted
C:\Documents and Settings\Owner\Favorites\Privacy Protector.url - Deleted
C:\Documents and Settings\Owner\Desktop\Spyware&Malware Protection.url - Deleted
C:\Documents and Settings\Owner\Favorites\Spyware&Malware Protection.url - Deleted
C:\WINDOWS\privacy_danger\index.htm - Deleted
C:\WINDOWS\privacy_danger\images\capt.gif - Deleted
C:\WINDOWS\privacy_danger\images\danger.jpg - Deleted
C:\WINDOWS\privacy_danger\images\down.gif - Deleted
C:\WINDOWS\privacy_danger\images\spacer.gif - Deleted
C:\WINDOWS\dat.txt - Deleted
C:\WINDOWS\duocore.dll - Deleted
C:\WINDOWS\main_uninstaller.exe - Deleted
C:\WINDOWS\wmpconf.dll - Deleted
C:\WINDOWS\wmpenv.dll - Deleted

Folder C:\WINDOWS\privacy_danger - Removed

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Disabled:backWeb-7288971"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\System Volume Information\_restore{C7E2DA4A-9F24-4171-B0F4-55B1D9D4F8A3}\RP826\A0084953.exe
C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL0005.tmp
C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL1529.tmp
C:\Documents and Settings\Owner\Application Data\Microsoft\Word\~WRL2204.tmp
C:\Documents and Settings\Owner\My Documents\Current\Archive 2 6 7\Jobs\~WRL0608.tmp
C:\Documents and Settings\Owner\My Documents\Current\E-Harmony\Tanya\~WRL3592.tmp

Finished

Hi guys, we have been working on this for a while and we try all different programs and scans with no luck at removing this spam advertising...
Thanks to efran and Andy Manchesta and whoever put SDFix together

This was the solution that solved this issue...
We are just average computerites that this was easy and effective!

We are also Very Grateful for this that product and service you have gave us!
Much relief!
Thanks
Marc & Hugh

hi everyone, i'm glad SDFix is working for everyone. i spent most of the day friday looking for a fix for this very annoying trojan and through a lot of searching i found this fix.

i think when we come to this or any other forum for help and assistance, it's equally important to share information such as this so that others such as yourself get the same benefit. everyone here does a great job in trying to provide assistance but with people out there who have no better time on their hands than to design these trojans, it's sometimes hard to have the information right at their fingertips. when i find a solution, i'm all too happy to share it with others. it's satisfying to know others benefit from it as well.

efran

Well folks, thanks to the hard work of "EFRAN" I too have been cured, so it seems. I took the URL of one of these BS sites and found your strings. Hours were wasted in attempting to solve ourselves, so to all concerned with SDfix and EFRAN, thank you so much. Thanks from an Army Soldier serving overseas in Europe!! It's essential that information is shared and that's exactly what happened! I tip my hat and toast my glass, thanks!

******PLEASE TAKE NOTE*****
IF YOU ARE USING WIRELESS OR WIRED ROUTERS, PLEASE CHECK TO ENSURE THAT THE PASSWORDS AND SETTINGS WERE NOT CHANGED AS IT IS ABLE AND DID DO THAT TO MINE. I WILL STILL ABLE TO CONNECT BUT MY SSID WAS SOMEHOW CHANGED MEANING THE PASSWORD TO LOG IN TO THE ROUTER WAS RETRIEVED BY THE TROJAN HACKERS. IN OTHER WORDS CHECK EVERYTHING AND RESECURE YOUR DEVICES. CHANGE YOU PASSWORDS. TAKE CARE EVERYONE

efran

I also got the trojan-ace-x trojan on my computer. I followed the instructions from response number 6, and it has WORKED PERFECTLY. Thank you so much!!!!!

Robin Bennett

Hi Guys,

Thanx for the help. I also solved the problem with the SDfix. BUTTT.. if you have multiple accounts on your computer, you'll have to run the fix for every account!!

Grtz Peter

Hello My name is DanicusPrime

I also have succumb to the horror show of This very annyoing aggressive Virus, I tried much to do. For the best half of three days. My computer turned itself on at night, the power generator did not go on when we had a bit of a black out, when it restarted itself, I came in the morning to find 166 IExplorer pages open on its own.

And dealing with the onslaught of the many incarnations of this virus, I was able to battle them to an extent. I just couldn't I spent well over 14 hours trying to erase this thing since Thursday. Finally the simplicty of Efran, I was able to undo the virus.

SDFix corrected the issue. Now the only problem I'm left to contend with is, the massive clean up of what this annoying virus has done to my system.

So thank you for all the help, thank you and its fellow proficient compters like Efran that really do make a difference.

SDFix: Version 1.100

Run by Owner on Sat 08/25/2007 at 09:00 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default IE HomePage
Restoring Default Desktop Components Value

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\Documents and Settings\owner\Desktop\Error Cleaner.url - Deleted
C:\Documents and Settings\owner\Favorites\Error Cleaner.url - Deleted
C:\Documents and Settings\owner\Desktop\Privacy Protector.url - Deleted
C:\Documents and Settings\owner\Favorites\Privacy Protector.url - Deleted
C:\Documents and Settings\owner\Desktop\Spyware&Malware Protection.url - Deleted
C:\Documents and Settings\owner\Favorites\Spyware&Malware Protection.url - Deleted
C:\WINDOWS\dat.txt - Deleted
C:\WINDOWS\main_uninstaller.exe - Deleted
C:\WINDOWS\wmpconf.dll - Deleted
C:\WINDOWS\wmpenv.dll - Deleted

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Disabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Disabled:AOLTsMon"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Common Files\\AOL\\1165449789\\ee\\aolservicehost.exe"="C:\\Program Files\\Common Files\\AOL\\1165449789\\ee\\aolservicehost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\NEXON\\MapleStory\\Patcher.exe"="C:\\Program Files\\NEXON\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ?? ????"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Program Files\\FrostWire\\FrostWire.exe"="C:\\Program Files\\FrostWire\\FrostWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\America Online 9.0b\\waol.exe"="C:\\Program Files\\America Online 9.0b\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\\Program Files\\NEXON\\MapleStory\\NewPatcher.exe"="C:\\Program Files\\NEXON\\MapleStory\\NewPatcher.exe:*:Enabled:Patcher MFC ?? ????"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\\Program Files\\Common Files\\AOL\\1165449789\\EE\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1165449789\\EE\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\1165449789\\EE\\AOLOpenRide.exe"="C:\\Program Files\\Common Files\\AOL\\1165449789\\EE\\AOLOpenRide.exe:*:Enabled:AOL OpenRide"
"C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"="C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\1165449789\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1165449789\\EE\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\Program Files\America Online 9.0\aolphx.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\America Online 9.0\RBM.exe
C:\i386\69FC9D0560.sys
C:\i386\KGyGaAvL.sys
C:\WINDOWS\windllreg1c.sys
C:\WINDOWS\system32\69FC9D0560.sys
C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

Hey,

This message is probably a little late to help anyone who has already posted, but I thought I'd give my input if it helps. Maybe if someone reads this and doesn't have SDFix, This way worked for me and is pretty simple.
I had this exact attack on my computer a few days ago. I made no progress getting rid of it while the computer was in normal mode, so I started the computer in safe mode and ran Adaware and Spybot Search and Destroy. I think someone else in this forum mentioned doing that. They found all of the files that infected my computer. I also ran Norton Anti-virus (just because that's what I have and wanted to be safe.) Then I turned off the computer and re-started in safe mode again, but this time when it gave the option of continuing work in safe mode(which requires you to click yes), or doing a system restore (which requires you to click no), I clicked no. That allowed me to do system restore in safe mode. After all was done, I started my computer in normal mode and everything was working properly. No more icons, warning messages, or slowdowns. It was all gone. I did notice that the names of these icons were added to my favorites list. I just deleted them. Hopefully this can help someone.

Used SDFix but the red screen returned after a few hours. I returned to Andy's site and downloaded and ran SmitFraudFix. It found an infected video codec that was apparently missed the first time around.

*** kevcarter in Response #15 gave FANTASTIC advice!!!! ***

My PC was also plagued with the RED screen from Adware.Agent.BN which was constantly trying to get Explorer.exe to write to the registry (that was what Spyware Doctor told me). I was also getting fake on-screen messages about WORM.WIN32.NETSKY telling me to download a fix.

I spent $39 on Spyware Doctor and ran it. It deleted the offending items mentioned above, but they did they came back! My up-to-date free Spybot Search and Destroy also deleted the offending items but they came back again! My up-to-date Ad-aware did not find anything.

Finally, I came across kevcarter's advice in this forum and ran both Ad-aware and Spybot in Safe mode. Spybot found nothing, but Ad-aware found the offending malware and deleted it.

I left Safe Mode and have since re-booted my PC into regular mode twice and have experienced none of the malware that afflicted my PC previously.

I certainly recommend kevcarter's approach since it used readily available and known software. (( Just be certain that you have the latest versions and updates for Ad-aware and Spybot Search and Destroy.))

*** Thank you, kevcarter!!! ***

Jeffrey H. Wasserman

I battled with the same problem for over a week to no avail. Thanks to ThumbsUp2 who gave me this link and recommended that I try the #6 fix response.

Thanks to efran's very clear instructions it went like a dream and within one half hour, I was clear. Thanks to andymanchesta.com/... for developing this fix, and for all the others for the varying suggestions.

Two hours after I wrote Response #17, the Adware.Agent.BN malware came back.

I ran Spybot, Spyware Doctor, and Ad-Aware and each said there were no problems although the malware remained present on the screen. I also ran some of them in Safe Mode. No success.

I then followed instructions I found elsewhere on the Intenet and ran SmitFraudFix.exe in Safe Mode. That removed the malware.

It has been 36 hours since I did that and the malware has not returned. I have re-booted at least six times and run the above scanners again (including AVG) and the malware is no longer present.

-Jeff

Thanks efran I ran your SDfix post and it worked, no more pop ups or icons on the desktop. BUT, my internet explorer still opens to the security page but unable to connect server not found. Any advice to get it back normal?

I've cleverly disguised myself as a responsible adult...