OK Patricia let's start with what you have not old us.
What operating system?
What anti virus, and is it working now?
What firewall and is it working now?
What anti malware programs do you use, when were any of them last updated and the last scan done?

Probably the anti virus and firewall have been disabled by the Trojans or whatever has taken control of your computer. Do you have a thumb drive or other external type storage? If so you might use a different computer and download the free Avast and Malwarebytes. Be sure to stay on the free links. Then go here and download the latest Malwarebytes definitions.

Install both programs and update Malwarebytes and run them.

Hopefully you have most of your personal data backed up.

One thing you could try is to use another computer (not the infected one) to download an antivirus program that would be burned onto a CD. You would then boot from this CD, not the infected computer's hard drive. Hopefully, you could then clean the infection. You would have to download a .iso file (an image), and you'd then need software that will "burn the image", not just copy file, onto a CD. Then when you boot the infected machine, bring up the boot menu before it goes into Windows (usually by pressing F12), insert the CD and tell it to boot the CD instead of the hard drive. Then, follow instructions.

The site below is only one suggestion and I have used only one of the programs listed, which is the Antivir Rescue CD from Avira. I have Avira running on two machines and so far it has found and cleaned every virus it encountered. You could probably search and find other similar sites. If this method doesn't work for you, the alternatives I know of would be to either remove the hard drive and install it as a slave in another machine to clean it, or format the infected hard drive and reinstall Windows. Be advised my knowledge is limited, and I expect others will have useful suggestions. Good luck.

Here is a link that might be useful: Free Antivirus and Rescue CDs

pkspigs, I would suggest you not use this computer until after you have tried owbist's suggestions. For a novice, which you said you are, I'm afraid azinoh's instructions may be somewhat difficult (no criticism intended, azinoh). If, after you have done what owbist suggested, the problem is still here, wait until either ravencajun or zep get on here, and one or the other of them can give you instructions for going to a help site where they can help you clean up your computer. Don't panic! Help will be coming.

No criticism taken, grandms. However, if the OP is going to fix the problem she's going to be less of a novice at the end. That requires some learning, and there's no time like the present. In fact, I agree with the suggestions made by owbist and I was only suggesting one possible alternative. It would be helpful to have the use of another computer to fix this problem. If she can get Avast and Malwarebytes installed (might be difficult if the machine is already infected), she should run them in safe mode.

If any other novices read this, this is a perfect example of why you should have a plan in place that you know how to use to recover from this type of trouble. This is especially true if you don't have easy access to another computer. It's a lot easier to fix a problem if you already have some tools at hand, instead of having to go out and look for help with a machine that is already compromised.

this unfortunately sounds like one of the dreaded fake antivirus variants, which can be extremely invasive and difficult, lets see what we can get accomplished, hopefully it can be cleaned and not require a re-format.
please do try to get malwarebytes loaded updated and run if you can and please post the log of what it finds so we know what exactly it is we are dealing with. This should help you with how to install and use malwarebytes
How to download and install Malwarebytes' Anti-Malware application for Windows computers
follow the links on that page to the rest of the tutorial. Be sure you run the FULL scan rather than the quick scan!

If you can not do this then go to this link and post at the other forum I am at and we can try to help you step by step there. You will need to register there and then post a thread in the area I will link you to. If you need me to start the thread for you I will be happy to just let me know.
Analysis and Malware Removal

If you are able to get malwarebytes to run please post that info over at LzD in your thread.

Here are the regular directions for malwarebytes
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
* Please post contents of that file in your next reply.

Thanks for all the tips. I started the computer in "safe-mode", I then got all the icons up on the screen. I could not open malwarebytes, so I reinstalled it. I then ran malawarebytes full scan. I then had the infected files put away and then did a restart, since I could not do a go-back. everyting was normal when i did a restart. thanks again, Patricia K, in La.

what do you mean you had malwarebytes put them away did you tell it to remove them like in the directions?
I need to see the log from your malwarebytes please get the log as per the directions and post it here. I am quite sure that you are not fully clean so there is more yet to do.

I am very glad to hear that Malwarebytes was helpful to you. It would still be a good idea to make sure your antivirus software is up-to-date and use it in safe-mode to run a complete scan. Try to get in the habit of making sure your antivirus and anti-malware programs are up-to-date. Do it manually at least once a week if you can. Weekly scans is not a bad idea either.

Besides Azinoh's suggestion of running a full anti virus scan in safe mode you should also re-run Malwarebytes but NOT in safe mode. Malwarebytes is designed to run with the computer in normal mode.

Hopefully then you wil be free of all pests

Raven, I told Malawarebytes to remove the thing. I don't know how to post the log here, regards, P.K.

Owbist, I am interested in knowing why Malwarebytes should not be run in safe mode. I have done so several times and have not encountered any problems doing so. Why is this so?

Patricia K. I suspect youre not fully clean.. Please do what RC has suggested..
Head over to LS. forum we can walk you through the Log-File posting instructions.

I canÂt make you go there its always a users choice as to what they do so itÂs up to you how you proceed.

Paddy..

Azinoh, here is a thread at the Malwarebytes forum. The first reply is from the Malwarebytes team.

They do not suggest you will encounter any problem, however the best benefit is using it with Windows running normally.

Strangely there are no such recommendations either on their web site or installed with the program itself. Not even a FAQ, seems odd

I still do not understand what you all want me to do, as I said I am a complete novice with computers. Please explain what the LS forum is and how to post the latest log on malawarebytes. P.K.

Patricia, you and many others are in need of help occasionally. That is why those who offer help do so, to aid you in becoming more comfortable around your own computer. The entire concept of Gardenweb is so that those who know can help those who wish to know. Help can only be good if the person with the problems gives full details initially then takes the time to answer any questions asked or to note what happened after following any advice offered.

In my reply to your request early Thursday for help I asked 4 questions and deliberately placed each question on a separate line so each was very visible. There was a reason for this, myself and/or others might well assess the amount of damage done on your computer using the answers you have not provided.

After you reported doing a scan Friday afternoon Azinoh came back with a very valid suggestion, there has been no reply saying this has been completed successfully or otherwise.

This post is in no way intended to be harsh or to give you a bad time. It is however written to point out things you have failed to do in your quest to get the computer fixed.

As regards going to another site, that is your choice entirely.

I would suggest you see these computer problems as serious enough to back up any data you do not wish to lose. If there is a next time you may not be so lucky and may ave to wipe the drive losing everything.

Owbist: Let me see if I can answer most of your questions. Belive me, I DO appreciate your help. I am running windows Xp. I have Avast and Malwarebytes installed. I run windows firewall. I do have an external backup. I have not run into any problems since I ran it in safe mode and deleted everything with malware bytes. i don't know what else to do. Pregards, P.K.

OK. Brilliant, now we know where you are.

When you do not need the computer for a while it would be good to run a full scan of both Avast and Malwarebytes just to set your mind at ease. Be aware the Avast scan may take a long time to do.

You might consider changing away from the Windows firewall because it is only a one way firewall in XP. It stops unwanted incoming problems but anything that piggybacks in on genuine downloads can report back to it's owners and you have no control over that. Zonealarm is the most popular free one, there are others and probably just as good.

If you go for a firewall watch carefully as you install because these days so many of them carry extras like toolbars you probably do not need. It is just a case of removing a check mark to avoid having these things installed. With Zonealarm they also suggest you load some scanner, I always refuse that personally. That is because I have never tried to understand it, my current safety net seems adequate.

malwarebytes keeps a log that is what we need to see so we can tell what infection you had, even though it seems to you to be clean it is very likely still carrying parts of the infection, the type you described is hard to get rid of totally. To know what needs to be done next we need to see your malwarebytes log. Follow my directions and copy and paste the log here into your reply box.

Open your malwarebytes program along the top you will see some tabs one is called logs click that tab, there you will see the various logs that were created, click on the one from the date you ran it and cleaned the infection, click open on the bar at the bottom that will open that log in a new window, hilight every thing in that window and right click on it and choose copy then come here and in your reply box right click and choose paste that will put your log here in your reply, it is very simple to do. Another way to do it once you have the log open is to go to edit at the top of that new box and choose select all that will hilight the content of the log then right click on the blue highlighted area and choose copy, come here and right click and paste into the reply box.

Malwarebytes' Anti-Malware 1.41
Database version: 3082
Windows 5.1.2600 Service Pack 3 (Safe Mode)

11/26/2009 3:50:48 AM
mbam-log-2009-11-26 (03-50-48).txt

Scan type: Quick Scan
Objects scanned: 106513
Time elapsed: 18 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\(c9c5deaf-0a1f-4660-8279-9edfad6fefe1) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\(e4e3e0f8-cd30-4380-8ce9-b96904bdefca) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\(fe8a736f-4124-4d9c-b4b1-3b12381efabe) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\(df780f87-ff2b-4df8-92d0-73db16a1543a) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\(df780f87-ff2b-4df8-92d0-73db16a1543a) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\(df780f87-ff2b-4df8-92d0-73db16a1543a) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10331715 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\13636423 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\38017019 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\37743428 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\06495327 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54769940 (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Application Data\10331715 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\All Users\Application Data\10331715\10331715.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.Thanks Raven, I hope this is what you need, PK, in S. La.

The scan looks clean. However you only did a quick scan rather than the full one and you did it in safe mode rather than normal mode.

I did one last night in full scan and normal mode,not safe mode and all it picked up was the Active X thing. thanks for all the help. I am a complete idiot for not knowing how to do the paste thing. Thanks for everything, PK

Aww, brilliant news. Thanks for reporting back.