grandms that link there on the avast site links to the cnet download page if you put your cursor over the download button you can see at the bottom of the screen the cnet address. I bet what is happening when you click on the big download now arrow on that cnet download page, it sends you to another page where the actual download file pops up in a pop up box my guess is you have the pop up blocked and are not seeing it, you firefox or IE should show you a bar at the top saying you need to click there to allow the box. Since you are not seeing that pop up all you are seeing is the link for the pay version. Is your download blocked? if you have that blocked then you probably will not get the one from mikies link either. another site you can try from is major geeks just click on one of the download locations Avast! Free Edition 5.1.889

I would advise you to run an additional scan below: if you have time.. as a double check.. Use the Kaspersky Lab Online Scanner download from here click Here In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.  Click on SCAN NOW]  Click Accept.  The program will then begin downloading the latest definition files.  Once the files have been downloaded locate the Scan Settings and have it scan My Computer.  The scan will take a while, so be patient and let it finish. When the scan is done, in the Scan is complete window, any infection is displayed. There is no option to clean/disinfect. It's just a check to see if any infection is there if there is we can send you to another forum. To obtain the report: Click on: Save Report As  Next, in the Save as prompt, Save in area, select: Desktop.  In the File name area use KScan, or something similar.  In Save as type: click the drop arrow and select: Text file [*.txt]  Then, click: ]Save /Kas-Savetxt.gif[/IMG] Copy and paste the Kaspersky Online Scanner Report in your next reply. Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%. __________________ .

This is the second Malwarebytes scan after I removed everything I could from the first scan results. Malwarebytes' Anti-Malware 1.35 Database version: 1939 Windows 5.1.2600 Service Pack 3 04/03/2009 11:04:36 PM mbam-log-2009-04-03 (23-04-36).txt Scan type: Full Scan (C:\:) Objects scanned: 119355 Time elapsed: 47 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 15 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 8 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpi32 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\acpi32 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netsik (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netsik (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nicsk32 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nicsk32 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i386si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i386si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fips32cup (Rootkit.Agent) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\_restore"415790D9-BB81-41AF-9469-EEC2DB43FA43>\RP997\A0179839.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\acpi32.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\amd64si.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\netsik.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\nicsk32.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\fips32cup.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\i386si.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\ati64si.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Mikie, you're right...something was going on. I ran Malwarebytes this evening and came up with the following log. Malwarebytes' Anti-Malware 1.36 Database version: 2112 Windows 5.1.2600 Service Pack 3 05/11/2009 8:57:48 PM mbam-log-2009-05-11 (20-57-48).txt Scan type: Full Scan (C:\:) Objects scanned: 130796 Time elapsed: 38 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\securentm (Rootkit.Agent) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I ran it again after quarantining and got this one. I had a terrible virus a few weeks ago and Landzdown helped me clear it up. Does this last log mean I'm ok? I wonder why AVG didn't find it? Malwarebytes' Anti-Malware 1.36 Database version: 2112 Windows 5.1.2600 Service Pack 3 05/11/2009 9:52:46 PM mbam-log-2009-05-11 (21-52-46).txt Scan type: Full Scan (C:\:) Objects scanned: 130145 Time elapsed: 34 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)