Author Topic: Sick PC - started with XP Total Security 2011 (Read 2647 times)

guestolo · « **Reply #20 on:** May 14, 2011, 05:05:25 PM »

Hi Dale, I see your checking out the Recommended Spyware/malware Removal and preventive tools topic

Go with One of the free ones at the top
Avira or Avast would probably use the least resources
But Microsoft Security Essentials is also very good

Go with only one
Post back and let me know how things are running with it installed
When you find the one your happiest with, could you run another quick scan with OTL and post the new log
We'll just do some final steps

Dale · « **Reply #21 on:** May 14, 2011, 05:58:45 PM »

I choose Avast. Seems cool. It offered to run OTL in a sandbox, which I did not do. :-)

The PC seems okay to me. Pretty good in fact.

Here's the log.

Dale

OTL logfile created on: 5/14/2011 5:47:51 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Nanette\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 150.00 Mb Available Physical Memory | 29.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.86 Gb Total Space | 14.02 Gb Free Space | 19.79% Space Free | Partition Type: NTFS

Computer Name: UPSTAIRSPC | User Name: Nanette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/12 19:23:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/30 10:35:48 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/09/14 08:56:06 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
PRC - [2006/09/07 11:05:16 | 000,102,400 | ---- | M] (GE Security Supra) -- C:\Program Files\GE Security Supra\SyncInfoApp.exe
PRC - [2006/09/07 11:05:16 | 000,053,248 | ---- | M] (GE Security Supra) -- c:\Program Files\GE Security Supra\SyncService.exe
PRC - [2006/09/07 11:05:16 | 000,011,776 | ---- | M] (GE Security Supra) -- C:\Program Files\GE Security Supra\ProxyDaemon.exe
PRC - [2005/11/16 11:34:28 | 000,073,216 | ---- | M] () -- C:\SSL\stunnel-4.10.exe
PRC - [2004/06/30 14:33:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

========== Modules (SafeList) ==========

MOD - [2011/05/12 19:23:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
MOD - [2011/05/10 07:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/09/14 08:56:06 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2006/09/07 11:05:16 | 000,053,248 | ---- | M] (GE Security Supra) [Auto | Running] -- c:\Program Files\GE Security Supra\SyncService.exe -- (DkeySync)

========== Driver Services (SafeList) ==========

DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 07:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/18 22:17:10 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/09/07 11:00:18 | 000,089,808 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\slabser.sys -- (slabser)
DRV - [2006/09/07 11:00:18 | 000,055,312 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\slabbus.sys -- (slabbus) DisplayKEY USB Cradle driver (WDM)
DRV - [2005/01/05 15:57:14 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2004/04/26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [1997/06/17 05:00:00 | 000,004,064 | ---- | M] (Adobe Systems Incorporated) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ATMHELPR.SYS -- (ATMhelpr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15083&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-offrhap&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-offrhap"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-offrhap"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.selectedEngineInDialog: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?o=15083&l=dis"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4d580135&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/14 17:18:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/10 19:04:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/13 21:28:55 | 000,000,000 | ---D | M]

[2008/06/28 18:40:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Extensions
[2011/05/13 21:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Firefox\Profiles\d545nfm7.Default User\extensions
[2010/09/18 09:00:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Firefox\Profiles\d545nfm7.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2005/01/08 14:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Firefox\Profiles\t4mpejxp.default\extensions
[2005/01/08 14:00:51 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Firefox\Profiles\t4mpejxp.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/05/13 19:03:45 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Firefox\Profiles\d545nfm7.Default User\searchplugins\askcom.xml
[2011/05/13 21:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/13 21:29:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2008/05/08 07:13:27 | 000,000,000 | ---D | M] (Zumie Search) -- C:\Program Files\Mozilla Firefox\extensions\{D7FEF78F-AFAA-4F9C-A2F7-4706F5F1E1DB}
[2011/05/13 21:28:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/05/13 21:28:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/04/27 17:31:10 | 000,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll
[2009/05/22 13:16:18 | 000,196,608 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npxsciter.dll

O1 HOSTS File: ([2011/05/14 11:04:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DisplayKEY eSYNC Info.lnk = C:\Program Files\GE Security Supra\SyncInfoApp.exe (GE Security Supra)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} http://tmss.trendmicro.com/Dashboard/controls/activex_11/en-US/TMSSReportW.CAB (Trend Micro Security Services Control)
O16 - DPF: {4A0106B5-AC06-4385-8005-2BD46BA7AA1D} http://vu.realbiz360.com/js/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {81CAFF02-900E-43A1-A10D-2CC8092403C5} http://vu.realbiz360.com/js/WebLaunch.cab (WebLaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {B23146AD-BB71-41CB-8C4F-CFB2A29C5591} http://vu.realbiz360.com/js/RBAssetManager.cab (RBAssetManager Control)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Nanette\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nanette\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 17:25:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/05/14 17:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Remote Control USB Driver
[2011/05/14 17:19:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/14 17:19:23 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/14 17:19:23 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/14 17:19:17 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/14 17:19:17 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/14 17:19:16 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/14 17:19:14 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/14 17:19:14 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/14 17:19:13 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/14 17:18:38 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/14 17:18:37 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/14 17:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/14 17:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/14 10:46:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/14 10:42:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/14 10:42:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/14 10:42:04 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/14 10:42:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/14 10:41:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/14 10:41:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/14 10:23:12 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Nanette\Desktop\HijackThis.exe
[2011/05/14 06:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\Desktop\Dial-a-fix-v0.60.0.24
[2011/05/13 21:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/05/13 21:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/05/13 20:37:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/12 19:23:05 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
[2011/05/11 19:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\Start Menu\Programs\HiJackThis
[2011/05/10 20:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/10 20:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/05/10 20:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/05/10 19:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/04/15 18:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\Application Data\Unity
[2011/04/15 17:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nanette\Local Settings\Application Data\Unity

========== Files - Modified Within 30 Days ==========

[2011/05/14 17:19:24 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/14 17:19:15 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/14 17:17:13 | 056,923,744 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\setup_av_free.exe
[2011/05/14 15:06:41 | 000,050,280 | ---- | M] () -- C:\Documents and Settings\Nanette\Application Data\wklnhst.dat
[2011/05/14 14:42:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/14 14:19:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/14 14:19:55 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/14 11:04:29 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/05/14 10:46:08 | 000,000,327 | RHS- | M] () -- C:\BOOT.INI
[2011/05/14 10:40:13 | 004,347,991 | R--- | M] () -- C:\Documents and Settings\Nanette\Desktop\ComboFix.exe
[2011/05/14 10:23:13 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Nanette\Desktop\HijackThis.exe
[2011/05/14 06:27:10 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/05/14 06:27:10 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/05/13 18:00:59 | 114,951,913 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[2011/05/12 19:23:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nanette\Desktop\OTL.exe
[2011/05/11 19:47:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/10 20:10:05 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/05/10 19:19:09 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/10 07:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/10 07:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/10 07:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/10 07:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/10 06:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/04 20:24:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/03 17:13:59 | 000,007,244 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\RE_ 4202 Briar Ridge Repair Amendment.zip
[2011/04/21 06:37:57 | 000,069,644 | ---- | M] () -- C:\Documents and Settings\Nanette\Desktop\RedFive.zip
[2011/04/15 07:34:07 | 000,393,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 21:25:28 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/04/14 21:25:28 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT

========== Files Created - No Company Name ==========

[2011/05/14 17:19:24 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/14 17:14:52 | 056,923,744 | ---- | C] () -- C:\Documents and Settings\Nanette\Desktop\setup_av_free.exe
[2011/05/14 10:46:08 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/14 10:46:04 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/14 10:42:04 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/14 10:42:04 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/14 10:42:04 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/14 10:42:04 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/14 10:42:04 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/14 10:40:08 | 004,347,991 | R--- | C] () -- C:\Documents and Settings\Nanette\Desktop\ComboFix.exe
[2011/05/13 21:14:44 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/05/11 19:57:38 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/10 20:10:05 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/05/10 19:30:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/10 19:19:09 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/03 17:13:50 | 000,007,244 | ---- | C] () -- C:\Documents and Settings\Nanette\Desktop\RE_ 4202 Briar Ridge Repair Amendment.zip
[2010/04/23 15:51:31 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/02/25 12:27:43 | 000,000,026 | ---- | C] () -- C:\WINDOWS\RBASSE~1.INI
[2009/09/02 15:44:03 | 000,695,602 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2009/09/02 15:44:03 | 000,018,036 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2009/01/15 22:58:39 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\Zlib.dll
[2009/01/15 22:58:33 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\ZFExt.dll
[2009/01/04 22:13:14 | 000,561,152 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2008/10/28 20:53:38 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2007/09/12 10:16:54 | 000,332,536 | ---- | C] () -- C:\WINDOWS\My Reward Board Uninstaller.exe
[2007/07/13 14:57:58 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2007/07/13 14:57:58 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2007/02/28 13:32:53 | 000,000,089 | ---- | C] () -- C:\WINDOWS\PhotoJam3.ini
[2007/02/23 16:49:38 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/02/23 16:49:38 | 000,000,177 | ---- | C] () -- C:\WINDOWS\kpcms.ini
[2007/02/23 16:49:36 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2007/02/23 16:49:36 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2007/02/23 16:47:24 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2007/02/23 16:47:24 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2007/02/23 16:47:02 | 000,014,642 | ---- | C] () -- C:\WINDOWS\HPSETUP.INI
[2007/02/23 16:43:42 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2006/12/19 16:34:30 | 000,003,127 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/03 17:49:04 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/08/20 17:17:32 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/08/09 15:14:00 | 000,001,091 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/08/09 15:10:15 | 000,001,694 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2006/07/14 08:48:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Nanette\Local Settings\Application Data\fusioncache.dat
[2005/12/17 19:41:39 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/09/04 18:04:03 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Nanette\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/28 11:20:17 | 000,000,611 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/07/12 19:37:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2005/07/12 19:36:54 | 000,000,916 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2005/06/22 21:04:55 | 000,005,550 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/05/29 12:53:45 | 004,417,584 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2005/05/29 12:53:45 | 000,680,955 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll
[2005/05/29 12:53:45 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dvrms.dll
[2005/05/29 12:53:45 | 000,104,612 | ---- | C] () -- C:\WINDOWS\System32\TomcatShellEx.dll
[2005/05/29 12:53:44 | 000,936,448 | ---- | C] () -- C:\WINDOWS\System32\FFMpeg.dll
[2005/05/03 18:14:23 | 000,000,076 | ---- | C] () -- C:\WINDOWS\ariel_ss.ini
[2005/03/29 00:58:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/03/29 00:58:10 | 000,847,872 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/02/18 10:29:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/01/30 12:47:22 | 000,050,280 | ---- | C] () -- C:\Documents and Settings\Nanette\Application Data\wklnhst.dat
[2005/01/14 17:42:55 | 000,003,106 | ---- | C] () -- C:\WINDOWS\disney.ini
[2005/01/08 14:00:46 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/01/08 14:00:21 | 000,004,687 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/01/05 16:00:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/05 15:55:55 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/01/05 15:51:56 | 000,000,238 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/01/05 15:46:04 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/05 15:33:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2005/01/05 15:32:58 | 000,442,466 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2005/01/05 15:32:58 | 000,071,732 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2005/01/05 15:10:52 | 000,000,519 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 23:03:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:08:08 | 000,393,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:02:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 11:08:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2004/08/10 11:08:26 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\SECUPD.DAT
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2004/07/19 17:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SETPWRCG.EXE
[2002/12/23 12:05:36 | 000,245,760 | ---- | C] () -- C:\WINDOWS\Mode11Player.Dll
[2002/11/22 10:50:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\Mode11PlayerExe.exe
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/05/14 17:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/14 10:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/02/13 11:05:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007/12/09 21:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2007/10/15 21:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2011/02/13 10:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/09/02 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySpell
[2007/02/28 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\shockwave.com
[2011/02/13 10:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/09/26 18:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2005/12/17 19:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\acccore
[2011/02/13 11:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\AVG10
[2010/02/08 13:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\FidelityAgent
[2005/05/03 18:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\Leadertech
[2010/08/23 19:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\LEGO Company
[2007/12/06 22:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\Opera
[2006/07/14 08:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\Picaboo
[2007/02/06 15:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\Shockwave.com
[2011/04/15 18:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\Unity
[2008/02/14 22:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\Walgreens

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

guestolo · « **Reply #22 on:** May 14, 2011, 10:43:47 PM »

Please go to START>>RUN>>copy/paste the next command in bold, then hit OK

combofix /uninstall

This will uninstall ComboFix and it's components

I noticed you still have an old copy of SpywareBlaster, can we uninstall it, then update it in a bit
Open SpywareBlaster, you should find it's shortcut on Desktop or in START>>All Programs>>SpywareBlaster folder, or in the C:\Programs Files\SpywareBlaster folder, when it loads, under the main window, Disable All Protections
After you have them disabled
Close spywareblaster and uninstall it from Add and Remove programs

Double click on OTL.exe and Run it

Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
Quote
:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?o=15083&l=dis"
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4d580135&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="
[2011/05/13 19:03:45 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\Nanette\Application Data\Mozilla\Firefox\Profiles\d545nfm7.Default User\searchplugins\askcom.xml
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
[2011/05/14 10:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/02/13 11:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nanette\Application Data\AVG10
:Commands
[EmptyTemp]
Then click the [color="#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered

On startup, Allow OTL to run if prompted
A log should open, you can just close it out

You may want to add the updated version of
SpywareBlaster by JavaCool
At the link continue with
Free Download on the right>>Continue Download at next page
Choose a location to download and save the installer to desktop
Run the installer
Select Manual updating when installing
After installation, Check for updates
After updating, select "Protection Status" on the Left
Then select "Enable all Protection"
IMPORTANT>>"Check for updates monthly"
after every update just simply click the "enable protection on all unprotected items"
or again, click on Protection Startus>>enable all protection

If everything is still running well, open OTL.exe and click on the CLEANUP button
This will remove OTL.exe, reboot when prompted

You may want to set Avast to run a scheduled scan weekly, and ensure to register it, it's free to register
If unsure how to set weekly scan, post back and let me know please

Dale · « **Reply #23 on:** May 15, 2011, 07:58:34 AM »

I think this PC is good to go. I did everything you mentioned above including scheduling a weekly scan.

I will encourage Nanette to update Spyware Blaster monthly, but that's about all I can do. Maybe I'll get her to upgrade it so it will update itself.

Frankly, I'm going to encourage her to just buy a new PC. If nothing else, I do not know how much longer her hard drive will go without a malfunction. If it dies, I suspect all her data will be gone too. I do not think she backs anything up.

I sure appreciate all the help you gave me on this.

Thank you very much,
Dale

guestolo · « **Reply #24 on:** May 15, 2011, 09:53:53 AM »

sounds good, the free version of SpywareBlaster should do, even if you can get her to update it every couple months
Every little bit helps

I'll lock this topic as your problems appear resolved
Take care

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

TheTechGuide Forum

News:

Author Topic: Sick PC - started with XP Total Security 2011 (Read 2647 times)

guestolo

Sick PC - started with XP Total Security 2011

Dale

Sick PC - started with XP Total Security 2011

guestolo

Sick PC - started with XP Total Security 2011

Dale

Sick PC - started with XP Total Security 2011

guestolo

Sick PC - started with XP Total Security 2011