That's good to hear. We've got some stragglers to clear with OTL. Then we will do a scan for any residual malware files. Then it will be time to get an anti virus on the system and see if we can get Windows to update to SP3. These are very important. If we don't get a antivirus on the system your mom will be left wide open to this type of thing in the future. The antivirus I will have you install is very compatable with XP and uses fewer system resources than any other AV.
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.
[2013/03/09 08:41:57 | 000,023,360 | ---- | C] (IObit) -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2013/03/09 08:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2013/03/09 08:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2013/03/09 08:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013/04/02 15:01:00 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
2. Please re-open on your desktop. To do that:
- XP users: Double click the icon.
4. Click the button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
Before you complete Steps 2 and 3 I want you to disable any screen saver you have running.
Please download Malwarebytes' Anti-Malware from Here or Here
Once downloaded, close all programs and browsers on your computer.
Double Click the mbam-setup.exe file to install the application.
- When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings.
- When the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan.
- As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.
NOTE: When the program loads, Decline the Malwarebytes' Anti-Malware Trial (You can activate this when we've finished, if you so wish)
- On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer.
- MBAM will now start scanning your computer for malware. This process can take quite a while, so I suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.
- When the scan is finished a message box will appear as shown in the image below.
You should click on the OK button to close the message box and continue with the removal process.
- You will now be back at the main Scanner screen. At this point you should click on the Show Results button.
- A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.
- Make sure that everything is checked EXCEPT items in System Restore, and click Remove Selected.<---Very Important
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
I would suggest that you keep this antimalware program. Run a Quick Scan frequently and a Full Scan every week or so. Update the definition files before running a scan. Click the Update tab and update from there.
Run ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
- Please go here then click on:
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
- When prompted allow the Add-On/Active X to install.
- Uncheck the box beside Remove Found Threats
- Make sure that the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on:
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically. The scan may take several hours.
- Wait for the scan to finish. Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
- If No Threats Were Found:
- Put a checkmark in "Uninstall application on close"
- Close the program
- Report to me that nothing was found
- If Threats Were Found:
- Click on "list of threats found"
- Click on "export to text file" and save it to the desktop as ESET SCAN.txt
- Click on Back
- Put a checkmark in "Uninstall application on close" (Be sure you have saved the file first)
- Click on Finish
- Close the program
- Copy and paste the report here
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The OTL fixes log
2. The MalwareBytes log
3. The ESET scan log (IF it found anything). If it didn't just tell me.