[NeonFx]

Did it find anything? Sometimes when it doesn't find anything it won't give you a report. Try clicking on the "Scan" button on the left hand side and then click on the "Report" button again.

[mom4jdc]

Errrgg...
This is what it is saying on the Scan page:

Scan statistics


Objects scanned: 99538




Threats found: 5




Infected objects found: 8




Suspicious objects found: 0




Scan duration: 07:18:46










Scan beginning

Scanning in progress (99%)


Select the area for scanning in the Scan section of the left window part.
Last start: 08.35.2009 08:11:468 Status: completed successfully

Please wait, scanning can take some time depending upon the size of the area to scan. You can continue work with other browser windows.

Scanning: Path:

Configure | View report | Stop scanning

But now, when I click "View Report" I get a blank box and all of the icons on that page have been replaced by red Xs.

From what I remember on the report page, it seems like 3 of the things that were found were in OTS folders. The first thing was a Trojan, maybe?

I could just try running it again.

[NeonFx]

I'd rather do something different. There's an offline version of the Kaspersky scan that we could use. I just want to make they're nothing serious leftover on your system.

Please click here to download AVP Tool by Kaspersky.

• Save it to your desktop.
• Reboot your computer into SafeMode.
  

  You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
  Use your up arrow key to highlight SafeMode then hit enter.

• Double click the setup file to run it.
• Click Next to continue.
• It will by default install it to your desktop folder.Click Next.
• Hit ok at the prompt for scanning in Safe Mode.
• It will then open a box There will be a tab that says Automatic scan.
• Under Automatic scan make sure these are checked.

• System Memory
• Startup Objects
• Disk Boot Sectors.
• My Computer.
• Also any other drives (Removable that you may have)

After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.

• Then click on Scan at the to right hand Corner.
• It will automatically Neutralize any objects found.
• If some objects are left un-neutralized then click the button that says Neutralize all
• If it says it cannot be Neutralized then chooose The delete option when prompted.
• If you get the red boxes in the bottom right you will want to select on "Do this for All Items" and click on "Disinfect". Then Delete any items it cannot Disinfect.
• After that is done click on the reports button at the bottom and save it to file name it Kas.
• Save it somewhere convenient like your desktop and post the results in your next reply.
  
  

  Note: This tool will self uninstall when you close it so please save the log before closing it.

[mom4jdc]

Okay....will this one take as long as the online version?

[NeonFx]

It should be faster.

[mom4jdc]

Okay, I know that you are tired of me and my computer. Sorry, I have another ridiculous problem here. My computer will not give me the safe menu. I have tried F8, F2 (which is the setup menu) and F12 (the Boot menu). The computer stutters and then goes right on to the Windows xp load screen then the user screen.

I don't know why it won't do things the right way.

I also wanted to mention that I have a problem with the techguy site in that when I login with IE I do not stay logged in. Once it goes past the "logging in" screen it drops my login.

[NeonFx]

I'm not tired of you :P You have to continuously tap the F8 key until the menu comes up. If you still have trouble go ahead and run everything in Normal Mode. Just make sure you disable your security programs and that you reboot after you're done.

[mom4jdc]

Autoscan: completed 20 minutes ago (events: 70, objects: 181038, time: 03:07:38)
11/25/2009 7:26:23 PM Task started
11/25/2009 8:26:07 PM Detected Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall\Quarantine\pwcm.exe.bac_a01876/CryptFF.b/PE_Patch.PECompact/PecBundle/PECompact
11/25/2009 8:26:08 PM Untreated Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall\Quarantine\pwcm.exe.bac_a01876/CryptFF.b/PE_Patch.PECompact/PecBundle/PECompact Postponed
11/25/2009 8:28:40 PM Detected Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-21f197c7-770dcb46.class.bac_a03532/CryptFF.b
11/25/2009 8:28:40 PM Untreated Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-21f197c7-770dcb46.class.bac_a03532/CryptFF.b Postponed
11/25/2009 8:28:41 PM Detected Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-3f292f4b-539df284.class.bac_a03532/CryptFF.b
11/25/2009 8:28:41 PM Untreated Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-3f292f4b-539df284.class.bac_a03532/CryptFF.b Postponed
11/25/2009 8:28:45 PM Detected Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\pwcm.exe.bac_a01876/CryptFF.b/PE_Patch.PECompact/PecBundle/PECompact
11/25/2009 8:28:45 PM Untreated Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\pwcm.exe.bac_a01876/CryptFF.b/PE_Patch.PECompact/PecBundle/PECompact Postponed
11/25/2009 10:26:59 PM Detected Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\dayesaro.dll
11/25/2009 10:26:59 PM Detected Trojans Trojan.Win32.Monderb.bgoo High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\vowayore.dll
11/25/2009 10:27:00 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\bawawaza.dll
11/25/2009 10:27:00 PM Untreated Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\dayesaro.dll Postponed
11/25/2009 10:27:00 PM Untreated Trojans Trojan.Win32.Monderb.bgoo High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\vowayore.dll Postponed
11/25/2009 10:27:00 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\bawawaza.dll Postponed
11/25/2009 10:27:02 PM Detected Trojans Trojan.Win32.Monderb.bgqu High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\zifirobo.dll
11/25/2009 10:27:02 PM Untreated Trojans Trojan.Win32.Monderb.bgqu High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\zifirobo.dll Postponed
11/25/2009 10:27:02 PM Detected Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\yimaheri.dll
11/25/2009 10:27:02 PM Untreated Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\yimaheri.dll Postponed
11/25/2009 10:27:06 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\hekeyapi.dll
11/25/2009 10:27:06 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\kasiyebo.dll
11/25/2009 10:27:06 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\hekeyapi.dll Postponed
11/25/2009 10:27:06 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\kasiyebo.dll Postponed
11/25/2009 10:27:07 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\gokisoso.dll
11/25/2009 10:27:07 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\gokisoso.dll Postponed
11/25/2009 10:27:09 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\mirajehi.dll
11/25/2009 10:27:09 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\mirajehi.dll Postponed
11/25/2009 10:27:11 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\nutuhunu.dll
11/25/2009 10:27:11 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\nutuhunu.dll Postponed
11/25/2009 10:27:11 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\tegareto.dll
11/25/2009 10:27:11 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\tegareto.dll Postponed
11/25/2009 10:27:13 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\tupabezu.dll
11/25/2009 10:27:13 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\tupabezu.dll Postponed
11/25/2009 10:27:13 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\watusero.dll
11/25/2009 10:27:13 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\watusero.dll Postponed
11/25/2009 10:27:14 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\yuniyuzi.dll
11/25/2009 10:27:14 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\yuniyuzi.dll Postponed
11/25/2009 10:27:15 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_214154\C_WINDOWS\SYSTEM32\kasiyebo.dll
11/25/2009 10:27:15 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_214154\C_WINDOWS\SYSTEM32\kasiyebo.dll Postponed
11/25/2009 10:27:15 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_214154\C_WINDOWS\SYSTEM32\zuragiwu.dll
11/25/2009 10:27:15 PM Untreated Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_214154\C_WINDOWS\SYSTEM32\zuragiwu.dll Postponed
11/25/2009 10:27:19 PM Detected Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-21f197c7-770dcb46.class.bac_a03532/CryptFF.b
11/25/2009 10:33:17 PM Deleted Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-21f197c7-770dcb46.class.bac_a03532
11/25/2009 10:33:18 PM Detected Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-3f292f4b-539df284.class.bac_a03532/CryptFF.b
11/25/2009 10:33:20 PM Deleted Trojans Exploit.Java.Gimsh.a High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\java.class-3f292f4b-539df284.class.bac_a03532
11/25/2009 10:33:22 PM Detected Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\pwcm.exe.bac_a01876/CryptFF.b/PE_Patch.PECompact/PecBundle/PECompact
11/25/2009 10:33:25 PM Deleted Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall6.6\Quarantine\pwcm.exe.bac_a01876
11/25/2009 10:33:25 PM Detected Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall\Quarantine\pwcm.exe.bac_a01876/CryptFF.b/PE_Patch.PECompact/PecBundle/PECompact
11/25/2009 10:33:26 PM Deleted Trojans Trojan-Downloader.Win32.Lastad.p High Exact C:\Documents and Settings\Mom and Dad\.housecall\Quarantine\pwcm.exe.bac_a01876
11/25/2009 10:33:27 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\bawawaza.dll
11/25/2009 10:33:56 PM Detected Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\dayesaro.dll
11/25/2009 10:33:56 PM Deleted Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\dayesaro.dll
11/25/2009 10:33:56 PM Detected Trojans Trojan.Win32.Monderb.bgoo High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\vowayore.dll
11/25/2009 10:33:57 PM Deleted Trojans Trojan.Win32.Monderb.bgoo High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\vowayore.dll
11/25/2009 10:33:58 PM Detected Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\yimaheri.dll
11/25/2009 10:33:58 PM Deleted Trojans Packed.Win32.TDSS.aa High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\yimaheri.dll
11/25/2009 10:33:58 PM Detected Trojans Trojan.Win32.Monderb.bgqu High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\zifirobo.dll
11/25/2009 10:33:59 PM Deleted Trojans Trojan.Win32.Monderb.bgqu High Exact C:\_OTS\MovedFiles\11092009_210515\C_WINDOWS\SYSTEM32\zifirobo.dll
11/25/2009 10:33:59 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\gokisoso.dll
11/25/2009 10:33:59 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\hekeyapi.dll
11/25/2009 10:34:00 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\kasiyebo.dll
11/25/2009 10:34:00 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\mirajehi.dll
11/25/2009 10:34:00 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\nutuhunu.dll
11/25/2009 10:34:01 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\tegareto.dll
11/25/2009 10:34:01 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\tupabezu.dll
11/25/2009 10:34:02 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\watusero.dll
11/25/2009 10:34:02 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_081653\C_WINDOWS\SYSTEM32\yuniyuzi.dll
11/25/2009 10:34:03 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_214154\C_WINDOWS\SYSTEM32\kasiyebo.dll
11/25/2009 10:34:03 PM Detected Virus HEUR:Trojan.Win32.Generic High Partial C:\_OTS\MovedFiles\11102009_214154\C_WINDOWS\SYSTEM32\zuragiwu.dll
11/25/2009 10:34:06 PM Task completed

[NeonFx]

Good. It didn't find anything that I and your security programs didn't already take care of.

Try the computer out for a while and let me know how its running. I'll give you my cleanup instructions after that.

[mom4jdc]

Thanks!!!

Have a great Thanksgiving!

[NeonFx]

You too!

Let me know.

[mom4jdc]

I hope that you have had a good Thanksgiving, Christmas and New Year!

I haven't had much computer time since we worked on this one but when I have had the time, I have been deleting old programs and files to try to regain some memory and speed. I've cleaned up my startup programs and that has helped alot.

Other than one blue screen that happened with my son, the computer has worked great! (By the time he got me when the the blue screen came up, the computer had already counted down and restarted. When restarted, I ran an AVG scan and a Malwarebyte scan. Neither one of those came up with anything. Since then, the computer has acted better...not as "shaky".)

An advice on what else I can/need to do?

Thank you again for all of the help that you gave me. It is truly appreciated!! (If you lived close by, I'd send you a pound cake...but, since I don't know where you live, I'll spare you the calories and just say "THANKS!!")

[NeonFx]

Sorry I missed you, I went on vacation and forced myself to stay away from the internet for a while.

Have you run into any new problems since that last reply?

PS.. I love pound cake Thank you