Freezing up - Will not run OTL ..

Hello,
Operating on Windows XP , Using Firefox for browser,
Keeps freezing up .. have to do a hard shut down..
Will not complete MBAM Malwarebytes- freezes up and does not finish ..
Will not run OTL scan ... ,Operating in safemode now ..
aswMBR log attached..

aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
Run date: 2012-02-20 21:39:45
-----------------------------
21:39:45.203 OS Version: Windows 5.1.2600 Service Pack 3
21:39:45.203 Number of processors: 2 586 0x1C02
21:39:45.203 ComputerName: MELZCOMPUTER UserName: Melanie
21:39:46.171 Initialize success
21:40:01.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:40:01.906 Disk 0 Vendor: ST9160314AS P003HPM1 Size: 152627MB BusType: 3
21:40:01.953 Disk 0 MBR read successfully
21:40:01.968 Disk 0 MBR scan
21:40:01.968 Disk 0 Windows VISTA default MBR code
21:40:02.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152616 MB offset 2048
21:40:02.015 Disk 0 scanning sectors +312560640
21:40:02.140 Disk 0 scanning C:\WINDOWS\system32\drivers
21:40:11.203 Service scanning
21:40:42.515 Modules scanning
21:41:08.359 Disk 0 trace - called modules:
21:41:08.406 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
21:41:08.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8633fab8]
21:41:08.437 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8635db00]
21:41:09.250 Scan finished successfully
21:41:23.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Melanie\My Documents\Desktop\MBR.dat"
21:41:23.406 The log file has been saved successfully to "C:\Documents and Settings\Melanie\My Documents\Desktop\aswMBR.txt"

Thank you for your time..
Mel

Hi there Miss Mel and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

The aswMBR log is clean - so that is good.
Have you tried running OTL in safe mode?

If that does not work - do you have access to a clean computer to download and burn a boot disk? If the operating system of your problem computer is not working well, a boot disk seems like the best solution to approach it:

====================

• You will need a blank CD to burn the boot CD
  
• Download OTLPEStd.exe by OldTimer from here (a big download)
  
• Double-click on OTLPEStd.exe to burn the boot CD
  
• Reboot your system using the boot CD you just created. If you don´t know how to boot from CD, check out this page
  
• Booting will take quite some time, so please be patient
  
• Finally you should see the REATOGO-X-PE desktop. Find the OTLPE icon and double click it to run OTLPE
  
• Answer Yes and OK to all prompts
  
• Ensure the option Automatically Load All Remaining Users is checked
  
• OTL should now start. Set the option Drivers to Non-Microsoft
  
• Click Run Scan to start the scan
  
• When finished, a log file C:\OTL.txt will be created
  
• Please post the contents of the file in your next reply

Thanks Gabe !
Yes, I did try to Run OTL in safe mode and it will not go .. I hit the run Scan button .. then it just sits there and will not run , then it freezes ..
I will try the bootable CD and report back !
Thanks !
M.

ok here we gop ..
** It did not give me a DRIVERS option to select Non Microsoft .. It only said None, Use Safe list , or ALL .. it was on use safe list when it opened ..so I just left it on that ..
Here is the OTLPE log ..
Thank you for your time !
OTL logfile created on: 2/22/2012 5:39:26 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 826.00 Mb Available Physical Memory | 81.00% Memory free
903.00 Mb Paging File | 848.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 99.56 Gb Free Space | 66.80% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (Norton Internet Security)
SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2012/02/01 19:47:07 | 000,909,152 | ---- | M] () [Auto] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/08/26 21:03:50 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/08/26 21:03:42 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/08/27 13:28:00 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/30 15:47:00 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/01/05 02:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (USBCCID)
DRV - File not found [Kernel | System] -- -- (SRTSPX)
DRV - File not found [File_System | System] -- -- (SRTSP)
DRV - File not found [Kernel | On_Demand] -- -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/09/13 15:52:32 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/05/18 13:57:10 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/26 21:03:41 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/06/24 21:13:43 | 001,735,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/03/30 15:47:00 | 001,550,891 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/03/19 13:55:06 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/03/02 16:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2008/11/21 20:36:46 | 000,160,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/09/25 00:09:40 | 000,103,792 | ---- | M] (Sonic Solutions) [File_System | Boot] -- C:\WINDOWS\system32\drivers\syscow32x.sys -- (SysCow)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yahoo.com/internetexplorer/welcome
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Guest_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Melanie_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Melanie_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Melanie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Program Files\Sony Online Entertainment\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/09/13 15:53:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/09/04 16:55:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/02/01 19:47:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/05 16:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/08 15:07:28 | 000,000,000 | ---D | M]

[2012/02/05 16:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/05 16:56:28 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/03 01:59:20 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011/11/10 08:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/01 19:46:19 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/05 16:56:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/05 16:56:18 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/02/21 02:31:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Melanie_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Melanie_ON_C\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [Syncables] C:\Program Files\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\Melanie_ON_C..\Run: [Facebook Update] C:\Documents and Settings\Melanie\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Melanie_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melanie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Melanie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Melanie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freerealms.com/gamedata/plugins/1.0.3.83/FreeRealmsInstaller.cab?v=1032 (SonyOnlineInstallerX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.153.176.9
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Tempest.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Tempest.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/21 15:37:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/21 10:53:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\Cookies
[2012/02/21 01:28:58 | 000,000,000 | ---D | C] -- C:\81d2f6840ca2297412b9
[2012/02/21 01:12:51 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.com
[2012/02/21 01:07:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2012/02/21 01:07:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2012/02/21 01:07:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2012/02/21 01:07:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Seven Zip
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2012/02/21 01:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.migoDesktop
[2012/02/21 01:07:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2012/02/21 01:07:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012/02/21 01:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2012/02/21 01:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2012/02/21 01:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2012/02/21 01:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2012/02/21 01:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2012/02/21 01:07:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2012/02/21 01:07:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2012/02/21 01:07:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2012/02/21 01:07:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2012/02/21 01:07:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2012/02/21 01:07:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\syncables Videos
[2012/02/21 00:36:45 | 004,729,344 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Melanie\My Documents\Desktop\aswMBR.exe
[2012/02/21 00:22:06 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Melanie\My Documents\Desktop\OTL.com
[2012/02/19 13:31:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/02/03 00:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Melanie\My Documents\Kat Harder
[2012/02/01 20:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Melanie\My Documents\Books
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/22 20:15:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/22 20:14:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/22 20:14:11 | 1064,620,032 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/21 15:36:42 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/21 02:40:08 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-104539716-381148277-119623539-1006UA.job
[2012/02/21 02:38:28 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/21 02:31:59 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/02/21 01:49:02 | 000,235,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/21 01:35:54 | 093,261,620 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2012/02/21 01:28:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/21 01:13:03 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.com
[2012/02/21 00:41:23 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Melanie\My Documents\Desktop\MBR.dat
[2012/02/21 00:38:56 | 004,729,344 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Melanie\My Documents\Desktop\aswMBR.exe
[2012/02/21 00:22:14 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Melanie\My Documents\Desktop\OTL.com
[2012/02/21 00:09:31 | 000,442,140 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/21 00:09:31 | 000,071,910 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/20 00:31:01 | 093,205,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm.old
[2012/02/19 20:40:01 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-104539716-381148277-119623539-1006Core.job
[2012/02/19 13:54:40 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/19 13:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/10 14:51:41 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/21 01:17:38 | 1064,620,032 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/21 01:07:41 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM 6.lnk
[2012/02/21 01:07:41 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\LG Power Tools.lnk
[2012/02/21 01:07:41 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/21 01:07:41 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/02/21 01:07:39 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2012/02/21 01:07:39 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2012/02/21 01:07:39 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2012/02/21 00:41:23 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Melanie\My Documents\Desktop\MBR.dat
[2012/02/15 23:21:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 23:21:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/10 14:51:42 | 1360,338,648 | ---- | C] () -- C:\Documents and Settings\Melanie\My Documents\Desktop\The.Adjustment.Bureau.2011.TS.Xvid-THC.avi
[2011/08/01 23:18:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/08/01 23:18:02 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/08/01 23:18:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/08/01 23:18:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/08/01 23:18:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/08/01 19:56:06 | 000,015,542 | -HS- | C] () -- C:\Documents and Settings\Melanie\Local Settings\Application Data\y46sfanjfs78b7643d
[2011/08/01 19:56:06 | 000,015,542 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\y46sfanjfs78b7643d
[2011/08/01 19:56:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\wqsk.exe
[2011/08/01 19:56:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ptok.exe
[2011/08/01 19:56:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\imsm.exe
[2010/01/10 01:29:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/01/04 01:00:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/26 15:18:42 | 000,000,269 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009/09/12 21:45:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/10 21:57:44 | 000,129,024 | ---- | C] () -- C:\Documents and Settings\Melanie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/09 15:45:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/06/24 21:30:21 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/06/24 21:10:34 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2008/06/24 20:48:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/24 20:48:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/06/24 20:26:44 | 000,442,140 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/06/24 20:26:44 | 000,071,910 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/06/24 20:16:28 | 000,235,960 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/06/24 20:12:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/24 20:10:36 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/15 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/15 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/15 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/15 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/15 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/15 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/15 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/15 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/29 00:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/29 00:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2012/01/08 14:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melanie\Application Data\BitComet
[2009/09/26 17:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melanie\Application Data\Canon Easy-WebPrint EX
[2010/11/29 01:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melanie\Application Data\OverDrive
[2009/09/23 01:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melanie\Application Data\WildTangent
[2012/02/01 19:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/11/09 15:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/01/30 19:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/09/26 16:53:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/04/19 11:58:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/09/09 07:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/09/09 07:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/09/23 01:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/09/23 01:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2012/02/19 20:40:01 | 000,000,984 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-104539716-381148277-119623539-1006Core.job
[2012/02/21 02:40:08 | 000,001,006 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-104539716-381148277-119623539-1006UA.job

========== Purity Check ==========

End of Report

We´re going to run a fix with OTLPE to get rid of some malware (which hopefully is what is causing your problems).

• Double click OTLPE to run
  
• Under the Custom Scans/Fixes box at the bottom, type or copy/paste the following:
  

  :files
  C:\Documents and Settings\Melanie\Local Settings\Application Data\y46sfanjfs78b7643d
  C:\Documents and Settings\All Users\Application Data\y46sfanjfs78b7643d
  C:\Documents and Settings\All Users\Application Data\wqsk.exe
  C:\Documents and Settings\All Users\Application Data\ptok.exe
  C:\Documents and Settings\All Users\Application Data\imsm.exe
  
  :otl
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
  O3 - HKU\Melanie_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  

  
  
• Then click the Run Fix button at the top.
  
• Allow it to run. If you get any error message or your computer freezes, let me know.
  
• Finally, post the contents of the log (located at C:\_OTL\Moved Files)

====================

After this, restart your computer (take out the boot CD and boot as normal)

Now use ComboFix by sUBs, a powerful tool that you are advised not to run without supervision of a trained malware helper. Please visit this webpage and read the tutorial on using ComboFix very carefully. After that download the tool and save it to your desktop.

Doubleclick ComboFix.exe to run the tool. Please post its log back here.

Thank you for your time Gabe...
I ran both and then the Combo Fix log got lost .. should I run it again?

Log attached ..
OTL ...

========== FILES ==========
C:\Documents and Settings\Melanie\Local Settings\Application Data\y46sfanjfs78b7643d moved successfully.
C:\Documents and Settings\All Users\Application Data\y46sfanjfs78b7643d moved successfully.
C:\Documents and Settings\All Users\Application Data\wqsk.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\ptok.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\imsm.exe moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry value HKEY_USERS\Guest_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\Melanie_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

OTLPE by OldTimer - Version 3.1.48.0 log created on 02232012_09291


I was copying the CF log and it froze and shut down
Wahhhhhh ...

the combofix log should be here:
c:\combofix.txt

See if it is there

Hi Gabe ... Thanks ,
No I don't see it .. There are a couple older ones but nothing from today ..

Can you run combo fix again pls?

also

Please download Malwarebytes' Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:

• If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
  
• Click OK to either and let MBAM proceed with the disinfection process.
  
• If asked to restart the computer, please do so immediately.

Post the contents of the MBAM log in your next reply, please.

Hi Gabe ,
Thanks for your time ..
Grrrrrrr ... I have tried to run Combo Fix twice and it is freezing up still ..
I am running Malware bytes now , and hoping it will not freeze .. I will try Combo fix again after MBAM .. and post again ..
Thanks ..
Mel

P.S. Just noticed MRTSTUB.exe in a folder full of random letters and numbers that is now on the C: drive .. looked it up and some say it's bad others say it's ok ..
Opinion??
should I try to get rid of it ??

GRRRRRRRRRRRR
OK .. Combo fix freezes .. will not finish ...
MBAM froze after 27 mins ... Will not finish ...

Please advise ...

Back to the boot disc with OTL ? WAhhhhhhh

I have been trying and trying and FINALLY got combo fix to run just now .. will post the log and try to Run MBAM again now !!
YAY !!

Thanks so much Gabe !

ComboFix 12-02-25.02 - Melanie 02/25/2012 20:31:54.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.394 [GMT -8:00]
Running from: c:\documents and settings\Melanie\My Documents\Desktop\Commy.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Files Created from 2012-01-26 to 2012-02-26 )))))))))))))))))))))))))))))))
.
.
2012-02-23 14:29 . 2012-02-23 14:29 -------- d-----w- C:\_OTL
2012-02-21 06:28 . 2012-02-21 06:30 -------- d-----w- C:\81d2f6840ca2297412b9
2012-02-21 06:07 . 2012-02-21 06:07 -------- d-----w- c:\documents and settings\Administrator
2012-02-19 18:31 . 2012-02-19 18:31 -------- d-----w- c:\windows\LastGood
2012-02-16 04:21 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-16 04:21 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-12 16:53 . 2011-11-23 13:25 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-08 20:31 . 2011-06-11 03:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-19 08:13 . 2011-10-31 23:43 832512 ----a-w- c:\windows\system32\wininet.dll
2011-12-19 08:13 . 2011-10-31 23:43 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-19 08:13 . 2011-10-31 23:43 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-12-19 08:13 . 2011-10-31 23:43 17408 ----a-w- c:\windows\system32\corpol.dll
2011-12-10 23:24 . 2012-01-08 20:23 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-05 21:56 . 2012-02-05 21:56 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-02-21_07.32.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-26 03:21 . 2012-02-26 03:21 16384 c:\windows\temp\Perflib_Perfdata_188.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-02-02 00:46 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-02 1811296]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"Facebook Update"="c:\documents and settings\Melanie\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2011-10-19 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-30 483428]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-02-18 737280]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-16 1418536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"Syncables"="c:\program files\syncables\syncables desktop\Syncables.exe" [2009-04-02 173360]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-23 1983816]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-09 52256]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2009-03-10 570664]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-05-08 210216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-02-02 2077536]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-02-02 939872]
"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-02-02 928096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-27 02:04 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\syncables\\syncables desktop\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Melanie\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25745:TCP"= 25745:TCP:BitComet 25745 TCP
"25745:UDP"= 25745:UDP:BitComet 25745 UDP
.
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 9:09 PM 103792]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/26/2010 6:03 PM 216400]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/18/2011 10:57 AM 243152]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [8/26/2010 6:03 PM 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [8/26/2010 6:03 PM 308136]
R2 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [3/19/2009 11:04 AM 203248]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/8/2012 11:45 AM 136176]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2/1/2012 4:47 PM 909152]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [6/24/2009 6:11 PM 113664]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [3/2/2009 1:03 PM 38912]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [5/18/2011 10:59 AM 167264]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/8/2012 11:45 AM 136176]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [6/24/2009 6:12 PM 160256]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2011-12-19 08:13 124928 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-104539716-381148277-119623539-1006Core.job
- c:\documents and settings\Melanie\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-10-19 00:35]
.
2012-02-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-104539716-381148277-119623539-1006UA.job
- c:\documents and settings\Melanie\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-10-19 00:35]
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-08 19:44]
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-08 19:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254 75.153.176.9
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Melanie\Application Data\Mozilla\Firefox\Profiles\yww0dje1.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b64cf25&v=7.007.026.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-25 20:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2920)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-02-25 20:53:43
ComboFix-quarantined-files.txt 2012-02-26 04:53
ComboFix2.txt 2012-02-23 18:10
ComboFix3.txt 2012-02-21 07:38
ComboFix4.txt 2011-08-02 04:44
.
Pre-Run: 106,241,982,464 bytes free
Post-Run: 106,379,395,072 bytes free
.
- - End Of File - - 10F4334003A196B122F6295DE1532870

Miss Mel wrote:

P.S. Just noticed MRTSTUB.exe in a folder full of random letters and numbers that is now on the C: drive .. looked it up and some say it's bad others say it's ok ..
Opinion??
should I try to get rid of it ??

if you have a single file that you suspect, submit it to www.virustotal.com and look what the report says.

Folders like C:\fhfue5845hdfie8t8rthdu are usually temporary folders of programs that you have installed and that failed to clean up.

The good news is I don see any malware - the bad news is that I have o idea where your problem is coming from.

Have you recently changed from Norton Internet Security to AVG?
I see some remnants of Norton, maybe need to get rid of them, because two AVs on one computer can lead to exactly what you are seeing right now.

I just ran MBAM .. and it froze after 2 hrs and 41 mins ..
Soo frustrating ..
I am glad to hear that you don't see any malware ...
I THINK the net book came with Norton when i got it a couple years ago, but i thought it was uninstalled and long gone as I use AVG ..
Humm .. I will see if i can find anything ..

Any ideas on what I could try now Gabe ??
Thanks so much for your time ..

Just got the MBAM Quick scan to finish !!!!!
Log :
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.25.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Melanie :: MELZCOMPUTER [administrator]

2/26/2012 1:37:13 AM
mbam-log-2012-02-26 (01-37-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207174
Time elapsed: 20 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

same though .. looks clean ..
Grrrrrrrrrrrrr ...

Running an OTL script to rid your computer of the last remnants of Norton Internet Security:

• Please run OTL.exe again
  
• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

• CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
  
• If it asks to reboot the computer, please allow that.
  
• Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

====================

We no longer need combofix and OTL, so lets get rid of them:

• Go to Start > Run and type or copy/paste commy /uninstall (note the space before the "/").
  
• Double click OTL.exe to run it again and click the CleanUp button.
  
• If we used any other tools and they still remain on your desktop, please delete them manually.

====================

Is your computer still running bad? Only when you run firefox or every time?

Hi Gabe .. and Thanks .. here is the OTL Log

========== FILES ==========
File\Folder c:\program files\Norton Internet Security not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security\ deleted successfully.

OTL by OldTimer - Version 3.2.33.1 log created on 02272012_182452

My computer did freeze a couple times yesterday, and I was using Firefox at the time .. I really HATE IE , and find it is way worse .. maybe I will try Chrome on here for a while and see if it helps ..

I will get rid of the Combo Fix and OTL .. Thank you for the notes on that !

I guess the next thing I will have to look at is hardware or ?? It is a netbook so not sure if it is over heating or something .. it happens even when it hasn't been on for a long time ?? Doesn't feel too Hot ???

Thanks ,
Mel

If you think you have hardware problems - you could visit out hardware forum. I´m not an expert in that.

If Firefox is giving you problems, maybe an uninstall and reinstall will help or a critical look at extensions you are using.
But Chrome is a very good alternative to Mozilla, especially if you don´t really need to extensions. I personally use SRware Iron, a Chrome clone with less privacy issues than Chrome itself.

Do you have any more questions or do you want to see my ALORTKYCC (Awesome List Or Recommendations To Keep Your Computer Clean)?

Lol ...
Thanks for everything Gabe ~!!
Your ALORTKYCC would be great !!

I am going to try OPERA for a bit .. Errrr.. the browser I mean..
Perhaps I will even have a look at SRware Iron ...
Once again .. Thanks for everything !!
Mel

I like SRWare Iron because it has a built in adblock

Allright! Here follows my ALORTKYCC (Awesome List Of Recommendations To Keep Your Computer Clean):

1) Keep your Windows up-to-date. Windows Autoupdate should be ON (see Start >> Control Panel >> Security Center). An alternative way (but more time-consuming) is to periodically visit http://windowsupdate.microsoft.com. Hackers are looking every day for new security holes. Microsoft keeps patching them. You cannot fall behind in this race, it will make your system vulnerable.

2) For your average daily computer activities, use a limited/standard user account, not an administrator account. If you use Vista/WIN7 do not disable User Account Control (UAC). You would be amazed to know how much malware can´t touch you if you deny it admin rights. Create a separate password-protected administrator account that you use for admin activities, like (un)installing software.

3) Use a good antivirus. There are various free ones, you cannot go wrong with either of the following three:

• Panda Cloud Antivirus. If you want your antivirus to be light on resources, I recommend Panda. Install without the toolbar.
  
• Ad-Aware Free Internet Security has received great reviews from leading security analysts.
  
• Avast! is a very complete antivirus, with modules like mailscanner and webshield.

4) If your computer has 1GB system memory or more, you should install a third party firewall, to replace the weak Windows Firewall. I recommend:

• Comodo Firewall. Install the internet security suite, but without the antivirus and without the Hopsurf toolbar.
  
• Online Armor. A very smart and user friendly firewall.
  
• Outpost Firewall is another rocksolid choice.

Note: you should run only ONE antivirus and ONE firewall. Running multiples of either is bad, it will cause slowdowns and/or conflicts.

5) Miscellaneous advice:

• Stay away from cracks and keygens (look here for the why). Get free software instead. Gizmo is an excellent source of freeware reviews.
  
• Navigate safely. Google Chrome is the safest browser available. However, Mozilla Firefox can be made extremely safe with the NoScript addon. Internet Explorer (always use the last version) can be made a lot safer with Spywareblaster (manual here).
  
• The WOT (Webs Of Trust) addon will help you to stay on reliable webpages.
  
• WinPatrol alerts you when changes are made in vital system areas. Especially good on light systems not running a third party firewall.
  
• Make sure you have ways to recuperate your operating system and vital other data if its gets frustrated by malware and/or other problems. A Windows setup CD and recent backups/disk images will be priceless, if you find yourself in an unexpected tight spot.

Finally: did we help you? Help us back!

Thanks for all your help and info Gabethebabe-
I have sent in the feedback form ..



Mel