8 replies to this topic

[MuseChaser]

Thanks for providing such a wonderful service. Here's the symptoms/saga, followed by a paste of my log.

I've had a dual layer DVD burner, Sony DRU-710A, for about 6 months, and it works beautifully, and I updated it to the latest firmware about 2 months ago. Five days ago it wouldn't play back DVDs properly; I tried many. 100% CPU load, and "picket-fenced" audio. Reading and backing up a DVD was impossible; what used to take 30 minutes now ran all night, and eventually shut down. I ran AVG (which is running in the background all the time anyway) and Spybot. AVG found nothing, and Spybot found one infection and fixed it, but it didn't help. I pulled the DVD drive and a CDrom drive I have, reseated the cables, (and the ram chips while I was in there), and swapped the location of the drives/jumpers so the DVD is now the master and the CDRom is the slave. I can now use the DVD drive successfully, but CPU load is still very high expect when idling. I don't see any processes using CPU resoursces in the Task manager other than taskmgr.exe and System Idle Process when not using other software, but the machine is still not multitasking the way it used to; I could read a DVD, surf sites w/ streaming video, and download programs all simultaneously w/out a problem up until five days ago.

It's an Athlon 1600+ processor, XPPro sp2, 1.5 gigs of RAM, new hard drive (about 3 months old). Let me know if you need any other info, and thanks in advance for any help you can give. Here's the log....

Logfile of HijackThis v1.99.1
Scan saved at 8:47:45 AM, on 3/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\DeltTray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Icons\SetIcon.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet 5100 series\Bin\hpocyp07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thedaily.com/overlook.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: HPAiODevice(hp officejet 5100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 5100 series\Bin\hpocyp07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1133718581308
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

Thanks again..

Barry

[ken545]

Hello Barry,

Welcome to the Tom Coyote Forum, sorry about the delay but we are overwhelmed with logs and sometimes cant get to them as fast as we would like.

A quick glance of your log is not showing me anything bad that could be causing the high CPU usage, not to say that something could be hidden that is not showing up on your log.

I would like you to download and install the trial of Ewido Anti Malware, this progam is great for cleaning out any bad guys and also for showing me if something is hidding on your system.


Download and install Ewido Anti-Malware
Ewido Anti-Malware
* When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu
* Launch Ewido, there should be an icon on your desktop for it to double-click.
o Click on update
o You should see Update Complete when done.
o Now close out the program <-- Dont run it yet


Now reboot into Safemode
To Enter SAFEMODE

* Go to START/ SHUT OF YOUR COMPUTER/ RESTART
* As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly, this will bring up a menu.
* Use the UP AND DOWN ARROW KEYS to scroll up to SAFEMODE
* Then press the ENTER KEY ON YOUR KEYBOARD


Now open Ewido
o Click on scanner.
o Run a full system scan
o Let the program scan the machine.
o While the scan is in progress you will be prompted to clean files, click OK.
o Once the scan has completed, there will be a button located on the bottom of the screen named Save report.
o Click Save report.
o Save the report to your desktop.



Post back with the Ewido report and a new HJT log. If nothing bad turns up, then it could be a hardware problem and at that point I can direct you to some excellent tech support sites that deal with that sort of problem

Ken

[MuseChaser]

Ken,

Thanks so much for your help and your reply. I've run the Ewido malware tool as directed w/in SafeMode. Here's the logfile, plus a new HijackThis log. CPU usage still seems way too high. The Ewido tool DID find 6 suspicious files; I clicked the "fix this" button or whatever it was labelled, but I don't know if it actually did that. The six files are now "quarantined," but the report window stated "0 files repaired." Normal?

In any case.. here's the new logs.. ewido first... Thanks again.

Barry

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:49:05 PM, 3/19/2006
+ Report-Checksum: F20ABEEC

+ Scan result:

:mozilla.11:C:\Documents and Settings\Mare\Application Data\Mozilla\Firefox\Profiles\atuzrf6n.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Mare\Application Data\Mozilla\Firefox\Profiles\atuzrf6n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Mare\Application Data\Mozilla\Firefox\Profiles\atuzrf6n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Mare\Application Data\Mozilla\Firefox\Profiles\atuzrf6n.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Mare\Application Data\Mozilla\Firefox\Profiles\atuzrf6n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Mare\Application Data\Mozilla\Firefox\Profiles\atuzrf6n.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup


::Report End


<begin Hijack log>

Logfile of HijackThis v1.99.1
Scan saved at 5:06:44 PM, on 3/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\System32\DeltTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Icons\SetIcon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thedaily.com/overlook.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SetIcon] C:\Program Files\Icons\SetIcon.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1133718581308
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

<end pastes>

There you have it. What'd'ya think? If it ain't a virus/malware problem, I would greatly appreciate pointers to the hardware diagnostic sites you mentioned.

Best to you, Ken, and thanks again for your help.

Barry

[ken545]

Hello Barry,

Your log is still looking good with no signs of malware. The six items that Ewido found where just cookies , nothing to be alarmed at.



Before I send you to some tech support sites for windows, lets run the Trial of Spysweeper. There are malicious programs on the internet called Rootkits and Spysweeper cant fix them but will show me if one is present, they are known for the high CPU usage. I am not saying one is present, but lets cover all our bases and check and see. If there is one, there is a tool to remove it.


Download the trial version of Spy Sweeper from Here

Scroll to the bottom of the page and be sure to download and install the Free 4.5 Trial and not t the free online scan.

Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it. If you receive
alerts from your firewall, allow all activities for Spy Sweeper)

You will be prompted to check for updated definitions, please do so.
(This may take several minutes)

Click on Options > Sweep Options and check Sweep all Folders on Selected drives. Check Local Disc C.
Under What to Sweep, check every box.

Click on Sweep and allow it to fully scan your system.

When the sweep has finished, click Remove. Click Select All and then Next

From 'Results', select the Session Log tab. Click Save to File and save the log somewhere convenient.

Exit Spy Sweeper.

Restart your computer, and then please copy and paste the SpySweeper log into this thread.


Ken

[MuseChaser]

Ken, Thanks again for the prompt reply. SpySweeper didn't turn up much.. just one more cookie, I think. Here's the log... <begin paste> ******** 8:22 PM: | Start of Session, Monday, March 20, 2006 | 8:22 PM: Spy Sweeper started 8:22 PM: Sweep initiated using definitions version 637 8:22 PM: Starting Memory Sweep 8:26 PM: Memory Sweep Complete, Elapsed Time: 00:04:25 8:26 PM: Starting Registry Sweep 8:27 PM: Registry Sweep Complete, Elapsed Time:00:00:16 8:27 PM: Starting Cookie Sweep 8:27 PM: Found Spy Cookie: atwola cookie 8:27 PM: behr@atwola[1].txt (ID = 2255) 8:27 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01 8:27 PM: Starting File Sweep 8:49 PM: File Sweep Complete, Elapsed Time: 00:21:43 8:49 PM: Full Sweep has completed. Elapsed time 00:26:28 8:49 PM: Traces Found: 1 9:30 PM: Removal process initiated 9:30 PM: Quarantining All Traces: atwola cookie 9:30 PM: Removal process completed. Elapsed time 00:00:00 ******** 8:20 PM: | Start of Session, Monday, March 20, 2006 | 8:20 PM: Spy Sweeper started 8:21 PM: Your spyware definitions have been updated. 8:22 PM: | End of Session, Monday, March 20, 2006 | <end paste> Let me know what you think when you get a chance. Thanks again! Barry

[ken545]

Hi Barry,

The atwola cookie is a real pest and is tracking the websites that you go to, we can stop it from installing by following this procedure.



Open Internet Explorer > Tools> Internet Options > Privacy > Sites add atwola .com then click on Block, Close out Internet Explorer.

Then go to C:\ windows\system32\drivers\etc\hosts open Hosts in Notepad. Copy the lines in the quote all at once and paste into the end of the text file. Close out the text editor and when it asks you to save the changes , say yes.

127.0.0.1 ar1. atwola .com
127.0.0.1 ar2. atwola .com
127.0.0.1 ar3. atwola .com
127.0.0.1 ar4. atwola .com
127.0.0.1 ar5. atwola .com
127.0.0.1 ar6. atwola .com
127.0.0.1 ar7. atwola .com
127.0.0.1 ar8. atwola .com
127.0.0.1 ar9. atwola .com

Reboot your computer


Barry, no malware or a virus so I cant do much more for you, here are the tech sites I told you about, be sure to tell them that you posted here and that your free of malware.

Tom Coyote <-- Our own forum
PcPitStop <-- You can take your system in for a checkup here.
Bleeping Computer <--Good XP Forum
Windows Helpnet <-- Excellent XP Forum
Hardwareguys <-- Another good one


Heres some tips and free tools to install to help keep you more secure on the internet.


* Download and Install CCleaner,
* Click on RUN TOOL
* This program is safe to run, but it will delete your cookies, so if there are any you want to keep,
* Go to Options> Cookies and move any you want to keep from the left window to the right window.

* When you run the Issues Scan before you click on Remove Selected Issues, it will ask you to backup the registry, Say Yes.



* Go to My Computer/ C:/ Windows/ Prefetch and remove all the contents of the Prefetch Folder.
But not the Prefetch folder itself.



* Open INTERNET EXPLORER
* Click on the TOOLS MENU
* Then INTERNET OPTIONS
* At the GENERAL TAB (which should be the first tab you are currently on),
* click on the DELETE FILES BUTTON and put a checkmark in DELETE ALL OFFLINE CONTENT.
* Then press the OK BUTTON . This may take quite a while, so do not be alarmed with how long it takes.
* When it is done, your Temporary Internet Files will now be deleted.


Now Empty your Recycle Bin


System Restore makes regular backups of all your settings, if you ever had to use this program to restore your system to a previous date, you will be infected all over again so we need to clean out the previous Restore Points

Turn off System Restore.

* Right-click My Computer.
* Click Properties.
* Click the System Restore tab.
* Check Turn off System Restore on all Drives.
* Click Apply, and then click OK.

Reboot your System


Turn ON System Restore.


* Right-click My Computer.
* ClickProperties.
* Click the System Restore tab.
* UN-Check Turn off System Restore on all Drives.
* Click Apply, and then click OK.


* Go to Start/ Control Panel/ Performance and Maintenance/ System Restore/ Create a New Restore Point
You need to be in Category View to access this feature.
You can name the restore point anything you like, something that you can remember


* Make sure that your ANTI-VIRUS SOFTWARE is up to date and run a full scan at least once aweek.

* Here are Free Anti-Virus Programs if you need one

AVG Free Edition
AntVir Personal Edition


* Spybot Search and Destroy 1.4
Check for Updates/ Immunize and run a Full System Scan on a regular basis.

* Ad-Aware SE Personal 1.06
Check for Updates and run a Full System Scan on a regular basis.

* Spyware Blaster It will prevent most spyware from ever being installed.

* Spyware Guard It offers realtime protection from spyware installation attempts.

* Win Patrol This program will warn you when any changes are being made to your system and
give you the option to deny the change.

* IE- Spyad IE-Spyad places over 4000 web sites and domains
in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed,
although you will still be able to connect to the sites.

* Firefox Browser
It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use
them both. When it asks you if you want it to be your default browser, say NO and take the checkmark out of the box to ask you again. After you use this
for awhile, you will want to make it your default.

* Thunderbird Mail There companion mail program was highly favored in PCWorld Magazine,
this has a good spam filter and is more secure than Outlook Express.

* Zone Alarm Here is a free Firewall from Zone Labs, I wouldn't
access the internet without it.

* WINDOWS UPDATES - Enable Automatic Updates
Right click on MY COMPUTER/Click on PROPERTIES/ AUTOMATIC UPDATES and put a mark in the radio button
DOWNLOAD UPDATES FOR ME BUT LET ME CHOOSE WHEN TO INSTALL THEM.

* Go to START/ CONTROL PANEL> PERFORMANCE AND MAINTENANCE> REARRANGE ITEMS ON YOUR HARD DISK TO MAKE PROGRAMS RUN FASTER
This is the Windows Disk Defragger, run this maybe once or twice a month to keep your system running good. The first time you run it, it may take awhile.

Thanks for using Tom Coyote,

Ken

[MuseChaser]

Thank you very much, Ken. The amount of work you do and the expertise you folks have in this arena is most impressive, and most appreciated. System's working much better w/out the atwola tracker, and I'll further pursue the hardware links you sent. If you ever need a jazz musician for anything, let me know.. I owe ya one! Barry

[ken545]

Thank You Barry Glad things are running better and I was able to help you. Ken

[ken545]

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php