Posted 04 April 2009 - 09:03 PM
Let me start by saying that this is my first post here and Hello! I am trying to get an old computer that we haven’t used much recently back in shape. It runs Windows XP. I discovered several issues with it. Specifically, it had some malware & Trojans on there. I thought they were fixed by Spybot, but the computer is still acting up. For example, it takes me several tries to update my anti malware programs, some windows updates are failing, and while it is generally acting better than I recall, the computer is still sluggish, often indicates it is low in virtual memory, and sometimes just freezes up to the point where I have to shut it off and start over. It is old and I am used to using another faster computer, so I’m not sure if this is just how it is, or my fear: that there are remnants of something nasty hiding causing all of this. I came across this terrific forum when looking for info. I am definitely a novice at this, so your expertise is much appreciated! Here’s more background and specifics to what is going on. (I apologize in advance for the length but I wanted to be as specific as I could):
1. We had Spybot Search & Destroy (version 1.4) on it. The first thing I did in my process was to update Spybot, and while it did appear to allow and download all updates, I initially could not get the newest version of Spybot to install. However, I was able to run a scan that found 4 problems (3 instances of something called Win32.Sdbot.add, and 1 of a windows security center override). During the scan, error messages popped up 3 times that said something to the effect that “there were problems in the include file c:\Program Files\Spybot-Search Destroy\Includes\Malware (Trojans…) sbi see include error log for details”. I had spybot fix the four things. Then I later tried to run spybot again, but it wouldn’t even load. So, wanting another way to check that things were gone, I then downloaded Malwarebytes anti malware, updated it, then ran a quick scan. Nothing was found there. Thinking all was ok, I removed the older version of Spybot via the control panel, then downloaded version 1.6.2, updated it, and ran a new scan. Nothing major was found. I have since run more scans on both programs that were clean.
2. The second thing I did was to install Avira AntiVir Personal to replace a Zone Alarm Anti virus suite that was out of date. I had a little trouble doing so, but was ultimately successful. I should mention that prior to any of this, ZA did run a virus scan automatically (using the outdated detections) which did come back fine. Anyway, I uninstalled ZA (which also uninstalled the firewall I was using), installed Avira, ran it and it found and quarantined one suspicious swf file as Heur/Html.malware. I’m not sure what to do with that now. A side question related to Avira is that I had understood that Avira was supposed to have a built in firewall, but my windows security center did not recognize one. Does it not contain a firewall? I turned on the Windows firewall at that point, to at least have something for the time being. Also related to Avira, next time I booted up, Avira wouldn’t start up. I suspected Spybot’s teatimer function after reading something about compatability in a thread, so I disabled it. Next reboot, it opened find. If this truly is simply a compatability issue between these two programs, would it be better for me to leave teatimer on and get a different antivirus program, or should I just keep teatimer disabled? In other words, is there a benefit to teatimer that I am not getting from anything else I have?
3. Third, I wanted to see if Windows was up to date. It is set up for automatic updates. I checked the update log, and noticed that a couple of updates failed. Specifically, there is one failed Malicious software update that failed (KB890830 with an error code of 0x8024007, and Service Pack 3 update KB936929 with an error code 0x080242006). Other windows updates have been successful. Why would these fail?
4. Lastly, In hopes of improving performance, I started to delete some old files and programs to free up space. Also, I ran disk cleanup and disk check. It did not need to be defragmented. This improved things slightly, but things are still slow. So, curious as what is running, I noted 40 processes in the Task Manager when I have no programs open. Is this a normal number?
I hope I’m just being paranoid, but I am fearful that there may be remnants still lurking from the malware that are causing the problems or even something else undetected. And, of course, I’m worried that some of my feeble attempts to fix things, may have unknowingly made it worse. I am not using the problem computer at the moment. I’m sorry about the long post with multiple questions, but what should I do next?