Looking through her programs list, I saw My Web Tattoo which would not allow me to delete it, and a few toolbars which I did delete. I'm sure they downloaded some things to cause these problems.
She told me that she had downloaded a program online called AntiVirus PLUS and that she eventually had to pay them to clean some stuff. After reading up on spyware, she called her credit card company and cancelled the charge (which was $30 more than the program told her) and called me to help clean up the system.
I also ran AVG anti-rootkit and found nothing, but I'm nervous that there's still a backdoor or rootkit hiding on the system since I can't run MBAM at all and I'm having trouble getting Ad-Aware to do it's job. Any Advice would be appreciated.
EDIT: MBAM gives me several RUN_TIME ERROR 1 / APPLICATION ERROR 0 (something like that) immediately after install, everytime I try to execute, and immediately after uninstall. I thought I might try to rename them files during download.
Note: XP MCE with little over 300 MB RAM (I thought this might not allow the programs to run)
-I advised her to look into upgrading RAM-
I'm not very familiar with MCE, but I notice a lot of running processes on startup (50+) I was going to look into that next.
EDIT: Currently, there seems to be something hijacking her yahoo web searches, but not any others like google. When searching yahoo, results never get displayed and the IP address that is shown (firefox extension) belongs to somebody in Germany or Poland on WHOIS search.
Edited by therealpig, 07 January 2010 - 11:05 AM.