Results 1 to 7 of 7

Thread: HJT log - Parents box, slow as molasses

  1. #1

    HJT log - Parents box, slow as molasses

    Howdy,
    My parents 10 year old box is running XP and is slow as all get out to do any little thing. Is there anything suspicious in this log?

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:31:26 PM, on 12/29/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\HP\KBD\KBD.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\hphmon03.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe
    C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
    C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
    C:\WINDOWS\system32\drivers\dcfssvc.exe
    C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
    C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\HPHipm09.exe
    C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Owner\My Documents\Downloads\HousecallLauncher.exe
    C:\DOCUME~1\Owner\LOCALS~1\Temp\7zS9.tmp\setup.exe
    C:\Documents and Settings\Owner\My Documents\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.earthlink.net/AL/Search
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.earthlink.net/AL/Search
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tss.oregonstate.edu/consulting/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Oregon State University
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
    O1 - Hosts: 209.66.123.175 admin.promaxhost.com
    O1 - Hosts: 209.66.123.175 tds.alekshost.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
    O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKCU\..\Run: [Universal Installer] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /fromrun /starthidden
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [IM] C:\program files\earthlinkim\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /ini "uinstaller.ini" /fromrun /starthidden
    O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
    O4 - Global Startup: KODAK Picture Transfer Software.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
    O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
    O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://tss.oregonstate.edu/consulting/
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pu...sh/swflash.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...30/mcfscan.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
    O23 - Service: Google Update Service (gupdate1ca9eefb1655b24) (gupdate1ca9eefb1655b24) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe

    --
    End of file - 8838 bytes

  2. #2
    Join Date
    Mar 2008
    Location
    London England
    Posts
    103
    Hi and welcome.
    Please follow all suggestions here.
    Read Me First Before Requesting Help
    http://forum.networktechs.com/showth...equesting-Help

  3. #3
    1. Malwarebytes -

    Malwarebytes Anti-Malware (Trial) 1.60.0.1800
    www.malwarebytes.org

    Database version: v2011.12.30.02

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Owner :: YOUR-W92P4BHLZG [administrator]

    Protection: Enabled

    12/30/2011 9:10:07 AM
    mbam-log-2011-12-30 (09-10-07).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 228086
    Time elapsed: 3 hour(s), 18 minute(s), 5 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    2. Trend Micro HouseCall - No threats found

    3. DDS.text
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Owner at 13:06:00 on 2011-12-30
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1280.458 [GMT -8:00]
    .
    AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Security Suite *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\system32\drivers\dcfssvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\HP\KBD\KBD.EXE
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\hphmon03.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe
    C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
    C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
    C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
    C:\WINDOWS\System32\HPHipm09.exe
    C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\DOCUME~1\Owner\LOCALS~1\Temp\HouseCall\housecal l.bin
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uWindow Title = Microsoft Internet Explorer provided by Oregon State University
    uSearch Bar = hxxp://start.earthlink.net/AL/Search
    mSearch Bar = hxxp://srch-us4.hpwis.com/
    uInternet Connection Wizard,ShellNext = hxxp://tss.oregonstate.edu/consulting/
    uInternet Settings,ProxyOverride = localhost
    uSearchAssistant = about:blank
    uCustomizeSearch = about:blank
    uSearchURL,(Default) = about:blank
    mSearchAssistant = hxxp://start.earthlink.net/AL/Search
    mCustomizeSearch = about:blank
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.1.0.29\ips\IPSBHO.DLL
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - c:\program files\microsoft money\system\mnyviewer.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
    TB: {C7768536-96F8-4001-B1A2-90EE21279187} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [Microsoft Works Update Detection] c:\program files\microsoft works\WkDetect.exe
    uRun: [Universal Installer] "c:\program files\comcastui\universal installer\uinstaller.exe" /fromrun /starthidden
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [IM] c:\program files\earthlinkim\aim.exe -cnetwait.odl
    uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
    uRun: [Desktop Software] "c:\program files\comcastui\universal installer\uinstaller.exe" /ini "uinstaller.ini" /fromrun /starthidden
    mRun: [S3TRAY2] S3tray2.exe
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [PS2] c:\windows\system32\ps2.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    mRun: [KBD] c:\hp\kbd\KBD.EXE
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    mRun: [HPHmon03] c:\windows\system32\hphmon03.exe
    mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb0 4.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
    mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\photosmart\hp share-to-web\hpgs2wnd.exe
    mRun: [CXMon] "c:\program files\hewlett-packard\photosmart\photo imaging\Hpi_Monitor.exe"
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kod akp~1.lnk - c:\program files\kodak\kodak picture transfer software\pts.exe
    IE: {17A27031-71FC-11d4-815C-005004D0F1FA} - c:\program files\marketbrowser\lmt\MarketBrowser_Launch.xpy
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {301DA1EE-F65C-4188-A417-9E915CC8FBFA} - c:\program files\microsoft money\system\mnyviewer.dll
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5430/mcfscan.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{01D1C6CD-6D44-46B6-BA89-10155A459FBE} : DhcpNameServer = 15.60.103.1 15.60.103.2
    TCP: Interfaces\{33664E88-04AB-4E8A-B442-454570593720} : DhcpNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 209.66.123.175 admin.promaxhost.com
    Hosts: 209.66.123.175 tds.alekshost.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\9oo7wspj.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\coffplgn_2011_7_4_3\c omponents\coFFPlgn.dll
    FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\ipsffplgn\components\ IPSFFPl.dll
    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Symantec IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\IPSFFPlgn
    FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\coFFPlgn_2011_7_4_3
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d \symds.sys [2011-10-7 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\050100 0.01d\symefa.sys [2011-10-7 744568]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\ 20111221.003\BHDrvx86.sys [2011-12-21 819320]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01 d\ironx86.sys [2011-10-7 136312]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-30 652872]
    R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\5.1.0.29\ccsvchst.exe [2011-10-7 130008]
    R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [2002-2-23 18864]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-11-10 106104]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\2 0111228.001\IDSXpx86.sys [2011-12-29 356280]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [2011-12-30 20464]
    R3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [2009-1-5 33808]
    R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs \20111230.002\NAVENG.SYS [2011-12-30 86136]
    R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs \20111230.002\NAVEX15.SYS [2011-12-30 1576312]
    S2 gupdate1ca9eefb1655b24;Google Update Service (gupdate1ca9eefb1655b24);c:\program files\google\update\GoogleUpdate.exe [2010-1-26 133104]
    S3 ADSFilter;ADSFilter - (Aluria Filter Driver);c:\windows\system32\drivers\adsfilter.sys --> c:\windows\system32\drivers\ADSFilter.sys [?]
    S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\drivers\bw2n dis5.sys --> c:\windows\system32\drivers\BW2NDIS5.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-26 133104]
    .
    =============== Created Last 30 ================
    .
    2011-12-30 20:47:45 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
    2011-12-30 17:05:29 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
    2011-12-30 17:05:07 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-12-30 17:05:05 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-30 17:05:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-12-30 04:52:18 5532 ----a-w- c:\windows\system32\stdole.tlb
    2011-12-30 02:03:37 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
    2011-12-30 02:03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
    2011-12-30 02:03:34 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
    2011-12-30 02:03:33 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
    2011-12-30 02:03:32 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
    2011-12-30 02:03:24 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
    2011-12-30 02:03:22 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
    2011-12-30 02:03:09 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
    2011-12-30 02:02:05 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
    2011-12-30 02:01:54 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
    2011-12-30 02:01:53 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
    2011-12-30 02:01:33 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
    2011-12-30 02:01:26 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
    2011-12-30 02:01:25 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
    2011-12-30 02:01:15 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
    2011-12-30 02:01:12 31744 ----a-w- c:\windows\system32\dllcache\wceusbsh.sys
    2011-12-30 02:01:11 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
    2011-12-30 02:01:02 16925 ----a-w- c:\windows\system32\dllcache\w940nd.sys
    2011-12-30 02:01:01 19016 ----a-w- c:\windows\system32\dllcache\w926nd.sys
    2011-12-30 02:01:00 19528 ----a-w- c:\windows\system32\dllcache\w840nd.sys
    2011-12-30 01:59:58 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
    2011-12-30 01:58:59 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
    2011-12-30 01:57:58 7552 ----a-w- c:\windows\system32\dllcache\sonyait.sys
    2011-12-30 01:56:35 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys
    2011-12-30 01:55:59 77824 ----a-w- c:\windows\system32\dllcache\s3sav4m.sys
    2011-12-30 01:54:56 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
    2011-12-30 01:53:52 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll
    2011-12-30 01:52:44 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
    2011-12-30 01:52:43 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
    2011-12-30 01:52:22 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
    2011-12-30 01:52:18 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
    2011-12-30 01:52:17 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
    2011-12-30 01:52:15 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
    2011-12-30 01:52:07 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
    2011-12-30 01:52:06 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
    2011-12-30 01:50:33 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
    2011-12-30 01:50:27 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
    2011-12-30 01:50:10 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
    2011-12-30 01:50:08 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
    2011-12-30 01:49:33 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
    2011-12-30 01:49:31 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
    2011-12-30 01:49:29 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys
    2011-12-30 01:49:10 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys
    2011-12-30 01:49:05 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
    2011-12-30 01:47:58 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys
    2011-12-30 01:46:49 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
    2011-12-30 01:45:59 44032 ----a-w- c:\windows\system32\dllcache\imekrmig.exe
    2011-12-30 01:44:56 488383 ----a-w- c:\windows\system32\dllcache\hsf_v124.sys
    2011-12-30 01:43:58 322432 ----a-w- c:\windows\system32\dllcache\g400m.sys
    2011-12-30 01:42:59 16074 ----a-w- c:\windows\system32\dllcache\fa312nd5.sys
    2011-12-30 01:41:59 153631 ----a-w- c:\windows\system32\dllcache\el90xnd5.sys
    2011-12-30 01:40:59 29696 ----a-w- c:\windows\system32\dllcache\dm9pci5.sys
    2011-12-30 01:39:59 110592 ----a-w- c:\windows\system32\dllcache\dc260usd.dll
    2011-12-30 01:38:58 10240 ----a-w- c:\windows\system32\dllcache\compbatt.sys
    2011-12-30 01:37:58 74240 ----a-w- c:\windows\system32\dllcache\camexo20.dll
    2011-12-30 01:37:55 171264 ----a-w- c:\windows\system32\dllcache\camdrv30.sys
    2011-12-30 01:37:54 223232 ----a-w- c:\windows\system32\dllcache\camdrv21.sys
    2011-12-30 01:37:53 314752 ----a-w- c:\windows\system32\dllcache\camdro21.sys
    2011-12-30 01:35:53 13696 ----a-w- c:\windows\system32\dllcache\avcstrm.sys
    2011-12-30 01:34:58 22400 ----a-w- c:\windows\system32\dllcache\asc3350p.sys
    2011-12-30 01:33:03 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
    2011-12-26 23:52:02 -------- d-----w- c:\windows\Performance
    2011-12-26 23:51:47 -------- d-----w- c:\documents and settings\owner\local settings\application data\Microsoft Corporation
    2011-12-26 23:51:02 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
    .
    ==================== Find3M ====================
    .
    2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
    2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
    2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
    2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-10-25 12:52:03 2069376 ------w- c:\windows\system32\ntkrnlpa.exe
    2011-10-18 11:13:22 186880 ------w- c:\windows\system32\encdec.dll
    2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-10-07 16:52:58 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2011-10-07 16:52:58 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2001-07-22 02:45:40 94784 -csh--w- c:\windows\twain.dll
    2008-04-14 00:12:07 50688 --sh--w- c:\windows\twain_32.dll
    2011-02-08 13:33:55 978944 --sha-w- c:\windows\system32\mfc42.dll
    2008-04-14 00:12:01 57344 --sha-w- c:\windows\system32\msvcirt.dll
    2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll
    2010-12-20 17:32:15 551936 --sh--w- c:\windows\system32\oleaut32.dll
    2008-04-14 00:12:02 84992 --sha-w- c:\windows\system32\olepro32.dll
    2008-04-14 00:12:32 11776 --sh--w- c:\windows\system32\regsvr32.exe
    .
    ============= FINISH: 13:08:46.84 ===============


    4. DDS attach.txt
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2/23/2002 1:38:13 PM
    System Uptime: 12/30/2011 12:32:59 PM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P4B266LA
    Processor: Intel(R) Pentium(R) 4 CPU 1.60GHz | PGA 478 | 1594/100mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 70 GiB total, 44.823 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP346: 10/1/2011 6:59:12 PM - Software Distribution Service 3.0
    RP347: 10/6/2011 6:34:58 PM - System Checkpoint
    RP348: 10/8/2011 12:02:48 PM - System Checkpoint
    RP349: 10/9/2011 12:45:00 PM - System Checkpoint
    RP350: 10/12/2011 7:13:39 PM - Software Distribution Service 3.0
    RP351: 10/13/2011 9:58:15 PM - System Checkpoint
    RP352: 10/21/2011 7:41:41 PM - System Checkpoint
    RP353: 10/22/2011 8:13:41 PM - System Checkpoint
    RP354: 10/29/2011 8:09:01 AM - System Checkpoint
    RP355: 11/6/2011 3:53:13 PM - System Checkpoint
    RP356: 11/10/2011 3:52:19 PM - Software Distribution Service 3.0
    RP357: 11/10/2011 6:01:58 PM - Software Distribution Service 3.0
    RP358: 11/27/2011 4:40:47 PM - System Checkpoint
    RP359: 12/17/2011 6:22:58 PM - Software Distribution Service 3.0
    RP360: 12/24/2011 10:17:48 AM - System Checkpoint
    RP361: 12/26/2011 3:51:00 PM - Installed Windows 7 Upgrade Advisor
    RP362: 12/27/2011 4:17:16 PM - System Checkpoint
    RP363: 12/29/2011 6:49:58 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Access Drivers
    Adobe Acrobat 4.0
    Adobe Acrobat 5.0
    Adobe Download Manager 1.2 (Remove Only)
    Adobe Flash Player 10 ActiveX
    ArcSoft PhotoFantasy
    ArcSoft PhotoImpression
    Comcast Universal Installer v1.2
    Detto IntelliMover
    Easy Internet Sign-up
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Instant Support
    HP Photo Imaging Software
    HP Photo Printing Software
    hp photosmart printer series (Remove only)
    HP Precisionscan Pro 3.1
    HP RecordNow
    HP Share-to-Web
    Inactive HP Printer Drivers (Remove only)
    InterVideo WinDVD
    KBD
    KODAK Camera Connection Software Help
    KODAK Memory Albums
    KODAK One Touch to Better Pictures
    Lernout & Hauspie TruVoice American English TTS Engine
    Malwarebytes Anti-Malware version 1.60.0.1800
    MarketBrowser
    MGI PhotoSuite 4 (Remove Only)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2572067)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Corporation
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft LifeCam
    Microsoft Money 2002
    Microsoft Money 2002 System Pack
    Microsoft National Language Support Downlevel APIs
    Microsoft Works 6.0
    Microsoft Works and Money 2002 Setup Launcher
    Microsoft XML Parser
    Mozilla Firefox (3.6.23)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    Norton Security Suite
    NVIDIA Windows 2000/XP Display Drivers
    PC-Doctor for Windows
    PhotoSmart Printer Software
    PS2
    Python 1.5 combined Win32 extensions
    Python 1.5.2 (final)
    QuickTime
    S3 Gamma
    S3 Savage4 Family Display Switch2 Utility
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB979402)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 8 (KB917734)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Skype Toolbars
    Skype™ 5.3
    Studio
    Tcl 8.0.5 for Windows
    TOPO!
    Trellix Web Express Site Building
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows Internet Explorer 8 (KB980302)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    WebFldrs XP
    Windows 7 Upgrade Advisor
    Windows Genuine Advantage v1.3.0254.0
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Presentation Foundation
    Windows XP Service Pack 3
    WordPerfect Office 2002 Try Before You Buy
    Works Suite OS Pack
    XML Paper Specification Shared Components Pack 1.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/29/2011 8:29:08 PM, error: DCOM [10000] - Unable to start a DCOM Server: {91814EC0-B5F0-11D2-80B9-00104B1F6CEA}. The error: "%3" Happened while starting this command: C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\iK ernel.exe -Embedding
    12/26/2011 3:13:59 PM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{33664E88-04AB-4E8A-B442-454570593720} because another computer on the network has the same name. The server could not start.
    12/26/2011 3:12:42 PM, error: E100B [4] - Adapter Intel(R) PRO/100 VE Network Connection #2: Adapter Link Down
    .
    ==== End Of File ===========================

  4. #4
    Join Date
    Mar 2008
    Location
    London England
    Posts
    103
    Thanks for submitting all the logs above.
    I have asked our Spyware Expert to check your logs, as soon as possible.

  5. #5
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    71
    Posts
    4,079
    Hi, Thanks to "The Saint" (S. Templar)for letting me know you were here

    First of all their host file is not as it should be. Please do the following:
    Download: hosts.zip [right-click - Select: Save Target As]
    From the "Save As" dialog box, click the Desktop icon on the left side.
    Click Save, this will save "hosts.zip" to your Desktop.
    From your Desktop right-click (hosts.zip) and select:
    Extract All
    from the menu.
    Click Next, click Next, select the option:
    "Show Extracted files", click Finish
    This will open the newly created hosts folder on your Desktop.

    Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.

    While the scans are clean... they have a couple "junk programs" on the machine that should be Uninstalled using Add/Remove:
    MarketBrowser
    Uniblue RegistryBooster 2009

    There are a few auto starting programs that don't need to auto start, they can be run manually quite easily.
    Microsoft Works Update Detection
    S3tray2.exe
    NvCplDaemon
    IgfxTray
    Malwarebytes' Anti-Malware

    Since they are using XP they can easily stop these auto starts using a neat little program called Mike Lin's Startup Control Panel
    http://www.mlin.net/StartupCPL.shtml

    Just download, install, open the program and remove the check marks from the listings above. Close the program and reboot.

    You should reduce the size of System Restore, it has too many. Right Click My Computer, choose Properties. When that opens go to the System Restore Tab, turn off system restore and move the slider there down to no more than 5%. Then restart System Restore.

    I would also recommend that you update their Firefox to the latest version which is version 9.0.1. This can be done by going up to Help, About Firefox and checking for updates right there.
    That should allow the program to update. Now the new version looks much different than the old one they are used to so you will need to install this Addon so it will look the same:
    Firefox 3 Theme for Firefox 4 and higher.
    Available Here http://ffaddons.game-point.net/ff3ff4/

    They also don't appear to have Java installed at all. This is truly needed
    Go here and download and install
    http://www.java.com/en/download/index.jsp

    I would also recommend a Disk Defrag. Possibly hasn't been done in awhile.

    Other than that it looks clean. Other questions?

  6. #6
    That helped a lot and saved me a ton of headaches. Thanks for the time and expertise.

  7. #7
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    71
    Posts
    4,079
    So all is working well now?

    I just noticed you ran the Windows 7 upgrade advisor on this computer...I wouldn't advise doing this on this computer, it is too old, as you said, it is 10 years old. As long as XP is fully updated it is fully supported until April 2014. It may meet "minimum" requirements but that would be the minimum and you wouldn't get the benefit of a new Windows 7 system, which really is a super system.
    RAM alone says minimum of 1GB of RAM for a 32bit system...that is minimum and certainly won't be fast. Cost of purchase of the upgrade alone is going to probably be a minimum of over $100. If they are seriously considering this frankly I would consider purchasing a new computer for just a few hundred more. Judging by what is installed on this computer they sure wouldn't need anything fancy, just a nice simple computer that would let them do exactly what they are doing now.
    January is supposed to be a very good time to purchase a new one because the new models are coming out soon so "this years" models may have some very good mark down prices. But I would do that before upgrading a computer this old.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •