In my office I have an old computer (the best I could get from the school I work at). It was never lightning fast, but has progressively gotten slower until lately it seems to struggle with about everything. Any video clips are very choppy and sometimes don't work at all. Firefox will all but freeze up sometimes. I have used all of my resources to clean and fix small stuff, but it failed to speed things up again. Thanks for any help.

Josh


Here is my HJT log.
Logfile of HijackThis v1.99.1
Scan saved at 11:18:20 AM, on 10/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sirius.com/servlet/ContentServe...d=1174328309443
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = astate.edu
O17 - HKLM\Software\..\Telephony: DomainName = astate.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = astate.edu
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

Hello okieherper, and welcome back to WhattheTech! My name is BHowett and I will be helping you to get sorted. If for any reason you do not understand any of the instructions, or are just unsure then please do not guess , simply post back with your question, and we will go through it again.

There is nothing really looking bad in your log, but let’s do a little clean up and take a deeper look at some things.


ATF Cleaner

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

===============================================

RSIT

• Download random's system information tool (RSIT) by random/random from here.
• It is important that is saved to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Thanks for a very quick reply (possibly the fastest I've had). I forgot to add in my previous post that sometimes Firefox will drain way too much cpu %.

I also wondered if I could be having some of my RAM go bad.

Josh



Here are the requested logs:

info.txt logfile of random's system information tool 1.04 2008-10-07 14:26:18

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Dell Photo Printer 720 Logger-->C:\Program Files\Dell Photo Printer 720\dlbcunst.exe
Dell Photo Printer 720-->C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBCUN5C.EXE -dDell Photo Printer 720
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hijackthis 1.99.1-->"C:\Program Files\Hijackthis\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Jasc Paint Shop Photo Album-->MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java™ 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java™ SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\system32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
PIXresizer 2.0.1-->"C:\Program Files\PIXresizer\unins000.exe"
QuickTime-->MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
Random Generator for Excel 1.2-->"C:\Program Files\Add-in Express\AddIns\Random Generator for Excel\unins000.exe"
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
RichFX Player-->RunDll32 C:\PROGRA~1\COMMON~1\RichFX\npvpg004.dll,Uninstall_Player
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec AntiVirus-->MsiExec.exe /I{5A633ED0-E5D7-4D65-AB8D-53ED43510284}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Symantec AntiVirus Corporate Edition

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 11 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0b01
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------


Logfile of random's system information tool 1.04 (written by random/random)
Run by Josh.Engelbert at 2008-10-07 14:24:59
Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (48%) free of 20 GB
Total RAM: 511 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:26:14 PM, on 10/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Documents and Settings\josh.engelbert\Desktop\RSIT.exe
C:\Program Files\trend micro\Josh.Engelbert.exe
c:\Program Files\Microsoft Silverlight\2.0.30523.8\Silverlight.Configuration.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sirius.com/servlet/ContentServe...d=1174328309443
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-436374069-1580818891-682003330-20086\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-21-436374069-1580818891-682003330-20086\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = astate.edu
O17 - HKLM\Software\..\Telephony: DomainName = astate.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = astate.edu
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 8027 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-04-29 654320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2005-04-08 48752]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2005-04-17 85184]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-07-28 4841472]
"nwiz"=nwiz.exe /install []
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-13 143360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-10 385024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-10 385024]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
dlbcserv.lnk - C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-04-17 43712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1
"disablecad"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"DisallowRun"=1
"NoDrives"=0
"NoViewOnDrive"=0
"NoLogoff"=0
"NoWindowsUpdate"=0
"NoSMMyPictures"=0
"NoStartMenuMyMusic"=0
"StartMenuLogOff"=0
"HideClock"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\Program Files\Yahoo! Games\Flip Words\FlipWords.exe"="C:\Program Files\Yahoo! Games\Flip Words\FlipWords.exe:*:Enabled:FlipWords"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

======List of files/folders created in the last 1 months======

2008-10-07 14:25:00 ----D---- C:\Program Files\trend micro
2008-10-07 14:24:59 ----D---- C:\rsit
2008-10-06 13:19:21 ----D---- C:\Program Files\Hijackthis
2008-10-06 13:18:50 ----D---- C:\Documents and Settings\josh.engelbert\Application Data\Malwarebytes
2008-10-06 13:18:43 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-06 13:18:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-06 13:18:31 ----D---- C:\Program Files\Common Files\Download Manager
2008-10-02 16:42:58 ----D---- C:\Documents and Settings\All Users\Application Data\FunGames
2008-09-09 19:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-09 19:00:07 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-09 18:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-09 11:00:34 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-09 11:00:07 ----D---- C:\WINDOWS\Prefetch
2008-09-09 10:50:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-09 10:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-09 10:49:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-09 10:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-09 10:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-09 10:48:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-09-09 10:48:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-09 10:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-09 10:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-09 10:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-09 10:41:55 ----A---- C:\WINDOWS\setuplog.txt
2008-09-09 10:40:15 ----D---- C:\WINDOWS\system32\scripting
2008-09-09 10:40:14 ----D---- C:\WINDOWS\l2schemas
2008-09-09 10:40:13 ----D---- C:\WINDOWS\system32\en
2008-09-09 10:40:12 ----D---- C:\WINDOWS\system32\bits
2008-09-09 10:35:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-09 10:30:13 ----A---- C:\WINDOWS\imsins.BAK
2008-09-09 10:23:20 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-09 10:09:37 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-09 10:09:13 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-09 10:08:58 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-09 10:08:57 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-09 10:08:54 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-09 10:08:53 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-09 10:08:53 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-09 10:08:53 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-09 10:08:53 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-09 10:08:53 ----N---- C:\WINDOWS\slrundll.exe
2008-09-09 10:08:48 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-09 10:08:43 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-09 10:08:38 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-09 10:08:37 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-09 10:08:34 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-09 10:08:34 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-09 10:08:34 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-09 10:08:21 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-09 10:08:01 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-09 10:08:01 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-09 10:08:01 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-09 10:08:00 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-09 10:07:59 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-09-09 10:07:55 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-09 10:07:55 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-09 10:07:20 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-09 10:07:18 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-09 10:07:17 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-09 10:07:16 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-09 10:07:00 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-09 10:06:32 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-09 10:06:31 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-09 10:06:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-09 10:06:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-09 10:06:30 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-09 10:06:29 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-09 10:06:07 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-09 10:06:06 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-09 10:05:59 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-09 10:05:50 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-09 10:05:48 ----N---- C:\WINDOWS\system32\hccoin.dll
2008-09-09 10:05:39 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-09 10:05:39 ----A---- C:\WINDOWS\003396_.tmp
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-09 10:05:36 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-09 10:05:35 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-09 10:05:30 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-09 10:05:30 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-09 10:05:30 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-09 10:05:30 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-09 10:05:30 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-09 10:05:30 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-09 10:05:29 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-09 10:05:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-09 10:05:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-09 10:05:26 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-09 10:05:20 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-09 10:05:08 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-09 10:05:07 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-09 10:05:05 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-09 10:05:05 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-09 10:05:04 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-09 10:05:04 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-09 10:05:03 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-09 10:05:03 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-09 10:05:03 ----N---- C:\WINDOWS\system32\ati2cqag.dll

======List of files/folders modified in the last 1 months======

2008-10-07 14:25:00 ----RD---- C:\Program Files
2008-10-07 14:24:05 ----D---- C:\WINDOWS\Temp
2008-10-07 14:22:40 ----D---- C:\Program Files\Mozilla Firefox
2008-10-07 09:02:31 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-07 08:56:54 ----D---- C:\WINDOWS
2008-10-07 08:56:51 ----D---- C:\Program Files\Symantec AntiVirus
2008-10-07 08:56:34 ----D---- C:\WINDOWS\security
2008-10-06 17:46:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-06 16:29:25 ----D---- C:\WINDOWS\system32
2008-10-06 13:18:45 ----D---- C:\WINDOWS\system32\drivers
2008-10-06 13:18:31 ----D---- C:\Program Files\Common Files
2008-10-02 16:48:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-02 16:47:45 ----A---- C:\WINDOWS\win.ini
2008-10-01 08:27:15 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-24 17:21:58 ----A---- C:\WINDOWS\dellstat.ini
2008-09-09 20:21:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-09 20:20:56 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-09 19:01:25 ----D---- C:\WINDOWS\Debug
2008-09-09 19:01:08 ----HD---- C:\WINDOWS\inf
2008-09-09 19:00:09 ----D---- C:\WINDOWS\WinSxS
2008-09-09 18:58:45 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-09 11:02:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-09 10:58:58 ----D---- C:\WINDOWS\system32\Setup
2008-09-09 10:58:58 ----D---- C:\WINDOWS\AppPatch
2008-09-09 10:58:57 ----D---- C:\WINDOWS\system32\wbem
2008-09-09 10:58:54 ----RSD---- C:\WINDOWS\Fonts
2008-09-09 10:50:28 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-09 10:47:23 ----D---- C:\Program Files\Messenger
2008-09-09 10:40:35 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-09 10:40:35 ----D---- C:\WINDOWS\network diagnostic
2008-09-09 10:40:35 ----D---- C:\WINDOWS\Help
2008-09-09 10:40:34 ----D---- C:\WINDOWS\ime
2008-09-09 10:40:16 ----D---- C:\WINDOWS\system32\usmt
2008-09-09 10:40:16 ----D---- C:\WINDOWS\system32\en-US
2008-09-09 10:40:12 ----D---- C:\WINDOWS\PeerNet
2008-09-09 10:40:12 ----D---- C:\Program Files\Movie Maker
2008-09-09 10:34:59 ----D---- C:\WINDOWS\system32\Restore
2008-09-09 10:34:59 ----D---- C:\WINDOWS\system32\npp
2008-09-09 10:34:59 ----D---- C:\WINDOWS\mui
2008-09-09 10:34:58 ----D---- C:\WINDOWS\msagent
2008-09-09 10:34:56 ----D---- C:\WINDOWS\srchasst
2008-09-09 10:34:55 ----D---- C:\Program Files\NetMeeting
2008-09-09 10:34:53 ----D---- C:\WINDOWS\system32\Com
2008-09-09 10:34:50 ----D---- C:\Program Files\Windows NT
2008-09-09 10:34:50 ----D---- C:\Program Files\Windows Media Player
2008-09-09 10:34:49 ----D---- C:\Program Files\Outlook Express
2008-09-09 10:34:45 ----D---- C:\Program Files\Common Files\System
2008-09-09 10:34:14 ----D---- C:\WINDOWS\system32\oobe
2008-09-09 10:34:12 ----D---- C:\WINDOWS\system
2008-09-09 10:23:14 ----D---- C:\WINDOWS\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 42752]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2007-02-20 8552]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081005.005\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081005.005\navex15.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-07-28 1341339]
R3 RTL8023xp;TRENDnet TE100 PCBUSR PC Card; C:\WINDOWS\system32\DRIVERS\TE100XP.SYS [2006-04-18 78720]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-08-19 73984]
S3 EraserUtilDrvI7;EraserUtilDrvI7; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-25 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2005-04-08 185968]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2005-04-08 161392]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2005-04-17 19648]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-29 137200]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-03-04 311296]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-07-28 77824]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2005-04-17 1706176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2005-04-08 83568]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-01-31 2975352]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2005-04-17 124608]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
S3 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2005-03-30 992864]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Hi okieherper,

There is nothing showing in your logs that lead me to believe you have an infection at this point, so let see if we can speed things up a bit for you.

Fix With HJT

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-436374069-1580818891-682003330-20086\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User '?')


O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present <== fix this one only if you did not set it
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present <== fix this one only if you did not set it


Now close all windows other than HiJackThis, then click Fix Checked. Next close HiJackThis and reboot.


=============================================================================

Uninstall Programs

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 5
Java™ SE Runtime Environment 6 Update 1

=============================================================================

Here is a nice write-up by an expert named miekiemoes take a look at it and see if any of it helps out.

Help! My computer is slow!

=============================================================================

Here are some tips to make Firefox run faster that may help a little….

Make Firefox Faster

1. Type "about:config" into the address bar and hit return. Scroll
down and look for the following entries:

network.http.pipelining
network.http.proxy.pipelining
network.http.pipelining.maxrequests

Normally the browser will make one request to a web page at a time.
When you enable pipelining it will make several at once, which really
speeds up page loading.

2. Alter the entries as follows:

Set "network.http.pipelining" to "true"

Set "network.http.proxy.pipelining" to "true"

Set "network.http.pipelining.maxrequests" to any number around 5-12. This
means it will make X requests at once, depending on the number you put in.

NOTE: A recommended number is either 8 or 12.

3. Lastly right-click anywhere and select New > Integer.
Name it "nglayout.initialpaint.delay" and set its value to "0".
This value is the amount of time the browser waits before it acts on information it recieves.

If you're using a broadband connection you'll load pages 2-3 times faster now.

IMPORTANT: Some small sites may block your connection because it DOES take up more bandwidth than usual. Take note.

=============================================================================

Next after all that let’s run an online scan just to make sure I’m not missing anything

Please do an online scan with Kaspersky WebScanner

Kaspersky online scanner uses JAVA tecnology to perform the scan. If you do not have the latest JAVA version, follow the instrutions below under Upgrading Java, to download and install the latest vesion.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure the following is checked.
   
   Spyware, Adware, Dialers, and other potentially dangerous programs
   Archives
   Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply, and let me know how things are running

Well the scanner turned up nothing. I tweaked what you suggested, but little is better. I think this is just a crappy old pc that is finally trying to give up. Things still work enough to get me by. I will just have to use my laptop for anything too important.

I did just notice 1 other thing. In device manager I have 2 COM3 ports. One of them displays the error. When I open it, it says "This device cannot find enough free resources that it can use. (Code 12)". Among the other symptoms, any program (or even folder) I double-click on takes at least 5 seconds to even start to open.

I appreciate all the help. I really appreciate the speedy replies. However, If you have no more suggestions or ideas, feel free to close this topic.


Josh

Hi okieherper,


Your system drive C: has 9 GB (48%) free of 20 GB with a Total RAM: 511 MB (25% free) so it seems to me that this shouldn’t really be a problem, witch might mean your looking at some hardware problems. However this falls a little outside of my expertise, so you might want to post in Microsoft Windows™ in the tech forms and see what they can do for you. Just be sure to let them know you have been cleared on the malware forum.

let me know if you have any questions.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.