Resolved Sytems hangs within a few seconds of start up, nothing in logs files and no errors

nickn

TS Member
Hello,

My computer just started hanging the other day within a few seconds of when I login. By that I mean it just freezes. I can't move the mouse and the keyboard is unresponsive. No error messages are displayed, it just freezes. I have to powercycle the box and then it happens again.

I have been able to get the computer to run in safe mode, but when I run it in safe mode with networking it also hangs. I have tried disabling all the network devices from the control panel/system/hardware/device manager. But I have the same problem.

I ran SUPERAntiSpyware and it found a few tracking cookies which I deleted and then I ran a full scan it came up clean. I tried running Norton while in Safe Mode, but after a few minutes the system again hung.

I followed the 5 step virus removal instructions and have included the logs below.

Thanks for all your help in advance.

mbam-log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7622

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

12/8/2011 9:49:32 PM
mbam-log-2011-12-08 (21-49-32).txt

Scan type: Quick scan
Objects scanned: 246364
Time elapsed: 2 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER log:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-12-08 22:02:25
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\00000071 ST31000528AS rev.CC35
Running: GMER.exe; Driver: C:\DOCUME~1\Nick\LOCALS~1\Temp\uxtdapoc.sys


---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL
Internet Explorer: 8.0.6001.18702
Run by Nick at 22:02:46 on 2011-12-08
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.3049 [GMT -8:00]
.
AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://my.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\4.4.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\4.4.0.12\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\4.4.0.12\coIEPlg.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe
mRun: [Seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe"
mRun: [OpwareSE2] "c:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0401.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [NeroCheck] c:\windows\system32\\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda3100v2\WNDA3100v2.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pictur~1.lnk - c:\program files\picturemover\bin\PictureMover.exe
IE: {CE9E9C20-E2C5-4dc0-8A80-CF344B557F5D} - c:\program files\pokerstars.espn\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1250448427656
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250448420281
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} - hxxp://www.ritzpix.com/net/Uploader/LPUploader57.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1D993BCA-B912-4082-BB47-8E781C999B83} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F41474EF-ACBA-4178-9B34-67F013C7CBE5} : DhcpNameServer = 192.168.1.1
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0404000.00c\symds.sys [2011-10-31 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0404000.00c\symefa.sys [2011-10-31 173176]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
S1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20111123.001\BHDrvx86.sys [2011-11-29 819320]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0404000.00c\cchpx86.sys [2011-10-31 485512]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0404000.00c\ironx86.sys [2011-10-31 116784]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-7 136176]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-9-19 12184]
S2 N360;Norton Security Suite;c:\program files\norton security suite\engine\4.4.0.12\ccsvchst.exe [2011-10-31 126400]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-19 2214504]
S2 Secunia Update Agent;Secunia Update Agent;"c:\program files\secunia\psi\sua.exe" --start-service --> c:\program files\secunia\psi\sua.exe [?]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2008-6-24 431384]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2011-7-3 66944]
S2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2011-6-22 272864]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2011-6-22 642432]
S3 EraserUtilDrvI9;EraserUtilDrvI9;\??\c:\program files\common files\symantec shared\eengine\eraserutildrvi9.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrvI9.sys [?]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-7 136176]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20111206.001\IDSXpx86.sys [2011-12-6 356280]
S3 IPN2120;Instant Wireless-B PCI Adapter Driver;c:\windows\system32\drivers\lsipnds.sys --> c:\windows\system32\drivers\LSIPNDS.sys [?]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20111206.018\NAVENG.SYS [2011-12-6 86136]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20111206.018\NAVEX15.SYS [2011-12-6 1576312]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2011-6-22 50704]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2009-11-23 119528]
S3 sctdisk;sctdisk;\??\c:\windows\system32\sctdisk.sys --> c:\windows\system32\sctdisk.sys [?]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2011-10-16 19:26:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
.
============= FINISH: 22:03:29.06 ===============

Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/16/2009 12:05:30 AM
System Uptime: 12/8/2011 9:55:30 PM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | M61PME-S2P
Processor: AMD Athlon(tm) X2 250 Processor | Socket M2 | 3013/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 329.193 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 153 GiB total, 64.133 GiB free.
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter
Device ID: USB\VID_0846&PID_9011\28522
Manufacturer: Netgear
Name: NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter #2
PNP Device ID: USB\VID_0846&PID_9011\28522
Service: BCMH43XX
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (L2TP)
Device ID: ROOT\MS_L2TPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (L2TP)
PNP Device ID: ROOT\MS_L2TPMINIPORT\0000
Service: Rasl2tp
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (IP)
Device ID: ROOT\MS_NDISWANIP\0000
Manufacturer: Microsoft
Name: WAN Miniport (IP)
PNP Device ID: ROOT\MS_NDISWANIP\0000
Service: NdisWan
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (PPPOE)
Device ID: ROOT\MS_PPPOEMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (PPPOE)
PNP Device ID: ROOT\MS_PPPOEMINIPORT\0000
Service: RasPppoe
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (PPTP)
Device ID: ROOT\MS_PPTPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (PPTP)
PNP Device ID: ROOT\MS_PPTPMINIPORT\0000
Service: PptpMiniport
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0000
Manufacturer: Microsoft
Name: WAN Miniport (IP) - Packet Scheduler Miniport
PNP Device ID: ROOT\MS_PSCHEDMP\0000
Service: PSched
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0001
Manufacturer: Microsoft
Name: NVIDIA nForce Networking Controller - Packet Scheduler Miniport
PNP Device ID: ROOT\MS_PSCHEDMP\0001
Service: PSched
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0002
Manufacturer: Microsoft
Name: NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter #3 - Packet Scheduler Miniport
PNP Device ID: ROOT\MS_PSCHEDMP\0002
Service: PSched
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0003
Manufacturer: Microsoft
Name: NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter - Packet Scheduler Miniport
PNP Device ID: ROOT\MS_PSCHEDMP\0003
Service: PSched
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0004
Manufacturer: Microsoft
Name: NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter #2 - Packet Scheduler Miniport
PNP Device ID: ROOT\MS_PSCHEDMP\0004
Service: PSched
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Direct Parallel
Device ID: ROOT\MS_PTIMINIPORT\0000
Manufacturer: Microsoft
Name: Direct Parallel
PNP Device ID: ROOT\MS_PTIMINIPORT\0000
Service: Raspti
.
==== System Restore Points ===================
.
RP346: 9/7/2011 11:41:07 PM - System Checkpoint
RP347: 9/9/2011 12:59:53 AM - System Checkpoint
RP348: 9/10/2011 11:11:22 AM - System Checkpoint
RP349: 9/11/2011 11:23:15 AM - System Checkpoint
RP350: 9/12/2011 11:24:59 AM - System Checkpoint
RP351: 9/13/2011 11:59:38 AM - System Checkpoint
RP352: 9/14/2011 12:11:14 PM - System Checkpoint
RP353: 9/15/2011 1:02:27 PM - System Checkpoint
RP354: 9/15/2011 6:19:44 PM - Software Distribution Service 3.0
RP355: 9/16/2011 6:58:18 PM - System Checkpoint
RP356: 9/17/2011 9:53:24 PM - System Checkpoint
RP357: 9/19/2011 8:29:40 AM - System Checkpoint
RP358: 9/20/2011 3:04:17 PM - System Checkpoint
RP359: 9/21/2011 3:23:40 PM - System Checkpoint
RP360: 9/22/2011 5:13:39 PM - System Checkpoint
RP361: 9/23/2011 5:57:00 PM - System Checkpoint
RP362: 9/24/2011 6:10:30 PM - System Checkpoint
RP363: 9/25/2011 6:22:01 PM - System Checkpoint
RP364: 9/26/2011 6:25:41 PM - System Checkpoint
RP365: 9/28/2011 8:40:51 AM - System Checkpoint
RP366: 9/28/2011 11:01:46 PM - Software Distribution Service 3.0
RP367: 9/30/2011 8:14:06 AM - System Checkpoint
RP368: 10/1/2011 9:35:56 AM - System Checkpoint
RP369: 10/2/2011 9:53:20 AM - System Checkpoint
RP370: 10/3/2011 12:00:48 PM - System Checkpoint
RP371: 10/4/2011 6:13:06 PM - System Checkpoint
RP372: 10/5/2011 8:57:30 PM - System Checkpoint
RP373: 10/6/2011 9:46:41 PM - System Checkpoint
RP374: 10/7/2011 9:49:46 PM - System Checkpoint
RP375: 10/8/2011 10:02:51 PM - System Checkpoint
RP376: 10/10/2011 9:53:26 AM - System Checkpoint
RP377: 10/11/2011 11:48:37 AM - System Checkpoint
RP378: 10/12/2011 12:04:49 PM - System Checkpoint
RP379: 10/13/2011 1:42:45 AM - Software Distribution Service 3.0
RP380: 10/14/2011 10:39:43 AM - System Checkpoint
RP381: 10/15/2011 11:56:58 AM - System Checkpoint
RP382: 10/16/2011 5:13:31 PM - System Checkpoint
RP383: 10/17/2011 6:36:49 PM - System Checkpoint
RP384: 10/18/2011 6:43:10 PM - System Checkpoint
RP385: 10/19/2011 6:47:29 PM - System Checkpoint
RP386: 10/20/2011 7:09:28 PM - System Checkpoint
RP387: 10/22/2011 1:01:00 AM - System Checkpoint
RP388: 10/23/2011 1:23:10 AM - System Checkpoint
RP389: 10/24/2011 2:23:10 AM - System Checkpoint
RP390: 10/25/2011 8:57:01 AM - System Checkpoint
RP391: 10/26/2011 10:36:10 AM - System Checkpoint
RP392: 10/27/2011 10:53:38 AM - System Checkpoint
RP393: 10/28/2011 11:33:33 AM - System Checkpoint
RP394: 10/29/2011 12:41:09 PM - System Checkpoint
RP395: 10/30/2011 1:18:56 PM - System Checkpoint
RP396: 10/31/2011 1:32:32 PM - System Checkpoint
RP397: 11/1/2011 3:04:00 PM - System Checkpoint
RP398: 11/2/2011 3:45:40 PM - System Checkpoint
RP399: 11/3/2011 4:40:08 PM - System Checkpoint
RP400: 11/4/2011 5:49:18 PM - System Checkpoint
RP401: 11/5/2011 6:45:12 PM - System Checkpoint
RP402: 11/6/2011 7:32:54 PM - System Checkpoint
RP403: 11/7/2011 7:37:13 PM - System Checkpoint
RP404: 11/8/2011 8:47:01 PM - System Checkpoint
RP405: 11/9/2011 9:04:32 PM - System Checkpoint
RP406: 11/9/2011 10:48:16 PM - Software Distribution Service 3.0
RP407: 11/10/2011 10:55:52 PM - System Checkpoint
RP408: 11/12/2011 1:28:14 AM - Software Distribution Service 3.0
RP409: 11/13/2011 2:22:43 AM - System Checkpoint
RP410: 11/14/2011 8:40:39 AM - System Checkpoint
RP411: 11/15/2011 10:22:39 AM - System Checkpoint
RP412: 11/16/2011 10:56:14 AM - System Checkpoint
RP413: 11/17/2011 11:16:45 AM - System Checkpoint
RP414: 11/18/2011 12:17:24 PM - System Checkpoint
RP415: 11/19/2011 2:33:06 PM - System Checkpoint
RP416: 11/20/2011 2:38:36 PM - System Checkpoint
RP417: 11/21/2011 2:42:14 PM - System Checkpoint
RP418: 11/22/2011 3:09:37 PM - System Checkpoint
RP419: 11/23/2011 4:57:55 PM - System Checkpoint
RP420: 11/24/2011 5:07:29 PM - System Checkpoint
RP421: 11/25/2011 5:50:34 PM - System Checkpoint
RP422: 11/26/2011 6:32:17 PM - System Checkpoint
RP423: 11/27/2011 7:12:26 PM - System Checkpoint
RP424: 11/28/2011 7:23:31 PM - System Checkpoint
RP425: 11/29/2011 9:49:29 PM - System Checkpoint
RP426: 11/30/2011 9:56:36 PM - System Checkpoint
RP427: 12/2/2011 12:35:09 AM - System Checkpoint
RP428: 12/3/2011 11:05:58 AM - System Checkpoint
RP429: 12/4/2011 5:53:31 PM - System Checkpoint
RP430: 12/5/2011 8:54:08 PM - System Checkpoint
.
==== Installed Programs ======================
.
.
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.6
Age of Empires III
Aiseesoft DVD to iPad Converter
Aiseesoft iPad Converter Suite
AMD Processor Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
Bonjour
Canon MP Navigator 2.0
Canon MP500
Canon Utilities Easy-PhotoPrint
Compatibility Pack for the 2007 Office system
Curse Client
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DVD Shrink 3.2
DVDFab 8.0.7.3 (29/01/2011)
eReg
ESPN Poker Club
EverQuest II Extended
EZ Vinyl Converter by MixMeister 1.0.6
FLV Player 2.0 (build 25)
Google Earth
Google Update Helper
HandBrake 0.9.5
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
iSEEK AnswerWorks English Runtime
iTunes
Java Auto Updater
Java(TM) 6 Update 26
jZip
K-Lite Codec Pack 7.5.0 (Full)
LAME v3.98.2 for Audacity
Logitech SetPoint 6.30
Malwarebytes' Anti-Malware version 1.51.2.1300
MaxBlast 3
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework Client Profile
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Standard Edition 2003
Microsoft Search Enhancement Pack
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft UI Engine
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero - Burning Rom
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
Norton Security Suite
NVIDIA Control Panel 275.33
NVIDIA Drivers
NVIDIA Graphics Driver 275.33
NVIDIA HD Audio Driver 1.2.23.3
NVIDIA Install Application
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.3.5
NVIDIA Update Components
OGA Notifier 2.0.0048.0
OmniPage SE 2.0
Pajama Sam Life is Rough When You Lose Your Stuff
Pajama Sam No Need to Hide When It's Dark Outside
PictureMover
PrimoPDF -- brought to you by Nitro PDF Software
QuickTime
Realtek High Definition Audio Driver
Seagate*DiscWizard
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SUPERAntiSpyware
System Requirements Lab
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 woriper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 woriper
TurboTax 2010 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
VoiceOver Kit
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World of Warcraft
WOT for Internet Explorer
.
==== Event Viewer Messages From Past Week ========
.
12/8/2011 8:38:17 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service COMSysApp with arguments "" in order to run the server: {182C40F0-32E4-11D0-818B-00A0C9231C29}
12/7/2011 9:49:51 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/7/2011 8:34:46 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
12/7/2011 8:28:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdPPM BHDrvx86 ccHP eeCtrl Fips SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI
12/7/2011 7:24:22 AM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
12/7/2011 7:24:22 AM, error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The system cannot find the file specified.
12/7/2011 5:28:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdPPM BHDrvx86 ccHP eeCtrl Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI Tcpip
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:27:14 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/7/2011 5:27:08 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/7/2011 5:26:56 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/7/2011 10:25:09 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
12/7/2011 10:17:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
12/1/2011 10:20:22 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer FAMILYLAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1D993BCA-B912-4. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
 

nickn

TS Member
One thing I forgot to mention. To the best of my knowledge no new software was installed and I have not made any hardware or system configuration changes recently.
 

Bobbye

Helper on the Fringe
I'm going to have your threads moved to a more appropriate forum. The helpers there can assist you in checking the Event Viewer and possibly checking mini-dumps for bad drivers.

The thread will be reopened after it has been moved.
 

nickn

TS Member
Thank you. I wasn't sure if it was a virus or not. I have backed up all the data on this computer. I will go ahead and re-install Windows XP and hope it is just a driver issue and not hardware.
 

Bobbye

Helper on the Fringe
Please wait! I didn't refer you to this forum to do a reformat/reinstall. I did it because you appear to be having system problems. The Event Viewer can be checked and you may also be asked for mini-dump files which I don't work with.

There are errors showing that indicate the possibility of the router gone bad:
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/7/2011 5:28:09 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

If this is the case, then a reformat/reinstall won't accomplish anything because it's a hardware problem.
==================================
You reinstall then updated Java last year. But that version, v6u26 is now outdated:

Please update Java: Java Updates . Uninstall any earlier versions in Add/Remove Programs as they are vulnerabilities for the system.

Be sure to update before uninstalling the old version or you will experience loss of Java, requiring a full download- again.

Outdated Java usually puts malware in the Java cache, so it need to be cleared:
To clear the Java Plug-in cache:

  • [1]. Click Start > Control Panel.
    [2]. Double-click the Java icon in the control panel.
    The Java Control Panel appears.

    [3].Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears.

    [4] Click Delete Files.The Delete Temporary Files dialog box appears.

    [5]. Click OK on Delete Temporary Files window.
    Note: This deletes all the Downloaded Applications and Applets from the cache.
    [6]. Click Apply> OK on Temporary Files Settings window.
Images courtesy java.com
==================================
There is one suspicious entry in the DDS log:
S3 sctdisk;sctdisk;\??\c:\windows\system32\sctdisk.sys --> c:\windows\system32\sctdisk.sys [?]
Prevyx identifies this as "malicious software." The only description I can find is:
* Created as a new Background Service on the machine
* Created as a process on disk
Past attempts to describe this entry further failed. But is can be removed by script to run in Combofix. I don't know that this process has any significance in the current problem, but if you would like to explore this possibility before or instead of the R/R, please do the following:

Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
  • Click START> then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
--------------------------------------
Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop
  • Double click combofix.exe & follow the prompts.
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    ***Please note: if you have downloaded Combofix to a flash drive, then run it on the infected machine> the Recovery Console will not install- just bypass and go on.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Once installed, you should see a blue screen prompt that says:
    The Recovery Console was successfully installed.
  • .Click on Yes, to continue scanning for malware
  • .If Combofix asks you to update the program, allow
  • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • .Close any open browsers.
  • .Double click combofix.exe
    & follow the prompts to run.
  • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
Re-enable your Antivirus software.

Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.

Leave the log for me in next reply- or just tell me you don't want to try this.
 

Bobbye

Helper on the Fringe
Note: No matter what you decide, I recommend that you remove all of the following domains from the Trusted Zone
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: soe.com
Trusted Zone: sony.com
Nothing needs to be in the Trusted Zone. Security is lower in that zone- companies will sometimes tell a user to put the domain in the Trusted Zone to make sure the user gets all their emails. But the emails are frequently promos bordering on spam.Entries here are a vulnerability for the system.

Open Internet Options either through the Control Panel or Tools in IE> Security tab> Trusted Sites> Sites> highlight each entry> Remove.
 

nickn

TS Member
Hi Bobbye,

Thanks for all your advice. I went ahead and re-installed XP on this machine and I am not having any problems anymore. I saw that entry in the logs about the router, but I was pretty sure that wasn't the problem since my laptop connects to it just fine.

At any rate I did the re-install and everything is working fine now. I don't know how those sites got trusted in the first place. I didn't do it explicitly,I know that.

Thanks again for the advice and support. I really appreciate all that you guys do. And especially for free!

Thanks,

Nick
 

Bobbye

Helper on the Fringe
You're welcome Nick. Thanks for the update. I'm leaving some tips for you for more security. The suggestions given in #! will help keep domains out of the Trusted Zone.
.
Tips for added security and safer browsing: (Links are in Bold Blue)
  1. Browser Security
    [o] Safe Settings (Please ignore the suggestion to use the Registry Editor in this section "Creating a Custom Security Zone")
    [o] ZonedOut. This manages the Zones in Internet Explorer. (For IE7 and IE8, Windows 2000 thru Vista. No Windows 7)
    [o] Replace the Host Files
    [o] Google Toolbar Pop Up Blocker
    [o]Web of Trust (WOT) Site Advisor. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.
  2. Have layered Security:
    [o]Antivirus :(only one):Both of the following programs are free and known to be good:
    [o]Avira-AntiVir-Personal-Free-Antivirus
    [o]Avast-Free Antivirus
    [o]Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
    [o]Comodo
    [o]Zone Alarm
  3. Antimalware: I recommend all of the following:
    [o]Spywareblaster: SpywareBlaster protects against bad ActiveX.
    [o]Spybot Search & Destroy
  4. Updates: Stay current:
    [o] the Microsoft Download Sitefrequently. All updates marked Critical and the current SP updates.
    [o]Adobe Reader Install current, uninstall old.
    [o]Java Updates Install current, uninstall old.
  5. Tracking Cookies
    Reset Cookie:
    [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
    [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List
    [o]For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
  6. Do regular Maintenance
    Clean the temporary internet files often:
    [o] Temporary File Cleaner]
    or
    [o] ATF Cleaner by Atribune
  7. Restore Points:
    [o]See System Restore Guide
  8. Safe Email Handling
    [o] Don't open email from anyone you don't know.
    [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
    [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
Please let me know if you find any bad link.