Hijack this log...computer running very slow

**RaiderJay6** · 06-29-2012 03:49 PM

Computer runs very slow and I followed the instructions for How to Start Removing Viruses and Spyware from your Computer.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:04:07 PM, on 6/29/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\My Documents\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1289795596390
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/images/nav_logo102.png

--
End of file - 6687 bytes

**zep516** · 06-29-2012 04:23 PM

Hi

Is that the only issue you have is a slow computer, no pop ups, fake scanners, Google redirects, anything like that? When you say slow do you mean the computer or the Internet or both, a slow computer can be defined: example when you try to open say Mycomputer, it's takes more time to open it then usual etc.

We need to see some information about what is happening in your machine. Please perform the following scan:

Download DDS by sUBs from one of the following links. Save it to your desktop.
- DDS.scr
- DDS.pif
Double click on the DDS icon, allow it to run.
A small box will open, with an explaination about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

**RaiderJay6** · 06-30-2012 09:43 AM

The computer seems to run slow doing anything. No pop ups or fake scans.

Here is the dds scan:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 10:33:28 on 2012-06-30
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.766.265 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon]
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1289795596390
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{96708615-81B4-4317-88A9-62C9029429FD} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\tbw70dw4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.rr.com/news/news?cmpid=RRWMNews
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCYYYYYYCUUS&ptnrS=ZCYYYYYYCUUS&ptb=Xp8Eum1GY0C7eMivi.P1bA&ind=2012041518&n=77ed512e&psa=&st=kwd&searchfor=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\owner\local settings\application data\robloxversions\version-221a4807685c44e7\NPRobloxProxy.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 171064]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-5 250056]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 113120]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-30 14:21:41 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-30 14:21:40 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-29 18:10:42 -------- d-----w- c:\program files\Trend Micro
2012-06-29 17:20:49 -------- d-----w- c:\documents and settings\owner\local settings\application data\Temp
2012-06-29 17:20:49 -------- d-----w- c:\documents and settings\owner\local settings\application data\Adobe
2012-06-29 16:49:07 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2012-06-29 16:48:15 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-06-29 16:48:10 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 16:48:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-29 16:06:16 -------- d-----w- c:\documents and settings\owner\application data\SUPERAntiSpyware.com
2012-06-29 16:03:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-29 16:03:30 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-06-29 15:41:45 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{61de6fca-700d-4523-b31f-63fd7417326b}\mpengine.dll
2012-06-26 00:28:20 6762896 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-06-16 00:19:26 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-01 00:53:59 -------- d-----w- C:\spoolerlogs
.
==================== Find3M ====================
.
2012-06-26 02:58:29 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-26 02:58:29 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 10:35:18.50 ===============

**RaiderJay6** · 06-30-2012 09:45 AM

here is the attach.txt

**RaiderJay6** · 06-30-2012 03:59 PM

It also keeps saying virtual memory is too low

**zep516** · 06-30-2012 04:02 PM

Ok. Let me post the attachment here, so we can see it better, I'll look it over for you and get back to you.

Thanks...

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 11/14/2010 11:11:36 PM
System Uptime: 6/30/2012 10:15:51 AM (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0WF887
Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 59.636 GiB free.
D: is Removable
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP97: 4/1/2012 8:56:43 PM - Software Distribution Service 3.0
RP98: 4/2/2012 4:19:34 PM - Software Distribution Service 3.0
RP99: 4/2/2012 8:56:43 PM - Software Distribution Service 3.0
RP100: 4/3/2012 4:19:41 PM - Software Distribution Service 3.0
RP101: 4/3/2012 8:55:51 PM - Software Distribution Service 3.0
RP102: 4/4/2012 4:19:34 PM - Software Distribution Service 3.0
RP103: 4/4/2012 8:57:17 PM - Software Distribution Service 3.0
RP104: 4/5/2012 4:18:41 PM - Software Distribution Service 3.0
RP105: 4/5/2012 8:57:27 PM - Software Distribution Service 3.0
RP106: 4/6/2012 4:31:47 PM - Software Distribution Service 3.0
RP107: 4/6/2012 9:00:26 PM - Software Distribution Service 3.0
RP108: 4/7/2012 4:21:20 PM - Software Distribution Service 3.0
RP109: 4/7/2012 8:57:52 PM - Software Distribution Service 3.0
RP110: 4/8/2012 4:19:58 PM - Software Distribution Service 3.0
RP111: 4/8/2012 8:58:40 PM - Software Distribution Service 3.0
RP112: 4/9/2012 3:34:19 PM - Software Distribution Service 3.0
RP113: 4/9/2012 9:16:28 PM - Software Distribution Service 3.0
RP114: 4/10/2012 3:35:38 PM - Software Distribution Service 3.0
RP115: 4/10/2012 9:14:47 PM - Software Distribution Service 3.0
RP116: 4/11/2012 3:00:37 AM - Software Distribution Service 3.0
RP117: 4/12/2012 11:24:12 AM - Software Distribution Service 3.0
RP118: 4/13/2012 12:09:23 PM - Software Distribution Service 3.0
RP119: 4/14/2012 11:57:26 AM - Software Distribution Service 3.0
RP120: 4/15/2012 11:56:22 AM - Software Distribution Service 3.0
RP121: 4/16/2012 11:56:06 AM - Software Distribution Service 3.0
RP122: 4/17/2012 11:56:16 AM - Software Distribution Service 3.0
RP123: 4/18/2012 11:56:40 AM - Software Distribution Service 3.0
RP124: 4/19/2012 11:56:03 AM - Software Distribution Service 3.0
RP125: 4/20/2012 11:57:06 AM - Software Distribution Service 3.0
RP126: 4/21/2012 12:37:33 PM - System Checkpoint
RP127: 4/21/2012 3:35:23 PM - Software Distribution Service 3.0
RP128: 4/21/2012 8:40:26 PM - Software Distribution Service 3.0
RP129: 4/22/2012 3:33:57 PM - Software Distribution Service 3.0
RP130: 4/22/2012 8:38:51 PM - Software Distribution Service 3.0
RP131: 4/23/2012 3:45:20 PM - Software Distribution Service 3.0
RP132: 4/24/2012 4:10:37 PM - Software Distribution Service 3.0
RP133: 4/25/2012 3:27:24 PM - Software Distribution Service 3.0
RP134: 4/26/2012 6:17:42 PM - Software Distribution Service 3.0
RP135: 4/27/2012 3:56:59 PM - Software Distribution Service 3.0
RP136: 4/28/2012 3:28:28 PM - Software Distribution Service 3.0
RP137: 4/29/2012 3:29:42 PM - Software Distribution Service 3.0
RP138: 4/30/2012 3:31:12 PM - Software Distribution Service 3.0
RP139: 5/1/2012 8:05:53 AM - Software Distribution Service 3.0
RP140: 5/1/2012 4:25:19 PM - Software Distribution Service 3.0
RP141: 5/2/2012 8:19:53 AM - Software Distribution Service 3.0
RP142: 5/2/2012 4:26:05 PM - Software Distribution Service 3.0
RP143: 5/3/2012 4:25:39 PM - Software Distribution Service 3.0
RP144: 5/4/2012 8:19:48 AM - Software Distribution Service 3.0
RP145: 5/4/2012 4:26:08 PM - Software Distribution Service 3.0
RP146: 5/5/2012 3:36:42 PM - Software Distribution Service 3.0
RP147: 5/6/2012 9:02:59 AM - Software Distribution Service 3.0
RP148: 5/6/2012 3:36:09 PM - Software Distribution Service 3.0
RP149: 5/7/2012 9:04:09 AM - Software Distribution Service 3.0
RP150: 5/7/2012 3:36:08 PM - Software Distribution Service 3.0
RP151: 5/8/2012 3:47:42 PM - Software Distribution Service 3.0
RP152: 5/8/2012 9:20:58 PM - Software Distribution Service 3.0
RP153: 5/9/2012 3:58:04 PM - Software Distribution Service 3.0
RP154: 5/9/2012 9:20:56 PM - Software Distribution Service 3.0
RP155: 5/10/2012 3:48:12 PM - Software Distribution Service 3.0
RP156: 5/11/2012 3:48:37 PM - Software Distribution Service 3.0
RP157: 5/11/2012 9:21:22 PM - Software Distribution Service 3.0
RP158: 5/12/2012 3:00:28 AM - Software Distribution Service 3.0
RP159: 5/12/2012 4:28:00 PM - Software Distribution Service 3.0
RP160: 5/13/2012 4:23:47 AM - Software Distribution Service 3.0
RP161: 5/13/2012 4:27:22 PM - Software Distribution Service 3.0
RP162: 5/14/2012 4:23:56 AM - Software Distribution Service 3.0
RP163: 5/14/2012 4:27:28 PM - Software Distribution Service 3.0
RP164: 5/15/2012 4:24:00 AM - Software Distribution Service 3.0
RP165: 5/15/2012 4:25:57 PM - Software Distribution Service 3.0
RP166: 5/16/2012 4:26:41 AM - Software Distribution Service 3.0
RP167: 5/16/2012 4:26:57 PM - Software Distribution Service 3.0
RP168: 5/17/2012 4:23:39 AM - Software Distribution Service 3.0
RP169: 5/17/2012 4:27:24 PM - Software Distribution Service 3.0
RP170: 5/18/2012 4:24:22 AM - Software Distribution Service 3.0
RP171: 5/18/2012 4:26:39 PM - Software Distribution Service 3.0
RP172: 5/19/2012 4:24:24 AM - Software Distribution Service 3.0
RP173: 5/19/2012 4:25:57 PM - Software Distribution Service 3.0
RP174: 5/20/2012 4:25:19 AM - Software Distribution Service 3.0
RP175: 5/20/2012 4:27:34 PM - Software Distribution Service 3.0
RP176: 5/21/2012 4:25:09 AM - Software Distribution Service 3.0
RP177: 5/21/2012 4:26:40 PM - Software Distribution Service 3.0
RP178: 5/24/2012 7:25:22 AM - Software Distribution Service 3.0
RP179: 5/24/2012 7:35:54 AM - Software Distribution Service 3.0
RP180: 5/25/2012 7:52:54 AM - System Checkpoint
RP181: 5/25/2012 4:03:22 PM - Software Distribution Service 3.0
RP182: 5/25/2012 6:57:12 PM - Software Distribution Service 3.0
RP183: 5/26/2012 6:57:36 PM - Software Distribution Service 3.0
RP184: 5/27/2012 7:43:17 PM - Software Distribution Service 3.0
RP185: 5/28/2012 11:49:45 AM - Software Distribution Service 3.0
RP186: 5/29/2012 10:22:19 AM - Software Distribution Service 3.0
RP187: 5/30/2012 10:22:26 AM - Software Distribution Service 3.0
RP188: 5/31/2012 5:35:44 PM - Software Distribution Service 3.0
RP189: 6/1/2012 4:15:35 PM - Software Distribution Service 3.0
RP190: 6/2/2012 4:16:07 PM - Software Distribution Service 3.0
RP191: 6/3/2012 4:15:46 PM - Software Distribution Service 3.0
RP192: 6/4/2012 3:00:25 AM - Software Distribution Service 3.0
RP193: 6/4/2012 4:30:54 PM - Software Distribution Service 3.0
RP194: 6/5/2012 3:30:31 AM - Software Distribution Service 3.0
RP195: 6/5/2012 3:55:16 PM - Software Distribution Service 3.0
RP196: 6/6/2012 2:35:41 PM - Software Distribution Service 3.0
RP197: 6/7/2012 5:28:14 PM - Software Distribution Service 3.0
RP198: 6/8/2012 3:51:21 PM - Software Distribution Service 3.0
RP199: 6/15/2012 8:21:39 PM - Software Distribution Service 3.0
RP200: 6/16/2012 3:00:28 AM - Software Distribution Service 3.0
RP201: 6/17/2012 3:51:00 AM - System Checkpoint
RP202: 6/17/2012 4:58:22 PM - Software Distribution Service 3.0
RP203: 6/19/2012 9:53:22 AM - Software Distribution Service 3.0
RP204: 6/20/2012 10:30:35 AM - System Checkpoint
RP205: 6/20/2012 12:39:58 PM - Software Distribution Service 3.0
RP206: 6/24/2012 8:35:15 PM - Software Distribution Service 3.0
RP207: 6/25/2012 3:57:32 PM - Software Distribution Service 3.0
RP208: 6/25/2012 8:28:17 PM - Software Distribution Service 3.0
RP209: 6/29/2012 11:41:37 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
6400_Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Conexant D850 56K V.9x DFVc Modem
CustomerResearchQFolder
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocMgr
DocProc
DocProcQFolder
Fax
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Customer Participation Program 10.0
HP Document Manager 1.0
HP Imaging Device Functions 10.0
HP Officejet J6400 Series
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Update
HPSSupply
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
J6400
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OCR Software by I.R.I.S. 10.0
ProductContext
PSSWCORE
Roblox for Owner
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Shop for HP Supplies
SmartWebPrintingOC
SoundMAX
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinRAR 4.00 beta 1 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
6/24/2012 9:31:07 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/24/2012 8:17:21 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
6/24/2012 10:07:25 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================

**zep516** · 06-30-2012 04:09 PM

Could you do the exercise below please,
Please download MiniToolBox http://download.bleepingcomputer.com...iniToolBox.exe and run it.

Checkmark following boxes:
List last 10 Event Viewer log
List Users, Partitions and Memory size
Click Go and post the result.

NEXT
Did you run a Malwarebytes scan? Could you post the log. It's located in the log tabs in the Malwarebytes program. If you did not run it here's the instruction, you won't have to download it cause I see you have it installed already,

Please download Malwarebytes' Anti-Malware to your desktop from here Malwarebytes.org
Double Click mbam-setup.exe to install the application.
• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

I also see that you have visited www.crucial.com. Are you considering adding more ram?

**RaiderJay6** · 07-05-2012 09:40 PM

Thank you for your time! I wasnt considering adding more ram to this computer, we primarily use our desktops. Our kids use this one but because it run s so slow they take over the laptops.

MiniToolBox by Farbar Version: 25-06-2012
Ran by Owner (administrator) on 05-07-2012 at 22:36:03
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/30/2012 10:30:57 AM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1905. Module C:\Program Files\HP\Digital Imaging\Product Assistant\Bin\hpqscprefhelper.dll failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error: (06/30/2012 10:30:57 AM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error: (06/29/2012 09:50:37 PM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (06/29/2012 09:48:32 PM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.

Error: (06/29/2012 03:53:59 PM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.

Error: (06/29/2012 01:53:40 PM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.

Error: (06/29/2012 11:49:05 AM) (Source: MsiInstaller) (User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.

Error: (06/26/2012 09:24:39 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1678620484.

Error: (06/25/2012 01:12:47 PM) (Source: Application Hang) (User: )
Description: Hanging application WINWORD.EXE, version 14.0.4734.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/24/2012 09:59:49 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759303, P2 unspecified, P3 scanfile, P4 4.0.1526.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

System errors:
=============
Error: (07/05/2012 02:20:38 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/02/2012 10:20:45 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (06/30/2012 04:47:32 PM) (Source: Print) (User: NT AUTHORITY)
Description: Document Microsoft Word - House for Sale.docx was corrupted and has been deleted. The associated driver is: HP Officejet J6400 series.

Error: (06/30/2012 04:44:31 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/30/2012 04:18:17 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/30/2012 10:19:29 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (06/29/2012 03:45:30 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (06/29/2012 01:50:18 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (06/29/2012 11:32:54 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (06/24/2012 10:10:19 PM) (Source: Print) (User: NT AUTHORITY)
Description: Document Microsoft Word - House for Sale.docx was corrupted and has been deleted. The associated driver is: HP Officejet J6400 series.

Microsoft Office Sessions:
=========================
Error: (06/30/2012 10:30:57 AM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1905. Module C:\Program Files\HP\Digital Imaging\Product Assistant\Bin\hpqscprefhelper.dll failed to unregister. HRESULT -2147220472. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (06/30/2012 10:30:57 AM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx failed to unregister. HRESULT -2147220472. Contact your support personnel.(NULL)(NULL)(NULL)

Error: (06/29/2012 09:50:37 PM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)

Error: (06/29/2012 09:48:32 PM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.(NULL)(NULL)(NULL)

Error: (06/29/2012 03:53:59 PM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.(NULL)(NULL)(NULL)

Error: (06/29/2012 01:53:40 PM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.(NULL)(NULL)(NULL)

Error: (06/29/2012 11:49:05 AM) (Source: MsiInstaller)(User: AYLA)AYLA
Description: Product: SolutionCenter -- Error 1706. An installation package for the product SolutionCenter cannot be found. Try the installation again using a valid copy of the installation package 'SolutionCenter.msi'.(NULL)(NULL)(NULL)

Error: (06/26/2012 09:24:39 AM) (Source: Application Hang)(User: )
Description: 1678620484

Error: (06/25/2012 01:12:47 PM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.4734.1000hungapp0.0.0.000000000

Error: (06/24/2012 09:59:49 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry2152759303unspecifiedscanfile4.0.1526.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)unspecifiedunspecifiedNILNILNIL

========================= Memory info: ===================================

Percentage of memory in use: 72%
Total physical RAM: 765.98 MB
Available physical RAM: 213.38 MB
Total Pagefile: 1108.76 MB
Available Pagefile: 312.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.28 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.46 GB) (Free:59.49 GB) NTFS

========================= Users: ========================================

User accounts for \\AYLA

Administrator ASPNET Guest
HelpAssistant Owner SUPPORT_388945a0

**** End of log ****

Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: v2012.06.29.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: AYLA [administrator]

6/29/2012 1:58:38 PM
mbam-log-2012-06-29 (13-58-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192816
Time elapsed: 29 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

**zep516** · 07-05-2012 10:13 PM

Hi,

Lets turn off some start up entries using Hijackthis, these entries are unnecessary, use up ram, can cause slow boot ups too.

Open Hijackthis, Do a System Scan only, Place a check mark in the following entries:

O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

Click Fixed Checked.
Close Hijackthis.
Reboot.

Post a new Hijackthis log so we can those entries are gone.

I would strongly consider adding more Ram to the computer too.

Joe

**RaiderJay6** · 07-06-2012 01:52 PM

I dont know if this has to do with being low on ram or not but the sounds on here are like muffled and videos dont load fast either. Sorry, Im not very computer savy

If I did want to get more ram, how do I know what to purchase and where to get it?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:48:05 PM, on 7/6/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\My Documents\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1289795596390
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O24 - Desktop Component 0: (no name) - http://www.google.com/images/nav_logo102.png

--
End of file - 5171 bytes

Thread: Hijack this log...computer running very slow

LinkBack

Thread Tools

Hijack this log...computer running very slow

The Following User Says Thank You to zep516 For This Useful Post:

The Following User Says Thank You to zep516 For This Useful Post: