ipepper

Ok, thanks for the help. Question... why did you have me uninstall bittorrent? Is there a reason I should'nt install it again?

OK I take it back - when I turn the MS Security Essentials real time protection on things start hanging again.

better... file downloads don't seem to hangup anymore. The overall performance (browser-wise) is better. The overall system performance remains about 50% from where it used to be.

Here you go... RogueKiller V8.4.0 [Dec 18 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Admin [Admin rights] Mode : Scan -- Date : 12/18/2012 18:42:40 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND [HJ] HKLM\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500JB-00REA0 +++++ --- User --- [MBR] 1c1d3deb69840e93181e332dfa55fdd6 [bSP] c192851ad45fabb46a2564533df54248 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 138466 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_12182012_02d1842.txt >> RKreport[1]_S_12182012_02d1842.txt

Done - I could not run defrag with "%systemdrive%" so I used C: instead. It seems slightly better than before but it still hangs frequently.

Done - Performance is slightly better browser-wise. PC still hangs periodically.

Here's the junkware log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 3.9.6 (12.07.2012:1) OS: Microsoft Windows XP x86 Ran by Admin on Fri 12/07/2012 at 20:46:40.40 Blog: http://thisisudax.blogspot.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] "hkey_local_machine\software\freeze.com" Successfully deleted: [Registry Key] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179} Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip" Successfully deleted: [Registry Key] "hkey_current_user\software\pip" Successfully deleted: [Registry Key] "hkey_local_machine\software\pip" ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 12/07/2012 at 20:56:45.59 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Not noticing any difference in performance. Everything seems to work, it just takes 5 minutes for a web page to load (for example). It can take about 30 seconds to switch between windows. Not sure if this will help but here are some observations. I was curious and looked at the runnung processes in windows task manager and found multiple instancs of chrome.exe running when I only had 1 window and 1 tab open. I monitored the processes while trying to open the following web page (after googling for an answer). The web page took about 5 minutes to load and I.E. was hogging over 250MB memory. I tried opening the same web page in chrome which took just as long but chrome only used about 80MB. The strange thing is that the CPU usage is usually under 30% while I am waiting for it to complete a simple task. http://productforums.google.com/forum/#!topic/chrome/og-xdL55RJM

Here's the Kaspersky log: Status: Disinfected (events: 2) 12/4/2012 10:16:04 PM Disinfected Trojan program Trojan.Win32.Oficla.eo UM_Exchange\Archive1\Top of Personal Folders\Inbox\[From:McConville, Amanda][subject:FW: Fedex Invoice copy N8894787][Time:2010/08/24 15:34:42]/FEDEXInvoiceEE572504OP.zip High 12/4/2012 10:16:03 PM Disinfected Trojan program Trojan.Win32.Oficla.eo UM_Exchange\Archive1\Top of Personal Folders\Inbox\[From:McConville, Amanda][subject:FW: Fedex Invoice copy N8894787][Time:2010/08/24 15:34:42]/FEDEXInvoiceEE572504OP.zip/FedexInvoice_EE776129.exe High Status: Deleted (events: 2) 12/5/2012 7:10:46 AM Deleted Trojan program Trojan.Win32.Swisyn.cnpe D:\Shared Drive\backup\Programs\Bleeping\OTL.exe High 12/5/2012 6:15:58 PM Deleted Trojan program Trojan.Win32.Swisyn.cnpe D:\System Volume Information\_restore{BBCB31A8-FC60-4E6F-83E1-FF8611C6E7DD}\RP1126\A0119895.exe High

Here are the logs: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251 # version=7 # IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=badc5ec42a880742ba171922e0cd9fe6 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-12-04 01:01:21 # local_time=2012-12-03 08:01:21 (-0500, Eastern Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=768 16777215 100 0 82177391 82177391 0 0 # compatibility_mode=5891 16776533 42 87 0 50514151 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=0 # found=0 # cleaned=0 # scan_time=0 # version=7 # IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=badc5ec42a880742ba171922e0cd9fe6 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-12-04 02:50:29 # local_time=2012-12-03 09:50:29 (-0500, Eastern Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=768 16777215 100 0 82177651 82177651 0 0 # compatibility_mode=5891 16776869 42 87 0 50514411 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=93889 # found=3 # cleaned=3 # scan_time=6291 D:\Shared Drive\backup\Programs\Coupon Printers\Coupons Dot Com Printer\CouponPrinter.exe probably a variant of Win32/Adware.Softomate.AD application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\Shared Drive\backup\Programs\DVD_Video\Players\VLCfree\VLC_32.exe a variant of Win32/InstallIQ application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\Shared Drive\backup\Programs\Utilities\PandoraRecovery Undelete\cnet_PandoraRecovery2_1_1Setup_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2012-12-03 22:06:29 ----------------------------- 22:06:29.359 OS Version: Windows 5.1.2600 Service Pack 3 22:06:29.359 Number of processors: 1 586 0x102 22:06:29.359 ComputerName: DELL1 UserName: Admin 22:06:30.481 Initialize success 22:11:00.249 AVAST engine defs: 12120301 22:11:12.737 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 22:11:12.737 Disk 0 Vendor: WDC_WD2500JB-00REA0 20.00K20 Size: 238475MB BusType: 3 22:11:12.747 Disk 0 MBR read successfully 22:11:12.747 Disk 0 MBR scan 22:11:12.827 Disk 0 Windows XP default MBR code 22:11:12.827 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63 22:11:12.827 Disk 0 Partition - 00 0F Extended LBA 138466 MB offset 204796620 22:11:12.857 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 138466 MB offset 204796683 22:11:12.867 Disk 0 scanning sectors +488376000 22:11:12.997 Disk 0 scanning C:\WINDOWS\system32\drivers 22:11:25.735 Service scanning 22:11:41.278 Modules scanning 22:11:48.838 Disk 0 trace - called modules: 22:11:49.169 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS 22:11:49.169 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82382ab8] 22:11:49.169 3 CLASSPNP.SYS[f8576fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x823a26d0] 22:11:49.830 AVAST engine scan C:\WINDOWS 22:12:03.309 AVAST engine scan C:\WINDOWS\system32 22:15:44.818 AVAST engine scan C:\WINDOWS\system32\drivers 22:16:09.193 AVAST engine scan C:\Documents and Settings\Admin 22:23:00.965 AVAST engine scan C:\Documents and Settings\All Users 22:24:05.648 Scan finished successfully 22:36:04.151 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat" 22:36:04.161 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"

Jeff, thanks for the help and advice. I will definately take the time to research malware prevention. ComboFix is uninstalled and I.E. security settings were already as recommended. One thing I forgot to ask... since Java is installed but does not show up in the control panel, should I reinstall it? MS Security Essentials did not like the last Java update so should I tell SE to trust it?

Thanks for helping Maniac. Here are the logs. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.02.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Admin :: DELL1 [administrator] 12/2/2012 8:54:48 AM mbam-log-2012-12-02 (08-54-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 236930 Time elapsed: 11 minute(s), 34 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) =========================================== DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Admin at 9:16:23 on 2012-12-02 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.180 [GMT -5:00] . AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes ================ . C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\program files\real\realplayer\update\realsched.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\PrintKey2000\Printkey2000.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore uURLSearchHooks: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - <orphaned> BHO: AutorunsDisabled - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [hpbdfawep] c:\program files\hp\dfawep\bin\hpbdfawep.exe 1 mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [KBD] c:\hp\kbd\KBD.EXE dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\printk~1.lnk - c:\program files\printkey2000\Printkey2000.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {00140000-B1BA-11CE-ABC6-F5B2E79D9E3F} - file:///F:/LTOCX14N.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1165807308463 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349019991182 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{228C18C5-7E2B-4AD9-9498-29C248E27831} : DHCPNameServer = 75.75.76.76 75.75.75.75 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: AutorunsDisabled - <no file> SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-6-23 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-6-23 72944] S3 3dfxvs;3dfxvs;c:\windows\system32\drivers\3dfxvsm.sys [2006-12-9 148352] S3 PsShutdownSvc;PsShutdown;c:\windows\system32\PSSDNSVC.EXE [2009-6-15 61440] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-6-23 7408] S3 SUSTUCAM;Susteen USB Cable Modem Driver;c:\windows\system32\drivers\sustucam.sys [2009-11-25 47360] S3 SUSTUCAP;Susteen USB Cable Port Driver;c:\windows\system32\drivers\sustucap.sys [2009-11-25 47360] S3 SUSTUCAU;Susteen USB Cable USB Driver;c:\windows\system32\drivers\sustucau.sys [2009-11-25 28032] S4 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2006-2-28 14336] . =============== File Associations =============== . ShellExec: ymp.exe: open="c:\program files\yahoo!\yahoo! music jukebox\YahooMusicEngine.exe" -play "%1" ShellExec: ymp.exe: play="c:\program files\yahoo!\yahoo! music jukebox\YahooMusicEngine.exe" -play "%1" . =============== Created Last 30 ================ . 2012-12-02 13:06:53 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ccb6beaf-5f89-4da7-b24f-30492c84e107}\mpengine.dll . ==================== Find3M ==================== . 2012-11-11 11:10:59 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-11 11:10:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-12 19:32:08 88688 ----a-w- c:\windows\system32\cpwmon2k.dll 2006-02-28 12:00:00 94784 --sh--w- c:\windows\twain.dll 2008-04-14 00:12:07 50688 --sh--w- c:\windows\twain_32.dll 2011-02-08 13:33:55 978944 --sha-w- c:\windows\system32\mfc42.dll 2008-04-14 00:12:01 57344 --sh--w- c:\windows\system32\msvcirt.dll 2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 00:12:01 343040 --sha-w- c:\windows\system32\msvcrt.dll 2010-12-20 17:32:15 551936 --sh--w- c:\windows\system32\oleaut32.dll 2008-04-14 00:12:02 84992 --sh--w- c:\windows\system32\olepro32.dll 2008-04-14 00:12:32 11776 --sh--w- c:\windows\system32\regsvr32.exe . ============= FINISH: 9:17:26.14 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 12/9/2006 7:46:24 PM System Uptime: 12/2/2012 7:55:50 AM (2 hours ago) . Motherboard: Dell Computer Corporation | | OptiPlex GX400 Processor: Intel® Pentium® 4 CPU 1.70GHz | Microprocessor | 1694/100mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 98 GiB total, 18.317 GiB free. D: is FIXED (NTFS) - 135 GiB total, 14.085 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Cisco Systems VPN Adapter Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco Systems VPN Adapter PNP Device ID: ROOT\NET\0000 Service: CVirtA . ==== System Restore Points =================== . RP1060: 9/28/2012 11:46:36 PM - Software Distribution Service 3.0 RP1061: 9/29/2012 12:34:11 AM - Software Distribution Service 3.0 RP1062: 9/30/2012 9:10:44 AM - Software Distribution Service 3.0 RP1063: 9/30/2012 10:35:05 AM - Installed Multimedia / Internet Keyboard Driver VerR8.15 RP1064: 9/30/2012 11:01:25 AM - Removed Multimedia / Internet Keyboard Driver VerR8.15 RP1065: 9/30/2012 9:15:00 PM - Printer Driver CutePDF Writer Installed RP1066: 10/1/2012 7:45:21 PM - Software Distribution Service 3.0 RP1067: 10/2/2012 7:56:47 PM - System Checkpoint RP1068: 10/3/2012 5:55:08 PM - Software Distribution Service 3.0 RP1069: 10/4/2012 5:59:01 PM - System Checkpoint RP1070: 10/6/2012 10:14:18 AM - Software Distribution Service 3.0 RP1071: 10/7/2012 11:29:50 AM - Software Distribution Service 3.0 RP1072: 10/8/2012 8:07:13 PM - Software Distribution Service 3.0 RP1073: 10/9/2012 8:14:33 PM - System Checkpoint RP1074: 10/9/2012 10:22:10 PM - Software Distribution Service 3.0 RP1075: 10/10/2012 6:12:06 PM - Software Distribution Service 3.0 RP1076: 10/11/2012 6:59:28 PM - Software Distribution Service 3.0 RP1077: 10/12/2012 7:19:52 PM - System Checkpoint RP1078: 10/13/2012 8:59:41 AM - Software Distribution Service 3.0 RP1079: 10/14/2012 9:31:14 AM - Software Distribution Service 3.0 RP1080: 10/15/2012 6:13:05 PM - Software Distribution Service 3.0 RP1081: 10/17/2012 7:32:17 PM - Software Distribution Service 3.0 RP1082: 10/18/2012 7:43:40 PM - System Checkpoint RP1083: 10/19/2012 6:05:28 PM - Software Distribution Service 3.0 RP1084: 10/20/2012 6:39:58 PM - System Checkpoint RP1085: 10/21/2012 9:24:15 AM - Software Distribution Service 3.0 RP1086: 10/22/2012 6:21:48 PM - Software Distribution Service 3.0 RP1087: 10/23/2012 6:51:01 PM - System Checkpoint RP1088: 10/24/2012 6:02:41 PM - Software Distribution Service 3.0 RP1089: 10/26/2012 6:37:24 AM - Software Distribution Service 3.0 RP1090: 10/27/2012 10:12:42 AM - Software Distribution Service 3.0 RP1091: 10/28/2012 10:52:02 AM - Software Distribution Service 3.0 RP1092: 10/28/2012 1:29:04 PM - Software Distribution Service 3.0 RP1093: 10/29/2012 6:17:52 PM - Software Distribution Service 3.0 RP1094: 10/30/2012 8:26:57 PM - System Checkpoint RP1095: 10/31/2012 6:07:16 PM - Software Distribution Service 3.0 RP1096: 11/1/2012 6:41:54 PM - System Checkpoint RP1097: 11/2/2012 8:52:26 PM - Software Distribution Service 3.0 RP1098: 11/3/2012 9:16:15 PM - System Checkpoint RP1099: 11/4/2012 7:37:41 AM - Software Distribution Service 3.0 RP1100: 11/5/2012 6:26:40 PM - Software Distribution Service 3.0 RP1101: 11/7/2012 6:20:08 PM - Software Distribution Service 3.0 RP1102: 11/8/2012 8:37:11 PM - System Checkpoint RP1103: 11/9/2012 6:42:24 PM - Software Distribution Service 3.0 RP1104: 11/10/2012 7:27:14 PM - System Checkpoint RP1105: 11/11/2012 6:01:11 AM - Software Distribution Service 3.0 RP1106: 11/12/2012 6:20:03 PM - Software Distribution Service 3.0 RP1107: 11/13/2012 6:28:57 PM - System Checkpoint RP1108: 11/13/2012 11:04:46 PM - Software Distribution Service 3.0 RP1109: 11/15/2012 6:42:18 AM - Software Distribution Service 3.0 RP1110: 11/17/2012 9:08:06 AM - Software Distribution Service 3.0 RP1111: 11/18/2012 9:19:22 AM - System Checkpoint RP1112: 11/20/2012 5:56:44 PM - Software Distribution Service 3.0 RP1113: 11/21/2012 8:35:46 PM - System Checkpoint RP1114: 11/22/2012 9:15:31 AM - Software Distribution Service 3.0 RP1115: 11/23/2012 9:30:26 AM - System Checkpoint RP1116: 11/24/2012 9:24:36 AM - Software Distribution Service 3.0 RP1117: 11/25/2012 10:21:23 AM - System Checkpoint RP1118: 11/25/2012 1:37:14 PM - Software Distribution Service 3.0 RP1119: 11/26/2012 2:12:34 PM - System Checkpoint RP1120: 11/27/2012 6:49:44 PM - Software Distribution Service 3.0 RP1121: 11/28/2012 7:07:25 PM - System Checkpoint RP1122: 11/30/2012 5:51:42 PM - Software Distribution Service 3.0 RP1123: 12/1/2012 6:44:13 PM - System Checkpoint RP1124: 12/2/2012 8:06:48 AM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . 7-Zip 4.57 ACDSee Adobe AIR Adobe Download Manager Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.4) Adobe® Photoshop® Album Starter Edition 3.0 Apple Application Support Apple Software Update ArcSoft PhotoFantasy ArcSoft PhotoImpression AT&T Yahoo! Applications AT&T Yahoo! Music Jukebox Avi2Dvd 0.4.5 beta AviSynth 2.5 BitTorrent BLM 2.7.7 CCleaner Cisco Systems VPN Client 5.0.06.0160 Citrix XenApp Web Plugin Critical Update for Windows Media Player 11 (KB959772) CutePDF Writer 3.0 Dell Driver Download Manager DivX Content Uploader DivX Web Player DVD Decrypter (Remove Only) DVD Shrink 3.2 DVDStyler v1.8.1 eFax Messenger Plus Efficient Address Book Free 1.66 Enhanced Multimedia Keyboard Solution Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.0 (KB932471) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) hp business inkjet 1100 HP LaserJet P1000 series HP Photo Printing Software HP Precisionscan Pro 3.1 HP Share-to-Web HPCarePackCore HPCarePackProducts hppMSRedist hppusgP1000 HPSSupply ImgBurn J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 Japanese Fonts Support For Adobe Reader 8 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Java SE Runtime Environment 6 Update 1 K-Lite Mega Codec Pack 6.2.0 LightScribe System Software 1.14.17.1 Malwarebytes Anti-Malware version 1.65.1.1000 MarketResearch MediaMonkey 3.2 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Antimalware Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB933579) Nero 7 Essentials neroxml Netflix Movie Viewer OGA Notifier 2.0.0048.0 PeerGuardian 2.0 PrintKey2000 QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 RivaTuner v2.11 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Signature995 Spybot - Search & Destroy SUPERAntiSpyware Free Edition SyncBack Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB973874) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB978506) Update for Windows Internet Explorer 8 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC 9.0 Runtime VC80CRTRedist - 8.0.50727.4053 Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 1.1.8 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live OneCare safety scanner Windows Media Format 11 runtime Windows Media Format SDK Hotfix - KB891122 Windows Media Player 11 Windows Presentation Foundation Windows XP Service Pack 3 XML Paper Specification Shared Components Pack 1.0 Yahoo! Photos Easy Upload Tool Yahoo! Photos Print-at-Home Tool . ==== Event Viewer Messages From Past Week ======== . 12/1/2012 8:40:16 AM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 00065B903DE3 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 11/26/2012 6:03:47 AM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 00065B903DE3 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================

My PC has been running slower and slower and hangs periodically for 3-10 minutes while the hard drive grinds away. I have removed several bugs in the past but I suspect my machine is still infected. I would wipe it and rebuild from scratch but the OS and MS Office has limited install rights. Any help you can provide would be appreciated. I'm just not sure where to start. Here is the most recent Malwarebytes log: Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.10.27.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Admin :: DELL1 [administrator] 10/28/2012 12:53:41 PM mbam-log-2012-10-28 (12-53-41).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 231904 Time elapsed: 12 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Jeff, everything seems to be running fine. Thanks for your help and the fast responses!

So far so good FYI - I noticed ZoneAlarm Firewall is recorded in the ComboFix logs. I uninstalled it some time ago.