Should I reload XP and MS Office

View previous topic View next topic Go down

Should I reload XP and MS Office

Post by ginacee on 25th February 2010, 12:40 am

My system is so slow that a friend suggested I could just reload Windows XP and MS Office then go to the MS site to get all the upgrades again to load them all at once. Will this help? If so, what steps should I take to be sure that all my settings, passwords, favorites etc. are back in place after I reload?

I ran Hijack this. I see things for software that I don't use anymore such as this for Canon Camera. Is that running in the background? If so, how do I remove it from startup?
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

I also see Windows Messenger in the tray. I don't use that? But if it is running in the back ground, how do I shut that down?

Here is the log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:29:17 PM, on 2/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Verizon\Verizon Internet Security Suite\rps.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Verizon\Online Backup\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Verizon\Online Backup\Scheduler\OnlineBackup.SchedulerService.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\Online Backup\Auto Update\OnlineBackup.UpdateSystemTray.exe
C:\Program Files\Verizon\Online Backup\vewatch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaMonitor.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\GINA CAROLA\Application Data\Mozilla\Profiles\default\pz5i4bqn.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Online Backup Auto Update] "C:\Program Files\Verizon\Online Backup\Auto Update\OnlineBackup.UpdateSystemTray.exe"
O4 - HKLM\..\Run: [Vault Explorer Cache Watcher] C:\Program Files\Verizon\Online Backup\vewatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: PowerJ Classes - [You must be registered and logged in to see this link.]
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {F5649DF8-6CD6-487C-BDB2-D93E3B3655AC} (VPlayer Control) - [You must be registered and logged in to see this link.]
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Filesystem Watcher (FilesystemWatcher) - DigiData Corp. - C:\Program Files\Verizon\Online Backup\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Online Backup Scheduler (OnlineBackupSchedulerService) - Unknown owner - C:\Program Files\Verizon\Online Backup\Scheduler\OnlineBackup.SchedulerService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Verizon Internet Security Suite (Radialpoint Security Services) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe
O23 - Service: Verizon Internet Security Suite SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe

--
End of file - 9727 bytes

ginacee
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-03-08
OS OS : Windows XP
Points Points : 28413
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Should I reload XP and MS Office

Post by Dr Jay on 26th February 2010, 2:51 pm

Hello. We need to do some diagnostics to get started.

1. Please download [You must be registered and logged in to see this link.] and Save it to your desktop
  • Double click it to start the tool.
  • Click Scan.
  • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.

2. Download [You must be registered and logged in to see this link.] to your desktop
  • A window will pop up, Press 2 and then Enter. A scan will start, let it run uninterrupted. It should only take a few minutes.
  • A log will appear when it is finished, it will also be saved in the same location as LockSearch, which should be on your desktop. Post the contents of the log in your reply

3. Please download CKScanner by askey127 from [You must be registered and logged in to see this link.]
Save it to your desktop.
  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

4. Please download [You must be registered and logged in to see this link.], and save to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.zip, and extract the file to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.cmd to start.
  • It will finish quickly and launch a log.
  • Post the contents of it in your next reply.

5. I request the following logs to be posted in your next reply, please:
-Rooter
-LockSearch
-CKScanner
-Cheetah

Thanks. Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Should I reload XP and MS Office

Post by ginacee on 26th February 2010, 11:22 pm

Here they are:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 1 Stepping 2, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Disabled !
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.5.8 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:19 Go )
D:\ [CD_Rom]
E:\ [Removable]
.
Scan : 16:41.23
Path : C:\Documents and Settings\Gina Carola\My Documents\Downloads\Rooter.exe
User : Gina Carola ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (804)
______ \??\C:\WINDOWS\system32\csrss.exe (868)
______ \??\C:\WINDOWS\system32\winlogon.exe (892)
______ C:\WINDOWS\system32\services.exe (936)
______ C:\WINDOWS\system32\lsass.exe (948)
______ C:\WINDOWS\system32\svchost.exe (1104)
______ C:\WINDOWS\system32\svchost.exe (1152)
______ C:\WINDOWS\System32\svchost.exe (1192)
______ C:\WINDOWS\system32\svchost.exe (1224)
______ C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe (1368)
______ C:\WINDOWS\Explorer.EXE (1496)
______ C:\WINDOWS\System32\svchost.exe (1580)
______ C:\WINDOWS\System32\svchost.exe (1640)
______ C:\Program Files\Verizon\Verizon Internet Security Suite\rps.exe (1676)
______ C:\WINDOWS\system32\spoolsv.exe (1996)
______ C:\WINDOWS\System32\svchost.exe (188)
______ C:\WINDOWS\Nhksrv.exe (224)
______ C:\WINDOWS\System32\drivers\CDAC11BA.EXE (244)
______ C:\Program Files\Verizon\Online Backup\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe (276)
______ C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (460)
______ C:\Program Files\Java\jre6\bin\jqs.exe (468)
______ C:\Program Files\Common Files\Motive\McciCMService.exe (708)
______ C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (756)
______ C:\WINDOWS\System32\nvsvc32.exe (1112)
______ C:\Program Files\Verizon\Online Backup\Scheduler\OnlineBackup.SchedulerService.exe (1280)
______ C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe (1332)
______ C:\WINDOWS\System32\svchost.exe (1480)
Locked SanaAgent.exe (568)
______ C:\Program Files\Canon\CAL\CALMAIN.exe (848)
Locked RpsSecurityAwareR.exe (2560)
______ C:\WINDOWS\System32\alg.exe (2716)
______ C:\WINDOWS\DELLMMKB.EXE (2984)
______ C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (3068)
______ C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE (3084)
______ C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (3096)
______ C:\Program Files\Verizon\Online Backup\Auto Update\OnlineBackup.UpdateSystemTray.exe (3124)
______ C:\Program Files\Verizon\Online Backup\vewatch.exe (3152)
______ C:\Program Files\Common Files\Java\Java Update\jusched.exe (3188)
______ C:\Program Files\Messenger\msmsgs.exe (3304)
______ C:\WINDOWS\system32\ctfmon.exe (3328)
______ C:\Program Files\Netropa\OSD.exe (3376)
______ C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (3540)
______ C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe (3816)
______ C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe (4004)
______ C:\WINDOWS\System32\svchost.exe (2104)
______ C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaMonitor.exe (3180)
______ C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe (2888)
______ C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe (2592)
______ C:\Program Files\Verizon\Verizon Internet Security Suite\Kav\Bin\ScanningProcess.exe (2428)
______ C:\WINDOWS\system32\taskmgr.exe (3552)
______ C:\Program Files\Mozilla Firefox\firefox.exe (2056)
______ C:\Documents and Settings\Gina Carola\My Documents\Downloads\Rooter.exe (3224)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:32868864)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:32901120 | Length:39958410240)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\DESKTOP.INI
C:\WINDOWS\Tasks\MP Scheduled Scan.job
C:\WINDOWS\Tasks\OnlineBackupManager.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 16:43.17
.
C:\Rooter$\Rooter_1.txt - (26/02/2010 | 16:43.17)


LockSearch by jpshortstuff (05.11.09.1)
Log created at 16:58 on 26/02/2010 (Gina Carola)
Scanning C:\


C:\hiberfil.sys
-------------------------


C:\pagefile.sys
-------------------------

-=E.O.F=-

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11
----- EOF -----


Cheetah-Anti-Rogue v1.3.11
by DragonMaster Jay

Microsoft Windows XP [Version 5.1.2600]
Date: 02/26/2010 - Time: 18:19:43 - Arch.: x86


-- Malware removal tools check --
CCleaner
Trend Micro HijackThis 2.0.2
Malwarebytes' Anti-Malware


-- Known infection --



Extra message: Detection only.


EOF

Thanks.

ginacee
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-03-08
OS OS : Windows XP
Points Points : 28413
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Should I reload XP and MS Office

Post by ginacee on 2nd March 2010, 10:30 am

Bump

ginacee
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-03-08
OS OS : Windows XP
Points Points : 28413
# Likes # Likes : 0

View user profile

Back to top Go down

Bump the third time

Post by ginacee on 4th March 2010, 11:51 pm

Bump again.
If you guys aren't able to help me, please just let me know so I can stop checking a couple times each day.
Thanks anyway if you can't.


Last edited by ginacee on 7th March 2010, 4:39 pm; edited 1 time in total (Reason for editing : Change the subject line)

ginacee
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-03-08
OS OS : Windows XP
Points Points : 28413
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Should I reload XP and MS Office

Post by ginacee on 9th March 2010, 1:19 am

Okay, I get the message. You are not going to respond. I will quit checking for a response.

ginacee
Novice
Novice

Posts Posts : 17
Joined Joined : 2009-03-08
OS OS : Windows XP
Points Points : 28413
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum