WinXP many problems.. Help

I am trying to fix up a friends computer that has been down for a long time. I was able to install SP2, but now for some reason I can not access system restore or windows update. Does anyone have any ideas? I don't know what else to try. Thanks, Amy




Logfile of HijackThis v1.99.0

Scan saved at 1:21:10 PM, on 1/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Security Programs (Amy)\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Security Programs (Amy)\TDS3\tds-3.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Security Programs (Amy)\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Security Programs (Amy)\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O17 - HKLM\System\CCS\Services\Tcpip\..\{54551507-2672-4BCD-B391-B98DC2B76626}: NameServer = 209.244.0.3 209.244.0.4
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe





TDS LOG:

11:21:11 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
11:21:11 [Init] Started 16-01-05 11:21:11 Eastern Standard Time (UTC: 5), Internet Time @723.04
11:21:11 [Init] Loading TDS-3 Systems ...
11:21:11 [Init] Token successfully adjusted.
11:21:11 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
11:21:13 [Init] • Plugins : OK. Loaded 13
11:21:13 [Init] • Exec Protection : Not Installed
11:21:13 [Init] WARNING: Your Radius.TD3 database needs to be updated!
11:21:13 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
11:21:13 [Init] Licensed users can use the Update facility from the TDS menu
11:21:16 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
11:21:33 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
11:21:34 [Init] • Systems Initialised [44350 references - 20484 primaries/11731 traces/12135 variants/other]
11:21:34 [Init] Radius Systems loaded. <Databases updated 16-01-2005>
11:21:34 [Init] TDS-3 Ready. <Jamie stuck@127.0.0.1 - United States>
11:21:34 [Tip Of The Day] The Target Host menu is dedicated to finding out information about remote computers, from backdoors to system information to network positioning.
11:21:34 [TDS] Good morning Jamie stuck.
11:21:48 [Mutex Memory Scan] Started...
11:21:50 [Mutex Memory Scan] Finished (no trojan mutexes found).
11:21:50 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.
11:22:11 [CRC32] Started - verifying 29 files ...
11:22:26 [CRC32] Test finished.
11:23:19 [Memory Scan] Memory scan started, please wait a moment ...
11:23:21 [Memory Scan] Memory scan complete.
11:23:21 [Mutex Memory Scan] Started...
11:23:23 [Mutex Memory Scan] Finished (no trojan mutexes found).
11:23:23 [Trace Scan] Started...
11:23:37 [Trace Scan] Finished.
11:23:37 [Service\Driver Scan] Scanning for services and drivers ...
11:23:47 [Service\Driver Scan] Scanned 297 services and drivers.
11:23:47 [File Scan] Scanning in A:\ ...
11:23:49 [File Scan] Scanned 0 files: 0 alarms in 1.578125 seconds (Avg 1. files/sec)
11:23:49 [File Scan] Scanning in C:\ ...
11:43:39 [Text Dump] Saved to C:\Program Files\Security Programs (Amy)\TDS3\scandump.txt
11:48:45 [Text Dump] Saved to C:\Program Files\Security Programs (Amy)\TDS3\scandump.txt
12:04:37 [Text Dump] Saved to C:\Program Files\Security Programs (Amy)\TDS3\scandump.txt
12:09:38 [File Scan] Scanned 26897 files: 3 alarms in 2748.25 seconds (Avg 10.79 files/sec)
12:09:38 [File Scan] Scanning in D:\ ...
12:09:38 [File Scan] Scanned 0 files: 3 alarms in 0.015625 seconds (Avg 1. files/sec)
12:09:38 [File Scan] Scanning in E:\ ...
12:09:38 [File Scan] Scanned 0 files: 3 alarms in 0 seconds (Avg -1.#IND files/sec)
12:09:38 [Scan] Finished.
12:12:39 [Text Dump] Saved to C:\Program Files\Security Programs (Amy)\TDS3\scandump.txt
12:20:52 [Screen Text] Saved to C:\Program Files\Security Programs (Amy)\TDS3\scr0.txt
12:26:59 [TDS] Good afternoon Jamie stuck. Why don't you ever take me out for lunch?
12:27:36 [CRC32] Started - verifying 29 files ...
12:27:47 [CRC32] Test finished.
12:29:21 [Memory Scan] Memory scan started, please wait a moment ...
12:29:25 [Memory Scan] Memory scan complete.
12:29:25 [Mutex Memory Scan] Started...
12:29:28 [Mutex Memory Scan] Finished (no trojan mutexes found).
12:29:28 [Trace Scan] Started...
12:29:48 [Trace Scan] Finished.
12:29:48 [Service\Driver Scan] Scanning for services and drivers ...
12:29:53 [Service\Driver Scan] Scanned 297 services and drivers.
12:29:53 [File Scan] Scanning in A:\ ...
12:29:55 [File Scan] Scanned 0 files: 0 alarms in 1.25 seconds (Avg 1. files/sec)
12:29:55 [File Scan] Scanning in C:\ ...
12:30:12 [File Scan] Scanned 439 files: 0 alarms in 17.67188 seconds (Avg 25.84 files/sec)
12:30:12 [File Scan] Scanning in D:\ ...
12:30:12 [File Scan] Scanned 0 files: 0 alarms in 0.015625 seconds (Avg 1. files/sec)
12:30:12 [File Scan] Scanning in E:\ ...
12:30:13 [File Scan] Scanned 0 files: 0 alarms in 0 seconds (Avg -1.#IND files/sec)
12:30:14 [Scan] Finished.
12:36:43 [Quit] Unloading ...
13:03:02 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
13:03:02 [Init] Started 16-01-05 13:03:02 Eastern Standard Time (UTC: 5), Internet Time @793.77
13:03:02 [Init] Loading TDS-3 Systems ...
13:03:02 [Init] Token successfully adjusted.
13:03:02 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
13:03:03 [Init] • Plugins : OK. Loaded 13
13:03:03 [Init] • Exec Protection : Not Installed
13:03:03 [Init] WARNING: Your Radius.TD3 database needs to be updated!
13:03:03 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
13:03:03 [Init] Licensed users can use the Update facility from the TDS menu
13:03:04 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
13:03:19 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
13:03:19 [Init] • Systems Initialised [44350 references - 20484 primaries/11731 traces/12135 variants/other]
13:03:19 [Init] Radius Systems loaded. <Databases updated 16-01-2005>
13:03:19 [Init] TDS-3 Ready. <Jamie stuck@4.143.5.143, 127.0.0.1 - United States>
13:03:20 [Tip Of The Day] Did you know? - TDS-1 was one of the very first anti-trojan systems ever built, and as such it has the most complete detection database. Because we've been here since the beginning, we've pioneered detection methods that are exclusive to TDS-3 and the Radius Advanced Scanning System.
13:03:20 [TDS] Good afternoon Jamie stuck.
13:03:30 [Mutex Memory Scan] Started...
13:03:34 [Mutex Memory Scan] Finished (no trojan mutexes found).
13:03:34 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.
13:07:54 [CRC32] Started - verifying 29 files ...
13:08:13 [CRC32] Test finished.
13:09:58 [Memory Scan] Memory scan started, please wait a moment ...
13:10:02 [Memory Scan] Memory scan complete.
13:10:02 [Mutex Memory Scan] Started...
13:10:05 [Mutex Memory Scan] Finished (no trojan mutexes found).
13:10:05 [Trace Scan] Started...
13:10:27 [Trace Scan] Finished.
13:10:27 [Service\Driver Scan] Scanning for services and drivers ...
13:10:36 [Service\Driver Scan] Scanned 297 services and drivers.
13:10:36 [File Scan] Scanning in A:\ ...
13:10:37 [File Scan] Scanned 0 files: 0 alarms in 1.15625 seconds (Avg 1. files/sec)
13:10:37 [File Scan] Scanning in C:\ ...

 

I would suggest that you ask one of the moderators to move your post to the SpyWare Specific section of the forum.

 

I personally didn't see any spyware related entries on the HJT log ( btw, you should not have copy/paste it, only attach it when asked but no owrries one of the mods will correct it anyhow).

Are you getting any errors? Tell us the process on what you do during the update process, how far you get, what it displays on the screen, etc and that way one of us could give you more accurate info.