Posts by jholland1964

Wow! Lot's more found than just the worm.win32.netsky!
Think you better do at least one more scan before I give any more instructions regarding your HJT log.
Please do this:
Please Run the ESET Online Scanner and attach the ScanLog with your post for assistance.

* You will need to use Internet Explorer to to complete this scan.
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.
Reboot the computer and run one more HJT scan. Post back with the ESET log and the new HJT log. You are doing great!
Judy

Open the logs. Go up to Edit, Select All. Then the log should be in highlight. Go to Edit, Copy.
Then open a new reply here, place the cursor in the reply box, Right Click with your mouse and choose Paste. The log will be pasted here.
Judy

Ok, here are fixes you need to do with HJT:
Run the program again and put check marks next to the following;
R3 - URLSearchHook: (no name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
R3 - URLSearchHook: (no name) - *00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - *{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

Once you have placed the check marks click the Fix Checked button.
Exit HJT and reboot. Run another System Scan and post that new log.
Judy

Your log looks clean, are you still having problems?

Did you run that Avenger Script? Did it produce a log? If so please post it here.

Whew! Looks to me like much of the items I am listing below have all ready been removed by MBA-M but for a final check on that please do this:

Go to Control Panel, Add/Remove and look for all of the following:
* My Web Search (Smiley Central or FWP product as applicable)
* My Way Speedbar (Smiley Central or other FWP as applicable)
* My Way Speedbar (AOL and Yahoo Messengers) (beta users only)
* My Way Speedbar (Outlook, Outlook Express, and IncrediMail)
* Search Assistant - My Way
* SweetIM (Select Macrogaming ltd (the company that builds SweetIM) and click on remove program. This will effectively remove SweetIM from your computer.)
Any of these you find, Uninstall them.

Reboot the computer.

Next, open My Computer, Drive C, and double-click on the Program Files folder
Right-click and delete the folders for:

*FunWebProducts
*MyWebSearch

Next do the following:
Please Run the ESET Online Scanner and attach the ScanLog with your post for assistance.

* You will need to use Internet Explorer to to complete this scan.
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log …

Hi and welcome to daniweb,
First of all do this:
Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.

Reboot the computer.

Next download and run a System Scan with HiJackThis. Save the log and post back here with the MBA-M log and the HJT log.
Judy

Hi, welcome to daniweb. First of all it would help if you posted that MBA-M log for us so we can see exactly what was removed. The log can be found in the program under the Logs Tab.
Secondly, what problems WAS she having and what is she continuing to have?
Third, one thing I see is an extraordinarily large list of unnecessary auto starting programs so this could certainly contribute to slowness, if this is one of the problems because many of these auto starts are running all the time, even if she isn't using that particular program at the time.
Post back with the log and the additional information and we can go from there.
Judy

Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.
Reboot the computer.
Run a new HJT scan, save the log and post back with the MBA-M log and the new HJT log.
Judy

EDIT:
I would suggest that you Uninstall Spiral Frog. It is no longer in business.

Run Avenger again and in the Script window type all of this script:

Drivers to delete:
qkmazwv
str

Files to Delete:
C:\WINDOWS\system32\drivers\qkmazwv.sys
C:\WINDOWS\system32\drivers\str.sys

Be sure there is a check mark in Scan for Rootkits and then click the Execute button.

After that completes then try downloading and running combofix again.

sb147780, this thread is nearly 1 year old. Though problems seem similar they may be caused by totally different things. It is never recommended that people post their own problems in somebody else's thread, for one reason because that is called "thread hijacking" but the key reason is that it is totally impossible to work with two people and two different computers on the same thread. Please create your own thread, restating all your information and adding logs from any program you have run thus far, even it they show clean, and somebody will be very happy to help you get things fixed.
Also please note, the HJT log you posted here is incomplete. You will need to post the entire log when you create your own post.
Judy

Just remembered I didn't give you those auto starting programs which are not required to auto start and can be accessed by Start->Programs.
All of these run all the time in the background. You also need to remember that just not the particular file noted runs in the background but there are many other processes which may also be loaded with each individual program so one program may have several other processes running in connection with it. This can result in excessive resource usage which is unnecessary and taxing to the machine also.
The choice is yours of course but many of these will load faster if loaded manually.
You can disable these via msconfig but as this is just considered a trouble shooting tool really I would recommend using something like Mike Lin's Startup Control panel to control auto starts. Free, easy to use and it is a stand alone program so it uses no resources really.
Here is the list of unneeded auto starts and an explanation of each.

ATIPTA-Control panel for the ATI series of video cards allowing access to such features as display resolution, colour depth, etc. Available via Start -> Settings -> Control Panel -> Display. Some users may need it if they have optimised their settings
HP Software Update-exactly what it says it is. Can easily be run manually, plus updates are fairly rare.
StartCCC-ATI's CATALYST™ CONTROL CENTER. Required if you want to change graphics settings on …

Run HJT again and place a check mark next to the following entry:
O4 - HKCU\..\Run: [MS_MASTER] RUNDLL32.EXE C:\Users\voz\AppData\Local\Temp\yMaster.dll,w

Once you have placed the check mark click the Fix Checked button.
Exit HJT and reboot.

Now for that Zone Alarm warning, this is supposed to be for a networked printer. The request for access will try to connect to the internet even for a stand alone printer with remote access not enabled. Choose Always Deny access. Unless you're on a network, there is no reason for the Print Spooler to connect to the internet.

Click: Remember this answer the next time I use this program. when Zone
Alarm pops up with Spooler SubSystem App again.
Judy

Well sorry I couldn't help you. Hope you find the answer.

Please download GMER Rootkit Scanner:
http://www.gmer.net/download.php

-- DoubleClick the .exe file and, if asked, allow the gmer.sys driver to load.
-- If you receive a warning about Rootkit Activity and GMER asks if you want to run a scan, Click NO

-- Make sure the Rootkit/Malware Tab is selected (Top Left of GMER GUI)
Along the Right Side of the GMER GUI there will be a number of checked boxes. Please Uncheck the following:
- Sections
- Drives or Partitions other than your Systemdrive (usually C:\)
- Show All (be sure this one remains Unchecked)

-- Then, click the Scan Button
Allow the scan as long as it needs and then save the log to where you can easily find it and post it for us.

***Disconnect from the internet and do not run any other programs while GMER is scanning. Temporarily disable any real-time anti-spyware or anti-virus protection so they do not interfere with the running of GMER.
Post back with the log.

I did the Eset scan, Once the file was found i stoped the scan, and this time the "delete files" box was checked. I wanted to stop the scan because last time it took about an hour. But i am running a full scan now and lets hope it doesn't find anything.

After i deleted the program (I think) I did the Hijackthis scan. Here is the report.

If you stopped the ESET program before it had completed the Full Scan then it was not run properly and there is no guarantee that the program was removed properly, so the HJT scan you did after really isn't to be trusted either.
Please allow ESET to complete a Full Scan, when the scan is complete THEN is when you can do another HJT scan and post that log, until then I can't offer any suggestions.
Judy

Well, with further research you probably are ok with just the router firewall.
But the additional RAM I would say is something you need.
If you do the scan at Crucial it will tell you how many slots you have and what you can put in them.
Adding ram is literally a snap...because that is the sound it makes when you snap it in. And that IS all you do. I have done it a number of times. Takes longer to disconnect all the cords from the computer and open the case than it does to install the RAM. To be 100% accurate, an 8 year old child could EASILY install new RAM in a computer.
Most advice today tell you when you get a new machine START with 1GB of RAM...at the very least. Adding RAM is really and truly the most cost effective investment to speed up a slow machine.

Also, someone told me a long time ago that having more than 1 GB of memory does nothing to speed up the computer. I can't remember his exact words, but he was saying to deal with the virtual memory settings or something (can't remember now).

Here is a very simple and understandable explanation of Virtual Memory from Ask Leo and I honestly think is what is happening to your machine...freezing, not being able to work between programs, swapping files, etc. Read what he says very carefully:

Virtual Memory is simply the …

Actually, a lot depends on what programs you have open and running all the time. If these are resource intensive programs then...your employees are right :), you need to shut things down and reboot. With many programs this really is the only way to release the memory. If you have a large computer as you say and run labor intensive programs, then no 1GB of RAM is probably NOT enough. I am running a little 40GB Dell...I have 1.5GB of RAM. I am certain you could probably take more.
To really find out, go to http://www.crucial.com/ and do their FREE scan and it will tell you exactly how much RAM your system can handle, what you need and how much it costs...they are the cheapest place generally.

To get detailed profile of your installed software and hardware, go to http://www.belarc.com/free_download.html and run that scan. That will tell you exactly what hardware is installed on the computer and we can go from there for correct drivers.
Both of these scans take just a few moments.
Come back with the info. I don't need logs, just the info.

By the way, you have a lot of unnecessary auto starts, which will slow the system, sap resources and also cause problems.
Judy

Yes, run the ESET again, sorry I forgot to have you remove when I pasted the instructions. As for the one I asked about it evidently is gone if start up can't find it. We'll take care of that when you post back with the results of the ESET scan.
After you do the ESET scan run another HJT scan and post back with both logs.
Judy

Are you saying the ESET program did not fix or remove what it found?
It should have done so, or did you not tell it to fix anything?
If you didn't tell it to fix then you should run the scan again and this time have it fix whatever it finds.
But if you DID tell it to fix and it could not, let me know.
Also;
Do you know what this is?
O4 - HKCU\..\Run: [MS_MASTER] RUNDLL32.EXE C:\Users\voz\AppData\Local\Temp\yMaster.dll,w
It is located in a Temp file but is running automatically at start up, never a good idea.

It actually scared me, b/c I've been wondering if someone has access to my computer (remotely) & thought maybe this is what's happening.

If somebody were going to PUT programs on your computer remotely without your knowledge they would certainly be much more malicious I would think. Now that of course would be possibly something somebody would do if they wanted to search through your business emails I suppose, Xobni IS a legitmate program for organizing Outlook emails which allows you to find info about contacts and such. But as you said, you no longer use Outlook so it wouldn't do anyone any good really, but that doesn't mean somebody else couldn't have installed it remotely either. I still believe it very likely came in with that TechTracker program.
One thing, earlier you said this:

Now I just rely upon my router's firewall.

That is most definitely NOT enough. It is just one piece of protection. The router firewall only protects what is connected to the router, that is all. You should have a firewall ON the computer. There are many which are very good and certainly other options other than Zone Alarm.

now my computer isn't even allowing me to move files from one folder to another

What happens when you try to do this? How full is the hard drive?

Try the instructions I gave above concerning Avenger and running of combofix

sorry, but yeah i renamed it on my flash drive and sent it to my desktop

And it didn't run?

Just noticed something here, in a previous post you said this:

combofix it starts up and then i get this screen that says its not safe to continue and then everything shuts down and the file deletes itself

Do you mean one of the screens in the attachments? If it is the Security Warning you have press RUN or the program will exit and it it is the Warranty Disclaimer you have to press YES or the program will end. This warning you see must be coming from someplace...your av program, your firewall, it just won't pop up from no where. Is there anything there that tells you where this warning is coming from?

Answer my questions and wait for my reply before doing the step below.

Download Avenger and unzip to your desktop.
Run Avenger, make sure that the box next to "Scan for rootkits" has a tick in it and that the box next to "Automatically disable any rootkits found" does not have a tick in it, then click on ‘Execute’. Afterwards, Windows restarts, and opens the log generated by The Avenger so you can see the results.

Next try Combofix again...deleing ALL copies first of course and installing a brand new, RENAMED one. See what happens

Hello, looking at the HJT log I see that TWO anti-virus programs are running at the same time. This is a BIG NO-NO. One of them MUST be UNINSTALLED via Add/Remove.
If you have a current and paid for version of Norton on there then I would advise that the uninstall be AVG8. If Norton is expired then Uninstall it.
Both of those program use a huge amount of resources which could be an explanation of the random shut downs, especially when playing a game. AVG 8 is also out of date, they are currently up to AVG 9 so an uninstall of this also is not really out of the question.
If both are out of date then uninstall both and install a new anti-virus program Avira and Avast are two excellent free programs and both use less resources than Norton and AVG.
Judy

Hi and welcome to daniweb,
Please Download ATF-Cleaner.exe by Atribune
• You can put ATF-Cleaner on your Desktop for easy access

RUN ATF-Cleaner.exe.

-- Click on ATF-Cleaner to run it
-- Where it says Select Files To Delete, Check the Select All Option
-- Click Empty Selected > OK
Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.
Reboot the computer

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.

* You will need to use Internet Explorer to to complete this scan.
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option …

Didn't ask this, when you renamed it was it all ready on the desktop?
If so I wasn't clear enough, when you go to download it and the box comes up asking where to save it and of course it needs to go to the desktop but THAT is also when you should rename it, not before it is downloaded to the desktop. So the box should come up, choose Save As...then rename it and have it go to the desktop. When you see it on the desktop then it should have that new name all ready. Is this how you did it?

You could also rename it on the flash drive and then SEND it to the desktop.

Do you have a flash drive from which you can install combofix?

As I said, is only one possibility; but as was happily stepping back at your request, just making you aware of the one possible cause which many don't seem to know about :)

You seem to think that I had not read ALL of the above before posting my suggestions. You are wrong. I post NOTHING without thorough research. I began where Mozilla recommends to begin with this type of problem which was the removal of the Norton program
1. because one should not run two anti-virus programs on one machine and,
2. because there is a KNOWN issue between Norton and Firefox.

The next step given by Mozilla is to go through the Standard Diagnostic steps to try to eliminate problems, this is what we are doing now. The first step is to check Customization and preferences to see if these are the culprits. The next step is to check Extensions and Themes and the next step would be to check Profile issues and the LAST step in that section of Profile Issue Diagnostics would be removing places.sqlite to a backup location to rule out a damaged Places database.

kaninelupus you have noted this as the first step or only and you are 100% incorrect, as you can see there are at least FIVE steps which should be taken first, and each one of those five steps have multiple instructions to follow BEFORE even beginning the multiple steps involved in ruling out Profile issues which include SIX …

It would help if we could see some logs here. We have no idea what was removed, or the locations of items removed, especially since you cannot remember the name of the last file you removed. Random letters and then saying it might be incorrect really doesn't give us a true reading. Did you save this log? Can you post that MBA-M log for us?

We have no idea what was found, where it was found OR actually what process you stopped using Rkill.

Realize you were trying to enable IE to work by downloading Windows Updates AND IE8 however, updating ANYTHING other than security software is never a good idea when the machine is not clean.

A KEY requirement for installing Windows SP3 is that the machine be FREE of infection.
Also before installing SP3 you must be certain that ALL drivers are compatible with SP3, ESPECIALLY your wireless network adapter. If it does NOT have drivers that support SP 3 then it should not be installed.

Frankly, I would recommend that you Uninstall SP3 for now. Until the machine is deemed clean it should not be added. You have no way of knowing if these new updates have now been corrupted by this infection.

Are you absolutely certain the infection is Antivirus System Pro?

We really need to see some logs here otherwise we cannot be of any service. We cannot recommend other tools or anything for now. We don't know …

The Places database was only intro'd in FF 3.0 - both of you might want to read this article over at Mozillazine if it comes to dealing with the "places.sqlite" file. One tip though - would highly recommend exporting bookmarks to manually back them up if you have to delete the places file altogether :)

Not really sure why you posted this kaninelupus. None of this has been mentioned in this thread, AND in reading your link none of the symptoms noted are ones mentioned by Childsplay so don't know that this even applies here.
The poster is a college student, their time is limited, let's give Childsplay time to report back here and let us know how things are working.

Did you turn off your antivirus program and your firewall?

Did you try the download the same way that you were able to get MBA-M to download?

Delete the first one.
Try downloading again and follow all the same directions on first rename combofix to bossy.exe. Then follow the same directions and see what happens.

Whew! Ok, do this:
Please download Combofix from one of these locations:
HERE or HERE
It is very important that you save this file to your DESKTOP.
Here is a tutorial that describes how to download, install and run Combofix more thoroughly. Please review it and follow the prompts to install Recovery Console - if you have not done that already:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Very Important! Temporarily disable your antivirus and antimalware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix and even remove onboard components so it is rendered ineffective:
http://www.bleepingcomputer.com/forums/topic114351.html

Running Combofix

In the event you already have Combofix, please delete it as this is a new version.

* Close any open browsers.
* Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.

Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang. Do not proceed with the rest of the fix if you fail to run combofix.

ComboFix will disconnect your computer from the Internet. Therefore, do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet as your connection will be completely restored at a later stage in the program. While the program is scanning your computer, it will change your …

Happy to help!

i get attcked by rogue anti spyware( like right now!) the rouge spy ware are the least of my worries i just want control of my pc back.

Hi and welcome to daniweb...had to laugh, sorry, but it appears your problem IS rogue spyware, not the least of your worries..it is your worry.
Are you able to boot to Safe Mode with Networking? If so this may allow you to download some programs needed for cleaning.
If you cannot download them directly to the computer do you have access to another computer? If so you could download the install file to the other computer, transfer them via either a burned cd or flash drive to the infected computer and then run the programs. Try both ways and see if it is possible. Here is what you need, obviously the first one should be updated and can be if you are using safe mode with networking. If it cannot be updated because you are installing via outside source that is fine. Even non-updated is better than none.
Now if at all possible MBA-M should most definitely be run in NORMAL mode, it is designed to run in NORMAL mode. Running in Safe mode does not allow it to load all of it's drivers. If that is 100% impossible to do then go ahead and run in Safe Mode but please make the attempt first to run it in NORMAL mode.
If you can only run in safe …

What anti-virus program do you use, what firewall? Do the following:
Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.

Reboot the computer.
Please Run the ESET Online Scanner and attach the ScanLog with your post for assistance.

* You will need to use Internet Explorer to to complete this scan.
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

Right …

The only other suggestion I have is that you install SpywareBlaster as added protection. This is another FREE program, uses NO system resources as it doesn't run all the time in the background.

SpywareBlaster prevents the installation of ActiveX-based spyware, adware, dialers, browser hijackers, and other potentially unwanted programs. It can also block spyware/tracking cookies in IE, Mozilla Firefox, Netscape, and many other browsers, and restrict the actions of spyware/ad/tracking sites.

Simply download, install, update, enable all protection and close the program, that's it. It must be manually updated and doesn't update often so have your friend check for updates monthly. If there are any then install and enable them all and close the program.
I would advise that your friend keep Malwarebytes' Anti-Malware. Update the program and do at least a weekly Quick Scan. If anything is found have the program remove it. Shut down, reboot, update the program again and do the Full Scan and remove anything found.
Other than that you are good to go.
Judy

Sorry to pop head in Judy, but if there is such a discrepancy btwn Safe and Normal FF mode, it may be quicker to simply create a new profile, and import required data only from old profile. If things are that hinky, can be much less problematic.

kaninelupus, realize you are offering help here but we are following the recommended steps given by mozilla. There is always a great difference between the action of Firefox and Firefox Safe Mode, so this is definitely not unusual.
In the end, yes, creating a new profile may be the way to go but at this point I would like childsplay to continue as we are. There are many other steps and checks to do before creating a new profile.
Judy

You have me confused here:

Hey im back had to buy a 30$ real slow p4 256mb ram pc of craigslist for now.

Are you saying you added more RAM to the computer with the problems or you bought another computer?

Pc specs
AMD athalon (tm) XP 2600+
1.91 ghz 768 of ram
2 80 gig hitachi hardrives
windows xp service pack 3

These are the specs of the problem computer? This isn't much RAM. How many ram card slots are on the computer?
I honestly don't believe this is a virus/infection problem. I think you would be better off posting all this hardware info in the HARDWARE Section of daniweb. I certainly am out of my element in that and there are experts there who can certainly advise you. But include ALL of your computer specs. You can tell them we have pretty much ruled out infection over here. I just don't think that is your problem, especially since this has been going on since 2007. Just the time frame alone makes me feel this isn't an infection issue, you would have had many more symptoms than just random shut downs.
Judy

When I use Firefox in Safe Mode is moves so much faster. What's the difference between that and the normal Firefox?

http://support.mozilla.com/en-US/kb/Safe+Mode

While you are in Safe Mode, your extensions and themes are disabled, and any toolbar customizations will be reverted back to their defaults. These changes are not permanent - when you leave Safe Mode and start Firefox up normally, your extensions, themes, and settings will return to the state they were in before you entered Safe Mode. Obviously something is slowing it down quite a bit since you said it is much faster in the Firefox safe mode.

Now you can make these changes permanent which will remove everything noted above. You could add them back one at a time and see what it is that is making it slow.

Did it stop opening all those tabs before or after you tried opening it in safe mode?

Are you still getting the multple tabs opening? Which version of Firefox are you running?
If you ARE getting multiple Tabs try opening Firefox in Safe Mode...this is NOT the computer safe mode but Firefox Safe mode. Go to your Start, Programs, click on Firefox and you should see the option to start it in safe mode. Choose that. It will open but without any add-ons you may have enabled. Tell me if the multiple tabs still open in Firefox Safe Mode.

O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Unknown owner - C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe (file missing)

Go to Start, Control Panel, Administrative Tools, Services. Scroll down through the list that opens until you see that one. Double Click on it to open it's properties. Change it's start up type to Disabled.

Now for this one

...ending program message with "hpcmpmgr.exe"

that is the HP Component Manager which causes this very common problem on HP computers it is unnecessary to have it run at start up. It checks the internet for updated drivers/utilities for HP products. This can be done manually so there is no reason to have this auto starting.
Now you can stop a LOT of unnecessary auto starting programs with Mike Lin's Startup Control Panel. A Free program which you download and install. Once installed it will be located in the Control Panel with a little computer icon labeled Startup.
I would recommend that you install this program and when it is installed open it up and you will see various tabs there. Just go through each Tab and take the check mark OUT of the following programs, none need to run at start up all can be run manually very easily:
HP Software Update
HP Component Manager
TkBellExe
QuickTime Task
SunJavaUpdateSched
MSMSGS
Adobe Reader Speed Launch
Microsoft Office
Remove the check marks next to all of those, close the Startup Control Panel and …

Thanks...

But... if the problem still exists what should I do next?

We aren't finished yet. Just uninstall the Norton program and then Update MBA-M and run a new Full Scan with it. Remove everything found.
Reboot the computer.
Then run a new HJT scan, save the log and post back here with BOTH new logs.
Judy

Looks good. Time to get rid of the remaining Verizon entries so run HJT again and put check marks next to the following entries:
O2 - BHO: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL

O3 - Toolbar: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL

O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN

O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Unknown owner - C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe (file missing)

Once you have placed those check marks then click the Fix Checked button. Exit HJT and reboot.
Run one more HJT scan and post that log.
How are things running?
Judy

I am currently at college, therefore I have to use one of the anti-virus programs they suggest. I am using the free version of AVG. I will rescan my computer with my anti-virus program disabled and then post the new results as soon as I can...

Thanks again...

That's fine but you HAVE to then UNINSTALL Norton, you cannot run two anti-virus programs on one computer it only lessens your protection, does not improve it.
Click on the Start button.
Now go to Control Panel.
You will find Programs there. Please click on that.
Now click on Program and Features.
You can look for the program you want to work with and then click on Uninstall/Change button

Well to start you HiJackThis log shows that you are running TWO anti-virus programs, Norton and AVG8. Which one did you install first and did you pay for either of them?
If either are paid and are current and not near expiring then keep that one but uninstall the other.
One of them at least has to go, if you don't want or didn't pay for either then I would advise that you uninstall both and install a totally new one.
I would recommend either Avira or Avast. Both excellent, both free. Avira is a bit simpler to use but both are very good, highly recommended.
But which ever you decide to do the rule is ONE anti-virus program on the computer.

OK...finally caught up to this computers owner. She does not use verizon.
Do i need to get rid of anything that says verizon.
Again, thanks.

Absolutely. There is no need for this to be on the computer.
Once you have done that then do another HJT log and post it here.
Judy

The logs look clean to me. Your Java is WAY out of date and must be updated. Go HERE and download the Offline Install, save it to the desk top.
Close all browsers.

Once you have done that go to Add/Remove and Uninstall J2SE Runtime Environment 5.0 Update 6
When the uninstall is complete then double click that Java Install file on the desktop to install the newest version. Keep an eye on the install as it takes place, occasionally there are other toolbars which may be installed along with this UNLESS you remove the check mark next to the box saying it is ok to do so. Don't take any of those toolbars, take the check marks out.
Once the install is complete go back to the download page and click the Verify Now on the right side of the page. This will take you to the page where you will see if your installation went as it should have gone.
Then install your Norton program, update it and run a full scan with it. If it finds anything have it remove/fix/quarantine...which ever choice is given.
Judy