Good questions. Whilst you could persevere with attempting to recover this PC from these problems, it may be that a complete re-install will be quicker and easier, if you are both happy with that procedure.
Can you confirm that you have the XP CD and all the drivers, (often on a separate CD)? I ask because at the HP site for your model here, the guidance seems to suggest that this PC did not come with recovery CD's but has a recovery partition instead. Of course it may well be that you obtained the CD's from HP, something that we often advise members to get.
The guidance on that site may be useful for you.
A recovery/reinstall will remove all virus/spyware infections at a stroke from the main hard disk. However those backed up files on the external disk may well be infected, so be prepared before you reconnect that disk. Have an anti-virus application installed, updated, and running in the background before you examine the contents of that disk, and run a full virus scan on it before copying or opening any files. An anti-spyware scan may be useful as well.
You may find that you get an Access Denied error when trying to access that external disk. If so, you will need to Take Ownership.
Some of the questions you asked;
1] Yes, the Win32/Blaster worm is still around. They all are.
2] Why does Windows Update think your PC is a Mac? Not sure. Do I understand that this PC accesses the internet through the Mac? Or does it have it's own internet connection through the router and modem? Whichever, what happens if you disconnected the Mac and connected the PC directly to the modem, or on its own through the router to the modem without the Mac connected?
In any case, SP2, (note, I don't mean SP3), was a major upgrade to XP, and it catches out any PC that is not squeaky clean of infection and is otherwise not running smoothly. I am sure that SP3 will include all previous SPs for your PC but I must admit I am not 100% certain. It seems logical though.
If that Windows Antispyware is the anti-spyware utility offered by Microsoft, it is now Windows Defender, and the old version may not have been catching all spyware. Get a couple more anti-spyware utilities, not to run continuously, but to perform stand-alone, manual, scans occasionally. We find we need more than one AS nowadays to catch everything.
Personally I would not have paid for Nortons. Whilst many have no problems with it and like the product, there are also reports that it is bloated and a resource hog. There are, many, free anti-malware products available and our Spyware, viruses and security forum will have some of the better options available.
If you decide to recover/reinstall, do that whilst disconnected from the internet, and make sure the Microsoft firewall is on before re-connecting. It becomes the Windows firewall after SP2, a much better firewall, but again there may be better, free, alternatives available.
I hope that helps.
I am a Mac user, but my husband uses an HP Pavillion 7955 PC with WindowsXP Home edition, I think it is about 2001 version. He did some security updates and blaster worm fixing in 2003, but has not done any upgrades since then. His PC is connected to a DLink router (wired) to our cable modem, which connects to my iMac. I am trying to troubleshoot for his PC.
We have identified these problems that may or may not be related:
(1) Microsoft download site identifies PC as a Mac
He noticed some problems with automatic shutdowns about 4 weeks ago, thought he might have spyware because Windows Antispyware kept opening and quitting. He purchased Norton antivirus software online, but it will not install until Windows xp is updated to servicepack2 or 3. He followed link to Microsoft's site to download sp3. Every attempt to download anything related to Windows results in message 'thank you for visiting our website. This download is for Windows only. To download for Macs, visit our website....." and gives a link back to the Microsoft Download site. MS's download center apparently is 'reading' our PC as a Mac.
It is an endless loop. I tried booting into safe mode.....same results.
(2) Probable virus infection:
I uninstalled the Security program that kept opening the Antispyware and then quitting, but other programs started giving 'have to quit' messages, shutting down in 60 seconds. Safe mode boot did help with that, but rebooting into usual mode got the error messages that the "remote procedure call terminated unexpectedly" and began cycling so that the computer shut down and restarted over and over. I found the fix to go: Start->Run: shutdown -a to stop that and it did work, but the only info on that is from 03, saying that it is the Wm32 Blaster/Lovsan worm. Is that information still accurate....is that worm still around? Would it reactivate/come back despite the fix we did in 03? I tried to turn on the Firewall which was not on, but got the message that something like Internet Connection sharing failed. I think the Firewall cannot be activated because it is the Mac that is connected to the cable modem.
I did do a System Restore, but it would not go back as far as it said it would, May9 nor all the restore points from then to July 30, just said system restore failed. Finally able to restore it to July 30, but problems began about June 30 with many errors on the log.
What are the next steps/recommendations/fixes to find out what virus(es) are on his PC and how to get rid of them, and how to correct the misidentification of our PC as a Mac so that we can update Windows?
Would it be best to reinstall Windows XP from the installation disks, doing a clean install?
I copied all his documents, photos and video clips to an external hard drive two days ago before starting to investigate his PC. Would a virus be likely to damage these? Can we assume they are fine if they open ok? If we get his PC virus-free and operating correctly is it safe to copy these back to his computer's hard drive?
Thanks for any help with this. Sorry, but we are a bit naive about this