Page 1 of 3 123 LastLast
Results 1 to 10 of 23
  1. #1
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default My computer has been running really slow & 100% CPU usage quite often. 3 logs enc.

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 06/22/2012 at 00:02 AM

    Application Version : 5.1.1002

    Core Rules Database Version : 8777
    Trace Rules Database Version: 6589

    Scan type : Quick Scan
    Total Scan Time : 00:21:32

    Operating System Information
    Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 612
    Memory threats detected : 0
    Registry items scanned : 29406
    Registry threats detected : 143
    File items scanned : 7960
    File threats detected : 170

    PUP.MyWebSearch/FunWebProducts
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\SOFTWARE\Fun Web Products
    HKLM\SOFTWARE\Fun Web Products
    HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
    HKLM\SOFTWARE\Fun Web Products#CacheDir
    HKLM\SOFTWARE\Fun Web Products\ScreenSaver
    HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
    HKLM\SOFTWARE\Fun Web Products\ScreenSaver#PM
    HKLM\SOFTWARE\Fun Web Products\Settings
    HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#ETag
    HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
    HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#ETag
    HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#ETag
    HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#ETag
    HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#ETag
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.8
    HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
    HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuPosDeleted
    HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
    HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
    HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\SOFTWARE\FunWebProducts
    HKLM\SOFTWARE\FunWebProducts
    HKLM\SOFTWARE\FunWebProducts\Installer
    HKLM\SOFTWARE\FunWebProducts\Installer#Dir
    HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
    HKLM\SOFTWARE\FunWebProducts\Installer#sr
    HKLM\SOFTWARE\FunWebProducts\Installer#pl
    HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
    HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
    HKLM\SOFTWARE\FunWebProducts\Installer\downloaded
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\SOFTWARE\MyWebSearch
    HKLM\SOFTWARE\MyWebSearch
    HKLM\SOFTWARE\MyWebSearch\bar
    HKLM\SOFTWARE\MyWebSearch\bar#pid
    HKLM\SOFTWARE\MyWebSearch\bar#tiec
    HKLM\SOFTWARE\MyWebSearch\bar#Dir
    HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
    HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
    HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
    HKLM\SOFTWARE\MyWebSearch\bar#sr
    HKLM\SOFTWARE\MyWebSearch\bar#pl
    HKLM\SOFTWARE\MyWebSearch\bar#Id
    HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
    HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
    HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
    HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
    HKLM\SOFTWARE\MyWebSearch\bar#sscURL
    HKLM\SOFTWARE\MyWebSearch\bar#Flags
    HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pl
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ABS
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#DES
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sscEnabled
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#eintl
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fs
    HKLM\SOFTWARE\MyWebSearch\SkinTools
    HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
    HKLM\Software\FocusInteractive
    HKLM\Software\FocusInteractive\bar
    HKLM\Software\FocusInteractive\bar\Switches
    HKLM\Software\FocusInteractive\bar\Switches#incmail.exe
    HKLM\Software\FocusInteractive\bar\Switches#msimn.exe
    HKLM\Software\FocusInteractive\bar\Switches#msn.exe
    HKLM\Software\FocusInteractive\bar\Switches#outlook.exe
    HKLM\Software\FocusInteractive\bar\Switches#waol.exe
    HKLM\Software\FocusInteractive\bar\Switches#aim.exe
    HKLM\Software\FocusInteractive\bar\Switches#icq.exe
    HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe
    HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe
    HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe
    HKLM\Software\FocusInteractive\bar\Switches#ypager.exe
    HKLM\Software\FocusInteractive\bar\Switches#au
    HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll
    HKLM\Software\FocusInteractive\bar\Switches#ok
    HKLM\Software\FocusInteractive\bar\Switches#od
    HKLM\Software\FocusInteractive\bar\Switches#nk
    HKLM\Software\FocusInteractive\bar\Switches#nd
    HKLM\Software\FocusInteractive\Email-IM
    HKLM\Software\FocusInteractive\Email-IM\0
    HKLM\Software\FocusInteractive\Email-IM\0#Toolbar
    HKLM\Software\FocusInteractive\Email-IM\0#AppName
    HKLM\Software\FocusInteractive\Outlook
    C:\Program Files\MyWebSearch\bar\History\search2
    C:\Program Files\MyWebSearch\bar\History
    C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
    C:\Program Files\MyWebSearch\bar\Settings\settings.dat
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
    C:\Program Files\MyWebSearch\bar\Settings
    C:\Program Files\MyWebSearch\bar
    C:\Program Files\MyWebSearch
    C:\Program Files\FunWebProducts\ScreenSaver\Images\004C1972.urr
    C:\Program Files\FunWebProducts\ScreenSaver\Images
    C:\Program Files\FunWebProducts\ScreenSaver
    C:\Program Files\FunWebProducts\Shared
    C:\Program Files\FunWebProducts

    PUP.MyWebSearch
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

    Trojan.NewDotNet
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}

    Adware.webHancer
    HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}

    Trojan.Agent/Gen-Boonty
    HKLM\System\CurrentControlSet\Services\BOONTY GAMES
    C:\PROGRAM FILES\COMMON FILES\BOONTY SHARED\SERVICE\BOONTY.EXE
    HKLM\System\CurrentControlSet\Enum\Root\LEGACY_BOONTY GAMES

    Disabled.SecurityCenterOption
    HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
    HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY

    Adware.Tracking Cookie
    D:\Documents and Settings\Kevin\Cookies\X1UFHY3P.txt [ /fr.sitestat.com ]
    D:\Documents and Settings\Kevin\Cookies\P9OUOLLL.txt [ /ec-track.com ]
    D:\Documents and Settings\Kevin\Cookies\ABZ54EQW.txt [ /collective-media.net ]
    D:\Documents and Settings\Kevin\Cookies\RD8QZ39N.txt [ /adtech.de ]
    D:\Documents and Settings\Kevin\Cookies\KKB4JR28.txt [ /media6degrees.com ]
    D:\Documents and Settings\Kevin\Cookies\P97L93TK.txt [ /atdmt.com ]
    D:\Documents and Settings\Kevin\Cookies\SBPIGOB4.txt [ /mm.chitika.net ]
    D:\Documents and Settings\Kevin\Cookies\2FKLJSMF.txt [ /serving-sys.com ]
    D:\Documents and Settings\Kevin\Cookies\2VQZ6L5Y.txt [ /bs.serving-sys.com ]
    D:\Documents and Settings\Kevin\Cookies\LINLA5ST.txt [ /247realmedia.com ]
    D:\Documents and Settings\Kevin\Cookies\MFZ2TP3E.txt [ /smartadserver.com ]
    D:\Documents and Settings\Kevin\Cookies\07W61RGE.txt [ /partners.globaldirectmedia.com ]
    D:\Documents and Settings\Kevin\Cookies\BV4TF0UJ.txt [ /server.lon.liveperson.net ]
    D:\Documents and Settings\Kevin\Cookies\GFPSAH3O.txt [ /eas.apm.emediate.eu ]
    D:\Documents and Settings\Kevin\Cookies\3W34R5DY.txt [ /adinterax.com ]
    D:\Documents and Settings\Kevin\Cookies\2XX187KK.txt [ /apmebf.com ]
    D:\Documents and Settings\Kevin\Cookies\HGWJG3UR.txt [ /amazon-adsystem.com ]
    D:\Documents and Settings\Kevin\Cookies\R9HAPV0V.txt [ /dc.tremormedia.com ]
    D:\Documents and Settings\Kevin\Cookies\KUB7V5IF.txt [ /liveperson.net ]
    D:\Documents and Settings\Kevin\Cookies\KY6GSGRU.txt [ /www.burstnet.com ]
    D:\Documents and Settings\Kevin\Cookies\9MO4U8ZY.txt [ /mediaplex.com ]
    D:\Documents and Settings\Kevin\Cookies\EZ12AEA8.txt [ /adviva.net ]
    D:\Documents and Settings\Kevin\Cookies\S7ZS4JRV.txt [ /advertising.com ]
    D:\Documents and Settings\Kevin\Cookies\XIECH7Q7.txt [ /www4.smartadserver.com ]
    D:\Documents and Settings\Kevin\Cookies\3H6NR7PR.txt [ /revsci.net ]
    D:\Documents and Settings\Kevin\Cookies\D7N1CGNC.txt [ /fastclick.net ]
    D:\Documents and Settings\Kevin\Cookies\IQMYL3MA.txt [ /aimfar.solution.weborama.fr ]
    D:\Documents and Settings\Kevin\Cookies\F79X67OI.txt [ /tribalfusion.com ]
    D:\Documents and Settings\Kevin\Cookies\YHIJNM3R.txt [ /panel.gfkmediaview.com ]
    D:\Documents and Settings\Kevin\Cookies\PSLB8AV6.txt [ /clickfuse.com ]
    D:\Documents and Settings\Kevin\Cookies\FJG10SCM.txt [ /imrworldwide.com ]
    D:\Documents and Settings\Kevin\Cookies\E8UIOU20.txt [ /ads.adk2.com ]
    D:\Documents and Settings\Kevin\Cookies\8ZLS5CT5.txt [ /adpeppermedia.net ]
    D:\Documents and Settings\Kevin\Cookies\IWE8NNM8.txt [ /liveperson.net ]
    D:\Documents and Settings\Kevin\Cookies\JT9WEDXK.txt [ /fr.sitestat.com ]
    D:\Documents and Settings\Kevin\Cookies\CU1JVMI7.txt [ /specificclick.net ]
    D:\Documents and Settings\Kevin\Cookies\ZOZ2XQH0.txt [ /archant.122.2o7.net ]
    D:\Documents and Settings\Kevin\Cookies\S5K8JS68.txt [ /ad.yieldmanager.com ]
    D:\Documents and Settings\Kevin\Cookies\UT8CWO55.txt [ /invitemedia.com ]
    D:\Documents and Settings\Kevin\Cookies\2XSAIPF1.txt [ /doubleclick.net ]
    D:\Documents and Settings\Kevin\Cookies\X7VBQPQI.txt [ /www.googleadservices.com ]
    D:\Documents and Settings\Kevin\Cookies\6RIQCEXN.txt [ /ad.360yield.com ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\0DKQ5178.txt [ Cookie:chiara & naomi@serving-sys.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara & naomi@e-2dj6wjmycocjigp.stats.esomniture[2].txt [ Cookie:chiara & naomi@e-2dj6wjmycocjigp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@uk.at.atwola[2].txt [ Cookie:chiara & naomi@uk.at.atwola.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@adtech[1].txt [ Cookie:chiara & naomi@adtech.de/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\20QXYML8.txt [ Cookie:chiara & naomi@content.yieldmanager.com/ak/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\3Q2R4S69.txt [ Cookie:chiara & naomi@ad.yieldmanager.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@www.googleadservices[5].txt [ Cookie:chiara & naomi@www.googleadservices.com/pagead/conversion/1064102093/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@bs.serving-sys[1].txt [ Cookie:chiara & naomi@bs.serving-sys.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@atdmt[2].txt [ Cookie:chiara & naomi@atdmt.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@adserver.qplaygames[1].txt [ Cookie:chiara & naomi@adserver.qplaygames.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@www.googleadservices[2].txt [ Cookie:chiara & naomi@www.googleadservices.com/pagead/conversion/1035938125/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\B0W91N88.txt [ Cookie:chiara & naomi@content.yieldmanager.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@adbrite[1].txt [ Cookie:chiara & naomi@adbrite.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara & naomi@media.mtvnservices[1].txt [ Cookie:chiara & naomi@media.mtvnservices.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@yieldmanager[1].txt [ Cookie:chiara & naomi@yieldmanager.net/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\JKT45K1J.txt [ Cookie:chiara & naomi@apmebf.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@richmedia.yahoo[2].txt [ Cookie:chiara & naomi@richmedia.yahoo.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara & naomi@cgi-bin[3].txt [ Cookie:chiara & naomi@imrworldwide.com/cgi-bin ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@media6degrees[1].txt [ Cookie:chiara & naomi@media6degrees.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\Z5YWZ1ZV.txt [ Cookie:chiara & naomi@doubleclick.net/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\CIPFOED4.txt [ Cookie:chiara & naomi@mediaplex.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@overture[1].txt [ Cookie:chiara & naomi@overture.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@fastclick[1].txt [ Cookie:chiara & naomi@fastclick.net/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@advertising[1].txt [ Cookie:chiara & naomi@advertising.com/ ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@www.google[1].txt [ Cookie:chiara & naomi@www.google.com/adsense/support ]
    D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@invitemedia[1].txt [ Cookie:chiara & naomi@invitemedia.com/ ]
    D:\DOCUMENTS AND SETTINGS\KEVIN\Cookies\7YLM3FL0.txt [ Cookie:kevin@www.google.com/accounts ]
    D:\DOCUMENTS AND SETTINGS\KEVIN\Cookies\RKYJH2V8.txt [ Cookie:kevin@google.com/accounts/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-dig.hitbox[1].txt [ Cookie:lisa@ehg-dig.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfmyqoc5igq.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfmyqoc5igq.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-mothercare.hitbox[2].txt [ Cookie:lisa@ehg-mothercare.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@counter2.hitslink[2].txt [ Cookie:lisa@counter2.hitslink.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@xiti[1].txt [ Cookie:lisa@xiti.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@geosign.112.2o7[1].txt [ Cookie:lisa@geosign.112.2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-bskyb.hitbox[1].txt [ Cookie:lisa@ehg-bskyb.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@webstat[2].txt [ Cookie:lisa@webstat.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@bluestreak[1].txt [ Cookie:lisa@bluestreak.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@clickability[1].txt [ Cookie:lisa@clickability.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@www.smartadserver[2].txt [ Cookie:lisa@www.smartadserver.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@as1.falkag[1].txt [ Cookie:lisa@as1.falkag.de/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@web-stat[1].txt [ Cookie:lisa@web-stat.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@cgi-bin[1].txt [ Cookie:lisa@imrworldwide.com/cgi-bin ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@mediaplex[2].txt [ Cookie:lisa@mediaplex.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@belnk[1].txt [ Cookie:lisa@belnk.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@local[1].txt [ Cookie:lisa@int.sitestat.com/touchplc/local/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjmyqldpigq.stats.esomniture[1].txt [ Cookie:lisa@e-2dj6wjmyqldpigq.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wgkoejc5gfp.stats.esomniture[1].txt [ Cookie:lisa@e-2dj6wgkoejc5gfp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-littlewoods.hitbox[2].txt [ Cookie:lisa@ehg-littlewoods.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@112.2o7[1].txt [ Cookie:lisa@112.2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@trafficmp[1].txt [ Cookie:lisa@trafficmp.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-adidas.hitbox[1].txt [ Cookie:lisa@ehg-adidas.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@hitbox[2].txt [ Cookie:lisa@hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adbrite[2].txt [ Cookie:lisa@adbrite.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@statse.webtrendslive[1].txt [ Cookie:lisa@statse.webtrendslive.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@cnn.122.2o7[1].txt [ Cookie:lisa@cnn.122.2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfk4socjweo.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfk4socjweo.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjl4wmajkgo.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wjl4wmajkgo.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@msnportal.112.2o7[1].txt [ Cookie:lisa@msnportal.112.2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-hotcourses.hitbox[2].txt [ Cookie:lisa@ehg-hotcourses.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@bs.serving-sys[1].txt [ Cookie:lisa@bs.serving-sys.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@doubleclick[2].txt [ Cookie:lisa@doubleclick.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@smileycentral[2].txt [ Cookie:lisa@smileycentral.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adserving.autotrader[1].txt [ Cookie:lisa@adserving.autotrader.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@pacificpoker[2].txt [ Cookie:lisa@pacificpoker.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adopt.hbmediapro[2].txt [ Cookie:lisa@adopt.hbmediapro.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@atdmt[1].txt [ Cookie:lisa@atdmt.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@1.affiliateclicks[1].txt [ Cookie:lisa@1.affiliateclicks.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@192[1].txt [ Cookie:lisa@nedstat.192.com/192/192/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@46759675[1].txt [ Cookie:lisa@server.iad.liveperson.net/hc/46759675 ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@windowsmedia[1].txt [ Cookie:lisa@windowsmedia.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@S121071[1].txt [ Cookie:lisa@statse.webtrendslive.com/S121071 ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@superstats[1].txt [ Cookie:lisa@superstats.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@burstnet[1].txt [ Cookie:lisa@burstnet.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@casalemedia[2].txt [ Cookie:lisa@casalemedia.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjkogocjmbp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wjkogocjmbp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfliujc5egp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfliujc5egp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@www.upspiral[2].txt [ Cookie:lisa@www.upspiral.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@realmedia[1].txt [ Cookie:lisa@realmedia.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@revenue[1].txt [ Cookie:lisa@revenue.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@yahoouk[1].txt [ Cookie:lisa@fr.sitestat.com/eurosport/yahoouk/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@perf.overture[1].txt [ Cookie:lisa@perf.overture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@122.2o7[1].txt [ Cookie:lisa@122.2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@keywordmax[1].txt [ Cookie:lisa@keywordmax.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ww3.shoshkeles[1].txt [ Cookie:lisa@ww3.shoshkeles.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfkicncpebp.stats.esomniture[1].txt [ Cookie:lisa@e-2dj6wfkicncpebp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@serving-sys[1].txt [ Cookie:lisa@serving-sys.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@2o7[2].txt [ Cookie:lisa@2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@nextag[1].txt [ Cookie:lisa@nextag.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adtech[2].txt [ Cookie:lisa@adtech.de/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@maxserving[1].txt [ Cookie:lisa@maxserving.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfmyggd5agp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfmyggd5agp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@tribalfusion[2].txt [ Cookie:lisa@tribalfusion.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@eurosport[1].txt [ Cookie:lisa@fr.sitestat.com/eurosport/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@zedo[1].txt [ Cookie:lisa@zedo.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjkoand5ehp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wjkoand5ehp.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@S146738[2].txt [ Cookie:lisa@statse.webtrendslive.com/S146738 ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@questionmarket[2].txt [ Cookie:lisa@questionmarket.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@www.dgm2[1].txt [ Cookie:lisa@www.dgm2.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@S146260[2].txt [ Cookie:lisa@statse.webtrendslive.com/S146260 ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@specificclick[2].txt [ Cookie:lisa@specificclick.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ads.pointroll[2].txt [ Cookie:lisa@ads.pointroll.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@media.adrevolver[2].txt [ Cookie:lisa@media.adrevolver.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@premiumtv.122.2o7[1].txt [ Cookie:lisa@premiumtv.122.2o7.net/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adrevolver[1].txt [ Cookie:lisa@media.adrevolver.com/adrevolver/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@overture[1].txt [ Cookie:lisa@overture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@at.atwola[2].txt [ Cookie:lisa@at.atwola.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-hitent.hitbox[2].txt [ Cookie:lisa@ehg-hitent.hitbox.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@statcounter[2].txt [ Cookie:lisa@statcounter.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@dealtime.co[2].txt [ Cookie:lisa@dealtime.co.uk/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wgkikgdzkkq.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wgkikgdzkkq.stats.esomniture.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ads.addynamix[1].txt [ Cookie:lisa@ads.addynamix.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@stats2.clicktracks[2].txt [ Cookie:lisa@stats2.clicktracks.com/ ]
    D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@1069590531[1].txt [ Cookie:lisa@www.googleadservices.com/pagead/conversion/1069590531/ ]

    Adware.CouponBar
    C:\WINDOWS\SYSTEM32\CPNPRT2.CID

    This is my Malwarebytes log



    Malwarebytes Anti-Malware 1.61.0.1400
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.06.21.11

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Kevin :: KEVSCOMPUTER [administrator]

    22/06/2012 00:25:57
    mbam-log-2012-06-22 (00-25-57).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 291643
    Time elapsed: 16 minute(s), 1 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 6
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Downloads\WinterChallengeSetup-dm[1].exe (Adware.TryMedia) -> Quarantined and deleted successfully.

    (end)

    This is my HijackThis log



    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22:27:44, on 22/06/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
    C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis\HijackThis[1].exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bt.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
    O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 10734 bytes


    Thanks,

    Kev.

  2. The Following User Says Thank You to kev_chiara For This Useful Post:


  3. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi Kev,

    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

    Adobe is seriously out of date, and an infection risk as well. Please up-date it from HERE
    Free McAfee Scan Plus Please "uncheck" that before downloading.

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
    Why does that show "No Action Taken". Did you not let Malwarebytes remove it?

    If so, up-date malwarebytes / Rerun and let it remove everything it finds! Post the log, then follow below instructions:

    NEXT

    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE


    NEXT

    Please download MiniToolBox http://download.bleepingcomputer.com...iniToolBox.exe and run it.

    Checkmark following boxes:

    • List last 10 Event Viewer log
    • List Users, Partitions and Memory size


    Click Go and post the result.
    Last edited by zep516; 06-22-2012 at 09:25 PM.

  4. The Following User Says Thank You to zep516 For This Useful Post:


  5. #3
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default

    Hi Zep, Thanks so much for the reply.

    I have now successfully updated Adobe. It had been trying on and off for what seemed like years but kept erroring. I just used the add/remove programs to get rid of Adobe reader 7.0 and the new one then installed ok.

    Here is my new Malwarebytes log. (I am now going to try the next stuff you asked).

    Malwarebytes Anti-Malware 1.61.0.1400
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.06.23.06

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Kevin :: KEVSCOMPUTER [administrator]

    23/06/2012 23:31:16
    mbam-log-2012-06-23 (23-31-16).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 296615
    Time elapsed: 16 minute(s), 33 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

  6. #4
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default

    OK. Here are the DDS logs (it tells me to ZIP the other but i'm not sure how to! Let me know and i'll include that)

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Kevin at 0:07:15 on 2012-06-24
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1471.386 [GMT 1:00]
    .
    AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton 360 *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
    C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
    C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
    C:\WINDOWS\system32\sistray.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://bt.yahoo.com/
    uWindow Title = Packard Bell
    uSearch Bar = hxxp://www.yahoo.com/search/ie.html
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = 127.0.0.1;*.local
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.2.2.3\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.2.2.3\ips\IPSBHO.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
    TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.2.2.3\coIEPlg.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    EB: BT Yahoo! Sidebar: {51085e3d-a958-42a2-a6be-a6a9b0baf276} - c:\program files\yahoo!\browser\ysidebarIE.dll
    EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{DF47F80A-C140-49FC-AE55-196FAFF4A223} : DhcpNameServer = 192.168.1.254
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2006-3-21 155136]
    R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2006-3-21 5248]
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502020.003\symds.sys [2012-6-12 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502020.003\symefa.sys [2012-6-12 744568]
    R1 BHDrvx86;BHDrvx86;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502020.003\ironx86.sys [2012-6-12 136312]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
    R2 N360;Norton 360;c:\program files\norton 360\engine\5.2.2.3\ccsvchst.exe [2012-6-12 130008]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-7-21 106656]
    R3 IDSxpx86;IDSxpx86;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20120622.001\IDSXpx86.sys [2012-6-23 369632]
    R3 NAVENG;NAVENG;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20120622.033\NAVENG.SYS [2012-6-23 87928]
    R3 NAVEX15;NAVEX15;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20120622.033\NAVEX15.SYS [2012-6-23 1589752]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-1-30 27632]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-12 257224]
    S3 ALSysIO;ALSysIO;\??\d:\docume~1\kevin\locals~1\temp\alsysio.sys --> d:\docume~1\kevin\locals~1\temp\ALSysIO.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-06-21 23:20:59 -------- d-----w- d:\documents and settings\kevin\application data\Malwarebytes
    2012-06-21 23:20:28 -------- d-----w- d:\documents and settings\all users\application data\Malwarebytes
    2012-06-21 23:20:26 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-21 23:20:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-06-21 22:36:29 -------- d-----w- d:\documents and settings\kevin\application data\SUPERAntiSpyware.com
    2012-06-21 22:36:03 -------- d-----w- d:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2012-06-21 22:36:03 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-06-19 23:35:56 -------- d-----w- c:\program files\Core Temp
    2012-06-18 22:31:03 -------- d-----w- c:\program files\CCleaner
    2012-06-16 20:20:46 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-06-12 20:12:54 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
    2012-06-12 20:11:54 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-12 10:17:37 331384 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symtdiv.sys
    2012-06-12 10:17:36 369784 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symtdi.sys
    2012-06-12 10:17:36 299640 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symnets.sys
    2012-06-12 10:17:34 744568 ----a-r- c:\windows\system32\drivers\n360\0502020.003\symefa.sys
    2012-06-12 10:17:34 50168 ----a-r- c:\windows\system32\drivers\n360\0502020.003\srtspx.sys
    2012-06-12 10:17:34 340088 ----a-r- c:\windows\system32\drivers\n360\0502020.003\symds.sys
    2012-06-12 10:17:33 516216 ----a-r- c:\windows\system32\drivers\n360\0502020.003\srtsp.sys
    2012-06-12 10:17:32 136312 ----a-r- c:\windows\system32\drivers\n360\0502020.003\ironx86.sys
    2012-06-12 10:16:51 -------- d-----w- c:\windows\system32\drivers\n360\0502020.003
    .
    ==================== Find3M ====================
    .
    2012-06-16 20:20:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-06-16 20:20:18 472840 ----a-w- c:\windows\system32\deployJava1.dll
    2012-06-12 20:11:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 14:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec
    2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-18 19:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-04-18 19:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2006-12-27 21:51:59 42377103 ----a-w- c:\program files\Install_NortonInternetSecurity_IN.EXE
    .
    ============= FINISH: 0:08:41.95 ===============

  7. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Yes include, no need to zip it up.

    Joe

  8. The Following User Says Thank You to zep516 For This Useful Post:


  9. #6
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 18/10/2005 17:28:12
    System Uptime: 23/06/2012 23:11:43 (1 hours ago)
    .
    Motherboard: NEC COMPUTERS INTERNATIONAL | | P5S800-VM
    Processor: Intel(R) Celeron(R) CPU 2.93GHz | LGA 775 | 2926/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 30 GiB total, 9.881 GiB free.
    D: is FIXED (NTFS) - 113 GiB total, 97.05 GiB free.
    E: is CDROM ()
    G: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP699: 28/04/2012 23:00:18 - System Checkpoint
    RP700: 29/04/2012 23:26:36 - System Checkpoint
    RP701: 01/05/2012 13:20:27 - System Checkpoint
    RP702: 02/05/2012 18:46:05 - System Checkpoint
    RP703: 03/05/2012 19:44:18 - System Checkpoint
    RP704: 04/05/2012 22:41:41 - System Checkpoint
    RP705: 06/05/2012 10:31:50 - System Checkpoint
    RP706: 07/05/2012 11:29:40 - System Checkpoint
    RP707: 08/05/2012 22:15:57 - System Checkpoint
    RP708: 10/05/2012 12:10:10 - System Checkpoint
    RP709: 11/05/2012 21:40:23 - System Checkpoint
    RP710: 12/05/2012 21:15:47 - Software Distribution Service 3.0
    RP711: 13/05/2012 22:59:05 - System Checkpoint
    RP712: 15/05/2012 12:48:23 - System Checkpoint
    RP713: 16/05/2012 13:30:17 - System Checkpoint
    RP714: 29/05/2012 09:44:57 - System Checkpoint
    RP715: 30/05/2012 10:57:46 - System Checkpoint
    RP716: 31/05/2012 11:29:13 - System Checkpoint
    RP717: 01/06/2012 11:54:03 - System Checkpoint
    RP718: 03/06/2012 13:27:43 - System Checkpoint
    RP719: 04/06/2012 22:51:08 - Software Distribution Service 3.0
    RP720: 05/06/2012 23:20:01 - System Checkpoint
    RP721: 08/06/2012 12:27:52 - System Checkpoint
    RP722: 09/06/2012 22:37:54 - System Checkpoint
    RP723: 10/06/2012 22:49:43 - System Checkpoint
    RP724: 12/06/2012 21:23:42 - Software Distribution Service 3.0
    RP725: 14/06/2012 10:48:38 - System Checkpoint
    RP726: 15/06/2012 20:42:16 - System Checkpoint
    RP727: 16/06/2012 21:19:17 - Removed Java(TM) 6 Update 31
    RP728: 16/06/2012 21:20:04 - Installed Java(TM) 6 Update 33
    RP729: 17/06/2012 21:45:54 - System Checkpoint
    RP730: 18/06/2012 21:57:18 - System Checkpoint
    RP731: 19/06/2012 22:41:02 - System Checkpoint
    RP732: 20/06/2012 23:08:44 - System Checkpoint
    RP733: 22/06/2012 22:49:06 - System Checkpoint
    RP734: 23/06/2012 23:10:06 - Removed Adobe Reader 7.0.9
    .
    ==== Installed Programs ======================
    .
    3D Groove Playback Engine
    ABBYY FineReader 6.0 Sprint
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.3)
    Adobe Shockwave Player 11.6
    Adobe® Photoshop® Album Starter Edition 3.2
    Ahead Nero Burning ROM
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bigger Brain Trainer
    BlackBerry Desktop Software 6.1
    BlackBerry Device Software Updater
    BlackBerry® Media Sync
    Bonjour
    BT Broadband Desktop Help
    BT Yahoo! Applications
    BTHomeHub
    Camera RAW Plug-In for EPSON Creativity Suite
    CapMan
    Catz 5
    CCleaner
    Click & Play
    Compatibility Pack for the 2007 Office system
    Core Temp 1.0 RC3
    Coupon Printer
    Critical Update for Windows Media Player 11 (KB959772)
    DAEMON Tools
    EPSON Attach To Email
    EPSON CardMonitor
    EPSON Copy Utility 3
    EPSON Easy Photo Print
    Epson Easy Photo Print 2
    Epson Event Manager
    EPSON File Manager
    EPSON PhotoQuicker3.5
    EPSON PhotoStarter3.1
    EPSON Print CD
    EPSON PRINT Image Framer Tool2.1
    EPSON Printer Software
    Epson Printer Software Downloader
    EPSON Scan
    EPSON Scan Assistant
    EPSON Smart Panel
    Epson Stylus SX210_SX410_TX210_TX410 Manual
    EPSON SX210 Series Printer Uninstall
    EPSON Web-To-Page
    EZ Vinyl/Tape Converter 4.1 by MixMeister
    GoToAssist Corporate
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976002-v5)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    InterActual Player
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 33
    Java(TM) SE Runtime Environment 6 Update 1
    Jump Ahead 2000 Year 1 v2.4
    Jump Ahead 2000 Year 2 v1.0
    Jump Ahead Starting School 2000 v2.0
    Key Stage 1 - Letters And Words
    Key Stage 2 - Mental Maths
    Learning Ladder 1-2
    Learning Ladder Preschool
    Learning Ladder Year 4
    Macromedia Shockwave Player
    Malwarebytes Anti-Malware version 1.61.0.1400
    Manic Miner for Windows 3.01
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office File Validation Add-In
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Norton 360
    Norton Security Scan
    Norton Spyware Scan
    PhotoImpression 5
    PictureMover
    PIF DESIGNER2.1
    QuickTime
    Realtek AC'97 Audio
    Registry Mechanic 5.0
    ScanToWeb
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Encoder (KB2447961)
    Security Update for Windows Media Encoder (KB954156)
    Security Update for Windows Media Encoder (KB979332)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    SereneScreen Marine Aquarium 2
    SiS VGA Utilities
    Sonic MyDVD
    Sonic RecordNow!
    Sony Ericsson Mobile Phone Monitor
    Sony Picture Utility
    SUPERAntiSpyware
    swMSM
    Symantec Technical Support Web Controls
    The Junior Visual
    The Water Family 1.1
    Unity Web Player
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Web Land - Let's Learn
    WebFldrs XP
    WildTangent Multiplayer Library
    WildTangent Updater
    WildTangent Web Driver
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 8
    Windows Media Encoder 9 Series
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    Worms Blast
    Yahoo! BrowserPlus 2.9.2
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    24/06/2012 00:07:22, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
    22/06/2012 21:04:00, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    22/06/2012 21:02:51, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    22/06/2012 20:34:22, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    22/06/2012 20:34:16, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI Tcpip WS2IFSL
    22/06/2012 20:34:16, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    22/06/2012 20:34:16, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    22/06/2012 20:34:16, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    22/06/2012 20:34:16, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    22/06/2012 20:34:16, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    22/06/2012 20:33:56, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    22/06/2012 20:33:51, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    22/06/2012 00:46:05, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
    22/06/2012 00:45:32, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
    .
    ==== End Of File ==========

  10. #7
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default

    OK. Here's the minitoolbox...

    MiniToolBox by Farbar Version: 09-06-2012
    Ran by Kevin (administrator) on 24-06-2012 at 00:21:34
    Microsoft Windows XP Home Edition Service Pack 3 (X86)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (06/12/2012 09:04:41 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

    Error: (06/12/2012 09:04:26 PM) (Source: crypt32) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (06/12/2012 09:04:26 PM) (Source: crypt32) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (05/12/2012 05:26:49 PM) (Source: ESENT) (User: )
    Description: wuauclt (2120) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

    Error: (05/09/2012 11:23:37 PM) (Source: Application Error) (User: )
    Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x62f54ae0.
    Processing media-specific event for [iexplore.exe!ws!]

    Error: (05/05/2012 00:16:24 PM) (Source: Application Error) (User: )
    Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02a20ed6.
    Processing media-specific event for [iexplore.exe!ws!]

    Error: (05/05/2012 11:55:32 AM) (Source: Application Error) (User: )
    Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02a40f21.
    Processing media-specific event for [iexplore.exe!ws!]

    Error: (05/05/2012 10:37:41 AM) (Source: Application Error) (User: )
    Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02ae0f9b.
    Processing media-specific event for [iexplore.exe!ws!]

    Error: (04/06/2012 11:04:16 PM) (Source: Application Error) (User: )
    Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
    Processing media-specific event for [iexplore.exe!ws!]

    Error: (04/06/2012 11:03:32 PM) (Source: Application Error) (User: )
    Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
    Processing media-specific event for [iexplore.exe!ws!]


    System errors:
    =============
    Error: (06/24/2012 00:07:22 AM) (Source: Service Control Manager) (User: )
    Description: The SmartLinkService service has reported an invalid current state 0.

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (06/23/2012 11:10:44 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126


    Microsoft Office Sessions:
    =========================
    Error: (06/12/2012 09:04:41 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.co...ootseq.txtThis operation returned because the timeout period expired.

    Error: (06/12/2012 09:04:26 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.co...throotstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (06/12/2012 09:04:26 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.co...throotstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (05/12/2012 05:26:49 PM) (Source: ESENT)(User: )
    Description: wuauclt2120C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

    Error: (05/09/2012 11:23:37 PM) (Source: Application Error)(User: )
    Description: iexplore.exe8.0.6001.18702unknown0.0.0.062f54ae0

    Error: (05/05/2012 00:16:24 PM) (Source: Application Error)(User: )
    Description: iexplore.exe8.0.6001.18702unknown0.0.0.002a20ed6

    Error: (05/05/2012 11:55:32 AM) (Source: Application Error)(User: )
    Description: iexplore.exe8.0.6001.18702unknown0.0.0.002a40f21

    Error: (05/05/2012 10:37:41 AM) (Source: Application Error)(User: )
    Description: iexplore.exe8.0.6001.18702unknown0.0.0.002ae0f9b

    Error: (04/06/2012 11:04:16 PM) (Source: Application Error)(User: )
    Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978

    Error: (04/06/2012 11:03:32 PM) (Source: Application Error)(User: )
    Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978


    ========================= Memory info: ===================================

    Percentage of memory in use: 66%
    Total physical RAM: 1470.73 MB
    Available physical RAM: 488.21 MB
    Total Pagefile: 2790.04 MB
    Available Pagefile: 1738.36 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1971.06 MB

    ========================= Partitions: =====================================

    1 Drive c: (HDD) (Fixed) (Total:29.99 GB) (Free:9.88 GB) NTFS
    2 Drive d: (DATA) (Fixed) (Total:113.04 GB) (Free:97.05 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\KEVSCOMPUTER

    Administrator ASPNET Chiara & Naomi
    Guest HelpAssistant Kevin
    Lisa SUPPORT_388945a0


    **** End of log ****

  11. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    How long have you been using "Norton 360"? What was installed prior to Norton 360? I want to talk about Internet explorer too, and resetting it to default settings since you said It shows High "usage."

    Reset Internet explorer to default -----> How to reset Internet Explorer settings Read the page carefully!
    Last edited by zep516; 06-23-2012 at 06:43 PM.

  12. #9
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default

    I've been using Norton 360 for nearly a year. Before that I was still using Norton but not the 'full package'.

    I'll try the reset of Internet Explorer next!

  13. #10
    Member
    Join Date
    Jun 2012
    Posts
    19
    Points
    1

    Default

    Hi Zep. I've now reset Internet Explorer.

    Kev.

Page 1 of 3 123 LastLast