LinkBack URL
About LinkBacks- 06-22-2012 04:29 PM #1Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
My computer has been running really slow & 100% CPU usage quite often. 3 logs enc.
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!
Generated 06/22/2012 at 00:02 AM
Application Version : 5.1.1002
Core Rules Database Version : 8777
Trace Rules Database Version: 6589
Scan type : Quick Scan
Total Scan Time : 00:21:32
Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator
Memory items scanned : 612
Memory threats detected : 0
Registry items scanned : 29406
Registry threats detected : 143
File items scanned : 7960
File threats detected : 170
PUP.MyWebSearch/FunWebProducts
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\SOFTWARE\Fun Web Products
HKLM\SOFTWARE\Fun Web Products
HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
HKLM\SOFTWARE\Fun Web Products#CacheDir
HKLM\SOFTWARE\Fun Web Products\ScreenSaver
HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
HKLM\SOFTWARE\Fun Web Products\ScreenSaver#PM
HKLM\SOFTWARE\Fun Web Products\Settings
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\Promos
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.8
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuPosDeleted
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts\Installer
HKLM\SOFTWARE\FunWebProducts\Installer#Dir
HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
HKLM\SOFTWARE\FunWebProducts\Installer#sr
HKLM\SOFTWARE\FunWebProducts\Installer#pl
HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
HKLM\SOFTWARE\FunWebProducts\Installer\downloaded
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch\bar
HKLM\SOFTWARE\MyWebSearch\bar#pid
HKLM\SOFTWARE\MyWebSearch\bar#tiec
HKLM\SOFTWARE\MyWebSearch\bar#Dir
HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
HKLM\SOFTWARE\MyWebSearch\bar#sr
HKLM\SOFTWARE\MyWebSearch\bar#pl
HKLM\SOFTWARE\MyWebSearch\bar#Id
HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
HKLM\SOFTWARE\MyWebSearch\bar#sscURL
HKLM\SOFTWARE\MyWebSearch\bar#Flags
HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pl
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ABS
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#DES
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sscEnabled
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#eintl
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fs
HKLM\SOFTWARE\MyWebSearch\SkinTools
HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
HKLM\Software\FocusInteractive
HKLM\Software\FocusInteractive\bar
HKLM\Software\FocusInteractive\bar\Switches
HKLM\Software\FocusInteractive\bar\Switches#incmail.exe
HKLM\Software\FocusInteractive\bar\Switches#msimn.exe
HKLM\Software\FocusInteractive\bar\Switches#msn.exe
HKLM\Software\FocusInteractive\bar\Switches#outlook.exe
HKLM\Software\FocusInteractive\bar\Switches#waol.exe
HKLM\Software\FocusInteractive\bar\Switches#aim.exe
HKLM\Software\FocusInteractive\bar\Switches#icq.exe
HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe
HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe
HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe
HKLM\Software\FocusInteractive\bar\Switches#ypager.exe
HKLM\Software\FocusInteractive\bar\Switches#au
HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll
HKLM\Software\FocusInteractive\bar\Switches#ok
HKLM\Software\FocusInteractive\bar\Switches#od
HKLM\Software\FocusInteractive\bar\Switches#nk
HKLM\Software\FocusInteractive\bar\Switches#nd
HKLM\Software\FocusInteractive\Email-IM
HKLM\Software\FocusInteractive\Email-IM\0
HKLM\Software\FocusInteractive\Email-IM\0#Toolbar
HKLM\Software\FocusInteractive\Email-IM\0#AppName
HKLM\Software\FocusInteractive\Outlook
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\History
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
C:\Program Files\MyWebSearch\bar\Settings\settings.dat
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\bar\Settings
C:\Program Files\MyWebSearch\bar
C:\Program Files\MyWebSearch
C:\Program Files\FunWebProducts\ScreenSaver\Images\004C1972.urr
C:\Program Files\FunWebProducts\ScreenSaver\Images
C:\Program Files\FunWebProducts\ScreenSaver
C:\Program Files\FunWebProducts\Shared
C:\Program Files\FunWebProducts
PUP.MyWebSearch
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Trojan.NewDotNet
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
Adware.webHancer
HKU\S-1-5-21-274612538-2582055037-3653289090-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}
Trojan.Agent/Gen-Boonty
HKLM\System\CurrentControlSet\Services\BOONTY GAMES
C:\PROGRAM FILES\COMMON FILES\BOONTY SHARED\SERVICE\BOONTY.EXE
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_BOONTY GAMES
Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY
Adware.Tracking Cookie
D:\Documents and Settings\Kevin\Cookies\X1UFHY3P.txt [ /fr.sitestat.com ]
D:\Documents and Settings\Kevin\Cookies\P9OUOLLL.txt [ /ec-track.com ]
D:\Documents and Settings\Kevin\Cookies\ABZ54EQW.txt [ /collective-media.net ]
D:\Documents and Settings\Kevin\Cookies\RD8QZ39N.txt [ /adtech.de ]
D:\Documents and Settings\Kevin\Cookies\KKB4JR28.txt [ /media6degrees.com ]
D:\Documents and Settings\Kevin\Cookies\P97L93TK.txt [ /atdmt.com ]
D:\Documents and Settings\Kevin\Cookies\SBPIGOB4.txt [ /mm.chitika.net ]
D:\Documents and Settings\Kevin\Cookies\2FKLJSMF.txt [ /serving-sys.com ]
D:\Documents and Settings\Kevin\Cookies\2VQZ6L5Y.txt [ /bs.serving-sys.com ]
D:\Documents and Settings\Kevin\Cookies\LINLA5ST.txt [ /247realmedia.com ]
D:\Documents and Settings\Kevin\Cookies\MFZ2TP3E.txt [ /smartadserver.com ]
D:\Documents and Settings\Kevin\Cookies\07W61RGE.txt [ /partners.globaldirectmedia.com ]
D:\Documents and Settings\Kevin\Cookies\BV4TF0UJ.txt [ /server.lon.liveperson.net ]
D:\Documents and Settings\Kevin\Cookies\GFPSAH3O.txt [ /eas.apm.emediate.eu ]
D:\Documents and Settings\Kevin\Cookies\3W34R5DY.txt [ /adinterax.com ]
D:\Documents and Settings\Kevin\Cookies\2XX187KK.txt [ /apmebf.com ]
D:\Documents and Settings\Kevin\Cookies\HGWJG3UR.txt [ /amazon-adsystem.com ]
D:\Documents and Settings\Kevin\Cookies\R9HAPV0V.txt [ /dc.tremormedia.com ]
D:\Documents and Settings\Kevin\Cookies\KUB7V5IF.txt [ /liveperson.net ]
D:\Documents and Settings\Kevin\Cookies\KY6GSGRU.txt [ /www.burstnet.com ]
D:\Documents and Settings\Kevin\Cookies\9MO4U8ZY.txt [ /mediaplex.com ]
D:\Documents and Settings\Kevin\Cookies\EZ12AEA8.txt [ /adviva.net ]
D:\Documents and Settings\Kevin\Cookies\S7ZS4JRV.txt [ /advertising.com ]
D:\Documents and Settings\Kevin\Cookies\XIECH7Q7.txt [ /www4.smartadserver.com ]
D:\Documents and Settings\Kevin\Cookies\3H6NR7PR.txt [ /revsci.net ]
D:\Documents and Settings\Kevin\Cookies\D7N1CGNC.txt [ /fastclick.net ]
D:\Documents and Settings\Kevin\Cookies\IQMYL3MA.txt [ /aimfar.solution.weborama.fr ]
D:\Documents and Settings\Kevin\Cookies\F79X67OI.txt [ /tribalfusion.com ]
D:\Documents and Settings\Kevin\Cookies\YHIJNM3R.txt [ /panel.gfkmediaview.com ]
D:\Documents and Settings\Kevin\Cookies\PSLB8AV6.txt [ /clickfuse.com ]
D:\Documents and Settings\Kevin\Cookies\FJG10SCM.txt [ /imrworldwide.com ]
D:\Documents and Settings\Kevin\Cookies\E8UIOU20.txt [ /ads.adk2.com ]
D:\Documents and Settings\Kevin\Cookies\8ZLS5CT5.txt [ /adpeppermedia.net ]
D:\Documents and Settings\Kevin\Cookies\IWE8NNM8.txt [ /liveperson.net ]
D:\Documents and Settings\Kevin\Cookies\JT9WEDXK.txt [ /fr.sitestat.com ]
D:\Documents and Settings\Kevin\Cookies\CU1JVMI7.txt [ /specificclick.net ]
D:\Documents and Settings\Kevin\Cookies\ZOZ2XQH0.txt [ /archant.122.2o7.net ]
D:\Documents and Settings\Kevin\Cookies\S5K8JS68.txt [ /ad.yieldmanager.com ]
D:\Documents and Settings\Kevin\Cookies\UT8CWO55.txt [ /invitemedia.com ]
D:\Documents and Settings\Kevin\Cookies\2XSAIPF1.txt [ /doubleclick.net ]
D:\Documents and Settings\Kevin\Cookies\X7VBQPQI.txt [ /www.googleadservices.com ]
D:\Documents and Settings\Kevin\Cookies\6RIQCEXN.txt [ /ad.360yield.com ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\0DKQ5178.txt [ Cookie:chiara & naomi@serving-sys.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara & naomi@e-2dj6wjmycocjigp.stats.esomniture[2].txt [ Cookie:chiara & naomi@e-2dj6wjmycocjigp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@uk.at.atwola[2].txt [ Cookie:chiara & naomi@uk.at.atwola.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@adtech[1].txt [ Cookie:chiara & naomi@adtech.de/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\20QXYML8.txt [ Cookie:chiara & naomi@content.yieldmanager.com/ak/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\3Q2R4S69.txt [ Cookie:chiara & naomi@ad.yieldmanager.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@www.googleadservices[5].txt [ Cookie:chiara & naomi@www.googleadservices.com/pagead/conversion/1064102093/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@bs.serving-sys[1].txt [ Cookie:chiara & naomi@bs.serving-sys.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@atdmt[2].txt [ Cookie:chiara & naomi@atdmt.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@adserver.qplaygames[1].txt [ Cookie:chiara & naomi@adserver.qplaygames.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@www.googleadservices[2].txt [ Cookie:chiara & naomi@www.googleadservices.com/pagead/conversion/1035938125/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\B0W91N88.txt [ Cookie:chiara & naomi@content.yieldmanager.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@adbrite[1].txt [ Cookie:chiara & naomi@adbrite.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara & naomi@media.mtvnservices[1].txt [ Cookie:chiara & naomi@media.mtvnservices.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@yieldmanager[1].txt [ Cookie:chiara & naomi@yieldmanager.net/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\JKT45K1J.txt [ Cookie:chiara & naomi@apmebf.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@richmedia.yahoo[2].txt [ Cookie:chiara & naomi@richmedia.yahoo.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara & naomi@cgi-bin[3].txt [ Cookie:chiara & naomi@imrworldwide.com/cgi-bin ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@media6degrees[1].txt [ Cookie:chiara & naomi@media6degrees.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\Z5YWZ1ZV.txt [ Cookie:chiara & naomi@doubleclick.net/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\CIPFOED4.txt [ Cookie:chiara & naomi@mediaplex.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@overture[1].txt [ Cookie:chiara & naomi@overture.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@fastclick[1].txt [ Cookie:chiara & naomi@fastclick.net/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@advertising[1].txt [ Cookie:chiara & naomi@advertising.com/ ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@www.google[1].txt [ Cookie:chiara & naomi@www.google.com/adsense/support ]
D:\DOCUMENTS AND SETTINGS\CHIARA & NAOMI\Cookies\chiara_&_naomi@invitemedia[1].txt [ Cookie:chiara & naomi@invitemedia.com/ ]
D:\DOCUMENTS AND SETTINGS\KEVIN\Cookies\7YLM3FL0.txt [ Cookie:kevin@www.google.com/accounts ]
D:\DOCUMENTS AND SETTINGS\KEVIN\Cookies\RKYJH2V8.txt [ Cookie:kevin@google.com/accounts/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-dig.hitbox[1].txt [ Cookie:lisa@ehg-dig.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfmyqoc5igq.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfmyqoc5igq.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-mothercare.hitbox[2].txt [ Cookie:lisa@ehg-mothercare.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@counter2.hitslink[2].txt [ Cookie:lisa@counter2.hitslink.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@xiti[1].txt [ Cookie:lisa@xiti.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@geosign.112.2o7[1].txt [ Cookie:lisa@geosign.112.2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-bskyb.hitbox[1].txt [ Cookie:lisa@ehg-bskyb.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@webstat[2].txt [ Cookie:lisa@webstat.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@bluestreak[1].txt [ Cookie:lisa@bluestreak.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@clickability[1].txt [ Cookie:lisa@clickability.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@www.smartadserver[2].txt [ Cookie:lisa@www.smartadserver.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@as1.falkag[1].txt [ Cookie:lisa@as1.falkag.de/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@web-stat[1].txt [ Cookie:lisa@web-stat.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@cgi-bin[1].txt [ Cookie:lisa@imrworldwide.com/cgi-bin ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@mediaplex[2].txt [ Cookie:lisa@mediaplex.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@belnk[1].txt [ Cookie:lisa@belnk.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@local[1].txt [ Cookie:lisa@int.sitestat.com/touchplc/local/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjmyqldpigq.stats.esomniture[1].txt [ Cookie:lisa@e-2dj6wjmyqldpigq.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wgkoejc5gfp.stats.esomniture[1].txt [ Cookie:lisa@e-2dj6wgkoejc5gfp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-littlewoods.hitbox[2].txt [ Cookie:lisa@ehg-littlewoods.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@112.2o7[1].txt [ Cookie:lisa@112.2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@trafficmp[1].txt [ Cookie:lisa@trafficmp.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-adidas.hitbox[1].txt [ Cookie:lisa@ehg-adidas.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@hitbox[2].txt [ Cookie:lisa@hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adbrite[2].txt [ Cookie:lisa@adbrite.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@statse.webtrendslive[1].txt [ Cookie:lisa@statse.webtrendslive.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@cnn.122.2o7[1].txt [ Cookie:lisa@cnn.122.2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfk4socjweo.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfk4socjweo.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjl4wmajkgo.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wjl4wmajkgo.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@msnportal.112.2o7[1].txt [ Cookie:lisa@msnportal.112.2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-hotcourses.hitbox[2].txt [ Cookie:lisa@ehg-hotcourses.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@bs.serving-sys[1].txt [ Cookie:lisa@bs.serving-sys.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@doubleclick[2].txt [ Cookie:lisa@doubleclick.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@smileycentral[2].txt [ Cookie:lisa@smileycentral.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adserving.autotrader[1].txt [ Cookie:lisa@adserving.autotrader.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@pacificpoker[2].txt [ Cookie:lisa@pacificpoker.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adopt.hbmediapro[2].txt [ Cookie:lisa@adopt.hbmediapro.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@atdmt[1].txt [ Cookie:lisa@atdmt.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@1.affiliateclicks[1].txt [ Cookie:lisa@1.affiliateclicks.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@192[1].txt [ Cookie:lisa@nedstat.192.com/192/192/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@46759675[1].txt [ Cookie:lisa@server.iad.liveperson.net/hc/46759675 ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@windowsmedia[1].txt [ Cookie:lisa@windowsmedia.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@S121071[1].txt [ Cookie:lisa@statse.webtrendslive.com/S121071 ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@superstats[1].txt [ Cookie:lisa@superstats.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@burstnet[1].txt [ Cookie:lisa@burstnet.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@casalemedia[2].txt [ Cookie:lisa@casalemedia.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjkogocjmbp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wjkogocjmbp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfliujc5egp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfliujc5egp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@www.upspiral[2].txt [ Cookie:lisa@www.upspiral.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@realmedia[1].txt [ Cookie:lisa@realmedia.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@revenue[1].txt [ Cookie:lisa@revenue.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@yahoouk[1].txt [ Cookie:lisa@fr.sitestat.com/eurosport/yahoouk/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@perf.overture[1].txt [ Cookie:lisa@perf.overture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@122.2o7[1].txt [ Cookie:lisa@122.2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@keywordmax[1].txt [ Cookie:lisa@keywordmax.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ww3.shoshkeles[1].txt [ Cookie:lisa@ww3.shoshkeles.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfkicncpebp.stats.esomniture[1].txt [ Cookie:lisa@e-2dj6wfkicncpebp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@serving-sys[1].txt [ Cookie:lisa@serving-sys.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@2o7[2].txt [ Cookie:lisa@2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@nextag[1].txt [ Cookie:lisa@nextag.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adtech[2].txt [ Cookie:lisa@adtech.de/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@maxserving[1].txt [ Cookie:lisa@maxserving.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wfmyggd5agp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wfmyggd5agp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@tribalfusion[2].txt [ Cookie:lisa@tribalfusion.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@eurosport[1].txt [ Cookie:lisa@fr.sitestat.com/eurosport/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@zedo[1].txt [ Cookie:lisa@zedo.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wjkoand5ehp.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wjkoand5ehp.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@S146738[2].txt [ Cookie:lisa@statse.webtrendslive.com/S146738 ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@questionmarket[2].txt [ Cookie:lisa@questionmarket.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@www.dgm2[1].txt [ Cookie:lisa@www.dgm2.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@S146260[2].txt [ Cookie:lisa@statse.webtrendslive.com/S146260 ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@specificclick[2].txt [ Cookie:lisa@specificclick.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ads.pointroll[2].txt [ Cookie:lisa@ads.pointroll.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@media.adrevolver[2].txt [ Cookie:lisa@media.adrevolver.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@premiumtv.122.2o7[1].txt [ Cookie:lisa@premiumtv.122.2o7.net/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@adrevolver[1].txt [ Cookie:lisa@media.adrevolver.com/adrevolver/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@overture[1].txt [ Cookie:lisa@overture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@at.atwola[2].txt [ Cookie:lisa@at.atwola.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ehg-hitent.hitbox[2].txt [ Cookie:lisa@ehg-hitent.hitbox.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@statcounter[2].txt [ Cookie:lisa@statcounter.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@dealtime.co[2].txt [ Cookie:lisa@dealtime.co.uk/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@e-2dj6wgkikgdzkkq.stats.esomniture[2].txt [ Cookie:lisa@e-2dj6wgkikgdzkkq.stats.esomniture.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@ads.addynamix[1].txt [ Cookie:lisa@ads.addynamix.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@stats2.clicktracks[2].txt [ Cookie:lisa@stats2.clicktracks.com/ ]
D:\DOCUMENTS AND SETTINGS\LISA\Cookies\lisa@1069590531[1].txt [ Cookie:lisa@www.googleadservices.com/pagead/conversion/1069590531/ ]
Adware.CouponBar
C:\WINDOWS\SYSTEM32\CPNPRT2.CID
This is my Malwarebytes log
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Database version: v2012.06.21.11
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kevin :: KEVSCOMPUTER [administrator]
22/06/2012 00:25:57
mbam-log-2012-06-22 (00-25-57).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 291643
Time elapsed: 16 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Downloads\WinterChallengeSetup-dm[1].exe (Adware.TryMedia) -> Quarantined and deleted successfully.
(end)
This is my HijackThis log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:27:44, on 22/06/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bt.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10734 bytes
Thanks,
Kev.
-
The Following User Says Thank You to kev_chiara For This Useful Post:
- 06-22-2012 08:58 PM #2Member Spyware Fighter
- Join Date
- Dec 2005
- Location
- Pittsburgh, Pa
- Posts
- 5,198
- Points
- 931
Hi Kev,
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
Adobe is seriously out of date, and an infection risk as well. Please up-date it from HERE
Free McAfee Scan Plus Please "uncheck" that before downloading.
Why does that show "No Action Taken". Did you not let Malwarebytes remove it?HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
If so, up-date malwarebytes / Rerun and let it remove everything it finds! Post the log, then follow below instructions:
NEXT
We need to see some information about what is happening in your machine. Please perform the following scan:- Download DDS by sUBs from one of the following links. Save it to your desktop.
- Double click on the DDS icon, allow it to run.
- A small box will open, with an explaination about the tool. No input is needed, the scan is running.
- Notepad will open with the results.
- Follow the instructions that pop up for posting the results.
- Close the program window, and delete the program from your desktop.
Information on A/V control HERE
NEXT
Please download MiniToolBox http://download.bleepingcomputer.com...iniToolBox.exe and run it.
Checkmark following boxes:
- List last 10 Event Viewer log
- List Users, Partitions and Memory size
Click Go and post the result.Last edited by zep516; 06-22-2012 at 09:25 PM.
Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.
-
The Following User Says Thank You to zep516 For This Useful Post:
- 06-23-2012 05:51 PM #3Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
Hi Zep, Thanks so much for the reply.
I have now successfully updated Adobe. It had been trying on and off for what seemed like years but kept erroring. I just used the add/remove programs to get rid of Adobe reader 7.0 and the new one then installed ok.
Here is my new Malwarebytes log. (I am now going to try the next stuff you asked).
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Database version: v2012.06.23.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kevin :: KEVSCOMPUTER [administrator]
23/06/2012 23:31:16
mbam-log-2012-06-23 (23-31-16).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 296615
Time elapsed: 16 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
- 06-23-2012 06:13 PM #4Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
OK. Here are the DDS logs (it tells me to ZIP the other but i'm not sure how to! Let me know and i'll include that)
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Kevin at 0:07:15 on 2012-06-24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1471.386 [GMT 1:00]
.
AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://bt.yahoo.com/
uWindow Title = Packard Bell
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.2.2.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.2.2.3\ips\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.2.2.3\coIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: BT Yahoo! Sidebar: {51085e3d-a958-42a2-a6be-a6a9b0baf276} - c:\program files\yahoo!\browser\ysidebarIE.dll
EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
d:\docume~1\kevin\locals~1\temp\nsr14b.tmp\temp00
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{DF47F80A-C140-49FC-AE55-196FAFF4A223} : DhcpNameServer = 192.168.1.254
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2006-3-21 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2006-3-21 5248]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502020.003\symds.sys [2012-6-12 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502020.003\symefa.sys [2012-6-12 744568]
R1 BHDrvx86;BHDrvx86;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502020.003\ironx86.sys [2012-6-12 136312]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 N360;Norton 360;c:\program files\norton 360\engine\5.2.2.3\ccsvchst.exe [2012-6-12 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-7-21 106656]
R3 IDSxpx86;IDSxpx86;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20120622.001\IDSXpx86.sys [2012-6-23 369632]
R3 NAVENG;NAVENG;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20120622.033\NAVENG.SYS [2012-6-23 87928]
R3 NAVEX15;NAVEX15;d:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20120622.033\NAVEX15.SYS [2012-6-23 1589752]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-1-30 27632]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-12 257224]
S3 ALSysIO;ALSysIO;\??\d:\docume~1\kevin\locals~1\temp\alsysio.sys --> d:\docume~1\kevin\locals~1\temp\ALSysIO.sys [?]
.
=============== Created Last 30 ================
.
2012-06-21 23:20:59 -------- d-----w- d:\documents and settings\kevin\application data\Malwarebytes
2012-06-21 23:20:28 -------- d-----w- d:\documents and settings\all users\application data\Malwarebytes
2012-06-21 23:20:26 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-21 23:20:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-21 22:36:29 -------- d-----w- d:\documents and settings\kevin\application data\SUPERAntiSpyware.com
2012-06-21 22:36:03 -------- d-----w- d:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-06-21 22:36:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-19 23:35:56 -------- d-----w- c:\program files\Core Temp
2012-06-18 22:31:03 -------- d-----w- c:\program files\CCleaner
2012-06-16 20:20:46 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-12 20:12:54 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-12 20:11:54 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-12 10:17:37 331384 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symtdiv.sys
2012-06-12 10:17:36 369784 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symtdi.sys
2012-06-12 10:17:36 299640 ----a-w- c:\windows\system32\drivers\n360\0502020.003\symnets.sys
2012-06-12 10:17:34 744568 ----a-r- c:\windows\system32\drivers\n360\0502020.003\symefa.sys
2012-06-12 10:17:34 50168 ----a-r- c:\windows\system32\drivers\n360\0502020.003\srtspx.sys
2012-06-12 10:17:34 340088 ----a-r- c:\windows\system32\drivers\n360\0502020.003\symds.sys
2012-06-12 10:17:33 516216 ----a-r- c:\windows\system32\drivers\n360\0502020.003\srtsp.sys
2012-06-12 10:17:32 136312 ----a-r- c:\windows\system32\drivers\n360\0502020.003\ironx86.sys
2012-06-12 10:16:51 -------- d-----w- c:\windows\system32\drivers\n360\0502020.003
.
==================== Find3M ====================
.
2012-06-16 20:20:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 20:20:18 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-12 20:11:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 14:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-18 19:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-18 19:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2006-12-27 21:51:59 42377103 ----a-w- c:\program files\Install_NortonInternetSecurity_IN.EXE
.
============= FINISH: 0:08:41.95 ===============
- 06-23-2012 06:15 PM #5Member Spyware Fighter
- Join Date
- Dec 2005
- Location
- Pittsburgh, Pa
- Posts
- 5,198
- Points
- 931
Yes include, no need to zip it up.
Joe
Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.
-
The Following User Says Thank You to zep516 For This Useful Post:
- 06-23-2012 06:18 PM #6Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 18/10/2005 17:28:12
System Uptime: 23/06/2012 23:11:43 (1 hours ago)
.
Motherboard: NEC COMPUTERS INTERNATIONAL | | P5S800-VM
Processor: Intel(R) Celeron(R) CPU 2.93GHz | LGA 775 | 2926/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 30 GiB total, 9.881 GiB free.
D: is FIXED (NTFS) - 113 GiB total, 97.05 GiB free.
E: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP699: 28/04/2012 23:00:18 - System Checkpoint
RP700: 29/04/2012 23:26:36 - System Checkpoint
RP701: 01/05/2012 13:20:27 - System Checkpoint
RP702: 02/05/2012 18:46:05 - System Checkpoint
RP703: 03/05/2012 19:44:18 - System Checkpoint
RP704: 04/05/2012 22:41:41 - System Checkpoint
RP705: 06/05/2012 10:31:50 - System Checkpoint
RP706: 07/05/2012 11:29:40 - System Checkpoint
RP707: 08/05/2012 22:15:57 - System Checkpoint
RP708: 10/05/2012 12:10:10 - System Checkpoint
RP709: 11/05/2012 21:40:23 - System Checkpoint
RP710: 12/05/2012 21:15:47 - Software Distribution Service 3.0
RP711: 13/05/2012 22:59:05 - System Checkpoint
RP712: 15/05/2012 12:48:23 - System Checkpoint
RP713: 16/05/2012 13:30:17 - System Checkpoint
RP714: 29/05/2012 09:44:57 - System Checkpoint
RP715: 30/05/2012 10:57:46 - System Checkpoint
RP716: 31/05/2012 11:29:13 - System Checkpoint
RP717: 01/06/2012 11:54:03 - System Checkpoint
RP718: 03/06/2012 13:27:43 - System Checkpoint
RP719: 04/06/2012 22:51:08 - Software Distribution Service 3.0
RP720: 05/06/2012 23:20:01 - System Checkpoint
RP721: 08/06/2012 12:27:52 - System Checkpoint
RP722: 09/06/2012 22:37:54 - System Checkpoint
RP723: 10/06/2012 22:49:43 - System Checkpoint
RP724: 12/06/2012 21:23:42 - Software Distribution Service 3.0
RP725: 14/06/2012 10:48:38 - System Checkpoint
RP726: 15/06/2012 20:42:16 - System Checkpoint
RP727: 16/06/2012 21:19:17 - Removed Java(TM) 6 Update 31
RP728: 16/06/2012 21:20:04 - Installed Java(TM) 6 Update 33
RP729: 17/06/2012 21:45:54 - System Checkpoint
RP730: 18/06/2012 21:57:18 - System Checkpoint
RP731: 19/06/2012 22:41:02 - System Checkpoint
RP732: 20/06/2012 23:08:44 - System Checkpoint
RP733: 22/06/2012 22:49:06 - System Checkpoint
RP734: 23/06/2012 23:10:06 - Removed Adobe Reader 7.0.9
.
==== Installed Programs ======================
.
3D Groove Playback Engine
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Adobe® Photoshop® Album Starter Edition 3.2
Ahead Nero Burning ROM
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bigger Brain Trainer
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
BlackBerry® Media Sync
Bonjour
BT Broadband Desktop Help
BT Yahoo! Applications
BTHomeHub
Camera RAW Plug-In for EPSON Creativity Suite
CapMan
Catz 5
CCleaner
Click & Play
Compatibility Pack for the 2007 Office system
Core Temp 1.0 RC3
Coupon Printer
Critical Update for Windows Media Player 11 (KB959772)
DAEMON Tools
EPSON Attach To Email
EPSON CardMonitor
EPSON Copy Utility 3
EPSON Easy Photo Print
Epson Easy Photo Print 2
Epson Event Manager
EPSON File Manager
EPSON PhotoQuicker3.5
EPSON PhotoStarter3.1
EPSON Print CD
EPSON PRINT Image Framer Tool2.1
EPSON Printer Software
Epson Printer Software Downloader
EPSON Scan
EPSON Scan Assistant
EPSON Smart Panel
Epson Stylus SX210_SX410_TX210_TX410 Manual
EPSON SX210 Series Printer Uninstall
EPSON Web-To-Page
EZ Vinyl/Tape Converter 4.1 by MixMeister
GoToAssist Corporate
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
InterActual Player
iTunes
Java Auto Updater
Java(TM) 6 Update 33
Java(TM) SE Runtime Environment 6 Update 1
Jump Ahead 2000 Year 1 v2.4
Jump Ahead 2000 Year 2 v1.0
Jump Ahead Starting School 2000 v2.0
Key Stage 1 - Letters And Words
Key Stage 2 - Mental Maths
Learning Ladder 1-2
Learning Ladder Preschool
Learning Ladder Year 4
Macromedia Shockwave Player
Malwarebytes Anti-Malware version 1.61.0.1400
Manic Miner for Windows 3.01
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton 360
Norton Security Scan
Norton Spyware Scan
PhotoImpression 5
PictureMover
PIF DESIGNER2.1
QuickTime
Realtek AC'97 Audio
Registry Mechanic 5.0
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SereneScreen Marine Aquarium 2
SiS VGA Utilities
Sonic MyDVD
Sonic RecordNow!
Sony Ericsson Mobile Phone Monitor
Sony Picture Utility
SUPERAntiSpyware
swMSM
Symantec Technical Support Web Controls
The Junior Visual
The Water Family 1.1
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Web Land - Let's Learn
WebFldrs XP
WildTangent Multiplayer Library
WildTangent Updater
WildTangent Web Driver
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Worms Blast
Yahoo! BrowserPlus 2.9.2
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
24/06/2012 00:07:22, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
22/06/2012 21:04:00, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
22/06/2012 21:02:51, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
22/06/2012 20:34:22, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
22/06/2012 20:34:16, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI Tcpip WS2IFSL
22/06/2012 20:34:16, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
22/06/2012 20:34:16, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
22/06/2012 20:34:16, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
22/06/2012 20:34:16, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
22/06/2012 20:34:16, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
22/06/2012 20:33:56, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
22/06/2012 20:33:51, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
22/06/2012 00:46:05, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
22/06/2012 00:45:32, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
.
==== End Of File ==========
- 06-23-2012 06:22 PM #7Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
OK. Here's the minitoolbox...
MiniToolBox by Farbar Version: 09-06-2012
Ran by Kevin (administrator) on 24-06-2012 at 00:21:34
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
========================= Event log errors: ===============================
Application errors:
==================
Error: (06/12/2012 09:04:41 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
Error: (06/12/2012 09:04:26 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (06/12/2012 09:04:26 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (05/12/2012 05:26:49 PM) (Source: ESENT) (User: )
Description: wuauclt (2120) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (05/09/2012 11:23:37 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x62f54ae0.
Processing media-specific event for [iexplore.exe!ws!]
Error: (05/05/2012 00:16:24 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02a20ed6.
Processing media-specific event for [iexplore.exe!ws!]
Error: (05/05/2012 11:55:32 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02a40f21.
Processing media-specific event for [iexplore.exe!ws!]
Error: (05/05/2012 10:37:41 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02ae0f9b.
Processing media-specific event for [iexplore.exe!ws!]
Error: (04/06/2012 11:04:16 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
Processing media-specific event for [iexplore.exe!ws!]
Error: (04/06/2012 11:03:32 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
Processing media-specific event for [iexplore.exe!ws!]
System errors:
=============
Error: (06/24/2012 00:07:22 AM) (Source: Service Control Manager) (User: )
Description: The SmartLinkService service has reported an invalid current state 0.
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:45 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Error: (06/23/2012 11:10:44 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126
Microsoft Office Sessions:
=========================
Error: (06/12/2012 09:04:41 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.co...ootseq.txtThis operation returned because the timeout period expired.
Error: (06/12/2012 09:04:26 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.co...throotstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (06/12/2012 09:04:26 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.co...throotstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (05/12/2012 05:26:49 PM) (Source: ESENT)(User: )
Description: wuauclt2120C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (05/09/2012 11:23:37 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.062f54ae0
Error: (05/05/2012 00:16:24 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.002a20ed6
Error: (05/05/2012 11:55:32 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.002a40f21
Error: (05/05/2012 10:37:41 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.002ae0f9b
Error: (04/06/2012 11:04:16 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978
Error: (04/06/2012 11:03:32 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978
========================= Memory info: ===================================
Percentage of memory in use: 66%
Total physical RAM: 1470.73 MB
Available physical RAM: 488.21 MB
Total Pagefile: 2790.04 MB
Available Pagefile: 1738.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.06 MB
========================= Partitions: =====================================
1 Drive c: (HDD) (Fixed) (Total:29.99 GB) (Free:9.88 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:113.04 GB) (Free:97.05 GB) NTFS
========================= Users: ========================================
User accounts for \\KEVSCOMPUTER
Administrator ASPNET Chiara & Naomi
Guest HelpAssistant Kevin
Lisa SUPPORT_388945a0
**** End of log ****
- 06-23-2012 06:28 PM #8Member Spyware Fighter
- Join Date
- Dec 2005
- Location
- Pittsburgh, Pa
- Posts
- 5,198
- Points
- 931
How long have you been using "Norton 360"? What was installed prior to Norton 360? I want to talk about Internet explorer too, and resetting it to default settings since you said It shows High "usage."
Reset Internet explorer to default -----> How to reset Internet Explorer settings Read the page carefully!Last edited by zep516; 06-23-2012 at 06:43 PM.
Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.
- 06-23-2012 06:31 PM #9Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
I've been using Norton 360 for nearly a year. Before that I was still using Norton but not the 'full package'.
I'll try the reset of Internet Explorer next!
- 06-23-2012 06:45 PM #10Member
- Join Date
- Jun 2012
- Posts
- 19
- Points
- 1
Hi Zep. I've now reset Internet Explorer.
Kev.
Reply With Quote
