Page 1 of 6 123 ... LastLast
Results 1 to 10 of 59
  1. #1
    Member
    Join Date
    Jan 2013
    Posts
    34
    Points
    0

    Default Program/Browser Loading Problems

    Hello. Something isn't right with my computer. My preferred browser, Firefox, takes forever to load. In fact, anything I ask to load takes forever. Task Manager shows system idle at >95% virtually all of the time. Granted, I don't have the latest stuff but this issue is something that has been of late, over the last two months or so. I've read the FAQs. I'm providing the program/scan logs you request. When I ran the SAS program I did find "Trojan.Agent/Gen-Hupigon," which was either deleted or quarantined after the scan (can't remember which). Also, when I ran Hijack This the first time and had the Help2Go analyzer look at it it suggested I delete a line--O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE.

    Thank you in advance for your help. GR.

    1. UPERAntiSpyware Scan Log SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 01/04/2013 at 04:01 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 9824
    Trace Rules Database Version: 7636

    Scan type : Complete Scan
    Total Scan Time : 01:56:47

    Operating System Information
    Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 535
    Memory threats detected : 0
    Registry items scanned : 38145
    Registry threats detected : 0
    File items scanned : 47563
    File threats detected : 64

    Adware.Tracking Cookie
    C:\DOCUMENTS AND SETTINGS\JAY\Cookies\jay@server.cpmstar[1].txt [ Cookie:jay@server.cpmstar.com/ ]
    105-bmp.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    2mdn.net [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    adknowledge.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    adultadworld.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    naiadsystems.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    web.adknowledge.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    Free Online Games, Free Video, Full Episodes, and Features from [adult swim] [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    yieldmanager.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HR4FNFRE ]
    .exitexchange.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .exitexchange.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .likecrack.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .track.asus.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .track.asus.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .track.asus.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    findarticles.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    findarticles.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    findarticles.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    shortmedia.us.intellitxt.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .questionablecontent.net [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    segment-pixel.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    g-pixel.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .mediaforge.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    stats.clear-media.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .mediaforge.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6aek4ghazcbp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\JAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\04UQUT25.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\JOE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Trojan.Agent/Gen-Hupigon
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{098E1AC5-B0CA-400B-82F7-4E4524D8C6BC}\RP2112\A0411227.EXE


    2. Malwarebytes Anti-Malware (PRO) 1.70.0.1100 Malwarebytes : Free anti-malware download Database version: v2013.01.04.09

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Joe :: GATEWAY_COMPUTE [administrator]

    Protection: Enabled

    1/4/2013 18:04:53
    mbam-log-2013-01-04 (18-04-53).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 327030
    Time elapsed: 2 hour(s), 44 minute(s), 52 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    3. Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 23:15:33, on 1/4/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
    C:\WINDOWS\System32\NMSSvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\ups.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
    C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R3 - URLSearchHook: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"
    O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1151961046424
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1151963533373
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe

    --
    End of file - 7035 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    6,217
    Points
    1101

    Default

    Hi Gunrunner


    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Post both logs from this scan.

    Information on A/V control HERE


    Next

    Download Security Check by screen317 from http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.spywareinfoforum.org/
    Save it to your Desktop.
    Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    Next

    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
    • Click the Search button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.
    Last edited by zep516; 01-04-2013 at 11:52 PM.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  3. The Following User Says Thank You to zep516 For This Useful Post:


  4. #3
    Member
    Join Date
    Jan 2013
    Posts
    34
    Points
    0

    Default

    zep516, Thanks for the help. I've done the scans you requested and have the logs but I don't know how to attach them to a reply. Search for "help" on the site but unable to find any. Please instruct. Thanks. GR

  5. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    6,217
    Points
    1101

    Default

    Hi Gunrunner,

    There is no need to attach any log files at all. Just copy the logs, then past them in to a reply.

    Joe




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  6. The Following User Says Thank You to zep516 For This Useful Post:


  7. #5
    Member
    Join Date
    Jan 2013
    Posts
    34
    Points
    0

    Default

    Quote Originally Posted by Gunrunner View Post
    zep516, Thanks for the help. I've done the scans you requested and have the logs but I don't know how to attach them to a reply. Search for "help" on the site but unable to find any. Please instruct. Thanks. GR
    Re-searched and founds instructions but still not able to attach the logs. Using "Managing Attachments" leads me to a blank page with none of the options listed (such as "Browse" or "Upload").

  8. #6
    Member
    Join Date
    Jan 2013
    Posts
    34
    Points
    0

    Default

    zep516, Roger. Here they are:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
    Run by Joe at 10:40:57 on 2013-01-05
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.283 [GMT -5:00]
    .
    AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
    FW: Cloud Antivirus Firewall *Enabled*
    FW: COMODO Firewall *Enabled*
    .
    ============== Running Processes ================
    .
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
    C:\WINDOWS\System32\NMSSvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
    C:\WINDOWS\System32\ups.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
    C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    C:\WINDOWS\System32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=BC440FEE4265CE43A5000350C2863107
    mStart Page = about:blank
    uURLSearchHooks: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\pandasecuritytb\pandasecurityDx.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\pandasecuritytb\pandasecurityDx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Comcast Toolbar: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - LocalServer32 - <no file>
    TB: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\pandasecuritytb\pandasecurityDx.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
    mRun: [Panda Security URL Filtering] "c:\documents and settings\all users\application data\panda security url filtering\Panda_URL_Filtering.exe"
    mRun: [PSUAMain] "c:\program files\panda security\panda cloud antivirus\PSUAMain.exe" /LaunchSysTray
    mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
    mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
    mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151961046424
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151963533373
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    AppInit_DLLs= c:\windows\system32\guard32.dll
    SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    Hosts: 127.0.0.1 Spyware Info | Spyware Info | spyware software | spyware program | protection spyware
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\joe\application data\mozilla\firefox\profiles\ivq9jel7.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.drudgereport.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=panda2_0yatb&p=
    FF - component: c:\documents and settings\joe\application data\mozilla\firefox\profiles\ivq9jel7.default\extensions\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}\components\dtTransparency.dll
    FF - component: c:\program files\panda security\panda id protect\firefox\components\FFKeypad.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - plugin: c:\windows\system32\npwmsdrm.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    ============= SERVICES / DRIVERS ===============
    .
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-5-2 497952]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-5-2 32640]
    R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [2012-11-9 119208]
    R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [2012-11-9 139176]
    R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [2012-11-9 163112]
    R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [2012-11-9 133544]
    R1 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [2012-11-9 63400]
    R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [2012-11-9 125480]
    R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [2012-11-9 370216]
    R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [2012-11-9 191528]
    R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [2012-11-9 128040]
    R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [2012-11-9 276520]
    R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [2012-11-9 133928]
    R1 PSINKNC;PSINKnc;c:\windows\system32\drivers\PSINKNC.sys [2012-11-9 178728]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
    R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-5-9 1990464]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-4 398184]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-4 682344]
    R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2012-11-12 140064]
    R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2012-11-9 149288]
    R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2012-11-9 102184]
    R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2012-11-9 114216]
    R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2012-11-9 123560]
    R2 PSUAService;Panda Product Service;c:\program files\panda security\panda cloud antivirus\PSUAService.exe [2012-11-14 36640]
    R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
    R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-4 21104]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-4 40776]
    R3 NNSNAHS;Network Activity Hook Server Service;c:\windows\system32\drivers\NNSNAHS.sys [2012-10-22 38824]
    R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [2012-12-7 46672]
    S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
    S2 BulkUsb;Genesys Logic USB Scanner Controller NT 5.0;c:\windows\system32\drivers\usbscan.sys [2006-7-3 15104]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
    S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-12-20 245760]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-3-22 102448]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 RapFile;RapFile;c:\windows\system32\drivers\RapFile.sys [2006-7-3 36644]
    S3 RapNet;RapNet;c:\windows\system32\drivers\RapNet.sys [2006-7-3 24344]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\viewpointservice.exe" --> c:\program files\viewpoint\common\ViewpointService.exe [?]
    .
    =============== Created Last 30 ================
    .
    2013-01-04 19:36:20 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2013-01-04 19:30:35 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-01-04 19:30:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-01-04 19:03:28 -------- d-----w- c:\documents and settings\joe\application data\SUPERAntiSpyware.com
    2013-01-04 19:02:24 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-01-04 19:02:24 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2013-01-04 18:41:09 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d64637cf-590a-4aed-971f-b66a29f32fdd}\mpengine.dll
    2013-01-04 18:03:04 388096 ----a-r- c:\documents and settings\joe\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2013-01-03 21:12:42 -------- d-----w- c:\documents and settings\joe\local settings\application data\Opera
    2012-12-20 22:32:17 -------- d-----w- c:\documents and settings\joe\application data\ControlCenter4
    2012-12-20 22:19:22 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
    2012-12-20 22:19:22 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
    2012-12-20 22:18:41 -------- d-----w- C:\Brother
    2012-12-20 22:18:40 73728 ------w- c:\windows\system32\BRCrypt.dll
    2012-12-20 22:18:27 -------- d-----w- c:\program files\Browny02
    2012-12-20 22:18:26 -------- d-----w- c:\documents and settings\all users\application data\ControlCenter4
    2012-12-20 22:18:13 -------- d-----w- c:\program files\ControlCenter4
    2012-12-20 22:08:29 -------- d-----w- c:\documents and settings\all users\application data\Brother
    2012-12-19 16:14:15 180224 ----a-w- c:\windows\system32\BROSNMP.DLL
    2012-12-19 16:14:15 103736 ----a-w- c:\windows\system32\BRRBTOOL.EXE
    2012-12-19 16:14:14 25299 ----a-w- c:\windows\system32\BRLM03A.DLL
    2012-12-19 16:14:14 192512 ------w- c:\windows\system32\Pdrvinst.dll
    2012-12-19 16:14:14 -------- d-----w- c:\program files\Brother
    2012-12-08 15:41:11 -------- d-----w- c:\documents and settings\joe\local settings\application data\panda4_0dn
    2012-12-08 00:14:55 -------- d-----w- c:\documents and settings\all users\application data\blekko toolbars
    2012-12-08 00:14:04 -------- d-----w- c:\documents and settings\joe\application data\blekko
    2012-12-08 00:11:57 -------- d-----w- c:\documents and settings\joe\application data\pandasecuritytb
    2012-12-08 00:11:45 -------- d-----w- c:\program files\pandasecuritytb
    2012-12-08 00:09:48 46672 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
    2012-12-07 04:48:55 92640 ----a-w- c:\program files\mozilla firefox\nssutil3.dll
    .
    ==================== Find3M ====================
    .
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-11-10 00:01:47 178728 ----a-w- c:\windows\system32\drivers\PSINKNC.sys
    2012-11-10 00:01:47 123560 ----a-w- c:\windows\system32\drivers\PSINProt.sys
    2012-11-10 00:01:47 114216 ----a-w- c:\windows\system32\drivers\PSINProc.sys
    2012-11-10 00:01:46 149288 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
    2012-11-10 00:01:46 102184 ----a-w- c:\windows\system32\drivers\PSINFile.sys
    2012-11-09 16:23:58 276520 ----a-w- c:\windows\system32\drivers\NNSStrm.sys
    2012-11-09 16:23:58 133928 ----a-w- c:\windows\system32\drivers\NNStlsc.sys
    2012-11-09 16:23:57 370216 ----a-w- c:\windows\system32\drivers\NNSProt.sys
    2012-11-09 16:23:57 191528 ----a-w- c:\windows\system32\drivers\NNSPrv.sys
    2012-11-09 16:23:57 128040 ----a-w- c:\windows\system32\drivers\NNSSmtp.sys
    2012-11-09 16:23:56 63400 ----a-w- c:\windows\system32\drivers\NNSpihs.sys
    2012-11-09 16:23:56 125480 ----a-w- c:\windows\system32\drivers\NNSPop3.sys
    2012-11-09 16:23:55 163112 ----a-w- c:\windows\system32\drivers\NNSIds.sys
    2012-11-09 16:23:55 139176 ----a-w- c:\windows\system32\drivers\NNSHttp.sys
    2012-11-09 16:23:55 133544 ----a-w- c:\windows\system32\drivers\NNSpicc.sys
    2012-11-09 16:23:54 119208 ----a-w- c:\windows\system32\drivers\NNSAlpc.sys
    2012-11-07 23:38:16 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
    2012-11-07 23:38:14 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
    2012-11-07 23:38:13 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
    2012-11-07 23:37:35 34024 ----a-w- c:\windows\system32\cmdcsr.dll
    2012-11-07 23:37:34 301264 ----a-w- c:\windows\system32\guard32.dll
    2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
    2012-10-22 17:08:35 38824 ----a-w- c:\windows\system32\drivers\NNSNAHS.sys
    2001-06-20 20:19:18 40960 -c----w- c:\program files\ACMonitor_X83.exe
    .
    ============= FINISH: 10:42:54.00 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/3/2006 4:02:05 PM
    System Uptime: 1/5/2013 12:06:52 AM (10 hours ago)
    .
    Motherboard: Intel Corporation | | D850EMV2
    Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | J2E1 | 2386/133mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 75 GiB total, 41.727 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) PRO/100 Network Connection
    Device ID: PCI\VEN_8086&DEV_2449&SUBSYS_0173107B&REV_03\4&11CD5334&0&40F0
    Manufacturer: Intel
    Name: Intel(R) PRO/100 Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_2449&SUBSYS_0173107B&REV_03\4&11CD5334&0&40F0
    Service: E100B
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Linksys NC100 Fast Ethernet Adapter
    Device ID: PCI\VEN_1317&DEV_0985&SUBSYS_05701317&REV_11\4&11CD5334&0&58F0
    Manufacturer: Linksys
    Name: Linksys NC100 Fast Ethernet Adapter
    PNP Device ID: PCI\VEN_1317&DEV_0985&SUBSYS_05701317&REV_11\4&11CD5334&0&58F0
    Service: AN983
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 1394 Net Adapter
    Device ID: V1394\NIC1394\51011DEE23C00
    Manufacturer: Microsoft
    Name: 1394 Net Adapter
    PNP Device ID: V1394\NIC1394\51011DEE23C00
    Service: NIC1394
    .
    Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Description: Microsoft PS/2 Mouse
    Device ID: ACPI\PNP0F03\4&3A2C8C4B&0
    Manufacturer: Microsoft
    Name: Microsoft PS/2 Mouse
    PNP Device ID: ACPI\PNP0F03\4&3A2C8C4B&0
    Service: i8042prt
    .
    ==== System Restore Points ===================
    .
    RP2081: 10/7/2012 2:08:09 PM - System Checkpoint
    RP2082: 10/8/2012 4:45:40 PM - System Checkpoint
    RP2083: 10/9/2012 10:07:12 AM - Software Distribution Service 3.0
    RP2084: 10/10/2012 9:30:56 AM - Software Distribution Service 3.0
    RP2085: 10/11/2012 1:19:40 PM - System Checkpoint
    RP2086: 10/12/2012 10:32:43 AM - Software Distribution Service 3.0
    RP2087: 10/15/2012 10:35:12 PM - System Checkpoint
    RP2088: 10/16/2012 11:26:35 AM - Software Distribution Service 3.0
    RP2089: 10/17/2012 1:25:37 PM - System Checkpoint
    RP2090: 10/18/2012 9:09:10 AM - Software Distribution Service 3.0
    RP2091: 10/19/2012 7:06:53 PM - Software Distribution Service 3.0
    RP2092: 10/21/2012 1:13:20 PM - System Checkpoint
    RP2093: 10/23/2012 9:41:51 AM - Software Distribution Service 3.0
    RP2094: 10/26/2012 10:35:16 AM - Software Distribution Service 3.0
    RP2095: 10/27/2012 1:14:20 PM - System Checkpoint
    RP2096: 10/30/2012 10:20:12 AM - Software Distribution Service 3.0
    RP2097: 10/31/2012 10:25:58 AM - System Checkpoint
    RP2098: 11/1/2012 12:09:26 PM - System Checkpoint
    RP2099: 11/2/2012 11:02:07 PM - Software Distribution Service 3.0
    RP2100: 11/3/2012 10:16:19 PM - System Checkpoint
    RP2101: 11/5/2012 4:07:21 PM - System Checkpoint
    RP2102: 11/6/2012 12:54:38 PM - Software Distribution Service 3.0
    RP2103: 11/8/2012 7:40:38 AM - System Checkpoint
    RP2104: 11/9/2012 8:04:00 AM - System Checkpoint
    RP2105: 11/9/2012 7:42:08 PM - Software Distribution Service 3.0
    RP2106: 11/11/2012 11:31:48 AM - System Checkpoint
    RP2107: 11/12/2012 11:39:16 AM - System Checkpoint
    RP2108: 11/14/2012 12:23:25 PM - System Checkpoint
    RP2109: 11/14/2012 2:43:12 PM - Software Distribution Service 3.0
    RP2110: 11/14/2012 3:13:32 PM - Software Distribution Service 3.0
    RP2111: 11/16/2012 10:45:26 AM - Software Distribution Service 3.0
    RP2112: 11/16/2012 10:29:05 PM - Software Distribution Service 3.0
    RP2113: 11/19/2012 5:38:51 PM - System Checkpoint
    RP2114: 11/20/2012 7:24:17 AM - Software Distribution Service 3.0
    RP2115: 11/21/2012 3:42:37 PM - System Checkpoint
    RP2116: 11/23/2012 5:21:01 AM - Software Distribution Service 3.0
    RP2117: 11/25/2012 3:40:06 PM - System Checkpoint
    RP2118: 11/26/2012 10:07:13 PM - System Checkpoint
    RP2119: 11/27/2012 5:21:34 AM - Software Distribution Service 3.0
    RP2120: 11/29/2012 9:16:04 AM - System Checkpoint
    RP2121: 11/30/2012 11:09:39 AM - Software Distribution Service 3.0
    RP2122: 12/1/2012 11:30:21 AM - System Checkpoint
    RP2123: 12/2/2012 12:30:10 PM - System Checkpoint
    RP2124: 12/4/2012 9:31:27 AM - Software Distribution Service 3.0
    RP2125: 12/5/2012 2:10:44 PM - System Checkpoint
    RP2126: 12/7/2012 5:21:15 AM - Software Distribution Service 3.0
    RP2127: 12/8/2012 10:56:21 AM - System Checkpoint
    RP2128: 12/9/2012 10:26:09 PM - System Checkpoint
    RP2129: 12/10/2012 10:38:39 PM - System Checkpoint
    RP2130: 12/11/2012 10:14:13 AM - Software Distribution Service 3.0
    RP2131: 12/12/2012 10:28:11 AM - System Checkpoint
    RP2132: 12/13/2012 10:16:01 AM - Software Distribution Service 3.0
    RP2133: 12/14/2012 5:57:38 AM - Software Distribution Service 3.0
    RP2134: 12/16/2012 9:26:19 AM - System Checkpoint
    RP2135: 12/17/2012 11:56:36 AM - System Checkpoint
    RP2136: 12/18/2012 8:27:28 AM - Software Distribution Service 3.0
    RP2137: 12/19/2012 9:20:13 AM - System Checkpoint
    RP2138: 12/20/2012 9:21:05 AM - System Checkpoint
    RP2139: 12/20/2012 5:16:42 PM - Installed Brother Software Suite
    RP2140: 12/20/2012 5:20:51 PM - Unsigned printer driver Brother PC-FAX v.2.2 installed.
    RP2141: 12/20/2012 6:12:02 PM - Software Distribution Service 3.0
    RP2142: 12/20/2012 7:48:37 PM - Installed Application
    RP2143: 12/21/2012 1:07:15 PM - Software Distribution Service 3.0
    RP2144: 12/23/2012 9:26:59 AM - System Checkpoint
    RP2145: 12/24/2012 11:21:18 AM - System Checkpoint
    RP2146: 12/25/2012 5:30:38 PM - Software Distribution Service 3.0
    RP2147: 12/27/2012 11:48:33 AM - System Checkpoint
    RP2148: 12/28/2012 5:20:41 AM - Software Distribution Service 3.0
    RP2149: 12/29/2012 9:24:14 AM - System Checkpoint
    RP2150: 12/30/2012 9:29:06 AM - System Checkpoint
    RP2151: 12/31/2012 11:35:05 AM - System Checkpoint
    RP2152: 1/1/2013 10:36:52 PM - Software Distribution Service 3.0
    RP2153: 1/3/2013 5:35:33 AM - System Checkpoint
    RP2154: 1/3/2013 7:53:38 PM - Software Distribution Service 3.0
    RP2155: 1/4/2013 1:17:43 PM - Removed SmarThru 4
    RP2156: 1/4/2013 1:40:22 PM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.4)
    ArcSoft Camera Suite 1.3
    Battle.net
    Brother MFL-Pro Suite MFC-7860DW
    Camera Window
    Canon Camera Support Core Library
    Canon Camera WIA Driver
    Canon Camera Window for ZoomBrowser EX
    Canon Camera Window MC 6 for ZoomBrowser EX
    Canon G.726 WMP-Decoder
    Canon MovieEdit Task for ZoomBrowser EX
    Canon PhotoRecord
    Canon RAW Image Task for ZoomBrowser EX
    Canon RemoteCapture Task for ZoomBrowser EX
    Canon Utilities PhotoStitch
    Canon Utilities ZoomBrowser EX
    CCleaner
    COMODO Internet Security
    Compatibility Pack for the 2007 Office system
    Corel WinDVD 2010
    Creative AudioHQ
    Creative Diagnostics
    Creative Restore Defaults
    Critical Update for Windows Media Player 11 (KB959772)
    Defraggler
    Diablo
    Do More 5.0
    DVD Player
    eReg
    Gateway Desktop Manager
    Gateway IE Customizations
    Gateway Power Management
    Google Chrome
    Google Update Helper
    HelpSpot
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet II
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 6 Update 26
    Java(TM) SE Runtime Environment 6 Update 1
    JavaFX 2.1.1
    Malwarebytes Anti-Malware version 1.70.0.1100
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Standard for Students and Teachers
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    MovieEdit Task
    Mozilla Firefox 17.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB973685)
    NVIDIA Windows 2000/XP Display Drivers
    OGA Notifier 2.0.0048.0
    Opera 12.12
    Panda Cloud Antivirus
    Panda Security Toolbar
    Panda Security URL Filtering
    PC-Doctor Consumer UI
    PC-Doctor Diagnostics
    PC-Doctor for Windows
    PC-Doctor Services
    RemoteCapture Task 1.0.2
    Savings Bond Wizard
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Sound Blaster Audigy
    Sound Blaster Audigy Quick Start
    Sound Blaster Audigy Web 2K/XP
    Speccy
    Spybot - Search & Destroy
    SpywareBlaster 4.6
    SUPERAntiSpyware
    TurboTax Deluxe 2005
    TurboTax Deluxe Deduction Maximizer 2006
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971180)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WebFldrs XP
    Windows Defender
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Connect
    Windows Media Format 11 runtime
    Windows Media Format SDK Hotfix - KB891122
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    Windows XP Service Pack 3
    WinRAR archiver
    Works Suite OS Pack
    Works Synchronization
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/31/2012 7:04:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
    12/31/2012 7:04:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/31/2012 7:03:01 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
    12/31/2012 7:00:52 PM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The system cannot find the file specified.
    12/31/2012 7:00:52 PM, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified.
    12/31/2012 7:00:52 PM, error: Service Control Manager [7000] - The Genesys Logic USB Scanner Controller NT 5.0 service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    12/31/2012 6:59:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/31/2012 2:34:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard eeCtrl Fips intelppm Lbd NNSALPC NNSHTTP NNSIDS NNSPICC NNSPIHS NNSPOP3 NNSPROT NNSPRV NNSSMTP NNSSTRM NNSTLSC PSINKNC
    12/31/2012 12:43:52 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NanoServiceMain service.
    12/31/2012 12:33:10 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
    12/30/2012 5:00:41 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.
    12/29/2012 6:55:57 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
    1/4/2013 12:40:05 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    1/4/2013 12:38:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    1/4/2013 12:31:13 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cmdGuard cmdHlp eeCtrl Fips intelppm IPSec Lbd MRxSmb NetBIOS NetBT NNSALPC NNSHTTP NNSIDS NNSPICC NNSPIHS NNSPOP3 NNSPROT NNSPRV NNSSMTP NNSSTRM NNSTLSC PSINKNC RasAcd Rdbss Tcpip
    1/4/2013 12:31:13 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
    1/4/2013 12:31:13 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/4/2013 12:31:13 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/4/2013 12:31:13 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    1/4/2013 12:31:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    1/2/2013 5:01:15 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
    1/2/2013 2:27:04 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
    1/2/2013 2:26:13 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/2/2013 2:26:11 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    1/1/2013 4:49:48 PM, error: PSched [14103] - QoS [Adapter {BB7F4F6D-260A-4579-8933-F39EB72CA165}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
    .
    ==== End Of File ===========================

    Results of screen317's Security Check version 0.99.56
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    Panda Cloud Antivirus
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    SpywareBlaster 4.6
    Spybot - Search & Destroy
    SUPERAntiSpyware
    Windows Defender
    Malwarebytes Anti-Malware version 1.70.0.1100
    CCleaner
    JavaFX 2.1.1
    Java(TM) 6 Update 26
    Java 7 Update 9
    Java(TM) SE Runtime Environment 6 Update 1
    Adobe Flash Player 10 Flash Player out of Date!
    Adobe Flash Player 11.1.102.62
    Adobe Reader 10.1.4 Adobe Reader out of Date!
    Mozilla Firefox (17.0.1)
    Google Chrome 23.0.1271.97
    ````````Process Check: objlist.exe by Laurent````````
    Windows Defender MSMpEng.exe
    Windows Defender MSASCui.exe
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamgui.exe
    Comodo Firewall cmdagent.exe
    Comodo Firewall cfp.exe
    Panda Security Panda Cloud Antivirus PSANHost.exe
    Panda Security Panda Cloud Antivirus PSUAService.exe
    Panda Security Panda Cloud Antivirus PSUAMain.exe
    Malwarebytes' Anti-Malware mbamscheduler.exe
    Windows Defender MsMpEng.exe
    Windows Defender MSASCui.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 9%
    ````````````````````End of Log``````````````````````


    # AdwCleaner v2.104 - Logfile created 01/05/2013 at 11:21:38
    # Updated 29/12/2012 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Joe - GATEWAY_COMPUTE
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Joe\My Documents\Downloads\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****

    Found : Viewpoint Manager Service

    ***** [Files / Folders] *****

    File Found : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
    Folder Found : C:\Documents and Settings\All Users\Application Data\blekko toolbars
    Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Found : C:\Documents and Settings\Joe\Application Data\Viewpoint
    Folder Found : C:\Documents and Settings\Joe\Local Settings\Application Data\Viewpoint
    Folder Found : C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
    Folder Found : C:\Program Files\Common Files\Viewpoint

    ***** [Registry] *****

    Key Found : HKCU\Software\Headlight
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\VWPT
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
    Key Found : HKCU\Software\Viewpoint
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0E2C3126-DDED-4A58-800E-9AEDE84EA31E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}
    Key Found : HKLM\Software\MetaStream
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Found : HKLM\Software\Viewpoint
    Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKU\S-1-5-21-606747145-879983540-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKU\S-1-5-21-606747145-879983540-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=BC440FEE4265CE43A5000350C2863107

    -\\ Mozilla Firefox v17.0.1 (en-US)

    File : C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\04uqut25.default\prefs.js

    Found : user_pref("browser.startup.homepage", "hxxp://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb[...]
    Found : user_pref("browser.search.selectedEngine", "blekko");
    Found : user_pref("browser.startup.homepage", "hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepag[...]

    File : C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\ivq9jel7.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v23.0.1271.97

    File : C:\Documents and Settings\Joe\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v12.12.1707.0

    File : C:\Documents and Settings\Joe\Application Data\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [4196 octets] - [05/01/2013 11:21:38]

    ########## EOF - C:\AdwCleaner[R1].txt - [4256 octets] ##########

  9. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    6,217
    Points
    1101

    Default

    Hi Gunrunner,

    having the System Idle Process using 90% of your CPU is a good thing ... it means that that 90% is readily availble should there be any real work to do.
    Tell me about what Anti Virus program you're using ? Are you using 2? Panda Cloud and Comodo Security ?

    First
    Please up-Date your Adobe reader program,



    Adobe - Adobe Reader download - All versions

    McAfee See that you don't want that so un-Check the box with the check mark in it by clicking on it on the adobe page.

    Next

    Lets Up- Date Adobe Flash Player too

    Adobe - Install Adobe Flash Player

    McAfee See that you don't want that so un-Check the box with the check mark in it by clicking on it.

    Then click the yellow / orange download box and download Adobe Flash Player.

    Next

    Run AdwCleaner again this time select Delete

    Once done it will ask to reboot, allow this
    On reboot a log will be produced please post that log in your next reply.


    In your next reply.

    • Tell me about the Anti Virus programs you're running
    • Post the adwCleaner log after delete option is done.
    • Tell me that you have up-Dated adobe Reader & Flash.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  10. The Following User Says Thank You to zep516 For This Useful Post:


  11. #8
    Member
    Join Date
    Jan 2013
    Posts
    34
    Points
    0

    Default

    zep515, completed your instructions with one exception: When attempting to update Adobe Flash Player, Malwarebytes quarantined the update program, deleting it from the Chrome browser. Accordingly, the update of this program was not done. Adobe Reader was updated without a problem. I use Panda Cloud Antivirus Pro as my A/V program and I used Comodo for my firewall. I suppose Window Defender is running also. Before providing the log I want to tell you that after running the AdwCleaner again it took FOREVER for my computer to come back. That is, my desktop to load, my brower(s) and my e-mail program. In fact, my e-mail program (Outlook Express) would not connect. Consequently, I had to do a shutdown/re-boot. And by "forever," I mean it took over 30 minutes. Here's the log. Again, thanks for the help. Joe (I'm a Joe, too). PS--any reason I need to keep Malwarebytes running if I have the other (SAS)? I don't care for Malwarebytes running all of the time.

    # AdwCleaner v2.104 - Logfile created 01/05/2013 at 12:59:35
    # Updated 29/12/2012 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Joe - GATEWAY_COMPUTE
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Joe\My Documents\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : Viewpoint Manager Service

    ***** [Files / Folders] *****

    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\blekko toolbars
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\Joe\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\Joe\Local Settings\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
    Folder Deleted : C:\Program Files\Common Files\Viewpoint

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Headlight
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\VWPT
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
    Key Deleted : HKCU\Software\Viewpoint
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E2C3126-DDED-4A58-800E-9AEDE84EA31E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}
    Key Deleted : HKLM\Software\MetaStream
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Deleted : HKLM\Software\Viewpoint
    Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=BC440FEE4265CE43A5000350C2863107 --> hxxp://www.google.com

    -\\ Mozilla Firefox v17.0.1 (en-US)

    File : C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\04uqut25.default\prefs.js

    Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb[...]
    Deleted : user_pref("browser.search.selectedEngine", "blekko");
    Deleted : user_pref("browser.startup.homepage", "hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepag[...]

    File : C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\ivq9jel7.default\prefs.js

    C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\ivq9jel7.default\user.js ... Deleted !

    [OK] File is clean.

    -\\ Google Chrome v23.0.1271.97

    File : C:\Documents and Settings\Joe\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v12.12.1707.0

    File : C:\Documents and Settings\Joe\Application Data\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [4002 octets] - [05/01/2013 12:59:35]

    ########## EOF - C:\AdwCleaner[S1].txt - [4062 octets] ##########

  12. #9
    Member
    Join Date
    Jan 2013
    Posts
    34
    Points
    0

    Default

    zep515, completed your instructions with one exception: When attempting to update Adobe Flash Player, Malwarebytes quarantined the update program, deleting it from the Chrome browser. Accordingly, the update of this program was not done. Adobe Reader was updated without a problem. I use Panda Cloud Antivirus Pro as my A/V program and I used Comodo for my firewall. I suppose Window Defender is running also. Before providing the log I want to tell you that after running the AdwCleaner again it took FOREVER for my computer to come back. That is, my desktop to load, my brower(s) and my e-mail program. In fact, my e-mail program (Outlook Express) would not connect. Consequently, I had to do a shutdown/re-boot. And by "forever," I mean it took over 30 minutes. Here's the log. Again, thanks for the help. Joe (I'm a Joe, too). PS--any reason I need to keep Malwarebytes running if I have the other (SAS)? I don't care for Malwarebytes running all of the time.

    # AdwCleaner v2.104 - Logfile created 01/05/2013 at 12:59:35
    # Updated 29/12/2012 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Joe - GATEWAY_COMPUTE
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Joe\My Documents\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : Viewpoint Manager Service

    ***** [Files / Folders] *****

    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\blekko toolbars
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\Joe\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\Joe\Local Settings\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
    Folder Deleted : C:\Program Files\Common Files\Viewpoint

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Headlight
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\VWPT
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
    Key Deleted : HKCU\Software\Viewpoint
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E2C3126-DDED-4A58-800E-9AEDE84EA31E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}
    Key Deleted : HKLM\Software\MetaStream
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Deleted : HKLM\Software\Viewpoint
    Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=BC440FEE4265CE43A5000350C2863107 --> hxxp://www.google.com

    -\\ Mozilla Firefox v17.0.1 (en-US)

    File : C:\Documents and Settings\Jay\Application Data\Mozilla\Firefox\Profiles\04uqut25.default\prefs.js

    Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb[...]
    Deleted : user_pref("browser.search.selectedEngine", "blekko");
    Deleted : user_pref("browser.startup.homepage", "hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepag[...]

    File : C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\ivq9jel7.default\prefs.js

    C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\ivq9jel7.default\user.js ... Deleted !

    [OK] File is clean.

    -\\ Google Chrome v23.0.1271.97

    File : C:\Documents and Settings\Joe\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v12.12.1707.0

    File : C:\Documents and Settings\Joe\Application Data\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [4002 octets] - [05/01/2013 12:59:35]

    ########## EOF - C:\AdwCleaner[S1].txt - [4062 octets] ##########

  13. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    6,217
    Points
    1101

    Default

    Hi,

    That's the paid version of Malwarebytes correct?

    Can you post that Malwarebytes log, where it shows the quarantine items.

    Next

    I want to look a little closer using an additional scan too.

    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Under the Standard Registry box change it to All.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  14. The Following User Says Thank You to zep516 For This Useful Post:


Page 1 of 6 123 ... LastLast