Hi noori,

 

• Double click your Malwarebytes desktop icon
• Click the UPDATE tab at the top
• Scan for and install any updates it finds
• Then choose the SCANNER tab and run a FULL SCAN
• Once finished if MBAM found anything please click Show Results
• Make sure EVERYTHING has a check in the box next to it and then click Remove Selected
• Post the MBAM log results back to this thread

 

NOTE: If MBAM encounters a file that is hard to remove it will prompt for a delete on reboot, answer yes to this and once rebooted please run another scan and post that scan's log results along with the log results from before reboot which can be found under the LOGS tab of Malwarebytes.

 

 

I need to see some additional information about what is happening in your machine.
Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.com
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool.
• When done, DDS will open two (2) logs
  1. DDS.txt
  2. Attach.txt
• Save both reports to your desktop.
• The instructions here ask you to attach the Attach.txt.
  
• Instead of attaching, please copy/past both logs into your next reply.
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE

 

Please COPY/PASTE the fresh MBAM log and BOTH DDS logs back for review,

Thanks

Hello K27,

Thank you for helping with this; I'm very grateful.

The Malwarebytes scan was clean.

The files that you requested are copied below:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5616

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27/01/2011 09:38:04
mbam-log-2011-01-27 (09-38-04).txt

Scan type: Full scan (C:\|)
Objects scanned: 297797
Time elapsed: 40 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

DDS (Ver_10-12-12.02) - NTFSx86 
Run by Noori at  9:42:47.56 on 27/01/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.44.1033.18.510.212 [GMT 0:00]

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vVX3000.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\AOL\1180866938\ee\AOLSoftware.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Tesco\Picture Suite\InsDetect.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\Noori\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://bbc.co.uk/news/
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101107162650.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Encarta &Researcher: {9455301c-cf6b-11d3-a266-00c04f689c50} - c:\program files\common files\microsoft shared\reference 2001\EROProj.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R
uRun: [Tesco Insert Detect] c:\program files\tesco\picture suite\InsDetect.exe
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe"
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [HostManager] c:\program files\common files\aol\1180866938\ee\AOLSoftware.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {9455301C-CF6B-11D3-A266-00C04F689C50} - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\program files\common files\microsoft shared\reference 2001\EROProj.dll
Trusted Zone: adobe.com\get
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: motive.com\pbttbc.bt
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188743337078
DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} - hxxp://esupport.epson-europe.com/selftest/en/Prg/ESTPTest.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - c:\program files\common files\microsoft shared\reference 2001\msero.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 192.168.1.70 HP00215AA2CB59

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-9-3 386840]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-26 84072]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-3 93320]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-26 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-26 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-26 141792]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-26 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-9-3 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-9-3 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-26 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-8-26 88544]
S2 gupdate1ca3b5a677feb0a;Google Update Service (gupdate1ca3b5a677feb0a);c:\program files\google\update\GoogleUpdate.exe [2009-9-22 133104]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-8-26 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-26 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-9-3 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-9-3 40552]

=============== Created Last 30 ================

2011-01-24 19:18:53 -------- d-----w- c:\program files\common files\ODBC
2011-01-19 12:37:01 388096 ----a-r- c:\docume~1\noori\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-19 12:36:57 -------- d-----w- c:\program files\Trend Micro
2011-01-15 22:44:03 -------- d-----w- c:\docume~1\noori\applic~1\SUPERAntiSpyware.com
2011-01-15 22:44:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-01-15 22:43:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-15 21:37:49 -------- d-----w- c:\docume~1\noori\applic~1\Malwarebytes
2011-01-15 21:37:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-15 21:37:27 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-15 21:37:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-15 21:37:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-30 11:46:21 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-12-30 11:46:16 159232 ----a-w- c:\windows\system32\ptpusd.dll

==================== Find3M  ====================

2011-01-10 15:52:53 103784 ----a-w- c:\documents and settings\noori\GoToAssistDownloadHelper.exe
2010-11-29 17:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 17:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

============= FINISH:  9:44:27.12 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 20/04/2007 11:42:10
System Uptime: 27/01/2011 07:36:14 (2 hours ago)

Motherboard: Dell Inc.           |  | 0WG261
Processor:               Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 144 GiB total, 95.295 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 18/01/2011 13:26:46 - System Checkpoint
RP2: 19/01/2011 12:36:55 - Installed HiJackThis
RP3: 20/01/2011 12:51:14 - System Checkpoint
RP4: 21/01/2011 13:13:11 - System Checkpoint
RP5: 22/01/2011 14:05:58 - System Checkpoint
RP6: 23/01/2011 14:53:24 - System Checkpoint
RP7: 24/01/2011 15:50:18 - System Checkpoint
RP8: 24/01/2011 19:18:44 - Installed Microsoft Office Basic Edition 2003
RP9: 25/01/2011 15:00:30 - Software Distribution Service 3.0
RP10: 25/01/2011 23:30:12 - Software Distribution Service 3.0
RP11: 26/01/2011 23:40:30 - System Checkpoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer
7500_7600_7700_Help
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 5.0 Limited Edition
Adobe Reader 9.4.1
AirZip Plug-in for Internet Explorer
Andrea VoiceCenter
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Art Explosion Greeting Card Factory
ARTEuro
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
AutoUpdate
BBC iPlayer Desktop
BBC iPlayer Download Manager
Bonjour
BPD_HPSU
BPD_Scan
BPDfax
BPDSoftware
BPDSoftware_Ini
BT Broadband Desktop Help
BT Email Configuration Tool
BT Wireless Connection Manager
BT Yahoo! Applications
BufferChm
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
Chinese Traditional Fonts Support For Adobe Reader 9
Compatibility Pack for the 2007 Office system
Creative MediaSource
CustomerResearchQFolder
Dell CinePlayer
Dell Driver Reset Tool
Dell Support 3.1
Dell Support Center
Dell System Restore
Destinations
DeviceManagementQFolder
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
Epen CD 3.5 C
ESPNMotion
eSupportQFolder
Extended Language Support Fonts Package
Free Games Offer, Desktop Shortcut
Free PDF to Word Doc Converter v1.1
GemMaster Mystic
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix 2050 for SQL Server 2000 ENU (KB948110)
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Officejet Pro All-In-One Series
HP Photosmart Essential
HP Product Assistant
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevicesMFC
Intel(R) 537EP V9x DF PCI Modem
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iTunes
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
L7600
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MarketResearch
MathType 6
McAfee SecurityCenter
McAfee Virtual Technician
MCU
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Deluxe 2001 - WE
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Small Business Edition 2003
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Modem Event Monitor
Modem Helper
Modem On Hold
MPM
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWay Search Assistant
OCR Software by I.R.I.S 7.0
Otto
PanoStandAlone
PC Booster
Pivot Stickfigure Animator
ProductContext
QuickTime
RCT3 Soaked
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
S381 The Energetic Universe
Scan
scoris assessor
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Skins
SM358 The Quantum World
Smart PDF Converter 4.2.3.225
SMT359 Electromagnetism
SolutionCenter
Sonic Activation Module
Sonic Advanced Decoder
Sonic DLA
Sonic Encoders
Sonic Update Manager
Sound Blaster Audigy ADVANCED MB
Sound Blaster Audigy ADVANCED MB Product Registration
Spelling Dictionaries Support For Adobe Reader 9
Status
SUPERAntiSpyware
T173
T356
Tesco Picture Suite
Tiscali Internet
Toolbox
TrayApp
Uniblue RegistryBooster
Uniblue SystemTweaker
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
Wanadoo Europe Installer
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

23/01/2011 13:18:08, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
23/01/2011 13:18:08, error: SideBySide [59]  - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\MFC80.DLL. Reference error message: The operation completed successfully. .
23/01/2011 13:18:08, error: SideBySide [32]  - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
23/01/2011 12:36:15, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
23/01/2011 12:35:27, error: Service Control Manager [7000]  - The iPod Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
23/01/2011 12:35:26, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
22/01/2011 08:01:42, error: ati2mtag [45062]  - CRT invalid display type
21/01/2011 09:57:39, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
21/01/2011 09:57:39, error: SideBySide [59]  - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
21/01/2011 09:57:39, error: SideBySide [32]  - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
21/01/2011 09:12:55, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
21/01/2011 09:12:55, error: Service Control Manager [7000]  - The HTTP SSL service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
21/01/2011 09:09:45, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
21/01/2011 09:09:45, error: Service Control Manager [7000]  - The COM+ System Application service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
21/01/2011 09:09:45, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
21/01/2011 09:03:53, error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Network Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:46, error: Service Control Manager [7034]  - The Yahoo! Updater service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:45, error: Service Control Manager [7034]  - The MSSQL$MICROSOFTSMLBIZ service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:45, error: Service Control Manager [7034]  - The MSCamSvc service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:44, error: Service Control Manager [7034]  - The McciCMService service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:43, error: Service Control Manager [7034]  - The McAfee SiteAdvisor Service service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:43, error: Service Control Manager [7034]  - The KService service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:43, error: Service Control Manager [7034]  - The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:42, error: Service Control Manager [7034]  - The Creative Service for CDROM Access service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:42, error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:41, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:40, error: Service Control Manager [7034]  - The Ati HotKey Poller service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:40, error: Service Control Manager [7034]  - The AOL Connectivity Service service terminated unexpectedly.  It has done this 1 time(s).

==== End Of File ===========================

 

Hi,

Please remove the following programs via "Add/Remove Programs" in Control panel. They are not malicious but your system will thank you for not having them installed. As a side note, it is never a good idea to run these so called registry cleaners as they are renowned for removing legitimate and critical registry keys and have been known to leave many a system unbootable.

Uniblue RegistryBooster
Uniblue SystemTweaker
Viewpoint Media Player

Then please reboot the system.

 

 

Then Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

 

Go here to run an online scannner from ESET.

• Note: You will need to use Internet explorer for this scan
• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
• Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
• Click Scan
• Wait for the scan to finish
• Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
• Copy and paste that log as a reply to this topic and also let me know how things are now.

 

Please post back the ESET report and a fresh set of DDS logs.

 

Thanks.

I uninstalled the 3 programs but I wasn't able to run the ESET scan: I got past accepting the T's & C's but then it froze ( I gave up after ~ 30 mins) and I didn't get to allowing the activex controls.  I tried the scan a second time with the same result.

Also, after the reboot (following the uninstallation of the 3 programs) I got 2 new error messages as follows:

-A "white crross in a red circle" message about a "KService.exe Application Error" to do with an "instruction address" not finding a "memeory location" 

-A "microsoft blue message" : "Delivery Manager Service has encountered a problem and needs to terminate"

For both of these there was a "debug" button which I opted for and there were no follow up messages.

 

I ran the dds a second time and the filed are copied below (just in case they're some use without the ESET scan).

Thank you for your continued help and I await further instructions.

 

DDS (Ver_10-12-12.02) - NTFSx86 
Run by Noori at 22:23:32.32 on 27/01/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.44.1033.18.510.128 [GMT 0:00]

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\AOL\1180866938\ee\AOLSoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Tesco\Picture Suite\InsDetect.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Noori\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://bbc.co.uk/news/
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101107162650.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Encarta &Researcher: {9455301c-cf6b-11d3-a266-00c04f689c50} - c:\program files\common files\microsoft shared\reference 2001\EROProj.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R
uRun: [Tesco Insert Detect] c:\program files\tesco\picture suite\InsDetect.exe
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe"
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [HostManager] c:\program files\common files\aol\1180866938\ee\AOLSoftware.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {9455301C-CF6B-11D3-A266-00C04F689C50} - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\program files\common files\microsoft shared\reference 2001\EROProj.dll
Trusted Zone: adobe.com\get
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: motive.com\pbttbc.bt
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188743337078
DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} - hxxp://esupport.epson-europe.com/selftest/en/Prg/ESTPTest.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - c:\program files\common files\microsoft shared\reference 2001\msero.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 192.168.1.70 HP00215AA2CB59

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-9-3 386840]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-26 84072]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-3 93320]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-26 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-26 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-26 141792]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-26 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-9-3 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-9-3 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-26 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-8-26 88544]
S2 gupdate1ca3b5a677feb0a;Google Update Service (gupdate1ca3b5a677feb0a);c:\program files\google\update\GoogleUpdate.exe [2009-9-22 133104]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-8-26 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-26 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-9-3 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-9-3 40552]

=============== Created Last 30 ================

2011-01-24 19:18:53 -------- d-----w- c:\program files\common files\ODBC
2011-01-19 12:37:01 388096 ----a-r- c:\docume~1\noori\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-19 12:36:57 -------- d-----w- c:\program files\Trend Micro
2011-01-15 22:44:03 -------- d-----w- c:\docume~1\noori\applic~1\SUPERAntiSpyware.com
2011-01-15 22:44:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-01-15 22:43:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-15 21:37:49 -------- d-----w- c:\docume~1\noori\applic~1\Malwarebytes
2011-01-15 21:37:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-15 21:37:27 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-15 21:37:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-15 21:37:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-30 11:46:21 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-12-30 11:46:16 159232 ----a-w- c:\windows\system32\ptpusd.dll

==================== Find3M  ====================

2011-01-10 15:52:53 103784 ----a-w- c:\documents and settings\noori\GoToAssistDownloadHelper.exe
2010-11-29 17:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 17:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

============= FINISH: 22:25:29.81 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 20/04/2007 11:42:10
System Uptime: 27/01/2011 14:47:31 (8 hours ago)

Motherboard: Dell Inc.           |  | 0WG261
Processor:               Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 144 GiB total, 95.317 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 18/01/2011 13:26:46 - System Checkpoint
RP2: 19/01/2011 12:36:55 - Installed HiJackThis
RP3: 20/01/2011 12:51:14 - System Checkpoint
RP4: 21/01/2011 13:13:11 - System Checkpoint
RP5: 22/01/2011 14:05:58 - System Checkpoint
RP6: 23/01/2011 14:53:24 - System Checkpoint
RP7: 24/01/2011 15:50:18 - System Checkpoint
RP8: 24/01/2011 19:18:44 - Installed Microsoft Office Basic Edition 2003
RP9: 25/01/2011 15:00:30 - Software Distribution Service 3.0
RP10: 25/01/2011 23:30:12 - Software Distribution Service 3.0
RP11: 26/01/2011 23:40:30 - System Checkpoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer
7500_7600_7700_Help
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 5.0 Limited Edition
Adobe Reader 9.4.1
AirZip Plug-in for Internet Explorer
Andrea VoiceCenter
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Art Explosion Greeting Card Factory
ARTEuro
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
AutoUpdate
BBC iPlayer Desktop
BBC iPlayer Download Manager
Bonjour
BPD_HPSU
BPD_Scan
BPDfax
BPDSoftware
BPDSoftware_Ini
BT Broadband Desktop Help
BT Email Configuration Tool
BT Wireless Connection Manager
BT Yahoo! Applications
BufferChm
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
Chinese Traditional Fonts Support For Adobe Reader 9
Compatibility Pack for the 2007 Office system
Creative MediaSource
CustomerResearchQFolder
Dell CinePlayer
Dell Driver Reset Tool
Dell Support 3.1
Dell Support Center
Dell System Restore
Destinations
DeviceManagementQFolder
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
Epen CD 3.5 C
ESPNMotion
eSupportQFolder
Extended Language Support Fonts Package
Free Games Offer, Desktop Shortcut
Free PDF to Word Doc Converter v1.1
GemMaster Mystic
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix 2050 for SQL Server 2000 ENU (KB948110)
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Officejet Pro All-In-One Series
HP Photosmart Essential
HP Product Assistant
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevicesMFC
Intel(R) 537EP V9x DF PCI Modem
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iTunes
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
L7600
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MarketResearch
MathType 6
McAfee SecurityCenter
McAfee Virtual Technician
MCU
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Deluxe 2001 - WE
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Small Business Edition 2003
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Modem Event Monitor
Modem Helper
Modem On Hold
MPM
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWay Search Assistant
OCR Software by I.R.I.S 7.0
Otto
PanoStandAlone
PC Booster
Pivot Stickfigure Animator
ProductContext
QuickTime
RCT3 Soaked
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
S381 The Energetic Universe
Scan
scoris assessor
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Skins
SM358 The Quantum World
Smart PDF Converter 4.2.3.225
SMT359 Electromagnetism
SolutionCenter
Sonic Activation Module
Sonic Advanced Decoder
Sonic DLA
Sonic Encoders
Sonic Update Manager
Sound Blaster Audigy ADVANCED MB
Sound Blaster Audigy ADVANCED MB Product Registration
Spelling Dictionaries Support For Adobe Reader 9
Status
SUPERAntiSpyware
T173
T356
Tesco Picture Suite
Tiscali Internet
Toolbox
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Wanadoo Europe Installer
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

23/01/2011 13:18:08, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
23/01/2011 13:18:08, error: SideBySide [59]  - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\MFC80.DLL. Reference error message: The operation completed successfully. .
23/01/2011 13:18:08, error: SideBySide [32]  - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
23/01/2011 12:36:15, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
23/01/2011 12:35:27, error: Service Control Manager [7000]  - The iPod Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
23/01/2011 12:35:26, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
22/01/2011 08:01:42, error: ati2mtag [45062]  - CRT invalid display type
21/01/2011 09:57:39, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
21/01/2011 09:57:39, error: SideBySide [59]  - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
21/01/2011 09:57:39, error: SideBySide [32]  - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
21/01/2011 09:12:55, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
21/01/2011 09:12:55, error: Service Control Manager [7000]  - The HTTP SSL service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
21/01/2011 09:09:45, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
21/01/2011 09:09:45, error: Service Control Manager [7000]  - The COM+ System Application service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
21/01/2011 09:09:45, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
21/01/2011 09:03:53, error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Network Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:52, error: Service Control Manager [7031]  - The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:46, error: Service Control Manager [7034]  - The Yahoo! Updater service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:45, error: Service Control Manager [7034]  - The MSSQL$MICROSOFTSMLBIZ service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:45, error: Service Control Manager [7034]  - The MSCamSvc service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:44, error: Service Control Manager [7034]  - The McciCMService service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:43, error: Service Control Manager [7034]  - The McAfee SiteAdvisor Service service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:43, error: Service Control Manager [7034]  - The KService service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:43, error: Service Control Manager [7034]  - The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:42, error: Service Control Manager [7034]  - The Creative Service for CDROM Access service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:42, error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:41, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
21/01/2011 09:03:40, error: Service Control Manager [7034]  - The Ati HotKey Poller service terminated unexpectedly.  It has done this 1 time(s).
21/01/2011 09:03:40, error: Service Control Manager [7034]  - The AOL Connectivity Service service terminated unexpectedly.  It has done this 1 time(s).

==== End Of File ===========================

Hi,

 

Download and scan with CCleaner
1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:

• Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:

• Clean all except cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

 

 

 

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

 

*Please perform this online scan: F-Secure Online Scanner
Follow the directions in the F-Secure page for proper Installation.
* You may receive an alert on the address bar at this point to install the ActiveX control.
* Click on that alert and then click "Install ActiveX component".
* Read the license agreement and click "Accept".
* Click "Full System Scan" to download the scanning components and begin scan and cleaning.
* When the scan completes, click the "I want to decide item by item" button.
* For each item found, Select "Disinfect" and click "Next".
* When done, click the "Show Report" button, then copy and paste the entire report into your next reply.

 

Please post the F-Seacure Log back for review.

 

Thanks.

Hi K27,

The CCleaner freed up ~ 890MB and the log file from F_Secure is copied below .

The link in your post for F-Secure didn't work and I went through Google to find their website ( I hope that was Ok).

Scanning Report

Friday, January 28, 2011 12:37:15 - 14:40:38

Computer name: OFFICE1
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\

---

7 malware found

 

TrackingCookie.Advertising (spyware)

• System (Disinfected)

TrackingCookie.Revsci (spyware)

• System (Disinfected)

TrackingCookie.Mookie (spyware)

• System (Disinfected)

TrackingCookie.Adbrite (spyware)

• System (Disinfected)

TrackingCookie.Webtrends (spyware)

• System (Disinfected)

TrackingCookie.Liveperson (spyware)

• System (Disinfected)

Suspicious:W32/Malware!Gemini (virus)

• C:\PROGRAM FILES\WANADOO EUROPE\FSCOMMAND\FSCOMMAND\INSTALAR_CONEXIONGRATIS.EXE (Not cleaned & Submitted)

---

Statistics

Scanned:

• Files: 105977
• System: 4774
• Not scanned: 34

Actions:

• Disinfected: 6
• Renamed: 0
• Deleted: 0
• Not cleaned: 1
• Submitted: 1

Files not scanned:

• C:\14439F7C-384A-4863-9015-82B95E24C05E
• C:\4350465D-88B9-48B2-9ACF-C465905F0F24
• C:\4370F23C-4140-46AE-8EAE-0FA965F5C347
• C:\A498A212-C1CF-4025-9928-8218FE9419BC
• C:\D9B247E7-4DFF-403E-8F04-442BF19F6373
• C:\F635ABCE-5555-429A-A610-37F3B4148A24
• C:\NEW OFFICE DOCUMENT.LNK
• C:\MOUNTPOINTMANAGERREMOTEDATABASE
• C:\PAGEFILE.SYS
• C:\OPEN OFFICE DOCUMENT.LNK
• C:\SANTERS CHRISTMAS LIST 2006 MUM + DAD.DOC
• C:\SANTERS CHRISTMAS LIST 2006 NAN+GRANDDAD.DOC
• C:\SANTERS CHRISTMAS LIST.DOC
• C:\WINDOWS\SYSTEM32\MACROMED\SHOCKWAVE 10\POSTUPDATE.EXE
• C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
• C:\WINDOWS\SYSTEM32\CONFIG\SAM
• C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
• C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
• C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1010\DC4.ASD
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1010\DC2.DOC
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1009\DC11.LNK
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1009\DC12.SHS
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1009\DC17.DOC
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1009\DC7.DOC
• C:\RECYCLER\S-1-5-21-3444432941-3808201102-1367631457-1009\DC8.LNK
• C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\SWG-5.3.4501.1418\SEARCHWITHGOOGLEUPDATE.EXE
• C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\SWG-5.1.1309.3572\SEARCHWITHGOOGLEUPDATE.EXE
• C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\SWG-5.6.5612.1312\SEARCHWITHGOOGLEUPDATE.EXE
• C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\SWG-5.1.1309.15642\SEARCHWITHGOOGLEUPDATE.EXE
• C:\DOCUMENTS AND SETTINGS\NOORI\LOCAL SETTINGS\TEMP\HSPERFDATA_NOORI\5200
• C:\DOCUMENTS AND SETTINGS\NOORI\LOCAL SETTINGS\TEMP\HSPERFDATA_NOORI\5476
• C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\377F81B4AC07DEA62FFC18B6B1EC0514_24ADF822-76F7-4481-B30B-FF1B40F8687F
• C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AD391678A806EC4D691E83AAA393B6F_24ADF822-76F7-4481-B30B-FF1B40F8687F

---

Options

Scanning engines:

Scanning options:

• Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
• Use advanced heuristics

---

• Copyright © 1998-2009 Product support | Send virus sample to F-Secure

  F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

Hi,

 

Please go to Virus Total where you will see a browse button in the middle of the screen.

• Click the Browse button
• Locate the following file(s)

 

C:\PROGRAM FILES\WANADOO EUROPE\FSCOMMAND\FSCOMMAND\INSTALAR_CONEXIONGRATIS.EXE

 

• Click Send File
  
• NOTE: If you are prompted that this files has already been submitted, please opt to "Re-Submit" the file.
  
• Post Reports back to this thread

 

Note: you may need to show hidden files to locate the files requested:

Go to Start>Search and at the top select Tools>Folder Options
Select the View tab
Look for "Hidden files and folders"
Select "Show hidden files and folders"
Click on Apply.
Next go to the side of the Search box and select All files and folders. Go down to More advanced options.
Be sure the first three boxes are selected:

 

• Search System folders
• Search Hidden Files and folders
• Search SubFolders

 

Remember to hide hidden files/folders by reversing the action when you have finished

 

Please copy/paste the Virus Total report back for review. No log will pop open, please just copy/paste directly from the web page.

 

Thanks.

Hello K27,

The report from Virus Total as requested.

Thank you for your continued help.

 

Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

Hi

The file that you submitted seems to be OK, lets try this:

Please re-run CCleaner, the settings that you entered the last time it was run will now be saved, just open the CCleaner and click the "Run Cleaner" button.

 

 

Then lets run a tool to disable some unneeded programs from starting when the system starts and see if it makes a difference to your speed problems,

Please download Startups@Ease by AbuIbrahim12

• On the web page click the Download button and save the S@E.exe file to your Desktop
• Close all open Browsers and Double click the S@E desktop icon to start the tool
• When the tool has opened click the Begin button
• S@E will then analyze your system for unneeded startup programs
• You will then be presented with a series of questions
• Please read these carefully and check the appropriate box (Yes/No/I Don't Know) and click Next
• Answer each question until you are presented with the review box listing each question that was asked and the answer you gave
• Please review your answers and click the Confirm
• If you made a mistake or are not happy with the answers you gave, click the Cancel button and start again
• After clicking confirm, please click the View Logfile button and save the log to your desktop
• Then please reboot the system

 

NOTE: If after running startup@Ease you feel as if you have made a mistake, please open the tool and click the "Restore Backups" button, this will re-enable all of the programs you disabled at startup on the next reboot.

Please post the Startups@Ease log back to me for review

Also, please post a fresh set of DDS log and give a status report on how the system is running.

 

Thanks,

Hello

I ran the CCleaner and Startups@Ease as advised.

The boot up time has become shorter : it takes about 14 minutes to load up an internet page from switch on ( it was about 20 mins when we started this).

I was hoping that I'd get the option of removing the "AOL program" from the start up list (as I though I'd uninstalled it some time ago) but unfortunately it didn't come up in the list of questions!

The S@E file and the two dds ones are copied below:

Startups@Ease - version 1.0
Log generated on: 30/01/2011 21:06:59

=========== Forced Remove ===========

=============== INTS ===============
hkcu: "DellSupport"=""C:\Program Files\Dell Support\DSAgnt.exe" /startup"
hklm32: "iTunesHelper"=""C:\Program Files\iTunes\iTunesHelper.exe""
hklm32: "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
hklm32: "Adobe ARM"=""C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe""

========= Consented Removals =========
hkcu: "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
hkcu: "MSMSGS"=""C:\Program Files\Messenger\msmsgs.exe" /background"
hklm32: "LifeCam"=""C:\Program Files\Microsoft LifeCam\LifeExp.exe""
hklm32: "VX3000"="C:\WINDOWS\vVX3000.exe"
hklm32: "SunJavaUpdateSched"=""C:\Program Files\Common Files\Java\Java Update\jusched.exe""
hklm32: "ehTray"="C:\WINDOWS\ehome\ehtray.exe"
hklm32: "DLA"="C:\WINDOWS\system32\dla\tfswctrl.exe"
hklm32: "SigmatelSysTrayApp"="stsystra.exe"
hklm32: "ISUSPM Startup"=""C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup"
hklm32: "ISUSScheduler"=""C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start"
hklm32: "IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
hklm32: "DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
hklm32: "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
hklm32: "QuickTime Task"=""C:\Program Files\QuickTime\QTTask.exe" -atboottime"
hklm32: "ATIPTA"=""C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe""
Global Startup: Digital Line Detect.lnk
Global Startup: HP Digital Imaging Monitor.lnk
Global Startup: Service Manager.lnk

 

DDS (Ver_10-12-12.02) - NTFSx86 
Run by Noori at 21:35:37.32 on 30/01/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.44.1033.18.510.82 [GMT 0:00]

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\AOL\1180866938\ee\AOLSoftware.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Tesco\Picture Suite\InsDetect.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Noori\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://bbc.co.uk/news/
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101107162650.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Encarta &Researcher: {9455301c-cf6b-11d3-a266-00c04f689c50} - c:\program files\common files\microsoft shared\reference 2001\EROProj.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R
uRun: [Tesco Insert Detect] c:\program files\tesco\picture suite\InsDetect.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe"
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [HostManager] c:\program files\common files\aol\1180866938\ee\AOLSoftware.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {9455301C-CF6B-11D3-A266-00C04F689C50} - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\program files\common files\microsoft shared\reference 2001\EROProj.dll
Trusted Zone: adobe.com\get
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: motive.com\pbttbc.bt
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188743337078
DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} - hxxp://esupport.epson-europe.com/selftest/en/Prg/ESTPTest.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - c:\program files\common files\microsoft shared\reference 2001\msero.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 192.168.1.70 HP00215AA2CB59

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-9-3 386840]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-26 84072]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-3 93320]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-26 271480]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-26 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-26 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-26 141792]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-26 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-9-3 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-9-3 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-26 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-8-26 88544]
S2 gupdate1ca3b5a677feb0a;Google Update Service (gupdate1ca3b5a677feb0a);c:\program files\google\update\GoogleUpdate.exe [2009-9-22 133104]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-8-26 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-26 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-9-3 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-9-3 40552]

=============== Created Last 30 ================

2011-01-30 18:29:22 -------- d-----w- C:\S@E_backups
2011-01-28 12:37:20 -------- d-----w- c:\docume~1\noori\applic~1\f-secure
2011-01-28 12:35:48 -------- d-----w- c:\docume~1\alluse~1\applic~1\F-Secure
2011-01-28 11:39:34 -------- d-----w- c:\program files\CCleaner
2011-01-24 19:18:53 -------- d-----w- c:\program files\common files\ODBC
2011-01-19 12:37:01 388096 ----a-r- c:\docume~1\noori\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-19 12:36:57 -------- d-----w- c:\program files\Trend Micro
2011-01-15 22:44:03 -------- d-----w- c:\docume~1\noori\applic~1\SUPERAntiSpyware.com
2011-01-15 22:44:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-01-15 22:43:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-15 21:37:49 -------- d-----w- c:\docume~1\noori\applic~1\Malwarebytes
2011-01-15 21:37:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-15 21:37:27 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-15 21:37:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-15 21:37:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

==================== Find3M  ====================

2011-01-10 15:52:53 103784 ----a-w- c:\documents and settings\noori\GoToAssistDownloadHelper.exe
2010-11-29 17:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 17:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

============= FINISH: 21:39:04.54 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 20/04/2007 11:42:10
System Uptime: 30/01/2011 21:23:21 (0 hours ago)

Motherboard: Dell Inc.           |  | 0WG261
Processor:               Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 144 GiB total, 96.029 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 18/01/2011 13:26:46 - System Checkpoint
RP2: 19/01/2011 12:36:55 - Installed HiJackThis
RP3: 20/01/2011 12:51:14 - System Checkpoint
RP4: 21/01/2011 13:13:11 - System Checkpoint
RP5: 22/01/2011 14:05:58 - System Checkpoint
RP6: 23/01/2011 14:53:24 - System Checkpoint
RP7: 24/01/2011 15:50:18 - System Checkpoint
RP8: 24/01/2011 19:18:44 - Installed Microsoft Office Basic Edition 2003
RP9: 25/01/2011 15:00:30 - Software Distribution Service 3.0
RP10: 25/01/2011 23:30:12 - Software Distribution Service 3.0
RP11: 26/01/2011 23:40:30 - System Checkpoint
RP12: 28/01/2011 15:29:17 - System Checkpoint
RP13: 29/01/2011 16:22:26 - System Checkpoint
RP14: 30/01/2011 17:13:04 - System Checkpoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer
7500_7600_7700_Help
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 5.0 Limited Edition
Adobe Reader 9.4.1
AirZip Plug-in for Internet Explorer
Andrea VoiceCenter
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Art Explosion Greeting Card Factory
ARTEuro
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
AutoUpdate
BBC iPlayer Desktop
BBC iPlayer Download Manager
Bonjour
BPD_HPSU
BPD_Scan
BPDfax
BPDSoftware
BPDSoftware_Ini
BT Broadband Desktop Help
BT Email Configuration Tool
BT Wireless Connection Manager
BT Yahoo! Applications
BufferChm
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCleaner
Chinese Traditional Fonts Support For Adobe Reader 9
Compatibility Pack for the 2007 Office system
Creative MediaSource
CustomerResearchQFolder
Dell CinePlayer
Dell Driver Reset Tool
Dell Support 3.1
Dell Support Center
Dell System Restore
Destinations
DeviceManagementQFolder
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
Epen CD 3.5 C
ESPNMotion
eSupportQFolder
Extended Language Support Fonts Package
Free Games Offer, Desktop Shortcut
Free PDF to Word Doc Converter v1.1
GemMaster Mystic
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix 2050 for SQL Server 2000 ENU (KB948110)
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Officejet Pro All-In-One Series
HP Photosmart Essential
HP Product Assistant
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevicesMFC
Intel(R) 537EP V9x DF PCI Modem
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iTunes
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
L7600
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MarketResearch
MathType 6
McAfee SecurityCenter
McAfee Virtual Technician
MCU
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Deluxe 2001 - WE
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Small Business Edition 2003
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Modem Event Monitor
Modem Helper
Modem On Hold
MPM
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWay Search Assistant
OCR Software by I.R.I.S 7.0
Otto
PanoStandAlone
PC Booster
Pivot Stickfigure Animator
ProductContext
QuickTime
RCT3 Soaked
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
S381 The Energetic Universe
Scan
scoris assessor
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Skins
SM358 The Quantum World
Smart PDF Converter 4.2.3.225
SMT359 Electromagnetism
SolutionCenter
Sonic Activation Module
Sonic Advanced Decoder
Sonic DLA
Sonic Encoders
Sonic Update Manager
Sound Blaster Audigy ADVANCED MB
Sound Blaster Audigy ADVANCED MB Product Registration
Spelling Dictionaries Support For Adobe Reader 9
Status
SUPERAntiSpyware
T173
T356
Tesco Picture Suite
Tiscali Internet
Toolbox
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Wanadoo Europe Installer
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

30/01/2011 21:25:40, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
30/01/2011 21:25:40, error: Service Control Manager [7000]  - The IMAPI CD-Burning COM Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
30/01/2011 12:14:05, error: Service Control Manager [7000]  - The HTTP SSL service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
30/01/2011 12:14:04, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
30/01/2011 12:11:29, error: Service Control Manager [7000]  - The COM+ System Application service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
30/01/2011 12:11:29, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
30/01/2011 12:11:25, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
28/01/2011 10:56:32, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
28/01/2011 10:56:32, error: SideBySide [59]  - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
28/01/2011 10:56:32, error: SideBySide [32]  - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
27/01/2011 14:58:07, error: Service Control Manager [7034]  - The KService service terminated unexpectedly.  It has done this 1 time(s).
25/01/2011 07:38:34, error: ati2mtag [45062]  - CRT invalid display type
23/01/2011 13:37:14, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
23/01/2011 13:37:14, error: SideBySide [59]  - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\MFC80.DLL. Reference error message: The operation completed successfully. .
23/01/2011 13:37:14, error: SideBySide [32]  - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
23/01/2011 12:36:15, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
23/01/2011 12:35:27, error: Service Control Manager [7000]  - The iPod Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
23/01/2011 12:35:26, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.

==== End Of File ===========================

 

 

Hi,

I have just read through the thread that you started in the OS forum. Please could you post me the MBAM log that shows the three Trojans that were removed by the program. Open MBAM > Go to the Logs tab > open the log from the date that the Trojans were remove and post it back for review.

I really do not think that this is infection related as in the other thread you state that you got the start up time down to about 2 minutes (which is good for XP with only half a gig of RAM), this is more related to the startups, which we will get to, but there is a procedure that I would like to follow first.

 

Then please go to "Add/Remove" programs in Control panel and uninstall SuperAnti-Spyware.

Why you are in "Add/Remove" please look for the AOL Uninstaller (Choose which Products to Remove) entry and click it, please uninstall everything that it lists.

 

Your Java is outdated

Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

• Download the latest version of Java Runtime Environment (JRE) 23 and save it to your desktop.
• Scroll down to where it says JDK 6 Update 23 (JDK or JRE)
• Click the Download JRE button to the right
• Select the Windows platform from the dropdown menu.
• Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6u23 with JavaFX 1 License Agreement". Click on Continue. The page will refresh.
• Click on the link to download Windows Offline Installation and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6u23-windows-i586.exe to install the newest version.

• After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are two options in the window to clear the cache - Leave BOTH Checked
    • Applications and Applets
      Trace and Log Files
      
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.
  
  

  .
  Adobe Acrobat/Reader is out of date please update to the latest version from HERE (NOTE: On the Download page, please make sure to uncheck the box next to the "McAfee Scan" item as it is not needed)
  Once you have the latest version of Adobe Reader installed, please uninstall all outdated version that remain in the add/Remove programs list on your system in control panel.
  
  

  
  

 

 

 

 

• Please download Process Explorer from HERE
• Save Process Explorer to your DESKTOP
• Right click the Process Explorer zip file and Extract the contents to the Desktop
• Run the procexp.exe file in the extracted folded
• Answer yes to the prompts for running the program

You will now be presented with a screen showing all the running processes on your machine.

• Please click the save icon on the top tool bar
• Save the log to you DESKTOP
  
  
• COPY/PASTE the log results back to this thread

Thanks.

 

Hi K27,

The MBMA file is copied below.

I'll report back as as soon as I've carried out the other mods.

Thank you again for your continued help.

Regards

 

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5526

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15/01/2011 22:25:36
mbam-log-2011-01-15 (22-25-36).txt

Scan type: Full scan (C:\|)
Objects scanned: 295117
Time elapsed: 27 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Value: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Value: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I'm not sure why the formatting went wrong on my last post but here is Procees Explorer log again.

Regards

 

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 65.91 0 K 28 K  
 Interrupts n/a  0 K 0 K Hardware Interrupts 
 DPCs n/a  0 K 0 K Deferred Procedure Calls 
 System 4 2.27 0 K 44 K  
  smss.exe 956  176 K 60 K Windows NT Session Manager Microsoft Corporation
   csrss.exe 1024  1,744 K 2,716 K Client Server Runtime Process Microsoft Corporation
   winlogon.exe 1052  6,920 K 2,096 K Windows NT Logon Application Microsoft Corporation
    services.exe 1096 1.52 1,984 K 1,988 K Services and Controller app Microsoft Corporation
     svchost.exe 1312  3,332 K 1,876 K Generic Host Process for Win32 Services Microsoft Corporation
      wmiprvse.exe 4568  2,376 K 712 K WMI Microsoft Corporation
     svchost.exe 1400 0.76 2,168 K 1,956 K Generic Host Process for Win32 Services Microsoft Corporation
     svchost.exe 1524  24,192 K 16,420 K Generic Host Process for Win32 Services Microsoft Corporation
     svchost.exe 1584  1,468 K 1,352 K Generic Host Process for Win32 Services Microsoft Corporation
     svchost.exe 1776  1,320 K 200 K Generic Host Process for Win32 Services Microsoft Corporation
     spoolsv.exe 1856  4,652 K 3,460 K Spooler SubSystem App Microsoft Corporation
     AOLacsd.exe 1944  3,000 K 620 K AOL Connectivity Service AOL LLC
     svchost.exe 1964  2,260 K 332 K Generic Host Process for Win32 Services Microsoft Corporation
     ehrecvr.exe 1992  2,544 K 96 K Media Center Receiver Service Microsoft Corporation
     ehSched.exe 108  1,536 K 3,584 K Media Center Scheduler Service Microsoft Corporation
     KService.exe 400  5,792 K 5,736 K Delivery Manager Service Kontiki Inc.
     McSACore.exe 796  8,916 K 4,708 K SiteAdvisor McAfee, Inc.
     McciCMService.exe 880  2,000 K 1,096 K mcci+McciCMService Alcatel-Lucent
     McSvHost.exe 1616  36,808 K 8,080 K McAfee Service Host McAfee, Inc.
     MDM.EXE 1728  1,076 K 932 K Machine Debug Manager Microsoft Corporation
     mfevtps.exe 1748  5,632 K 204 K McAfee Process Validation Service McAfee, Inc.
     MSCamS32.exe 1152  748 K 136 K MsCamSvc.exe Microsoft Corporation
     sqlservr.exe 704  13,080 K 1,220 K SQL Server Windows NT Microsoft Corporation
     svchost.exe 2112  1,136 K 352 K Generic Host Process for Win32 Services Microsoft Corporation
     svchost.exe 2180  1,132 K 376 K Generic Host Process for Win32 Services Microsoft Corporation
     svchost.exe 2268  4,228 K 2,376 K Generic Host Process for Win32 Services Microsoft Corporation
     svchost.exe 2460  3,724 K 2,148 K Generic Host Process for Win32 Services Microsoft Corporation
     mcrdsvc.exe 2596  856 K 176 K MCRD Device Service Microsoft Corporation
     mcshield.exe 2752 28.79 133,872 K 35,820 K McAfee On-Access Scanner service McAfee, Inc.
     mfefire.exe 3000  4,540 K 1,760 K McAfee Core Firewall Service McAfee, Inc.
     dllhost.exe 3128  2,376 K 1,068 K COM Surrogate Microsoft Corporation
     alg.exe 3896  1,104 K 60 K Application Layer Gateway Service Microsoft Corporation
     iPodService.exe 3024  2,456 K 860 K iPodService Module (32-bit) Apple Inc.
     svchost.exe 2972  1,692 K 340 K Generic Host Process for Win32 Services Microsoft Corporation
     jqs.exe 4000  2,244 K 1,396 K Java(TM) Quick Starter Service Sun Microsystems, Inc.
    lsass.exe 1108  4,088 K 2,200 K LSA Shell (Export Version) Microsoft Corporation
GoogleUpdate.exe 404  2,252 K 272 K Google Installer Google Inc.
explorer.exe 1344  20,244 K 19,480 K Windows Explorer Microsoft Corporation
 mcagent.exe 3716  46,000 K 1,312 K McAfee Security Center McAfee, Inc.
 AndreaVC.exe 3884  3,084 K 656 K VoiceCenter Application Andrea Electronics Corporation
 iTunesHelper.exe 4004  9,392 K 1,128 K iTunesHelper Apple Inc.
 hpwuschd2.exe 4024  616 K 408 K hpwuSchd Application Hewlett-Packard
 CTSysVol.exe 4044  2,912 K 792 K CTSysVol.exe Creative Technology Ltd
 BTHelpNotifier.exe 848  4,992 K 10,272 K mcci+McciTrayApp Alcatel-Lucent
 aolsoftware.exe 112  7,304 K 5,940 K AOL America Online, Inc.
 KHost.exe 1392  16,528 K 7,040 K Delivery Manager Kontiki Inc.
 DSAgnt.exe 2152  1,904 K 4,164 K Dell Support Gteko Ltd.
 CTDetect.exe 2200 0.76 1,700 K 2,892 K Creative MediaSource Detector Creative Technology Ltd
 InsDetect.exe 2372  1,200 K 516 K InsertDetection MFC Application 
 ctfmon.exe 2444  920 K 1,088 K CTF Loader Microsoft Corporation
 BlueSoleil.exe 2868  6,072 K 1,756 K Bluetooth Application IVT Corporation
 procexp.exe 4208  11,304 K 15,576 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

 

Hi, I uninstalled the SuperAntiSpyware. I also found and uninstalled an older version of AOL, although the program still appears to be present and alive in the system tray! I think I've updated the java as per instructions. My only concern is that the file name under the desktop icon reads "jdk-6u23-javafx-1_3_1-windows-i586" which is a little different to the one in your post "jre-6u23-windows-i586". Have I dowloaded the wrong thing? I was unable to download the latest Adobe Reader. Soon after pressing the Download button I got a security warning about the program wanting to install Activex etc and when I clicked on the bar (hoping to allow Activex..) it froze. I tried it a second time with McAfee switched off and the same thing happened again. Instead I tried to update the Adobe from within my current version, but it came back with "no updates available". The Process Explorer file is copied below Thanks and regards Process PID CPU Private Bytes Working Set Description Company Name System Idle Process 0 65.91 0 K 28 K Interrupts n/a 0 K 0 K Hardware Interrupts DPCs n/a 0 K 0 K Deferred Procedure Calls System 4 2.27 0 K 44 K smss.exe 956 176 K 60 K Windows NT Session Manager Microsoft Corporation csrss.exe 1024 1,744 K 2,716 K Client Server Runtime Process Microsoft Corporation winlogon.exe 1052 6,920 K 2,096 K Windows NT Logon Application Microsoft Corporation services.exe 1096 1.52 1,984 K 1,988 K Services and Controller app Microsoft Corporation svchost.exe 1312 3,332 K 1,876 K Generic Host Process for Win32 Services Microsoft Corporation wmiprvse.exe 4568 2,376 K 712 K WMI Microsoft Corporation svchost.exe 1400 0.76 2,168 K 1,956 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1524 24,192 K 16,420 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1584 1,468 K 1,352 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1776 1,320 K 200 K Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1856 4,652 K 3,460 K Spooler SubSystem App Microsoft Corporation AOLacsd.exe 1944 3,000 K 620 K AOL Connectivity Service AOL LLC svchost.exe 1964 2,260 K 332 K Generic Host Process for Win32 Services Microsoft Corporation ehrecvr.exe 1992 2,544 K 96 K Media Center Receiver Service Microsoft Corporation ehSched.exe 108 1,536 K 3,584 K Media Center Scheduler Service Microsoft Corporation KService.exe 400 5,792 K 5,736 K Delivery Manager Service Kontiki Inc. McSACore.exe 796 8,916 K 4,708 K SiteAdvisor McAfee, Inc. McciCMService.exe 880 2,000 K 1,096 K mcci+McciCMService Alcatel-Lucent McSvHost.exe 1616 36,808 K 8,080 K McAfee Service Host McAfee, Inc. MDM.EXE 1728 1,076 K 932 K Machine Debug Manager Microsoft Corporation mfevtps.exe 1748 5,632 K 204 K McAfee Process Validation Service McAfee, Inc. MSCamS32.exe 1152 748 K 136 K MsCamSvc.exe Microsoft Corporation sqlservr.exe 704 13,080 K 1,220 K SQL Server Windows NT Microsoft Corporation svchost.exe 2112 1,136 K 352 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2180 1,132 K 376 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2268 4,228 K 2,376 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2460 3,724 K 2,148 K Generic Host Process for Win32 Services Microsoft Corporation mcrdsvc.exe 2596 856 K 176 K MCRD Device Service Microsoft Corporation mcshield.exe 2752 28.79 133,872 K 35,820 K McAfee On-Access Scanner service McAfee, Inc. mfefire.exe 3000 4,540 K 1,760 K McAfee Core Firewall Service McAfee, Inc. dllhost.exe 3128 2,376 K 1,068 K COM Surrogate Microsoft Corporation alg.exe 3896 1,104 K 60 K Application Layer Gateway Service Microsoft Corporation iPodService.exe 3024 2,456 K 860 K iPodService Module (32-bit) Apple Inc. svchost.exe 2972 1,692 K 340 K Generic Host Process for Win32 Services Microsoft Corporation jqs.exe 4000 2,244 K 1,396 K Java(TM) Quick Starter Service Sun Microsystems, Inc. lsass.exe 1108 4,088 K 2,200 K LSA Shell (Export Version) Microsoft Corporation GoogleUpdate.exe 404 2,252 K 272 K Google Installer Google Inc. explorer.exe 1344 20,244 K 19,480 K Windows Explorer Microsoft Corporation mcagent.exe 3716 46,000 K 1,312 K McAfee Security Center McAfee, Inc. AndreaVC.exe 3884 3,084 K 656 K VoiceCenter Application Andrea Electronics Corporation iTunesHelper.exe 4004 9,392 K 1,128 K iTunesHelper Apple Inc. hpwuschd2.exe 4024 616 K 408 K hpwuSchd Application Hewlett-Packard CTSysVol.exe 4044 2,912 K 792 K CTSysVol.exe Creative Technology Ltd BTHelpNotifier.exe 848 4,992 K 10,272 K mcci+McciTrayApp Alcatel-Lucent aolsoftware.exe 112 7,304 K 5,940 K AOL America Online, Inc. KHost.exe 1392 16,528 K 7,040 K Delivery Manager Kontiki Inc. DSAgnt.exe 2152 1,904 K 4,164 K Dell Support Gteko Ltd. CTDetect.exe 2200 0.76 1,700 K 2,892 K Creative MediaSource Detector Creative Technology Ltd InsDetect.exe 2372 1,200 K 516 K InsertDetection MFC Application ctfmon.exe 2444 920 K 1,088 K CTF Loader Microsoft Corporation BlueSoleil.exe 2868 6,072 K 1,756 K Bluetooth Application IVT Corporation procexp.exe 4208 11,304 K 15,576 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Good work,

Please post a fresh HJT log.

Thanks.