PDA

View Full Version : Ie 7 scroll jump and freezes up


Gen. D
01-22-2012, 12:59 AM
Since I got my computer cleaned a few day ago, it now is slow on internet explorer 7. I have msn for my home page. Any link clicked on is very slow and sometimes freezes up
I ran the DDS scan posted below. Appreciate advice if any shows up.
Thanks. Gen. D


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Roy Holland at 21:50:45 on 2012-01-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3105

[GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Outdated*

{AD166499-45F9-482A-A743-FDD3350758C7}
AV: Emsisoft Anti-Malware *Enabled/Updated*

{0F8591BB-342B-4493-91C3-4E948ED21255}
.
============== Running Processes ===============
.
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Elements 9

Organizer\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NVIDIA

Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F 1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F 1.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\emsisoft anti-malware\a2guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIF FA.EXE
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL =

hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microso

ft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: UrlSearchHook Class:

{00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program

files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Online Radio 1.1 Toolbar:

{343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program

files\online_radio_1.1\prxtbOnl0.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class:

{81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program

files\yahoo!\companion\installs\cpn0\YTNavAssist.d ll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} -

c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} -

c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} -

c:\program files\online_radio_1.1\prxtbOnl0.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43}

- c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} -

c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d}

- c:\program files\google\googletoolbarnotifier\5.7.7227.1100\s wg.dll
BHO: Office Document Cache Handler:

{b4f3a835-0e21-4959-ba22-42b3008e02ff} -

c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program

files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper:

{dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program

files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c}

- c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} -

c:\program files\yahoo!\companion\installs\cpn0\YTSingleInsta nce.dll
TB: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} -

c:\program files\online_radio_1.1\prxtbOnl0.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program

files\yahoo!\companion\installs\cpn0\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program

files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program

files\google\google toolbar\GoogleToolbar_32.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: AddThis Toolbar: {b43176cc-4d9e-493b-a636-d9cbfe39c6da} - c:\program

files\addthis toolbar\Toolbar.dll
uRun: [EPSON Stylus Photo 1400 Series (Copy 1)]

c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu

"c:\windows\temp\E_SE9.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series]

c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu

"c:\windows\temp\E_SCC.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series (Copy 1)]

c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu

"c:\windows\temp\E_SD3.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [EPSON Stylus Photo 1400 Series]

c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu

"c:\windows\temp\E_S7.tmp" /EF "HKCU"
uRun: [EPSON Stylus Photo 1400 Series (Copy 2)]

c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu

"c:\windows\temp\E_S1B.tmp" /EF "HKCU"
uRun: [SUPERAntiSpyware] c:\program

files\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\documents and settings\roy holland\local

settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [EPSON Artisan 50 Series]

c:\windows\system32\spool\drivers\w32x86\3\e_fatif fa.exe /fu

"c:\windows\temp\E_S51.tmp" /EF "HKCU"
uRun: [swg] "c:\program

files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [EPSON Stylus Photo R300 Series]

c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P30 "EPSON

Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero

backitup\NBKeyScan.exe"
mRun: [EPSON Stylus Photo R300 Series (Copy 1)]

c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P39 "EPSON

Stylus Photo R300 Series (Copy 1)" /O6 "USB004" /M "Stylus Photo R300"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe

/installquiet
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common

files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.e xe"
mRun: [Adobe ARM] "c:\program files\common

files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe"

-atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java

update\jusched.exe"
mRun: [emsisoft anti-malware] "c:\program files\emsisoft

anti-malware\a2guard.exe" /d=60
StartupFolder:

c:\docume~1\alluse~1\startm~1\programs\startup\pri ntk~1.lnk - c:\program

files\warecentral\printkey-pro\PKey_Pro.exe
IE: E&xport to Microsoft Excel -

c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network

Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program

files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} -

{48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft

office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

{FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft

office\office14\ONBttnIELinkedNotes.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -

hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{C4253DB4-7C6B-4AB4-B7F4-556B978E3C72} : DhcpNameServer =

68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program

files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program

files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -

c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} -

c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys

[2010-11-27 56208]
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft

anti-malware\a2ddax86.sys [2012-1-14 17904]
R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft

anti-malware\a2dix86.sys [2012-1-14 34768]
R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft

anti-malware\a2util32.sys [2012-1-14 11776]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys

[2010-11-25 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys

[2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS

[2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program

files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program

files\emsisoft anti-malware\a2service.exe [2012-1-14 2998832]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program

files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe

[2010-9-30 169408]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program

files\avira\antivir desktop\sched.exe [2010-11-25 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir

desktop\avguard.exe [2010-11-25 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2010-11-25

66616]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia

corporation\nvidia updatus\daemonu.exe [2011-4-19 2218600]
R2 WV5Communication;WV5Communication;c:\documents and

settings\heavyweatherwv5\HeavyWeatherService.exe [2012-1-2 1854464]
R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys

[2012-1-14 51632]
S3 gupdatem;Google Update Service (gupdatem);c:\program

files\google\update\GoogleUpdate.exe [2010-11-26 136176]
S3 osppsvc;Office Software Protection Platform;c:\program files\common

files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E

[2010-1-9 4640000]
S4 gupdate;Google Update Service (gupdate);c:\program

files\google\update\GoogleUpdate.exe [2010-11-26 136176]
.
=============== Created Last 30 ================
.
2012-01-14 17:42:01 -------- d-----w- c:\program

files\Emsisoft Anti-Malware
2012-01-14 07:23:24 -------- d-----w- c:\program

files\SUPERAntiSpyware
2012-01-08 21:39:00 -------- d-----w-

c:\windows\Performance
2012-01-08 21:38:55 -------- d-----w- c:\documents and

settings\roy holland\local settings\application data\Microsoft

Corporation
2012-01-08 21:37:10 -------- d-----w- c:\program

files\Microsoft Windows 7 Upgrade Advisor
2012-01-05 21:12:27 -------- d-----w- c:\program

files\CouponAlert_2pEI
2012-01-05 07:38:22 -------- d-----w- c:\documents and

settings\roy holland\local settings\application data\Avanquest
2012-01-05 03:15:36 73728 ----a-w-

c:\windows\system32\javacpl.cpl
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet

explorer\plugins\nppdf32.dll
2012-01-03 06:44:49 -------- d-----w- c:\program

files\SpywareBlaster
2012-01-02 21:05:41 -------- d-----w- c:\program

files\SmartDraw 2010
2012-01-02 20:41:27 -------- d-----w- c:\program

files\HeavyWeatherWV5A
2011-12-31 09:22:05 -------- d-----w- c:\program

files\Ask.com
2011-12-31 09:22:04 -------- d-----w- c:\documents and

settings\roy holland\local settings\application data\AskToolbar
2011-12-31 09:21:39 -------- d-----w- c:\documents and

settings\roy holland\application data\SUPERAntiSpyware.com
2011-12-31 09:20:12 -------- d-----w- c:\documents and

settings\all users\application data\SUPERAntiSpyware.com
2011-12-31 08:30:42 -------- d-----w- c:\program

files\ESET
2011-12-27 06:29:49 1039 ----a-w- c:\documents and

settings\all users\application data\currdat.lst.tmp
2011-12-25 06:12:56 2614272 ----a-w-

c:\windows\system32\TeeChart5.ocx
2011-12-25 06:12:55 -------- d-----w- c:\program

files\HeavyWeatherWV5
.
==================== Find3M ====================
.
2012-01-05 03:15:30 472808 ----a-w-

c:\windows\system32\deployJava1.dll
2011-12-21 17:06:55 414368 ----a-w-

c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 23:24:06 20464 ----a-w-

c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:19 293376 ----a-w-

c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w-

c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w-

c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w-

c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w-

c:\windows\system32\schannel.dll
2011-11-03 15:28:36 386048 ----a-w-

c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w-

c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w-

c:\windows\system32\ole32.dll
2011-10-31 23:43:21 832512 ----a-w-

c:\windows\system32\wininet.dll
2011-10-31 23:43:21 78336 ----a-w-

c:\windows\system32\ieencode.dll
2011-10-31 23:43:21 1830912 ------w-

c:\windows\system32\inetcpl.cpl
2011-10-31 23:43:20 17408 ----a-w-

c:\windows\system32\corpol.dll
2011-10-28 05:31:48 33280 ----a-w-

c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w-

c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w-

c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 21:51:45.08 ===============

MMFELL
01-22-2012, 07:53 AM
You need to turn OFF word wrap so that text is not spread over several lines then repost the logs.

Gen. D
01-22-2012, 05:19 PM
I didn't realize it until I had already posted. Is this any better? Hope the word wrap is off.
Many thanks.
Since I posted first, I have downloaded Google Chrome browser. It appears to be some better although it still does the same slow to load the pages when clicked on a link.
Turn on and off is still very fast. Just the links in the browser appear to have something not correct.







.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Roy Holland at 21:50:45 on 2012-01-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3105 [GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Emsisoft Anti-Malware *Enabled/Updated* {0F8591BB-342B-4493-91C3-4E948ED21255}
.
============== Running Processes ===============
.
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F 1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F 1.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\emsisoft anti-malware\a2guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIF FA.EXE
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.d ll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\s wg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInsta nce.dll
TB: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: AddThis Toolbar: {b43176cc-4d9e-493b-a636-d9cbfe39c6da} - c:\program files\addthis toolbar\Toolbar.dll
uRun: [EPSON Stylus Photo 1400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_SE9.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SCC.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SD3.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [EPSON Stylus Photo 1400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S7.tmp" /EF "HKCU"
uRun: [EPSON Stylus Photo 1400 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S1B.tmp" /EF "HKCU"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\documents and settings\roy holland\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [EPSON Artisan 50 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatif fa.exe /fu "c:\windows\temp\E_S51.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [EPSON Stylus Photo R300 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P39 "EPSON Stylus Photo R300 Series (Copy 1)" /O6 "USB004" /M "Stylus Photo R300"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.e xe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pri ntk~1.lnk - c:\program files\warecentral\printkey-pro\PKey_Pro.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{C4253DB4-7C6B-4AB4-B7F4-556B978E3C72} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys [2010-11-27 56208]
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-1-14 17904]
R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2012-1-14 34768]
R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2012-1-14 11776]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-25 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-1-14 2998832]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-25 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-25 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2010-11-25 66616]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-19 2218600]
R2 WV5Communication;WV5Communication;c:\documents and settings\heavyweatherwv5\HeavyWeatherService.exe [2012-1-2 1854464]
R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-1-14 51632]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E [2010-1-9 4640000]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
.
=============== Created Last 30 ================
.
2012-01-14 17:42:01 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2012-01-14 07:23:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-08 21:39:00 -------- d-----w- c:\windows\Performance
2012-01-08 21:38:55 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\Microsoft Corporation
2012-01-08 21:37:10 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2012-01-05 21:12:27 -------- d-----w- c:\program files\CouponAlert_2pEI
2012-01-05 07:38:22 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\Avanquest
2012-01-05 03:15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-01-03 06:44:49 -------- d-----w- c:\program files\SpywareBlaster
2012-01-02 21:05:41 -------- d-----w- c:\program files\SmartDraw 2010
2012-01-02 20:41:27 -------- d-----w- c:\program files\HeavyWeatherWV5A
2011-12-31 09:22:05 -------- d-----w- c:\program files\Ask.com
2011-12-31 09:22:04 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\AskToolbar
2011-12-31 09:21:39 -------- d-----w- c:\documents and settings\roy holland\application data\SUPERAntiSpyware.com
2011-12-31 09:20:12 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-12-31 08:30:42 -------- d-----w- c:\program files\ESET
2011-12-27 06:29:49 1039 ----a-w- c:\documents and settings\all users\application data\currdat.lst.tmp
2011-12-25 06:12:56 2614272 ----a-w- c:\windows\system32\TeeChart5.ocx
2011-12-25 06:12:55 -------- d-----w- c:\program files\HeavyWeatherWV5
.
==================== Find3M ====================
.
2012-01-05 03:15:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-21 17:06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 23:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:43:21 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:43:21 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-10-31 23:43:21 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:43:20 17408 ----a-w- c:\windows\system32\corpol.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 21:51:45.08 ===============

nojmit
01-22-2012, 06:11 PM
Avira is outdated, you need to update to the latest version.

Avira is also a resident antispyware so try turning off Emsisoft as they could be conflicting.

The toolbars you were supposed to remove in your other thread are still there or have been reinstalled.

jholland1964
01-22-2012, 06:48 PM
Emsisoft is also a paid program, did you pay for it or is this just the 30 day trial? After the trial period is over it ceases to work. According to the Emsisoft web site (http://www.emsisoft.com/en/software/antimalware/?download=antimalware) cost is $12.00 for 3 months or $40.00 for one year.

MMFELL
01-22-2012, 08:26 PM
What Epson devices are you using? You seem to have startups for a 1400, 4400, art 50 and a R300. Thats 4 printers/devices by my counting. What Adobe products are you using? If just the reader then remove and replace with nitropdf.

jholland1964
01-22-2012, 08:55 PM
What Epson devices are you using? You seem to have startups for a 1400, 4400, art 50 and a R300. Thats 4 printers/devices by my counting. What Adobe products are you using? If just the reader then remove and replace with nitropdf.
Looks to me, according to his signature he has an Epson 4400 Scanner, Epson r300 printer, Epson stylus Photo 1400 printer. The EPSON Artisan 50 Series isn't listed in the signature.
As MM asked, how many of these printers are you using? The scanner is just one scanner but what about all these printers? Are the all attached to the computer all the time and powered up all the time?

Gen. D
01-23-2012, 12:26 AM
I am running the 1400 Epson, the scanner 4400, and leave the 50 drivers for use when I help my Daughter keep her printer running. The 300 s, I can remove.Also I can take the Emsisoft off. It is blocking quite a lot of request to access the computer from cookie installers.
I thought I had all the tool bars requested to be removed, taken off. Must have been put back when I re installed Google Chrome.
Here is another DDs just ran.
The Avira is a paid version. Updated and ran another scan, all clear. Checked updates , was only a few days since updating.
Which tool bar still needs removing?



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Roy Holland at 21:10:04 on 2012-01-22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2932 [GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Emsisoft Anti-Malware *Enabled/Updated* {0F8591BB-342B-4493-91C3-4E948ED21255}
.
============== Running Processes ===============
.
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F 1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F 1.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\emsisoft anti-malware\a2guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIF FA.EXE
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\dllhost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.d ll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\s wg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInsta nce.dll
TB: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: AddThis Toolbar: {b43176cc-4d9e-493b-a636-d9cbfe39c6da} - c:\program files\addthis toolbar\Toolbar.dll
uRun: [EPSON Stylus Photo 1400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_SE9.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SCC.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SD3.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [EPSON Stylus Photo 1400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S7.tmp" /EF "HKCU"
uRun: [EPSON Stylus Photo 1400 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S1B.tmp" /EF "HKCU"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\documents and settings\roy holland\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [EPSON Artisan 50 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatif fa.exe /fu "c:\windows\temp\E_S51.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [EPSON Stylus Photo R300 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P39 "EPSON Stylus Photo R300 Series (Copy 1)" /O6 "USB004" /M "Stylus Photo R300"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.e xe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pri ntk~1.lnk - c:\program files\warecentral\printkey-pro\PKey_Pro.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{C4253DB4-7C6B-4AB4-B7F4-556B978E3C72} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys [2010-11-27 56208]
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-1-14 17904]
R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2012-1-14 34768]
R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2012-1-14 11776]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-25 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-1-14 2998832]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-25 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-25 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2010-11-25 66616]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-19 2218600]
R2 WV5Communication;WV5Communication;c:\documents and settings\heavyweatherwv5\HeavyWeatherService.exe [2012-1-2 1854464]
R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-1-14 51632]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E [2010-1-9 4640000]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
.
=============== Created Last 30 ================
.
2012-01-14 17:42:01 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2012-01-14 07:23:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-08 21:39:00 -------- d-----w- c:\windows\Performance
2012-01-08 21:38:55 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\Microsoft Corporation
2012-01-08 21:37:10 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2012-01-05 21:12:27 -------- d-----w- c:\program files\CouponAlert_2pEI
2012-01-05 07:38:22 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\Avanquest
2012-01-05 03:15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-01-03 06:44:49 -------- d-----w- c:\program files\SpywareBlaster
2012-01-02 21:05:41 -------- d-----w- c:\program files\SmartDraw 2010
2012-01-02 20:41:27 -------- d-----w- c:\program files\HeavyWeatherWV5A
2011-12-31 09:22:05 -------- d-----w- c:\program files\Ask.com
2011-12-31 09:22:04 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\AskToolbar
2011-12-31 09:21:39 -------- d-----w- c:\documents and settings\roy holland\application data\SUPERAntiSpyware.com
2011-12-31 09:20:12 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-12-31 08:30:42 -------- d-----w- c:\program files\ESET
2011-12-27 06:29:49 1040 ----a-w- c:\documents and settings\all users\application data\currdat.lst.tmp
2011-12-25 06:12:56 2614272 ----a-w- c:\windows\system32\TeeChart5.ocx
2011-12-25 06:12:55 -------- d-----w- c:\program files\HeavyWeatherWV5
.
==================== Find3M ====================
.
2012-01-05 03:15:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-21 17:06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 23:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:43:21 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:43:21 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-10-31 23:43:21 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:43:20 17408 ----a-w- c:\windows\system32\corpol.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 21:10:40.23 ===============

jholland1964
01-23-2012, 09:54 AM
Unless your computer had not been powered on in several days Avira should have updated at least once a day, this is configured automatically when the program is installed. It does have more than one update each day, except weekends, so you should make sure that is configured correctly.

If browsers are configured correctly, accept 1st party cookies, block 3rd party cookies then there shouldn't be any bad cookies offered. To block tracking cookies silently in the background I would recommend SpywareBlaster, which is Free and doesn't run in the background.
Download SpywareBlaster 4.5 from Javacool Software (http://www.javacoolsoftware.net/downloads/spywareblastersetup45.exe)
The toolbars showing that definitely should be removed are;
Ask Toolbar, Inbox.com Toolbar, AddThis Toolbar for sure, yahoo toolbar if you don't ever use it is another.

Gen. D
01-24-2012, 12:39 AM
I think I have gotten rid of all the toolbars mentioned. Also the other prog. that was trying to block everything.
This log should be cleaner than the last one. Avira says its up to date. Ran scan, found nothing.
BTW, I just ordered the Windows 7 professional 64 bit OS. Maybe I won't have so much problems when I get it installed. Just hope my printer and scanner will work!
May need some op advice! Its a whole new ball game to me!
Thanks so much for your Help and patience!












DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Roy Holland at 21:25:06 on 2012-01-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3129 [GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIF FA.EXE
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.d ll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\s wg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInsta nce.dll
TB: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl0.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [EPSON Stylus Photo 1400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_SE9.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SCC.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SD3.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [EPSON Stylus Photo 1400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S7.tmp" /EF "HKCU"
uRun: [EPSON Stylus Photo 1400 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S1B.tmp" /EF "HKCU"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\documents and settings\roy holland\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [EPSON Artisan 50 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatif fa.exe /fu "c:\windows\temp\E_S51.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [EPSON Stylus Photo R300 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F 1.EXE /P39 "EPSON Stylus Photo R300 Series (Copy 1)" /O6 "USB004" /M "Stylus Photo R300"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.e xe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pri ntk~1.lnk - c:\program files\warecentral\printkey-pro\PKey_Pro.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{C4253DB4-7C6B-4AB4-B7F4-556B978E3C72} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys [2010-11-27 56208]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-25 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-25 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-25 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2010-11-25 66616]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-19 2218600]
R2 WV5Communication;WV5Communication;c:\documents and settings\heavyweatherwv5\HeavyWeatherService.exe [2012-1-2 1854464]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E [2010-1-9 4640000]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
.
=============== Created Last 30 ================
.
2012-01-14 17:42:01 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2012-01-14 07:23:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-08 21:39:00 -------- d-----w- c:\windows\Performance
2012-01-08 21:38:55 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\Microsoft Corporation
2012-01-08 21:37:10 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2012-01-05 21:12:27 -------- d-----w- c:\program files\CouponAlert_2pEI
2012-01-05 07:38:22 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\Avanquest
2012-01-05 03:15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-01-03 06:44:49 -------- d-----w- c:\program files\SpywareBlaster
2012-01-02 21:05:41 -------- d-----w- c:\program files\SmartDraw 2010
2012-01-02 20:41:27 -------- d-----w- c:\program files\HeavyWeatherWV5A
2011-12-31 09:22:04 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\AskToolbar
2011-12-31 09:21:39 -------- d-----w- c:\documents and settings\roy holland\application data\SUPERAntiSpyware.com
2011-12-31 09:20:12 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-12-31 08:30:42 -------- d-----w- c:\program files\ESET
2011-12-27 06:29:49 1037 ----a-w- c:\documents and settings\all users\application data\currdat.lst.tmp
2011-12-25 06:12:56 2614272 ----a-w- c:\windows\system32\TeeChart5.ocx
2011-12-25 06:12:55 -------- d-----w- c:\program files\HeavyWeatherWV5
.
==================== Find3M ====================
.
2012-01-05 03:15:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-21 17:06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 23:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:43:21 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:43:21 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-10-31 23:43:21 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:43:20 17408 ----a-w- c:\windows\system32\corpol.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
.
============= FINISH: 21:25:29.64 ===============

MMFELL
01-24-2012, 07:31 AM
Well I can see lots of references to Ask so read this http://www.ask.com/questions-about/Remove-Ask-Toolbar and remove it. 4GB RAM is only just sufficient for 7.