[M2theC]

Hi guys.

I have followed all the steps and done all scans and still having problems.

Laptop running extremely slow at startup and I get flooded with various DATA EXECUTION PREVENTION error messages which crash the system whenever I try close them.

Most annoying one is DEP: Run a dll as an app.. I close this and get Run a dll as an app has encountered a problem and needs to close..

I then get this error message for everything I try open.

I have disabled somethings from my startup which have helped a bit, and after everything done I still get a DEP from Automatic Updates.

Here are my logs!

Any help would be of great help!!

SUPERAntiSpyware Scan Log
Generated 03/15/2007 at 08:38 PM

Application Version : 3.6.1000

Core Rules Database Version : 3190
Trace Rules Database Version: 1200

Scan type : Complete Scan
Total Scan Time : 00:53:59

Memory items scanned : 712
Memory threats detected : 0
Registry items scanned : 6825
Registry threats detected : 1
File items scanned : 58627
File threats detected : 80

Adware.IWantSearchBar
HKU\S-1-5-21-3702592620-907076807-497797318-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}

Adware.Tracking Cookie
C:\Documents and Settings\Marc\Cookies\marc@cgi-bin[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@1068632757[1].txt
C:\Documents and Settings\Marc\Cookies\marc@adserver[1].txt
C:\Documents and Settings\Marc\Cookies\marc@burstnet[1].txt
C:\Documents and Settings\Marc\Cookies\marc@tacoda[1].txt
C:\Documents and Settings\Marc\Cookies\marc@s[1].txt
C:\Documents and Settings\Marc\Cookies\marc@1071425822[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@mb[3].txt
C:\Documents and Settings\Marc\Cookies\marc@adbrite[2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@1063224005[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@adtech[2].txt
C:\Documents and Settings\Marc\Cookies\marc@revsci[2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@1069656734[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@cgi-bin[2].txt
C:\Documents and Settings\Marc\Cookies\marc@cgi-bin[4].txt
C:\Documents and Settings\Marc\Cookies\marc@wrestlingmedia[1].txt
C:\Documents and Settings\Marc\Cookies\marc@screensavers[2].txt
C:\Documents and Settings\Marc\Cookies\marc@1069780346[1].txt
C:\Documents and Settings\Marc\Cookies\marc@2o7[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@serving-sys[2].txt
C:\Documents and Settings\Marc\Cookies\marc@usenext[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@interclick[2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@a[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@mb[2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@keywordmax[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@qnsr[1].txt
C:\Documents and Settings\Marc\Cookies\marc@indexstats[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@1070842277[1].txt
C:\Documents and Settings\Marc\Cookies\marc@mb[4].txt
C:\Documents and Settings\Marc\Cookies\marc@usenext[2].txt
C:\Documents and Settings\Marc\Cookies\marc@list[1].txt
C:\Documents and Settings\Marc\Cookies\marc@questionmarket[1].txt
C:\Documents and Settings\Marc\Cookies\marc@yadro[2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\marc@cgi-bin[3].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@overture[2].txt
C:\Documents and Settings\Marc\Cookies\marc@xiti[1].txt
C:\Documents and Settings\Marc\Cookies\marc@tribalfusion[2].txt
C:\Documents and Settings\Marc\Cookies\marc@trafficmp[2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][2].txt
C:\Documents and Settings\Marc\Cookies\marc@1072703919[1].txt
C:\Documents and Settings\Marc\Cookies\[email protected][1].txt



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:17:46, on 15/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\admServ.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Marc\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.4:30997
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 10372 bytes