I haven't had too many problems with this computer despite it having one of those infernal 4 in 1 motherboard integrated sound/graphics/anything else kind of cards.

However today I have had to deal with the following:

1. Child learning about on and off power switches and demonstrating new found knowledge whilst computer is on.

2. Huge slow down in performance a few hours later, my settings takes 15-20 minutes to load.

3. Possible creation of a couple of new shortcuts on computer - to my computer and my documents.

4. Firewall switching itself off then constantly trying to initialise itself and failing (ending up in a loop)

5. Just as I'd regged here apparently the computer had problems establishing a connection to the secure zone at hotmail.

6. Possible random shut down of browsers.


After booting the computer up in safe mode and taking out a few unnecessary programs (and possibly deleting some more important files!) I rebooted into windows and again faced the same problems although computer speed fluctuates wildly between fine and crawling to a stop.

Remedies attempted:

Spybot - 2 x scans, removed a load of tracking cookies.
Ad-aware 2nd edition - 2 x scans, removed a load of tracking cookies.
AVG - Full computer scan, found nothing.

So I ran a hijack this scan and post it in the hope someone knows what's going on, I know boonty games is malware, apart from that nothing stands out to me at 2.20 am

Logfile of HijackThis v1.99.0
Scan saved at 02:25:50, on 25/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\Nic\My Documents\Old programs\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O1 - Hosts: 209.85.74.6 www2.hobowars.com. Click safe.
O1 - Hosts: 209.85.74.6 www3.hobowars.com. Click safe.
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\RunOnce: [iWinArcadeIECleanup] C:\DOCUME~1\Nic\LOCALS~1\Temp\iWinArcadeAutocleanup.bat
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/T...nx.1.0.0.67.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124fd.bay124.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.55.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1152766734546
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab50727.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://secure-photo.net/fuji/imageUploader30.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://download.games.yahoo.com/games/web_...itched/main.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://mvnet.xlontech.net/qm/fox/06101102/qsp2ie06101001.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.94_signed.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: LicCtrl Service - Unknown - C:\WINDOWS\runservice.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Help needed?

Thanks in advance.

Sam.

Hello,Squizza & Welcome


You are using an outdated version of HijackThis. Please download HijackThis version 1.99.1 from here:
http://www.downloads.subratam.org/hijackthis.zip
and make sure to unzip it to a permanent folder. Then please run HijackThis, click Scan and Save log, and post the new log here.

============

And before you come back here get this done

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6..
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.


==============

Also download install and run this Tool here.

Please download SUPERAntiSpyware Home Edition (free version)
Install it and double-click the icon on your desktop to run it.
It will ask if you want to update the program definitions, click Yes.
Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:
Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining.
Please leave the others unchecked.
Click the Close button to leave the control center screen.
On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click Yes.
To retrieve the removal information for me please do the following:
After reboot, double-click the SUPERAntispyware icon on your desktop.
Click Preferences. Click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
It will open in your default text editor (such as Notepad/Wordpad).
Please highlight everything in the notepad, then right-click and choose copy.
Click close and close again to exit the program.
Please paste that information here for me with a new HijackThis log.

Gogo

Many thanks for the reply HJThis.

I have downloaded the latest version of HijackThis, from the link you gave it was version 1.99.0.1 and unzipped to a permanent folder.

I also downloaded the new version of Java, however, my attempts to remove the previous version(s) ran into something of a wall with an error message:

Error applying transforms. Verify that the specified transform paths are valid.

I've downloaded and installed SUPERAntiSpyware Home Edition and installed it.

In addition I redownloaded Zone Alarms which appears to be working fine now, defragged the hard drive (eventually, it took far longer than normal), checked the hard disk for errors, downloaded Fixwareout, ATF Cleaner & Smitfraudfix.

New HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 20:23:09, on 25/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O1 - Hosts: 209.85.74.6 www2.hobowars.com. Click safe.
O1 - Hosts: 209.85.74.6 www3.hobowars.com. Click safe.
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/T...nx.1.0.0.67.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124fd.bay124.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.55.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1152766734546
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab50727.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://secure-photo.net/fuji/imageUploader30.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://download.games.yahoo.com/games/web_...itched/main.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://mvnet.xlontech.net/qm/fox/06101102/qsp2ie06101001.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - http://ps.itv.mop.com/dn/files/pCastCtl-1.0.0.94_signed.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

SUPERAntiSpyware log:

SUPERAntiSpyware Scan Log
Generated 01/25/2007 at 11:00 PM

Application Version : 3.5.1016

Core Rules Database Version : 3173
Trace Rules Database Version: 1183

Scan type : Complete Scan
Total Scan Time : 00:27:54

Memory items scanned : 396
Memory threats detected : 0
Registry items scanned : 4902
Registry threats detected : 0
File items scanned : 37060
File threats detected : 87

Adware.Tracking Cookie
C:\Documents and Settings\Nic\Cookies\nic@data2.perf.overture[2].txt
C:\Documents and Settings\Nic\Cookies\nic@adverts.digitalspy.co[2].txt
C:\Documents and Settings\Nic\Cookies\nic@a[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.cnn[2].txt
C:\Documents and Settings\Nic\Cookies\nic@creative.adsrevenue[1].txt
C:\Documents and Settings\Nic\Cookies\nic@atwola[1].txt
C:\Documents and Settings\Nic\Cookies\nic@image.masterstats[1].txt
C:\Documents and Settings\Nic\Cookies\nic@tdstats[2].txt
C:\Documents and Settings\Nic\Cookies\nic@adbrite[1].txt
C:\Documents and Settings\Nic\Cookies\nic@vhost.oddcast[2].txt
C:\Documents and Settings\Nic\Cookies\nic@anad.tacoda[1].txt
C:\Documents and Settings\Nic\Cookies\nic@news-international[1].txt
C:\Documents and Settings\Nic\Cookies\nic@uk[2].txt
C:\Documents and Settings\Nic\Cookies\nic@network.realmedia[1].txt
C:\Documents and Settings\Nic\Cookies\nic@tes[1].txt
C:\Documents and Settings\Nic\Cookies\nic@s[1].txt
C:\Documents and Settings\Nic\Cookies\nic@www.salfordadvertiser.co[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.contactmusic[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.monster[1].txt
C:\Documents and Settings\Nic\Cookies\nic@msnprod.oberon-media[2].txt
C:\Documents and Settings\Nic\Cookies\nic@sitestats.tiscali.co[2].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.heias[2].txt
C:\Documents and Settings\Nic\Cookies\nic@adinterax[2].txt
C:\Documents and Settings\Nic\Cookies\nic@cbs.112.2o7[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.gamershell[2].txt
C:\Documents and Settings\Nic\Cookies\nic@1071647687[1].txt
C:\Documents and Settings\Nic\Cookies\nic@cgi-bin[5].txt
C:\Documents and Settings\Nic\Cookies\nic@lloyds[2].txt
C:\Documents and Settings\Nic\Cookies\nic@cgi-bin[2].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.pointroll[2].txt
C:\Documents and Settings\Nic\Cookies\nic@burstnet[1].txt
C:\Documents and Settings\Nic\Cookies\nic@59937123[1].txt
C:\Documents and Settings\Nic\Cookies\nic@cgi-bin[1].txt
C:\Documents and Settings\Nic\Cookies\nic@www.clicksafe.lloydstsb[1].txt
C:\Documents and Settings\Nic\Cookies\nic@indextools[2].txt
C:\Documents and Settings\Nic\Cookies\nic@adultswim[1].txt
C:\Documents and Settings\Nic\Cookies\nic@tacoda[1].txt
C:\Documents and Settings\Nic\Cookies\nic@entrepreneur[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ad.adtoma[2].txt
C:\Documents and Settings\Nic\Cookies\nic@cnn.122.2o7[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.adultswim[2].txt
C:\Documents and Settings\Nic\Cookies\nic@centrebet.advertserve[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ad1.clickhype[1].txt
C:\Documents and Settings\Nic\Cookies\nic@stats.bigdrum[2].txt
C:\Documents and Settings\Nic\Cookies\nic@adopt.specificclick[1].txt
C:\Documents and Settings\Nic\Cookies\nic@roiservice[1].txt
C:\Documents and Settings\Nic\Cookies\nic@opsi[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.coldfront[2].txt
C:\Documents and Settings\Nic\Cookies\nic@www.burstbeacon[1].txt
C:\Documents and Settings\Nic\Cookies\nic@kanoodle[1].txt
C:\Documents and Settings\Nic\Cookies\nic@mb[6].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.expedia[1].txt
C:\Documents and Settings\Nic\Cookies\nic@mb[2].txt
C:\Documents and Settings\Nic\Cookies\nic@www.drivecleaner[2].txt
C:\Documents and Settings\Nic\Cookies\nic@xiti[1].txt
C:\Documents and Settings\Nic\Cookies\nic@704682[1].txt
C:\Documents and Settings\Nic\Cookies\nic@cgi-bin[4].txt
C:\Documents and Settings\Nic\Cookies\nic@mb[3].txt
C:\Documents and Settings\Nic\Cookies\nic@ad[2].txt
C:\Documents and Settings\Nic\Cookies\nic@www.clash-media[2].txt
C:\Documents and Settings\Nic\Cookies\nic@adlegend[1].txt
C:\Documents and Settings\Nic\Cookies\nic@www.realcounters[1].txt
C:\Documents and Settings\Nic\Cookies\nic@tracking.foxnews[1].txt
C:\Documents and Settings\Nic\Cookies\nic@clicksor[2].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.hi5[1].txt
C:\Documents and Settings\Nic\Cookies\nic@adsrevenue[2].txt
C:\Documents and Settings\Nic\Cookies\nic@mb[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ad.wz[1].txt
C:\Documents and Settings\Nic\Cookies\nic@www.burstnet[2].txt
C:\Documents and Settings\Nic\Cookies\nic@mediavantage[1].txt
C:\Documents and Settings\Nic\Cookies\nic@drivecleaner[2].txt
C:\Documents and Settings\Nic\Cookies\nic@ebookers[1].txt
C:\Documents and Settings\Nic\Cookies\nic@mb[5].txt
C:\Documents and Settings\Nic\Cookies\nic@myoffers[1].txt
C:\Documents and Settings\Nic\Cookies\nic@[1].txt
C:\Documents and Settings\Nic\Cookies\nic@nextag[2].txt
C:\Documents and Settings\Nic\Cookies\nic@keywordmax[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.telegraph.co[1].txt
C:\Documents and Settings\Nic\Cookies\nic@media.funpic[1].txt
C:\Documents and Settings\Nic\Cookies\nic@73409429[1].txt
C:\Documents and Settings\Nic\Cookies\nic@track.adform[2].txt
C:\Documents and Settings\Nic\Cookies\nic@ads.esmas[1].txt
C:\Documents and Settings\Nic\Cookies\nic@ad1.emediate[1].txt
C:\Documents and Settings\Carmen\Cookies\carmen@adinterax[1].txt
C:\Documents and Settings\Carmen\Cookies\carmen@ads.esmas[1].txt
C:\Documents and Settings\Carmen\Cookies\carmen@banners.nbcupromotes[1].txt

Adware.WhenU
C:\PROGRAM FILES\DAEMON TOOLS\SETUPDTSB.EXE

I was thinking things were pretty much back to normal but in trying to log off one user to switch to another the computer froze for 10 minutes before deciding to throw up a blank screen.

Can you recommend a program to help clean my registry up, I'm afraid that regedit is a little old these days

Hi,Squizza

Give this here a try and also check out the Reg Defrag option
it was free at one time.

http://www.registry-clean.net/

lit me know how it gos

Gogo