Thread: slow pc,pop ups,spyware - kids again
View Single Post
Old 01-17-2008, 01:44 PM   #7 (permalink)
pip.1
Registered User
 
Join Date: Jul 2007
Posts: 74
OS: xp


Re: slow pc,pop ups,spyware - kids again
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) XP 2200+
Percentage of Memory in Use: 50%
Physical Memory (total/avail): 1023.39 MiB / 502.71 MiB
Pagefile Memory (total/avail): 1829.24 MiB / 1465.14 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1938.35 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 55.9 GiB total, 4.17 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 4D060H3 - 55.9 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 55.9 GiB - C:

\\.\PHYSICALDRIVE1 - HP Photosmart 8200 USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: Outpost Firewall Pro v4.0 (Agnitum) Disabled
FW: PC Tools Firewall Plus v2.0.0 (PC Tools)
AV: AVG 7.5.516 v7.5.516 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\paul\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EBAY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\paul
LOGONSERVER=\\EBAY
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\Program Files\Microsoft Office\Office\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0800
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\paul\LOCALS~1\Temp
TMP=C:\DOCUME~1\paul\LOCALS~1\Temp
USERDOMAIN=EBAY
USERNAME=paul
USERPROFILE=C:\Documents and Settings\paul
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)
paul (admin)
emily and abigail
ABIGAIL


-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\uninst.exe -fc:\compaq\lutil\DeIsL1.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Image Viewer Plugin 4.0 --> C:\Program Files\Common Files\Adobe\Acrobat 5.0\ImageViewer\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\Acrobat 5.0\ImageViewer\Install.log
Adobe Photoshop Elements 2.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
Big Fish Games Client --> C:\Program Files\bfgclient\Uninstall.exe
BufferChm -->
CameraDrivers -->
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Cinderella Doll's House --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\DISNEY~1\DISNEY~1\DeIsL1.isu
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
CP_AtenaShokunin1Config -->
CP_CalendarTemplates1 -->
CP_Package_Basic1 -->
CP_Package_Variety1 -->
CP_Package_Variety2 -->
CP_Package_Variety3 -->
CP_Panorama1Config -->
CueTour -->
Destinations -->
DeviceFunctionQFolder -->
DeviceManagementQFolder -->
DirectX Media Runtime 5.1 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DXM51.INF,Uninstall.NT
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Access Button Support --> C:\Program Files\COMPAQ\Easy Access Button Support\Uninst.exe
EasyStudio Image Editor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{946822A3-F5D6-43B6-8335-9113A03773DC}\Setup.exe" -l0x9
eSupportQFolder -->
Free Hide Folder --> C:\PROGRA~1\FREEHI~1\UNWISE.EXE C:\PROGRA~1\FREEHI~1\INSTALL.LOG
Free Internet Eraser 2.05 --> "C:\Program Files\PrivacyEraser Computing\Free Internet Eraser\unins000.exe"
FullDPAppQFolder -->
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Google Earth --> MsiExec.exe /I{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2 --> "C:\PROGRA~1\TRENDM~1\HIJACK~1\HijackThis.exe" /uninstall
HP Image Zone 5.3 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series --> C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Solution Center & Imaging Support Tools 5.3 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPProductAssistant -->
ImageForge version 3.60 --> "C:\Program Files\ImageForge3\unins000.exe"
InstantShareDevices -->
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
IPIX ActiveX Viewer --> C:\WINDOWS\Unwise.exe /a C:\WINDOWS\occache\IPIXActX.log
iTunes -->
iTunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{872653C6-5DDC-488B-B7C2-CF9E4D9335E5} /l1033
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Lady Cruncher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B873C5B1-E677-11D6-B49C-0020183A6529}\setup.exe" -l0x9
Lexmark Supplies Monitor --> C:\WINDOWS\System32\LXSMUNIN.EXE
Lexmark X1100 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
LimeWire 4.14.10 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 2.0 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office 2000 Disc 2 --> MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Word 2002 --> MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 6.0 --> MsiExec.exe /I{F8D0829C-9C6F-11D3-8080-00C04FA329AA}
Microsoft Zoo Tycoon --> "C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
MicroStaff WINASPI --> C:\MWASPI\uninst.exe
Moose on the Loose --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\eGames\Moose on the Loose\Soccer.isu"
Mozilla Firefox (2.0.0.11) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyDsc2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83D96ED0-98AA-4515-8DDC-816F3EFDD104}\Setup.exe" -l0x9
MyDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D74B8AD-DAB2-4C92-A266-2F3C7C21F863}\Setup.exe" -l0x9 -L0x9
Nokia Connectivity Cable Driver -->
Nokia Connectivity Cable Driver --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4AD35E01-9BA9-4F0C-B6B7-09C6C8F20D15} /l2057
Nokia PC Suite -->
Nokia PC Suite --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1267949C-73FC-4692-AA22-176F5E909647} /l2057
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA Windows 2000/XP nForce Drivers --> rundll32.exe C:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PanoStandAlone -->
PC Tools Firewall Plus 2.0 --> "C:\Program Files\PC Tools Firewall Plus\unins000.exe"
PhotoGallery -->
PICVideo Codecs --> C:\WINDOWS\System32\UNPICVID2.EXE "PICVideo Codecs Uninstall"
PIMS & File Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F340FE0-E93E-4A53-B5E4-19ED2648FCAE}\Setup.exe" -l0x9
Pocket RAR documentation --> C:\Program Files\PocketRAR\uninstall.exe
Professor Fizzwizzle (remove only) --> "C:\Program Files\Professor Fizzwizzle\Uninstall.exe"
PS8200 -->
PSPrinters08 -->
PSTAPlugin -->
RandMap -->
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rugrats Munchin Land --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{DA3E7DD3-8545-43D7-AAEA-AEB291983A33} MunchinUninstall
Rugrats(TM) Munchin Land -->
SA31xx Device Manager & Media Converter --> C:\Program Files\InstallShield Installation Information\{E572B060-C98B-4984-A48E-E4FA56265903}\setup.exe -runfromtemp -l0x0009 -removeonly
SafeCast Shared Components --> C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Scholastic's I SPY Fantasy --> C:\PROGRA~1\SCHOLA~1\ISPYFA~1\UNWISE.EXE C:\PROGRA~1\SCHOLA~1\ISPYFA~1\INSTALL.LOG
SkinsHP1 -->
SnoopFree Privacy Shield --> SnoopFreeUI.exe /U
SolutionCenter -->
Sonic_PrimoSDK -->
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2 --> "C:\Program Files\SpywareGuard\unins000.exe"
Status -->
Super Gerball Free Trial --> "C:\Program Files\SuperGerballTrial_at\unins000.exe"
ToolbarSetup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}\Setup.exe" -l0x9
TrayApp -->
Truprint Viewer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07802C2B-0ABD-439A-9510-1A89FD4FD5AB}\Setup.exe"
Turbo Lister 2 -->
Turbo Lister 2 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
Uninstall Startup Inspector --> "C:\Program Files\Startup Inspector for Windows\unins000.exe"
Unload -->
VideoLAN VLC media player 0.8.6a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtual Villagers: The Lost Children (remove only) --> "C:\Program Files\Virtual Villagers - The Lost Children\Uninstall.exe"
Web Photo Album 0.9 Beta --> "C:\Program Files\Web Photo Album\unins000.exe"
WebFldrs XP -->
WebReg -->
Wedding Dash (remove only) --> "C:\Program Files\Wedding Dash\Uninstall.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
XML Paper Specification Shared Components Pack 1.0 -->
XviD 1.1 final uninstall --> "C:\Program Files\XviD\unins000.exe"
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Toolbar -->


-- Application Event Log -------------------------------------------------------

Event Record #/Type10687 / Error
Event Submitted/Written: 01/10/2008 11:37:23 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application cwshredder.exe, version 2.19.0.1099, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type10686 / Error
Event Submitted/Written: 01/10/2008 11:36:32 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application cwshredder.exe, version 2.19.0.1099, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type10685 / Error
Event Submitted/Written: 01/10/2008 11:32:39 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application firefox.exe, version 1.8.20071.12718, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type10684 / Error
Event Submitted/Written: 01/10/2008 05:32:13 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application WinDVD.exe, version 3.2.41.138, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type10683 / Error
Event Submitted/Written: 01/10/2008 05:30:18 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application realplay.exe, version 6.0.12.1053, hang module hungapp, version 0.0.0.0, hang address 0x00000000.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type170989 / Error
Event Submitted/Written: 01/17/2008 03:58:00 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.

Event Record #/Type170988 / Error
Event Submitted/Written: 01/17/2008 03:56:43 PM
Event ID/Source: 1000 / Dhcp
Event Description:
Your computer has lost the lease to its IP address 192.168.100.11 on the
Network Card with network address 001180C6876C.

Event Record #/Type170987 / Warning
Event Submitted/Written: 01/17/2008 03:56:43 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001180C6876C. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type170984 / Error
Event Submitted/Written: 01/17/2008 03:55:51 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Event Record #/Type170983 / Error
Event Submitted/Written: 01/17/2008 03:55:51 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)



-- End of Deckard's System Scanner: finished at 2008-01-17 20:39:27 ------------
pip.1 is offline