Browser running slow Win xp pro sp2

[deejay100six]

Hi i'm new to these forums and after spending the last couple of weeks running round in circles trying to solve my own problems i finally realised that this is the place to get real help. Its been suggested i probably need a fresh install but thought i would see if you guys could help. My browser is really slow and some strange things have been happening. Tried to follow the five steps before posting but had problems with panda antivirus and no extra.txt in deckard scan. I would be very grateful if someone could take a look for me. Regards, Dave.

Deckard's System Scanner v20071014.68
Run by User on 2007-11-25 20:58:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as User.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:58:44, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\User\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [F-StopW] "C:\Program Files\FSI\F-Prot\F-StopW.EXE"
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1182973105563
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 5344 bytes

-- Files created between 2007-10-25 and 2007-11-25 -----------------------------

2007-11-25 20:23:23 0 d-------- C:\ie-spyad_zo
2007-11-25 20:05:45 0 d-------- C:\Program Files\SpywareBlaster
2007-11-25 19:40:39 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-11-25 19:40:37 0 d-------- C:\WINDOWS\LastGood
2007-11-25 19:08:50 0 d-------- C:\Program Files\Sun
2007-11-25 03:50:19 0 dr-h----- C:\Documents and Settings\User\Recent
2007-11-25 03:48:29 0 d-------- C:\Program Files\CCleaner
2007-11-25 00:46:51 0 d-------- C:\WINDOWS\BDOSCAN8
2007-11-23 01:51:13 0 d-------- C:\Documents and Settings\All Users\Application Data\eMule
2007-11-23 00:37:42 0 d-------- C:\Program Files\eMule
2007-11-22 22:29:43 0 d-------- C:\Program Files\uTorrent
2007-11-19 23:14:56 0 d-------- C:\Program Files\Common Files\xing shared
2007-11-19 23:14:29 0 d-------- C:\Documents and Settings\All Users\Application Data\TomTom
2007-11-19 23:14:12 0 d-------- C:\Documents and Settings\User\Application Data\InstallShield
2007-11-19 23:13:37 0 d-------- C:\Documents and Settings\User\Application Data\uTorrent
2007-11-17 16:34:00 0 d-------- C:\Program Files\Keyfinder Advanced 2007 (Trial Version)
2007-11-13 22:48:18 0 d-------- C:\Documents and Settings\User\Application Data\uTorrent(2)
2007-11-01 14:11:45 3678208 --a------ C:\Documents and Settings\User\ntuser.dat
2007-11-01 14:11:45 229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2007-10-31 13:11:11 0 d-------- C:\Program Files\TomTom DesktopSuite
2007-10-25 10:26:48 53248 --a------ C:\WINDOWS\bdoscandel.exe


-- Find3M Report ---------------------------------------------------------------

2007-11-25 19:05:12 0 d-------- C:\Program Files\Java
2007-11-23 08:02:04 0 d-------- C:\Documents and Settings\User\Application Data\AVG7
2007-11-19 23:11:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-19 21:12:12 0 d-------- C:\Program Files\InterVideo
2007-11-19 18:49:03 0 d-------- C:\Program Files\Google
2007-11-14 20:24:38 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-03 22:59:19 0 d-------- C:\Program Files\VirtualDJ
2007-11-03 16:52:03 0 d-------- C:\Program Files\QuickTime
2007-11-03 16:01:17 0 d-------- C:\Program Files\Common Files
2007-11-03 16:01:09 0 d-------- C:\Program Files\Common Files\Real
2007-10-29 01:29:15 0 d-------- C:\Program Files\C-Media Audio
2007-10-09 12:15:30 0 d-------- C:\Program Files\iTunes
2007-10-09 12:15:20 0 d-------- C:\Program Files\iPod
2007-10-06 21:38:20 0 d-------- C:\Documents and Settings\User\Application Data\Google


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [26/04/2002 09:17]
"Cmaudio"="cmicnfg.cpl" []
"AtiPTA"="atiptaxx.exe" [26/09/2001 22:39 C:\WINDOWS\system32\atiptaxx.exe]
"F-StopW"="C:\Program Files\FSI\F-Prot\F-StopW.EXE" []
"PCTVOICE"="pctspk.exe" [04/11/2002 07:48 C:\WINDOWS\system32\pctspk.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 02:06]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [25/10/2007 03:44]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [10/09/2007 19:34]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 01:07]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [01/05/2007 08:29]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d147534d-85a3-11dc-aa55-00e04d0b452a}]
AutoRun\command- F:\InstallTomTomHOME.exe




-- End of Deckard's System Scanner: finished at 2007-11-25 20:59:06 ------------

[deejay100six]

Hello again, managed to get panda to do the scan :


Incident Status Location

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\User\Cookies\user@atdmt[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\User\Cookies\user@atdmt[3].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\User\Cookies\user@com[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\User\Cookies\user@doubleclick[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\User\Cookies\user@tribalfusion[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\User\Cookies\user@tribalfusion[3].txt
Virus:Generic Malware Disinfected C:\Program Files\Bitcollider\bitcoll.dll


Also i have noticed from reading similar threads that you are probably going to advise against using utorrent etc and in fact i am fairly sure that bitcollider is something i picked up on Limewire and had problems uninstalling it. Would appear that it is still causing problems despite not being visible in add/remove programs.

I recently had an error message (Error 1722) telling me that my windows installer package has a problem: " A program run as part of the setup did not finish as expected".

Sorry but can't remember what i was doing at the time.

[deejay100six]

Have now managed to track down extra.txt from dss scan, don't really know why it was not visible with main.txt but here it is :

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) XP 2000+
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 255.48 MiB / 68.9 MiB
Pagefile Memory (total/avail): 615.91 MiB / 284.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.93 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 111.79 GiB total, 69.37 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST3120026A - 111.79 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 111.79 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
UpdatesDisableNotify is set.

AV: AVG 7.5.503 v7.5.503 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\InterVideo\\DVD5\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD5\\WinDVD.exe:*:Disabled:WinDVD"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Documents and Settings\\User\\My Documents\\utorrent.exe"="C:\\Documents and Settings\\User\\My Documents\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\User\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MAIN-0D426A4A72
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\User
LOGONSERVER=\\MAIN-0D426A4A72
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\User\LOCALS~1\Temp
TMP=C:\DOCUME~1\User\LOCALS~1\Temp
USERDOMAIN=MAIN-0D426A4A72
USERNAME=User
USERPROFILE=C:\Documents and Settings\User
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

User (admin)
Guest (guest)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
C-Media Audio --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\C-Media Audio\Uninst.isu" -c"C:\Program Files\C-Media Audio\CMIUnInstall.DLL"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Creative DVD Audio Plugin for Audigy Series --> "C:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u
eMule2 --> "C:\Program Files\eMule\uninstall.exe"
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HSP56 MR Drivers --> ptuninst.exe
InterVideo WinDVD 5 --> "C:\Program Files\InstallShield Installation Information\{1B399A41-C1D0-40A2-9E4F-095868EFAF01}\setup.exe" REMOVEALL
J2SE Development Kit 5.0 Update 12 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150120}
J2SE Runtime Environment 5.0 Update 12 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150120}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Codec Pack 2.20 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Publisher 2002 --> MsiExec.exe /I{90190409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.8) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall


-- Application Event Log -------------------------------------------------------

Event Record #/Type294 / Error
Event Submitted/Written: 11/23/2007 08:42:28 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16512, faulting module , version 9.0.47.0, fault address 0x0003215d.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type289 / Error
Event Submitted/Written: 11/23/2007 07:57:42 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application realplay.exe, version 6.0.12.1483, faulting module ole32.dll, version 5.1.2600.2726, fault address 0x0001fb8a.
Processing media-specific event for [realplay.exe!ws!]

Event Record #/Type263 / Error
Event Submitted/Written: 11/20/2007 10:21:58 AM
Event ID/Source: 3011 / LoadPerf
Event Description:
Unloading the performance counter strings for service ISAPISearch (ISAPISearch) failed. The
Error code is the first DWORD in Data section.

Event Record #/Type262 / Error
Event Submitted/Written: 11/20/2007 10:21:58 AM
Event ID/Source: 3001 / LoadPerf
Event Description:
The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 2338, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Event Record #/Type261 / Error
Event Submitted/Written: 11/20/2007 10:21:58 AM
Event ID/Source: 3011 / LoadPerf
Event Description:
Unloading the performance counter strings for service ContentFilter (ContentFilter) failed. The
Error code is the first DWORD in Data section.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type10065 / Warning
Event Submitted/Written: 11/24/2007 09:28:02 AM / 11/24/2007 09:28:03 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type10064 / Warning
Event Submitted/Written: 11/24/2007 02:02:46 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type10063 / Warning
Event Submitted/Written: 11/24/2007 01:43:22 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type10062 / Warning
Event Submitted/Written: 11/23/2007 10:23:57 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type10061 / Warning
Event Submitted/Written: 11/23/2007 08:34:43 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.



-- End of Deckard's System Scanner: finished at 2007-11-25 18:09:33 ------------


Even my limited knowledge tells me that my machine looks a bit poorly.

[deejay100six]

bump1

[deejay100six]

bump2

[deejay100six]

Feel a bit daft replying to my own post but i've been all over the site to see if i can find out if my post is in some kind of queue and how far i am up it but no joy. I know you guys are really busy but been waiting about a week now and wondered if there was some other reason like maybe i posted in the wrong forum, but someone would have told me........wouldn't they?

Ps I've had a fresh install since my first post but still one or two things bugging me but you would ask for fresh logs anyway, i suppose.

[tetonbob]

Hi -

This forum is for malware removal, not system optimization. You may be better served asking for help in the Windows XP or Internet Explorer forums.

There are hundreds of people wanting help from the volunteers in this forum, and only a handful of trained Helpers who can reply to them. Thus, some folks get overlooked. It's not personal, it just happens.

From your earlier logs, it doesn't appear there was active malware.

And yes, using P2P programs is a bad idea. You still have µTorrent installed.

We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

References for the risk of these programs are here,
here and here.

I would strongly recommend that you uninstall them. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you've just done a fresh install, then your old logs won't help. To help ensure this is not a malware issue, let's first get a new set of logs from DSS.

Please run Deckard's System Scanner once again, this time using these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK

"%userprofile%\desktop\dss.exe" /config

Click on "Check All"

Click Scan!

When finished, it shall produce two logs for you. Post those logs in your next reply.

[deejay100six]

Thanks very much for your help, advice noted here is a fresh dss scan as requested

Deckard's System Scanner v20071014.68
Run by Dave on 2007-12-06 02:35:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
18: 2007-12-06 02:10:08 UTC - RP18 - Deckard's System Scanner Restore Point
17: 2007-12-05 21:17:42 UTC - RP17 - System Checkpoint
16: 2007-12-04 20:04:38 UTC - RP16 - System Checkpoint
15: 2007-12-03 18:31:58 UTC - RP15 - Software Distribution Service 3.0
14: 2007-12-03 17:43:12 UTC - RP14 - System Checkpoint


-- First Restore Point --
1: 2007-11-30 00:27:11 UTC - RP1 - System Checkpoint


Performed disk cleanup.

Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as Dave.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:35:23, on 06/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\FSI\F-Prot\F-Sched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\FSI\F-Prot\F-StopW.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dave\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Dave.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [F-StopW] C:\Program Files\FSI\F-Prot\F-StopW.EXE
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1196429270988
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 4932 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 FPA_RTP - c:\windows\system32\drivers\fstopw.sys <Not Verified; Frisk Software International - www.f-prot.com; F-StopW Version 3.14c>
R1 FileDisk - c:\windows\system32\drivers\filedisk.sys <Not Verified; Bo Brantén; filedisk>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R3 cmuda (C-Media WDM Audio Interface) - c:\windows\system32\drivers\cmuda.sys <Not Verified; C-Media Inc; C-Media Audio Driver (WDM)>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\system32\winlogon.exe (pid 576)
2007-04-19 13:41:36 294912 --a------ C:\Program Files\SUPERAntiSpyware\SASWINLO.dll <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware WinLogon Processor>

C:\WINDOWS\explorer.exe (pid 1296)
2006-12-20 13:55:48 77824 --a------ C:\Program Files\SUPERAntiSpyware\SASSEH.DLL <Not Verified; SuperAdBlocker.com; SuperAntiSpyware>
2005-09-23 07:28:38 83456 --a------ C:\WINDOWS\system32\dfshim.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2007-04-13 03:21:14 271360 --a------ C:\WINDOWS\system32\mscoree.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:56 107520 --a------ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:50 9216 --a------ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:58 17920 --a------ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:29:00 85504 --a------ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2000-04-19 08:00:00 24644 --a------ C:\Program Files\WinZip\WZSHLSTB.DLL <Not Verified; WinZip Computing, Inc.; WinZip>

C:\WINDOWS\system32\rundll32.exe (pid 1624)
2005-12-15 20:46:48 2834432 --a------ C:\WINDOWS\system\cmicnfg.cpl <Not Verified; C-Media Corporation; CmiCnfg Dynamic Link Library>
2003-04-24 20:29:08 32768 --a------ C:\WINDOWS\system32\udaprop.dll <Not Verified; C-Media Corporation; CMI8738/CMI9738/CMI9739 Audio Device>


-- Files created between 2007-11-06 and 2007-12-06 -----------------------------

2007-12-06 02:13:00 0 d-------- C:\Program Files\Trend Micro
2007-12-05 04:09:57 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2007-12-04 22:22:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
2007-12-04 22:20:29 0 d-------- C:\Program Files\dumeter3
2007-12-04 01:10:26 0 d-------- C:\Program Files\C-Media
2007-12-03 01:31:20 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-03 01:31:06 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-12-03 01:30:58 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2007-12-03 01:30:28 0 d-------- C:\WINDOWS\system32\ZoneLabs
2007-12-03 01:27:39 0 d-------- C:\WINDOWS\Internet Logs
2007-12-02 21:37:50 0 d-------- C:\Program Files\Common Files\xing shared
2007-12-02 21:37:25 0 d-------- C:\Program Files\Common Files\Real
2007-12-02 21:37:18 0 d-------- C:\Program Files\Real
2007-12-02 21:34:31 0 d-------- C:\Documents and Settings\Dave\Application Data\Real
2007-12-02 18:29:56 0 d-------- C:\Documents and Settings\Dave\Shared
2007-12-02 18:29:44 0 d-------- C:\Documents and Settings\Dave\Incomplete
2007-12-02 18:29:04 0 d-------- C:\Documents and Settings\Dave\Application Data\LimeWire
2007-12-02 18:28:48 0 d-------- C:\Program Files\LimeWire
2007-12-02 17:03:12 0 d-------- C:\Program Files\Windows Media Connect 2
2007-12-02 17:01:09 0 d-------- C:\WINDOWS\system32\LogFiles
2007-12-02 17:01:09 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-12-02 15:24:08 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2007-12-02 15:24:07 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4>
2007-12-02 15:24:07 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-12-02 15:24:07 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-12-02 15:24:06 38912 -----n--- C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2007-12-02 15:24:06 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-12-02 15:24:05 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2007-12-02 15:24:05 0 d-------- C:\Program Files\Common Files\Ahead
2007-12-02 15:24:01 0 d-------- C:\Program Files\Ahead
2007-12-02 03:58:28 0 d-------- C:\Documents and Settings\Dave\Application Data\BitZipper
2007-12-02 03:58:20 0 d-------- C:\Program Files\BitZipper
2007-12-01 23:39:24 0 d-------- C:\Program Files\Seagate
2007-12-01 22:32:31 0 d-------- C:\Documents and Settings\Dave\Application Data\Adobe
2007-12-01 22:25:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-12-01 22:25:43 0 d-------- C:\Program Files\Common Files\Adobe
2007-12-01 20:09:09 12928 --a------ C:\WINDOWS\system32\drivers\filedisk.sys <Not Verified; Bo Brantén; filedisk>
2007-12-01 18:17:49 0 d-------- C:\Documents and Settings\Dave\Application Data\WinRAR
2007-12-01 17:45:16 0 d-------- C:\Documents and Settings\Dave\Application Data\Help
2007-12-01 17:02:56 0 d-------- C:\Program Files\7-Zip
2007-11-30 22:12:57 0 d-------- C:\Documents and Settings\Dave\Application Data\Google
2007-11-30 21:47:14 0 d-------- C:\WINDOWS\Sun
2007-11-30 21:47:14 0 d-------- C:\Documents and Settings\Dave\Application Data\Sun
2007-11-30 21:46:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-11-30 21:46:33 0 d-------- C:\Program Files\Google
2007-11-30 21:45:42 0 d-------- C:\Program Files\Java
2007-11-30 21:44:56 0 d-------- C:\Program Files\Common Files\Java
2007-11-30 21:39:10 0 d-------- C:\Program Files\uTorrent
2007-11-30 21:38:47 0 d-------- C:\Documents and Settings\Dave\Application Data\uTorrent
2007-11-30 20:44:38 0 d-------- C:\WINDOWS\network diagnostic
2007-11-30 17:49:32 0 d-------- C:\Documents and Settings\Dave\Application Data\Macromedia
2007-11-30 17:24:16 0 d-------- C:\Documents and Settings\Dave\Application Data\InterVideo
2007-11-30 17:22:17 0 d--h----- C:\WINDOWS\PIF
2007-11-30 17:21:13 0 d-------- C:\Program Files\Common Files\InterVideo
2007-11-30 17:20:26 0 d-------- C:\Program Files\InterVideo
2007-11-30 17:20:25 77824 --a------ C:\WINDOWS\system32\ctdvda32.dll <Not Verified; Creative Technology Ltd; Creative DVD-Audio Product>
2007-11-30 17:20:25 831600 --a------ C:\WINDOWS\system32\Ctaa1.dat
2007-11-30 17:20:24 315248 --a------ C:\WINDOWS\system32\drivers\ctdvda2k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
2007-11-30 17:20:23 122880 --a------ C:\WINDOWS\system32\cddvdint.dll
2007-11-30 17:20:23 0 d-------- C:\Program Files\Creative
2007-11-30 15:33:10 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-30 15:33:01 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-30 15:33:01 0 d-------- C:\Documents and Settings\Dave\Application Data\SUPERAntiSpyware.com
2007-11-30 15:32:12 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-30 15:19:49 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-11-30 13:38:07 319652 --a------ C:\WINDOWS\system32\drivers\FSTOPW.sys <Not Verified; Frisk Software International - www.f-prot.com; F-StopW Version 3.14c>
2007-11-30 13:38:07 0 d-------- C:\Program Files\FSI
2007-11-30 13:38:06 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-30 13:37:53 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-30 13:31:48 0 d-------- C:\WINDOWS\system32\PreInstall
2007-11-30 13:31:46 0 d--h----- C:\WINDOWS\$hf_mig$
2007-11-30 13:28:21 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-11-30 13:27:03 0 d--hs---- C:\Documents and Settings\Dave\UserData
2007-11-30 00:35:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-11-30 00:35:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-11-30 00:26:59 0 d-------- C:\Documents and Settings\Dave\Application Data\Identities
2007-11-30 00:26:52 0 d--h----- C:\Documents and Settings\Dave\Templates
2007-11-30 00:26:52 0 dr------- C:\Documents and Settings\Dave\Start Menu
2007-11-30 00:26:52 0 dr-h----- C:\Documents and Settings\Dave\SendTo
2007-11-30 00:26:52 0 dr-h----- C:\Documents and Settings\Dave\Recent
2007-11-30 00:26:52 0 d--h----- C:\Documents and Settings\Dave\PrintHood
2007-11-30 00:26:52 1572864 --ah----- C:\Documents and Settings\Dave\NTUSER.DAT
2007-11-30 00:26:52 0 d--h----- C:\Documents and Settings\Dave\NetHood
2007-11-30 00:26:52 0 dr------- C:\Documents and Settings\Dave\My Documents
2007-11-30 00:26:52 0 d--h----- C:\Documents and Settings\Dave\Local Settings
2007-11-30 00:26:52 0 dr------- C:\Documents and Settings\Dave\Favorites
2007-11-30 00:26:52 0 d-------- C:\Documents and Settings\Dave\Desktop
2007-11-30 00:26:52 0 d--hs---- C:\Documents and Settings\Dave\Cookies
2007-11-30 00:26:52 0 d--h----- C:\Documents and Settings\Dave\Application Data
2007-11-30 00:25:59 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-11-30 00:25:57 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-11-30 00:25:57 0 d-------- C:\WINDOWS\Prefetch
2007-11-30 00:25:56 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-11-30 00:25:56 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-11-30 00:25:56 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-11-30 00:25:56 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-11-30 00:25:56 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-11-30 00:25:49 225280 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-11-30 00:25:49 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-11-30 00:25:49 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-11-30 00:25:49 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-11-30 00:25:49 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-11-30 00:21:54 0 d-------- C:\WINDOWS\system32\xircom
2007-11-30 00:21:54 0 d-------- C:\Program Files\microsoft frontpage
2007-11-30 00:21:32 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-11-30 00:21:25 0 -rahs---- C:\MSDOS.SYS
2007-11-30 00:21:25 0 -rahs---- C:\IO.SYS
2007-11-30 00:21:25 0 --a------ C:\CONFIG.SYS
2007-11-30 00:21:25 0 --a------ C:\AUTOEXEC.BAT
2007-11-30 00:20:17 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-11-30 00:20:06 0 dr------- C:\WINDOWS\Offline Web Pages
2007-11-30 00:20:06 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-11-30 00:19:54 0 d--h----- C:\Program Files\WindowsUpdate
2007-11-30 00:19:33 0 d-------- C:\WINDOWS\system32\DirectX
2007-11-30 00:19:04 0 d---s---- C:\WINDOWS\Tasks
2007-11-30 00:19:03 0 d-------- C:\Program Files\Common Files\MSSoap
2007-11-30 00:19:00 0 d-------- C:\WINDOWS\system32\Macromed
2007-11-30 00:19:00 0 d-------- C:\WINDOWS\srchasst
2007-11-30 00:18:53 0 d-------- C:\Program Files\Movie Maker
2007-11-30 00:18:46 0 d-------- C:\WINDOWS\system32\Restore
2007-11-30 00:18:01 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-11-30 00:17:46 0 d-------- C:\WINDOWS\Registration
2007-11-30 00:17:39 0 d-------- C:\Program Files\Online Services
2007-11-30 00:17:30 0 d-------- C:\Program Files\Messenger
2007-11-30 00:17:27 0 d-------- C:\Program Files\MSN Gaming Zone
2007-11-30 00:16:55 0 d-------- C:\Program Files\Windows NT
2007-11-30 00:16:52 0 d-------- C:\WINDOWS\system32\MsDtc
2007-11-30 00:16:51 0 d-------- C:\WINDOWS\system32\Com
2007-11-30 00:09:14 0 d--hs---- C:\WINDOWS\Installer
2007-11-30 00:09:13 0 d-------- C:\Program Files\Common Files\ODBC
2007-11-30 00:09:11 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-11-30 00:09:10 0 dr------- C:\Program Files
2007-11-30 00:09:10 0 d-------- C:\Program Files\Common Files
2007-11-30 00:08:47 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-11-30 00:08:47 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-11-30 00:08:47 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-11-30 00:08:47 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-11-30 00:08:47 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-11-30 00:08:47 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-11-30 00:08:47 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-11-30 00:08:47 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-11-30 00:08:47 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-11-30 00:08:47 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-11-30 00:08:47 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-11-30 00:08:47 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-11-30 00:08:47 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-11-30 00:08:47 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-11-30 00:08:47 0 dr------- C:\Documents and Settings\All Users\Documents
2007-11-30 00:08:47 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-11-30 00:08:34 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-11-30 00:08:34 0 d-------- C:\WINDOWS\system32\CatRoot
2007-11-30 00:08:28 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-11-30 00:08:28 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-11-30 00:08:28 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-11-30 00:08:28 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-11-30 00:08:08 0 d--hs---- C:\System Volume Information
2007-11-30 00:08:08 0 d-------- C:\Documents and Settings
2007-11-30 00:03:47 0 d-------- C:\WINDOWS
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\WinSxS
2007-11-30 00:03:47 0 dr------- C:\WINDOWS\Web
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\twain_32
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\wins
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\wbem
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\usmt
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\spool
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\ShellExt
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\Setup
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\ras
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\oobe
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\npp
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\mui
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\inetsrv
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\IME
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\icsxml
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\ias
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\export
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\drivers
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-11-30 00:03:47 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\dhcp
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\config
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\3076
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\2052
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1054
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1042
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1041
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1037
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1033
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1031
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1028
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system32\1025
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\system
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\security
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Resources
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\repair
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Provisioning
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\PeerNet
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\pchealth
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\mui
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\msapps
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\msagent
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Media
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\java
2007-11-30 00:03:47 0 d--h----- C:\WINDOWS\inf
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\ime
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Help
2007-11-30 00:03:47 0 dr--s---- C:\WINDOWS\Fonts
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\ehome
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Driver Cache
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Debug
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Cursors
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Connection Wizard
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\Config
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\AppPatch
2007-11-30 00:03:47 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2007-11-30 00:08:47 62 --ahs---- C:\Documents and Settings\Dave\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F-StopW"="C:\Program Files\FSI\F-Prot\F-StopW.EXE" [05/02/2004 15:30]
"Cmaudio"="cmicnfg.cpl" []
"FRISK FP-Scheduler"="C:\Program Files\FSI\F-Prot\F-Sched.exe" [07/04/2003 09:47]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [02/12/2007 21:37]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [04/12/2002 14:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [01/05/2007 09:29]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [30/11/2007 22:13]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [04/12/2007 13:09:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll




-- Hosts -----------------------------------------------------------------------

127.0.0.1 mpa.one.microsoft.com


-- End of Deckard's System Scanner: finished at 2007-12-06 02:37:14 ------------

Sorry for the delay, having problems with attaching extra.txt would it be ok to just copy/paste to here?

[tetonbob]

Sure, just post extra.tx in a new reply.

[deejay100six]

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) XP 2000+
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 255.48 MiB / 68.93 MiB
Pagefile Memory (total/avail): 617.98 MiB / 411.79 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.31 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 111.78 GiB total, 85.59 GiB free.
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST3120026A - 111.79 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 111.78 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.
AntivirusOverride is set.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\InterVideo\\DVD5\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD5\\WinDVD.exe:*:Enabled:WinDVD"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Dave\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DAVE-37E35C2877
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Dave
LOGONSERVER=\\DAVE-37E35C2877
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Dave\LOCALS~1\Temp
TMP=C:\DOCUME~1\Dave\LOCALS~1\Temp
USERDOMAIN=DAVE-37E35C2877
USERNAME=Dave
USERPROFILE=C:\Documents and Settings\Dave
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Dave (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
BitZipper 5.0.2 --> "C:\Program Files\BitZipper\unins000.exe"
C-Media WDM Audio Driver --> C:\WINDOWS\system32\cmirmdrv.exe
Creative DVD Audio Plugin for Audigy Series --> "C:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u
DU Meter --> "C:\Program Files\DU Meter\unins000.exe"
F-Prot for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FD12630-1991-46F5-8479-92DE1EAE87DA}\setup.exe" -l0x9
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
InterVideo WinDVD 5 --> "C:\Program Files\InstallShield Installation Information\{1B399A41-C1D0-40A2-9E4F-095868EFAF01}\setup.exe" REMOVEALL
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
K-Lite Codec Pack 2.20 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire PRO 4.14.10 --> "C:\Program Files\LimeWire\uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SeaTools for Windows --> MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall


-- Application Event Log -------------------------------------------------------

Event Record #/Type143 / Error
Event Submitted/Written: 12/03/2007 00:25:46 AM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 536076040.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Event Record #/Type142 / Error
Event Submitted/Written: 12/03/2007 00:23:57 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16544, faulting module flash9d.ocx, version 9.0.47.0, fault address 0x000b110e.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type131 / Warning
Event Submitted/Written: 12/02/2007 04:49:07 PM
Event ID/Source: 1020 / ASP.NET 2.0.50727.0
Event Description:
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.

Event Record #/Type117 / Error
Event Submitted/Written: 12/02/2007 04:03:42 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application BitZipper.exe, version 5.0.2.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type115 / Success
Event Submitted/Written: 12/01/2007 11:50:04 PM
Event ID/Source: 1102 / .NET Runtime Optimization Service
Event Description:
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Web.Services, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type798 / Warning
Event Submitted/Written: 12/04/2007 02:53:11 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type797 / Warning
Event Submitted/Written: 12/04/2007 02:46:50 PM
Event ID/Source: 51 / Cdrom
Event Description:
An error was detected on device \Device\CdRom0 during a paging operation.

Event Record #/Type796 / Warning
Event Submitted/Written: 12/04/2007 02:46:50 PM
Event ID/Source: 51 / Cdrom
Event Description:
An error was detected on device \Device\CdRom0 during a paging operation.

Event Record #/Type795 / Warning
Event Submitted/Written: 12/04/2007 02:46:50 PM
Event ID/Source: 51 / Cdrom
Event Description:
An error was detected on device \Device\CdRom0 during a paging operation.

Event Record #/Type794 / Warning
Event Submitted/Written: 12/04/2007 02:46:50 PM
Event ID/Source: 51 / Cdrom
Event Description:
An error was detected on device \Device\CdRom0 during a paging operation.



-- End of Deckard's System Scanner: finished at 2007-12-06 02:37:14 ------------

Sorry looks like i had a disk in my cd rom didn't know it would be a problem, will i have to run another scan?

[tetonbob]

Hi again -

I'm not seeing malware as the cause of any issues you may be having.

You have P2P applications still. Limewire Pro is now back in your Add/Remove Programs list.

You have only 256MB of RAM (memory). Modern applications will place a lot of demand on your system, bogging it down. 512MB is really the minimum for Windows XP, 1GB of RAM is better.

Since you've done a fresh install, and there's no malware evident, I think we're done here.

For any continued support for your issue, I suggest you take it up in the Windows XP forum.

[deejay100six]

Thank you very much for your help, shall have to write to santa about an upgrade. Please feel free to mark resolved.

[tetonbob]

You're welcome.

Glaswegian has put together the following article:

PC Safety and Security--What Do I Need?

Our colleague, Miekiemoes, has put together some informative pages:

Slow Computer?

http://users.telenet.be/bluepatchy/m...wcomputer.html

Think prevention:

http://users.telenet.be/bluepatchy/m...revention.html