Question:
My machine is quite slow, have done all the normal "housekeeping".
Is there anything on here that may contribute to the slowness of the computer?
Logfile of HijackThis v1.99.1
Scan saved at 22:09:38, on 29/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Documents and Settings\Glicky\My Documents\Unzipped\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - !!53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Add to Windows &Live Favorites -
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ieSpell - !!0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - !!0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - !!1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - !!1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/broadband
O16 - DPF: !!09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) -
O16 - DPF: !!17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: !!79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) -
O16 - DPF: !!9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\!!702088F2-8327-43BD-BB54-1A8E86178084}: NameServer = 212.139.132.24 212.139.132.25
O18 - Protocol: msnim - !!828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Thanks - appreciate it!
Answers:
what Norton Products do you have ??
Symantec Security Center ??
does that not include antivirus ??
Answers:
what Norton Products do you have ??
Symantec Security Center ??
does that not include antivirus ??
It's called Norton Systemworks and it doesn't include antivirus.
Answers:
norton and AVG ??
try running this
Answers:
norton and AVG ??
try running this
Thanks for replying, but what does this do?
Answers:
it will scan your system for nasties and kill them.
try defragmenting your HDD and running spybot
Answers:
it will scan your system for nasties and kill them.
try defragmenting your HDD and running spybot
I have done that but it seems to not make any difference.
Answers:
read this
Answers:
theres no point in running smitfraudfix...it;s not a smitfraud infection
your log looks clear as it goes
Answers:
theres no point in running smitfraudfix...it;s not a smitfraud infection
your log looks clear as it goes
Oh ... OK, you are the experts. I wonder what it can be then?
Answers:
you could try swapping AVg for avast, AVG is sometimes known to slow PC's just recently...
Answers:
also try downloading and running this
it's a rootkit scanner, tell me if it finds anything
Answers:
also try downloading and running this
it's a rootkit scanner, tell me if it finds anything
OK ... will do! Thanks again for your help!
Answers:
This minor pest can go:
O16 - DPF: !!09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) -
I think Browntoa touched upon on this earlier but Norton SystemWorks does have anti-virus protection built in to the program and several of the modules are still active. Has the SystemWorks license expired? If so, do the system maintenance features remain active? Is that why you still have Norton installed?
I would suggest that AVG anti-virus (not spyware) is playing havoc with the Norton installation. Maybe you could confirm exactly what the situation is with your Norton license?
Answers:
This minor pest can go:
O16 - DPF: !!09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) -
I think Browntoa touched upon on this earlier but Norton SystemWorks does have anti-virus protection built in to the program and several of the modules are still active. Has the SystemWorks license expired? If so, do the system maintenance features remain active? Is that why you still have Norton installed?
I would suggest that AVG anti-virus (not spyware) is playing havoc with the Norton installation. Maybe you could confirm exactly what the situation is with your Norton license?
Thanks for that - gotten rid of the "minor pest"
Regarding the Norton Systemworks. I only have installed:
Disc Doctor
System Doctor
Win Doctor
Speed Disc and
UnErase Wizard
The rest is not installed. Can that be what is causing the problem then?
Answers:
well speed disk is running in that log ?? worth a try disabling bits
Answers:
Slightly confused, this says you use tiscali,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
but this p2p software is normally only installed if you use "Sky By Broadband",
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
although it could possibly have been linked to the 1-click entry, as 1-click supply dvd copying / ripping, software and to the best of my knowledge is not either spyware or adware.
1-click also supply
Video on-demand,
Video Podcasting,
P2P streaming.
For viewing streaming films etc, online.
.
Answers:
Slightly confused, this says you use tiscali,
but this p2p software is normally only installed if you use "Sky By Broadband",
although it could possibly have been linked to the 1-click entry, as 1-click supply dvd copying / ripping, software and to the best of my knowledge is not either spyware or adware.
1-click also supply
Video on-demand,
Video Podcasting,
P2P streaming.
For viewing streaming films etc, online.
.
I was subscribed to Sky where you could watch films online, but I decided against it! I think I'll get rid of that one - thanks.