GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

slow Windows XP home edition needs some help. Logfile posted. Thankyou!

View previous topic View next topic Go down

slow Windows XP home edition needs some help. Logfile posted. Thankyou!

Post by jeremypc on Wed Jan 20, 2010 11:41 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:32:37 PM, on 1/20/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Quicken\qw.exe
C:\Program Files\Microsoft Office\Office\EXCEL.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\My Computer\My Documents\Programs\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.primericaonline.com/Login
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
R3 - URLSearchHook: (no name) - *~EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - *~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *~A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - *{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Admin\Local Settings\Application Data\CyberDefender\cdmyidd.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Admin\Local Settings\Application Data\CyberDefender\cdmyidd.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [ivhviaco] C:\Documents and Settings\My Computer\Local Settings\Application Data\gstqgv\apmasysguard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ivhviaco] C:\Documents and Settings\My Computer\Local Settings\Application Data\gstqgv\apmasysguard.exe
O4 - HKUS\S-1-5-21-1275210071-1450960922-725345543-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Tami')
O4 - HKUS\S-1-5-21-1275210071-1450960922-725345543-1007\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'Tami')
O4 - HKUS\S-1-5-21-1275210071-1450960922-725345543-1007\..\Run: [SmileboxTray] "C:\Documents and Settings\Tami\Application Data\Smilebox\SmileboxTray.exe" (User 'Tami')
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/downloads/tgctlcm.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {229055cc-b8f5-401d-8203-df988069bd61} - C:\WINDOWS\default32.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Update Service (gupdate1c9fb9d112482d4) (gupdate1c9fb9d112482d4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 11470 bytes

jeremypc
Intermediate
Intermediate

Status :
Online
Offline

Posts : 142
Joined : 2010-01-20
OS : windows xp home
Points : 27243
# Likes : 0

View user profile

Back to top Go down

Re: slow Windows XP home edition needs some help. Logfile posted. Thankyou!

Post by Doctor Inferno on Thu Jan 21, 2010 12:23 am

Hello,


  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    O4 - HKLM\..\Run: [ivhviaco] C:\Documents and Settings\My Computer\Local Settings\Application Data\gstqgv\apmasysguard.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ivhviaco] C:\Documents and Settings\My Computer\Local Settings\Application Data\gstqgv\apmasysguard.exe
    O4 - HKUS\S-1-5-21-1275210071-1450960922-725345543-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Tami')
    O4 - HKUS\S-1-5-21-1275210071-1450960922-725345543-1007\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'Tami')
    O4 - HKUS\S-1-5-21-1275210071-1450960922-725345543-1007\..\Run: [SmileboxTray] "C:\Documents and Settings\Tami\Application Data\Smilebox\SmileboxTray.exe" (User 'Tami')


  • Press "Fix Checked"
  • Close Hijack This.





During the normal operation of your computer, Windows and your other program create an awful lot of temporary files. Though it's called temporary, they don't usually get removed, so they build up.

CCleaner is a great and free utility I use to delete temporary files automatically. It's able to free up disk space and speed up your computer. Read this topic on how to install and run CCleaner.




Having a lot of programs installed on your computer can slow it down. Do you really use them all? If you don't, uninstall the ones which you do not need.

If you are using Windows XP:

  • Click Start >> Control Panel >> Add or Remove Programs
  • Select the program you want to remove to highlight it.
  • Click the Change/Remove button and follow the instructions given on screen.
  • Repeat these steps for all programmes you wish to remove.


If you are using Windows Vista or Windows 7:

  • Click Start >> Type in uninstall a program
  • Select the program you want to remove to highlight it.
  • Click the Uninstall/Change button and follow the instructions given on screen.
  • Repeat these steps for all programmes you wish to remove.





Every time you write a file to your hard drive, the drive controller has to find space on it. During this process, it break the files into fragments so that it can use the available disk space efficiently. However over time files can become very fragmented because of this, and your drive controller has to work harder to find all the fragments and combine them so that a program can use it. This slows things down, depending on the amount of fragmentation of your files, it can slow things down a lot.

So it's a good idea to defragment your hard drive. This will rearrange the fragments on your drive so they form contiguous entities which are much easier for your drive controller to deal with. Note that this is a time consuming operation, usually taking several hours if you're doing it for the first time. You can stop defragmenting any time and start again. It will continue defragmenting from where it stopped.


If you are using Windows XP:

  • Click Start >> All Programs >> Accessories >> System Tools >> Disk Defragmenter >> click the Defragment button.

If you are using Windows Vista or Windows 7:

  • Click Start >> Type in Disk Defragmenter >> click the Defragment Now button >> Select drives to defragment >> Click OK to start.



Let me know how it goes.


Please be a GeekPolice fan on Facebook!



Have we helped you? Help us! | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Status :
Online
Offline

Posts : 12017
Joined : 2007-12-26
Gender : Male
OS : Windows 7 Home Premium and Ultimate X64
Points : 104574
# Likes : 0

View user profile

Back to top Go down

Re: slow Windows XP home edition needs some help. Logfile posted. Thankyou!

Post by jeremypc on Thu Jan 21, 2010 6:49 am

I followed all of your recommendations. things are still slow, if not slower. I have service pack 2 and I'm not sure about installing service pack 3 (?). my processor is and Intel Celeron 2.53GHz and I have 2 GB RAM. I'll also tell you that I after installing the 2gig of ram ( the machine came with 512) I noticed little difference in performance.

jeremypc
Intermediate
Intermediate

Status :
Online
Offline

Posts : 142
Joined : 2010-01-20
OS : windows xp home
Points : 27243
# Likes : 0

View user profile

Back to top Go down

Re: slow Windows XP home edition needs some help. Logfile posted. Thankyou!

Post by Doctor Inferno on Thu Jan 21, 2010 11:28 pm

Hello,

I rechecked your log and realised you are infected with a rouge anti-spyware, known as Antivirus Live.

Follow the instruction here to remove it immediately:

http://www.GeekPolice.net/malware-removal-guides-f12/how-to-remove-antivirus-live-removal-guide-t16801.htm

If it doesn't work, please open a new topic here: http://www.GeekPolice.net/virus-spyware-malware-removal-f11/

With your HijackThis log posted.


Please be a GeekPolice fan on Facebook!



Have we helped you? Help us! | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Status :
Online
Offline

Posts : 12017
Joined : 2007-12-26
Gender : Male
OS : Windows 7 Home Premium and Ultimate X64
Points : 104574
# Likes : 0

View user profile

Back to top Go down

Re: slow Windows XP home edition needs some help. Logfile posted. Thankyou!

Post by jeremypc on Fri Jan 22, 2010 9:24 pm

thanks! that found 7 items. and i just used adaware and spybot s&d the other day. I suppose it could be new malware... I'll repost if my pc is still slow after this.

thanks again!

jeremypc
Intermediate
Intermediate

Status :
Online
Offline

Posts : 142
Joined : 2010-01-20
OS : windows xp home
Points : 27243
# Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum