MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: New Performance problems
November 19, 2019, 01:44:23 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 19, 2019, 01:44:23 PM

Login with username, password and session length
 Featured Sites:
News
New  Got pics of your modded PC or want to show off your cool desktop, visit our new Show & Tell forum!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] 2 Go Down Print
Author Topic: New Performance problems  (Read 3214 times)
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« on: August 09, 2006, 06:39:18 PM »

Hi

I've come to ask for your great help once more.  My computer is very slow and sometimes reboots itself.  Here is my latest HJT file.  Any help would be again be appreciated

 Logfile of HijackThis v1.99.0
Scan saved at 19:30:17, on 09/08/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINNT\System32\smss.exe
F:\WINNT\system32\winlogon.exe
F:\WINNT\system32\services.exe
F:\WINNT\system32\lsass.exe
F:\WINNT\System32\Ati2evxx.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\system32\LEXBCES.EXE
F:\WINNT\system32\spoolsv.exe
F:\WINNT\system32\LEXPPS.EXE
F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
F:\WINNT\System32\CTsvcCDA.EXE
F:\WINNT\System32\svchost.exe
F:\Program Files\ewido anti-spyware 4.0\guard.exe
F:\WINNT\system32\hidserv.exe
F:\Program Files\Ahead\InCD\InCDsrv.exe
f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
F:\WINNT\system32\regsvc.exe
F:\WINNT\system32\MSTask.exe
F:\WINNT\system32\stisvc.exe
F:\WINNT\System32\WBEM\WinMgmt.exe
F:\WINNT\System32\MsPMSPSv.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\Explorer.EXE
F:\WINNT\system32\wuauclt.exe
F:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
F:\WINNT\system32\atiptaxx.exe
F:\WINNT\system32\desk95.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
F:\PROGRA~1\mcafee.com\agent\mcagent.exe
F:\Program Files\ScanSoft\OmniPageSE\opware32.exe
F:\Program Files\Creative\ShareDLL\CtNotify.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
F:\Program Files\Ahead\InCD\InCD.exe
F:\Program Files\Creative\ShareDLL\MediaDet.Exe
F:\WINNT\System32\LXSUPMON.EXE
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
F:\Program Files\QuickTime\qttask.exe
F:\Program Files\ATI Multimedia\main\launchpd.exe
F:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
F:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
F:\Program Files\Eraser\eraser.exe
F:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\BTopenworld NetHelp\bin\mpbtn.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe
F:\Program Files\Microsoft Office\Office10\WINWORD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BT Yahoo! Broadband
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINNT\System32\msdxm.ocx
O3 - Toolbar: BT Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "F:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HydarVisionDesktopManager] desk95.exe
O4 - HKLM\..\Run: [MPFExe] F:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] f:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Omnipage] F:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Disc Detector] F:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] F:\WINNT\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] F:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] F:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] F:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LXSUPMON] F:\WINNT\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ATI Launchpad] "F:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [TaskTray] F:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] F:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [Jet Detection] F:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKCU\..\Run: [RealPlayer] "F:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Eraser] F:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "F:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [NBJ] "F:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NetHelp.lnk = F:\Program Files\BTopenworld NetHelp\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: BT Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - F:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra 'Tools' menuitem: BT &Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - F:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINNT\web\related.htm
O9 - Extra button: Homepage - {62A0A383-836B-44F9-8463-4628BEFE05CF} - http://bt.yahoo.com (file missing) (HKCU)
O9 - Extra button: BT - {B04D766B-68CC-46E1-A7E7-010497212F63} - http://www.bt.com (file missing) (HKCU)
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - F:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/301a7b5783bef261ea02/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146413869732
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4749/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17BC936A-87F9-4C74-9FB9-855A3F6CA1A7}: NameServer = 194.74.65.69 62.6.40.178
O23 - Service: Ati HotKey Poller - Unknown - F:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINNT\System32\CTsvcCDA.EXE
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - F:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper - Nero AG - F:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server - Lexmark International, Inc. - F:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Task Scheduler - McAfee, Inc - f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager - McAfee, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service - McAfee Corporation - F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

Logged

 
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #1 on: August 11, 2006, 12:04:55 PM »

Also to add the computer also keeps on freezing. 

OK also to add is I get a Program error window on startup saying

svchost.exe has generated errors and will be closed by windows
You will need to restart the program

An error log is being created


Any help would be good
« Last Edit: August 11, 2006, 06:45:44 PM by alwins » Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #2 on: August 13, 2006, 08:53:37 PM »

Download and install the newest version of HJT from here
HiJackThis .
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #3 on: August 13, 2006, 10:33:16 PM »

OK done and here is the latest HJT log

Logfile of HijackThis v1.99.1
Scan saved at 23:30:05, on 13/08/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINNT\System32\smss.exe
F:\WINNT\system32\winlogon.exe
F:\WINNT\system32\services.exe
F:\WINNT\system32\lsass.exe
F:\WINNT\System32\Ati2evxx.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\system32\LEXBCES.EXE
F:\WINNT\system32\spoolsv.exe
F:\WINNT\system32\LEXPPS.EXE
F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
F:\WINNT\System32\CTsvcCDA.EXE
F:\WINNT\System32\svchost.exe
F:\WINNT\system32\hidserv.exe
F:\Program Files\Ahead\InCD\InCDsrv.exe
f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
F:\WINNT\system32\regsvc.exe
F:\WINNT\system32\MSTask.exe
F:\WINNT\system32\stisvc.exe
F:\WINNT\System32\WBEM\WinMgmt.exe
F:\WINNT\System32\MsPMSPSv.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\Explorer.EXE
F:\WINNT\system32\wuauclt.exe
F:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
F:\WINNT\system32\atiptaxx.exe
F:\WINNT\system32\desk95.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
F:\PROGRA~1\mcafee.com\agent\mcagent.exe
F:\Program Files\ScanSoft\OmniPageSE\opware32.exe
F:\Program Files\Creative\ShareDLL\CtNotify.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
F:\Program Files\Ahead\InCD\InCD.exe
F:\WINNT\System32\LXSUPMON.EXE
F:\Program Files\iTunes\iTunesHelper.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\QuickTime\qttask.exe
F:\Program Files\ATI Multimedia\main\launchpd.exe
F:\Program Files\Creative\ShareDLL\MediaDet.Exe
F:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
F:\Program Files\Eraser\eraser.exe
F:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\BTopenworld NetHelp\bin\mpbtn.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
F:\PROGRA~1\WINZIP\winzip32.exe
F:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BT Yahoo! Broadband
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINNT\System32\msdxm.ocx
O3 - Toolbar: BT Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "F:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HydarVisionDesktopManager] desk95.exe
O4 - HKLM\..\Run: [MPFExe] F:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] f:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Omnipage] F:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Disc Detector] F:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] F:\WINNT\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] F:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] F:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] F:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LXSUPMON] F:\WINNT\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ATI Launchpad] "F:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [TaskTray] F:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] F:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [Jet Detection] F:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKCU\..\Run: [RealPlayer] "F:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Eraser] F:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "F:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [NBJ] "F:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NetHelp.lnk = F:\Program Files\BTopenworld NetHelp\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: BT Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - F:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra 'Tools' menuitem: BT &Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - F:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINNT\web\related.htm
O9 - Extra button: Homepage - {62A0A383-836B-44F9-8463-4628BEFE05CF} - http://bt.yahoo.com (file missing) (HKCU)
O9 - Extra button: BT - {B04D766B-68CC-46E1-A7E7-010497212F63} - http://www.bt.com (file missing) (HKCU)
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - F:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/301a7b5783bef261ea02/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146413869732
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4749/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17BC936A-87F9-4C74-9FB9-855A3F6CA1A7}: NameServer = 194.74.65.69 62.6.40.178
O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINNT\System32\CTsvcCDA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - F:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - F:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - F:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe



Thnaks
Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #4 on: August 14, 2006, 02:00:08 AM »

    Hello again, I'm not seeing too much in your log. Plz follow these instructions


    Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.



    You are running Hijack This from a temporary directory. It needs to be in a permanent folder. Please go into Windows Explorer, click on C:\ then click on File > New > Folder and call it 
HJT , or another name of your choice. The program creates backup files that we may need to use later. If the program is in a Temporary folder, files may be deleted by you or automatically if your system is set to empty temp files.




Perform an online scan with Internet Explorer with  Panda ActiveScan

Click on the "Free To Use ActiveScan" located on the top right hand corner
  • Click Check Now and a "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
  • Enter your e-mail address, country, and state & click Scan Now   * The download of the 8 MB Panda's ActiveX control will take place *
Begin the scan by selecting My Computer
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
  • Click on See report then click Save report
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan




Download and install CleanUp! but do not run it yet.




Go to My Computer >Tools >View >Folder Options tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option.


For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).


Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).



Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
    O9 - Extra button: Homepage - {62A0A383-836B-44F9-8463-4628BEFE05CF} - http://bt.yahoo.com (file missing) (HKCU)
O9 - Extra button: BT - {B04D766B-68CC-46E1-A7E7-010497212F63} - http://www.bt.com (file missing) (HKCU)



Please remember to close all other windows, including browsers then click Fix checked.

 

*WARNING* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
  • Click on the
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #5 on: August 19, 2006, 07:04:12 PM »

Hi

I have tried for the last 5 days to complete a panda scan but my machine always ends up freezing and i  have to reboot.  I have managed to use HJT and cleanup and here is my latest HJT file

Logfile of HijackThis v1.99.1
Scan saved at 19:58:39, on 19/08/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINNT\System32\smss.exe
F:\WINNT\system32\winlogon.exe
F:\WINNT\system32\services.exe
F:\WINNT\system32\lsass.exe
F:\WINNT\System32\Ati2evxx.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\system32\LEXBCES.EXE
F:\WINNT\system32\spoolsv.exe
F:\WINNT\system32\LEXPPS.EXE
F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
F:\WINNT\System32\CTsvcCDA.EXE
F:\WINNT\System32\svchost.exe
F:\Program Files\ewido anti-spyware 4.0\guard.exe
F:\WINNT\system32\hidserv.exe
F:\Program Files\Ahead\InCD\InCDsrv.exe
f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
F:\WINNT\system32\regsvc.exe
F:\WINNT\system32\MSTask.exe
F:\WINNT\system32\stisvc.exe
F:\WINNT\System32\WBEM\WinMgmt.exe
F:\WINNT\System32\MsPMSPSv.exe
F:\WINNT\system32\svchost.exe
F:\WINNT\Explorer.EXE
F:\WINNT\system32\wuauclt.exe
F:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
F:\WINNT\system32\atiptaxx.exe
F:\WINNT\system32\desk95.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
F:\Program Files\ScanSoft\OmniPageSE\opware32.exe
F:\Program Files\Creative\ShareDLL\CtNotify.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
F:\Program Files\Ahead\InCD\InCD.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Creative\ShareDLL\MediaDet.Exe
F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\QuickTime\qttask.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
F:\WINNT\system32\LXSUPMON.EXE
F:\Program Files\ATI Multimedia\main\launchpd.exe
f:\program files\mcafee.com\agent\mcagent.exe
F:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
F:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
F:\Program Files\Eraser\eraser.exe
F:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\BTopenworld NetHelp\bin\mpbtn.exe
F:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BT Yahoo! Broadband
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINNT\System32\msdxm.ocx
O3 - Toolbar: BT Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "F:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HydarVisionDesktopManager] desk95.exe
O4 - HKLM\..\Run: [MPFExe] F:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] f:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Omnipage] F:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Disc Detector] F:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] F:\WINNT\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] F:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] F:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] F:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LXSUPMON] F:\WINNT\system32\LXSUPMON.EXE RUN
O4 - HKCU\..\Run: [ATI Launchpad] "F:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [TaskTray] F:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] F:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [Jet Detection] F:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKCU\..\Run: [RealPlayer] "F:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [Eraser] F:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "F:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [NBJ] "F:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NetHelp.lnk = F:\Program Files\BTopenworld NetHelp\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: BT Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - F:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra 'Tools' menuitem: BT &Yahoo! Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - F:\Program Files\Yahoo!\browser\ysidebarIE.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - F:\WINNT\web\related.htm
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - F:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/301a7b5783bef261ea02/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146413869732
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4749/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17BC936A-87F9-4C74-9FB9-855A3F6CA1A7}: NameServer = 194.74.65.69 62.6.40.178
O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINNT\System32\CTsvcCDA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - F:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - F:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - F:\WINNT\system32\LEXBCES.EXE
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe



Once again thanks for your help

Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #6 on: August 19, 2006, 08:29:10 PM »

What were the results of the memory test and hard drive test? Did they both pass?

What are the specs of your system?

You have alot of processes running at startup that do not need to be running. This could be why your system is slow. Do you know how to stop processes from running at startup? Start/Run and type in msconfig. Click the startup tab and uncheck unecessary processes then reboot. Make sur you know what you are unchecking as some processes need to be running.

Once again I see nothing in your HJT log, it is clean.
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #7 on: August 20, 2006, 07:53:10 AM »

Memory test passed but could not run the hard drive test due to freezing

My specs are

AMD Athlon XP 1900+
1024 MB RAM
Windows 2000 SP4
Master Drive 130 GB
Slave Drive 80GB


I could not run the msconfig file. I get a file not found error
Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #8 on: August 20, 2006, 04:10:35 PM »

If you cannot successfully run the hard drive utility then I would suspect a faulty hard drive.
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #9 on: August 20, 2006, 07:30:38 PM »

OK Thanks

Is there any other way I can remove the processes at start up?
Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #10 on: August 21, 2006, 08:37:00 PM »

You can install Spybot S&D. Change the Mode to Advanced Mode. Click on Tools/System Startup. Here you can uncheck what you dont want running at Startup.
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #11 on: August 25, 2006, 06:55:38 PM »

OK it seems a bit better but I still can't run the Panda Scan
Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #12 on: August 25, 2006, 07:13:45 PM »

When you performed the hard drive test at what part of the test did it freeze? Where you half way in, just starting ??
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
alwins
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 69


Bookmark and Share

View Profile
« Reply #13 on: August 25, 2006, 10:55:39 PM »

I was just over half way also I tried doing the scan with spybot in safe mode and normal and every time it ended up freezing and I ended rebooting
Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #14 on: August 28, 2006, 11:14:09 PM »

It should nto freeze in the middle of the test, doesnt look promising for your drive IMO
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
Pages: [1] 2 Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page September 06, 2017, 10:19:04 PM