MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: computer is abnormally slow..
June 06, 2020, 11:06:13 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
June 06, 2020, 11:06:13 AM

Login with username, password and session length
 Featured Sites:
News
New  Got pics of your modded PC or want to show off your cool desktop, visit our new Show & Tell forum!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: computer is abnormally slow..  (Read 2699 times)
ktyure
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 38


Bookmark and Share

View Profile
« on: January 06, 2008, 07:04:58 AM »

My computer has been acting up a lot lately. It's been lagging so badly that even when I type things on my computer the speed that I type doesn't mesh with the speed the letters appear on the screen. Any help would be appreciated.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:03:03 AM, on 1/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\SYSTEM32\bgsvcgen.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\hphmon03.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\D-Link AirPlus\AirPlus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Documents and Settings\Phil\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://interface.net-prints.com/wpp/duanereade/app/opcuploader.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\SYSTEM32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7056 bytes
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: January 07, 2008, 12:02:06 AM »

There is nothing I can see in the way of malware so we could just look a bit further into the system and see if there are any in there.



This will  help to identify  malware on your system.
Please download Combofix from  any of these locations:

 Here
 or
Here

Save ComboFix to the desktop and please ensure that you disable realtime security/virus programs that  monitors your PC while CF is running.

1. Double click on combo.exe & follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Copy and Paste the contents of that log in your next reply with a new hijackthis log. Do not use Code or html unless asked for.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

Caution...Never run and remove files using ComboFix without being supervised by a security analyst.
[/b][/color]

Logged

An Australian Member of

EDDY
ktyure
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 38


Bookmark and Share

View Profile
« Reply #2 on: January 07, 2008, 11:52:29 PM »

Thanks for the quick response pancake. I have installed combofix but I don't know how to disable my norton antivirus. I have just recently installed Norton Antivirus 2008 with antispyware. I was looking for the answer at the symantec site but couldn't find an answer that helped. Would running combofix with Norton in the background not work as well? If you know how to temporary disable norton please help me. Thank you.
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #3 on: January 08, 2008, 12:07:07 AM »

Just run Combo for the time being.Dont worry to much about Nortons.
Logged

An Australian Member of

EDDY
ktyure
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 38


Bookmark and Share

View Profile
« Reply #4 on: January 08, 2008, 10:41:07 PM »

Here is my combofix log:

ComboFix 08-01-04.1 - Phil 2008-01-08 17:27:41.1 - NTFSx86
Running from: C:\Documents and Settings\Phil\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((   Files Created from 2007-12-08 to 2008-01-08  )))))))))))))))))))))))))))))))
.

2008-01-08 17:26 . 2000-08-31 08:00   51,200   --a------   C:\WINDOWS\NirCmd.exe
2008-01-06 22:11 . 2008-01-06 22:11   <DIR>   d--------   C:\WINDOWS\SYSTEM32\LogFiles
2008-01-04 19:20 . 2008-01-04 19:20   <DIR>   d--------   C:\Program Files\Windows Sidebar
2008-01-04 19:20 . 2008-01-04 19:30   <DIR>   d--------   C:\Program Files\Norton AntiVirus
2008-01-04 19:18 . 2008-01-04 19:22   123,952   --a------   C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS
2008-01-04 19:18 . 2008-01-04 19:22   60,808   --a------   C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
2008-01-04 19:18 . 2008-01-04 19:22   10,652   --a------   C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.CAT
2008-01-04 19:18 . 2008-01-04 19:22   806   --a------   C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.INF
2008-01-04 16:25 . 2008-01-04 16:25   <DIR>   d--------   C:\WINDOWS\ServicePackFiles
2008-01-04 14:27 . 2004-08-04 02:56   148,480   ---------   C:\WINDOWS\SYSTEM32\wscui.cpl
2008-01-04 14:27 . 2004-08-04 02:56   129,536   ---------   C:\WINDOWS\SYSTEM32\xmlprov.dll
2008-01-04 14:27 . 2004-08-04 02:56   108,032   ---------   C:\WINDOWS\SYSTEM32\wshbth.dll
2008-01-04 14:27 . 2004-08-04 02:56   81,408   ---------   C:\WINDOWS\SYSTEM32\wscsvc.dll
2008-01-04 14:27 . 2004-08-04 02:56   50,176   ---------   C:\WINDOWS\SYSTEM32\xmlprovi.dll
2008-01-04 14:27 . 2004-08-04 02:56   17,408   ---------   C:\WINDOWS\SYSTEM32\winshfhc.dll
2008-01-04 14:27 . 2004-08-04 02:56   13,824   ---------   C:\WINDOWS\SYSTEM32\wscntfy.exe
2008-01-04 14:25 . 2004-08-04 02:56   526,848   ---------   C:\WINDOWS\SYSTEM32\p2psvc.dll
2008-01-04 14:24 . 2004-08-04 02:56   1,737,856   ---------   C:\WINDOWS\SYSTEM32\mtxparhd.dll
2008-01-04 14:24 . 2004-08-04 00:41   1,309,184   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\mtlstrm.sys
2008-01-04 14:24 . 2004-08-04 00:29   452,736   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\mtxparhm.sys
2008-01-04 14:24 . 2004-08-04 00:41   180,360   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\ntmtlfax.sys
2008-01-04 14:24 . 2004-08-04 00:41   126,686   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\mtlmnt5.sys
2008-01-04 14:24 . 2002-04-15 21:11   67,866   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\netwlan5.img
2008-01-04 14:24 . 2004-08-04 02:56   25,600   ---------   C:\WINDOWS\SYSTEM32\netsetup.cpl
2008-01-04 14:24 . 2004-08-04 01:07   15,488   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys
2008-01-04 14:24 . 2004-08-04 01:04   12,672   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\mutohpen.sys
2008-01-04 14:23 . 2004-08-04 02:56   118,784   ---------   C:\WINDOWS\SYSTEM32\msdadiag.dll
2008-01-04 14:23 . 2004-08-04 02:56   86,016   ---------   C:\WINDOWS\SYSTEM32\mdmxsdk.dll
2008-01-04 14:23 . 2004-08-04 02:56   59,392   ---------   C:\WINDOWS\SYSTEM32\logman.exe
2008-01-04 14:23 . 2004-08-04 00:41   11,868   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys
2008-01-04 14:21 . 2004-07-18 00:55   129,045   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\cxthsfs2.cty
2008-01-04 14:21 . 2004-08-04 01:01   124,800   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\fltmgr.sys
2008-01-04 14:21 . 2004-08-04 02:56   80,384   ---------   C:\WINDOWS\SYSTEM32\firewall.cpl
2008-01-04 14:21 . 2004-08-04 02:56   22,528   ---------   C:\WINDOWS\SYSTEM32\fltmc.exe
2008-01-04 14:21 . 2004-08-04 02:56   20,992   ---------   C:\WINDOWS\SYSTEM32\faxpatch.exe
2008-01-04 14:21 . 2004-07-17 13:40   19,528   --a------   C:\WINDOWS\002317_.tmp
2008-01-04 14:21 . 2004-08-04 02:56   16,896   ---------   C:\WINDOWS\SYSTEM32\fltlib.dll
2008-01-04 14:21 . 2004-08-04 02:56   15,423   ---------   C:\WINDOWS\SYSTEM32\DRIVERS\ch7xxnt5.dll
2008-01-04 14:21 . 2004-08-04 02:56   13,824   ---------   C:\WINDOWS\SYSTEM32\cmsetacl.dll
2008-01-04 13:07 . 2005-10-20 17:20   1,082,368   --a------   C:\WINDOWS\SYSTEM32\esent.dll
2007-12-30 00:41 . 2007-12-30 00:41   <DIR>   d--------   C:\Documents and Settings\Phil\Application Data\PlayFirst
2007-12-30 00:41 . 2007-12-30 00:41   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-12-30 00:38 . 2007-12-30 00:38   <DIR>   d--------   C:\Program Files\PlayFirst
2007-12-25 12:39 . 2007-12-26 12:46   <DIR>   d--------   C:\Documents and Settings\Phil\.housecall6.6
2007-12-24 13:42 . 2008-01-04 18:45   <DIR>   d--------   C:\WINDOWS\SYSTEM32\HouseCall 6.6
2007-12-13 13:35 . 2007-12-13 13:38   <DIR>   d--------   C:\Documents and Settings\Phil\Application Data\DivX
2007-12-11 18:32 . 2007-12-04 13:38   129,784   ---------   C:\WINDOWS\SYSTEM32\pxafs.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-08 00:46   ---------   d-----w   C:\Documents and Settings\Phil\Application Data\U3
2008-01-05 01:08   ---------   d-----w   C:\Program Files\Common Files\Symantec Shared
2008-01-05 00:54   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-05 00:43   ---------   d-----w   C:\Program Files\SpywareBlaster
2008-01-05 00:22   ---------   d-----w   C:\Program Files\Symantec
2007-12-25 20:14   ---------   d-----w   C:\Documents and Settings\Phil\Application Data\SecureIE2004
2007-12-24 18:39   69,689   ----a-w   C:\WINDOWS\UNZIP.DLL
2007-12-24 18:39   208,896   ----a-w   C:\WINDOWS\PATCH.EXE
2007-12-24 18:39   1,142,784   ----a-w   C:\WINDOWS\TMUPDATE.DLL
2007-12-11 23:33   ---------   d-----w   C:\Program Files\DivX
2007-12-04 18:38   43,528   ------w   C:\WINDOWS\system32\drivers\pxhelp20.sys
2004-09-09 22:04   1,962   ---ha-w   C:\Documents and Settings\All Users\Application Data\mssaru.dat
2004-09-07 03:41   28   ----a-w   C:\Documents and Settings\Phil\Application Data\tvmcwrd.dll
2004-09-07 03:30   216,097   ----a-w   C:\Documents and Settings\Phil\Application Data\tvmknwrd.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2008-01-04 19:25   116088   --a------   C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 02:56 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-12-22 16:15 335872]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 16:24 28672 C:\WINDOWS\SYSTEM32\Ati2mdxx.exe]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 20:15 290816]
"HPHmon03"="C:\WINDOWS\System32\hphmon03.exe" [2003-01-30 18:55 311296]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 18:55 196608]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 11:43 53248]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-15 01:04 122933]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2004-03-04 20:59 487424]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 05:59 122880 C:\WINDOWS\BCMSMMSG.exe]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-02-02 15:32 155648]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-08-25 00:07 51048]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-08-24 23:53 714608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
         C:\Program Files\iTunes\iTunesHelper.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
2004-04-19 14:45   53248   --a------   c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
         C:\Program Files\Microsoft Money\System\mnyexpr.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
         C:\Program Files\Messenger\msmsgs.exe /background
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
2006-05-16 16:50   40960   --a------   C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
         C:\Program Files\QuickTime\QTTask.exe -atboottime
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-11-10 14:03   36975   --a------   C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Fax"=2 (0x2)
"wuauserv"=2 (0x2)
"DSBrokerService"=3 (0x3)

R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" [2007-08-25 00:07]
R3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 19:27]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2007-05-29 13:55]
S3 Dot4Usb HPH09;Dot4Usb HPH09;C:\WINDOWS\system32\drivers\hphius09.sys [2003-01-30 18:55]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 19:27]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2008-01-08 00:00:00 C:\WINDOWS\Tasks\AC46CB17918D7C1B.job"
- c:\progra~1\pokedo~1\Warnbikemanager.exe
"2007-12-25 19:07:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-05 00:34:22 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Phil.job"
- C:\Program Files\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-08 17:35:59
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-08 17:39:19 - machine was rebooted
ComboFix-quarantined-files.txt  2008-01-08 22:39:14
.
2008-01-04 22:38:52   --- E O F --- 
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #5 on: January 09, 2008, 12:36:39 AM »

Nothing there either...is all clean.No Malware...looks like your problem lies elsewhere.
Logged

An Australian Member of

EDDY
ktyure
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 38


Bookmark and Share

View Profile
« Reply #6 on: January 09, 2008, 01:10:58 AM »

hmmm. The problem may be that too many processes are running? Is it normal for 45 processes to be running? I don't know why but after 15 minutes of use on my computer, my cpu usage reaches 90 - 100 percent. Is there a way to determine what processes are needed and what are not? Thanks again.
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #7 on: January 09, 2008, 01:45:46 AM »

Its a matter of looking at which ones you dont want or use as often and the remove them.
Logged

An Australian Member of

EDDY
ktyure
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 38


Bookmark and Share

View Profile
« Reply #8 on: January 09, 2008, 04:35:20 AM »

Once again pancake thanks for your help. I was wondering if I it were possible to use hijackthis and post my log to show others all of the processes and if I could do that which support forum should I post it to?
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #9 on: January 09, 2008, 04:56:15 AM »

Post it to Operating Systems Microsoft and see if they can help.
Logged

An Australian Member of

EDDY
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page November 09, 2017, 11:28:55 PM