 Windows Xp Startup And Programs Startup Very Slow, computer suddenly became very sluggish |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
 Nov 19 2007, 03:04 AM
Post
#1
|
|
|
New Member  Group: Members Posts: 11 Joined: 3-April 06 Member No.: 62,389  |
hi,
not sure whether a virus/trojan horse or whatever is affecting one of my computers. While doing regular maintenance yesterday, I ran Adware, Spybot and AVG. I removed the necessary stuff for Adware and Spybot. For AVG, it detected Trojan horse Generic9.QZA on 1 file and a Worm/Generic.DYI on another file. Both these files are just on storage and were never used or installed. I have since deleted those files. That computer was running fine both before and after the above process. However, this morning when I turned on the computer, the whole computer became very sluggish. It takes a while to start up Windows XP and also takes a while for a programs to start running. Would appreciate your kind help. It takes a long time to execute any program on that computer. Managed to run HijackThis. System Restore has been turned off. The hijackThis log is appended below (have put x's in place of numbers for one of the ip address). Thanks in advance. ========================== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:48:13 PM, on 19-Nov-07 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\FarStone\DriveClone\bin\DCSchdler.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\Program Files\NDAS\System\ndassvc.exe C:\PROGRA~1\FASTRE~1\NETFileServerEngine.exe C:\WINDOWS\Explorer.EXE C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\USBIR\FrontPanelIo.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\StartupMonitor.exe C:\Program Files\Traybar\Traybar.exe C:\Program Files\Cool Beans System Info\Cool Beans System Info.exe C:\Program Files\KFWS\bin\kfwsmon.exe C:\WINDOWS\Logi_MwX.Exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\KFWS\bin\kfwserv.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\ArGo Software Design\Mail Server\mailserver.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Abaiko Disk Space Monitor\ADSM.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe C:\Program Files\NDAS\System\ndasmgmt.exe C:\Program Files\SystemControl\SystemControl\SystemControl.exe C:\Program Files\WordWeb\wweb32.exe C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe C:\Program Files\No-IP\DUC20.exe C:\Program Files\Rainlendar\Rainlendar.exe C:\Program Files\Illustrate\Shutdown\Shutdown.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\freeCommander2006\freeCommander.exe V:\hijackthis\HiJackThis2.0.2\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {BBE59AF5-EE22-4A3A-AB26-3F774D1B4216} - C:\PROGRA~1\FOLDER~1\FOLDER~1.DLL O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O2 - BHO: IEHandler Class - {F4A27D22-E603-4B1B-B8D0-1CF7D57E56F2} - C:\Program Files\NetLeech\IEExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [USBIR1] C:\Program Files\USBIR\FrontPanelIo.exe O4 - HKLM\..\Run: [USBIR2] C:\Program Files\USBIR\Display.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [Traybar] C:\Program Files\Traybar\Traybar.exe O4 - HKLM\..\Run: [Cool Beans System Info] C:\Program Files\Cool Beans System Info\Cool Beans System Info.exe O4 - HKLM\..\Run: [KFWebServer] C:\Program Files\KFWS\bin\kfwsmon.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [Recorder.exe] C:\Program Files\Linksys\Linksys Surveillance Utility\Recorder.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [ArGoSoftMailServer] C:\Program Files\ArGo Software Design\Mail Server\mailserver.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [ADSM] C:\Program Files\Abaiko Disk Space Monitor\ADSM.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe O4 - Startup: Shutdown.lnk = C:\Program Files\Illustrate\Shutdown\Shutdown.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: NaturalColorLoad.lnk = ? O4 - Global Startup: NDAS Device Management.lnk = C:\Program Files\NDAS\System\ndasmgmt.exe O4 - Global Startup: SystemControl.lnk = ? O4 - Global Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\System32\wweb32.dll/lookup.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Download With NetLeech - C:\Program Files\NetLeech\NLExtMenu.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125039734266 O17 - HKLM\System\CCS\Services\Tcpip\..\{05BA263F-20C7-4C1C-B032-3870D4F0CE4F}: NameServer = 1xx.1xx.2xx.1xx O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: DriveClone Scheduler (DCScheduler) - Unknown owner - C:\Program Files\FarStone\DriveClone\bin\DCSchdlerSRVC.exe O23 - Service: FarStone File Event Manager (efbfsB) - Unknown owner - C:\Program Files\DriveClone\EFB\efbfsB.exe (file missing) O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe O23 - Service: Fastream NETFile FTP/Web Server (NFService) - Fastream Technologies - C:\PROGRA~1\FASTRE~1\NETFileServerEngine.exe O23 - Service: SSAJX - Sysinternals - www.sysinternals.com - C:\DOCUME~1\WUNDER~1\LOCALS~1\Temp\SSAJX.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 10653 bytes |
 |
 
|
Posts in this topic
huggiebear Windows Xp Startup And Programs Startup Very Slow Nov 19 2007, 03:04 AM
miekiemoes Hi,
Please read and perform the steps present in ... Dec 4 2007, 07:58 AM
huggiebear Hi,
Please read and perform the steps present in ... Dec 4 2007, 09:17 PM miekiemoes Good to hear everything is OK again :) Dec 5 2007, 04:04 AM
miekiemoes Since this issue appears resolved ... this Topic i... Dec 15 2007, 04:40 PM  |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2009 - 12:32 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.