Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very Slow Pc / Hijack Log


  • This topic is locked This topic is locked
5 replies to this topic

#1 Tyke

Tyke

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:25 PM

Posted 04 February 2006 - 06:56 AM

Hello there,
My pc is running very slowly, my firewall indicates that 'some' application constantly seeks access to the internet.
Anyway, here is my log. Please advise.

Logfile of HijackThis v1.99.1
Scan saved at 12:48:31, on 4-2-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WinPatrol\winpatrol.exe
C:\Program Files\Wanadoo\PC Firewall\PFWall.exe
C:\Program Files\Wanadoo\AntiVirus\AVRealTime.exe
C:\Program Files\Creative\SBLive\PlayCenter2\CTNMRun.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Wanadoo\AntiVirus\sweepsrv.sys
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.nl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door Wanadoo Cable v2.0c NL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Preventon Personal Firewall] C:\Program Files\Wanadoo\PC Firewall\PFWall.exe
O4 - HKLM\..\Run: [Preventon RealTime Antivirus] C:\Program Files\Wanadoo\AntiVirus\AVRealTime.exe
O4 - HKCU\..\Run: [asustweakenable] C:\Program Files\ASUS\Tweaking Utilities\atweak.exe /start
O4 - HKCU\..\Run: [NOMAD Detector] "C:\Program Files\Creative\SBLive\PlayCenter2\CTNMRun.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Help - {188FA04A-72D8-4379-9BF2-5DA82885D8A7} - file:///C|/Program Files/Wanadoo Cable/Help/index.html (file missing) (HKCU)
O9 - Extra button: Website - {2DD56CD1-E5CF-4534-84FA-B0C3E9C39A3F} - http://internet.casema.net/helpdesk/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.nl
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095276081188
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ASUS Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: sweepsrv.sys - Sophos Plc - C:\Program Files\Wanadoo\AntiVirus\sweepsrv.sys

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:25 AM

Posted 08 February 2006 - 06:21 PM

Hello Tyke and welcome to the BC HijackThis forum. The first thing we need to do is update the operating system on this computer.

Your operating system is extremely out of date. By not keeping the OS updated the computer is vulnerable to every infection on the net and in emails today and trying to repair an unpatched system is virtually impossible. For update purposes, Microsoft has even stopped supporting a system that is this far out of date. Go to the Microsoft Windows XP Service Pack 1.a site and install Service Pack 1a.

Once that is done, go back to the Windows Update site and install all available Critical Updates but do not install SP2 at this time. This will patch the system with the most current security fixes and plug all the known holes which are present on this system. If you are not on a broadband connection the Service Pack can be obtained from Microsoft for a nominal shipping fee.

After all of the updates have been performed post a new HijackThis log back here using the Add Reply button and I will review it when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 Tyke

Tyke
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:25 PM

Posted 10 February 2006 - 12:30 PM

Thank you for replying OldTimer! :thumbsup:

The thing is I already tried to install the Servicepack once, but my harddrive is divided into two sections (C and D), with Windows installed on the C partition and all my music and pictures and stuff on the D partition. And this C partition is too small to install the Servicepack on, yet Windows insists on installing it there. The person I bought this computer from made the C and D partitions this way, and I have no idea how to re-divide the harddrive so that I can install the Servicepack :flowers:

I have about 812 MB free disk space on the C partition for this Servicepack, which is nowhere near enough,
whereas D has 5 gigabyte free.
Please advise.

Thanks in advance.

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:25 AM

Posted 11 February 2006 - 09:21 AM

Hi Tyke. Not having enough disk space for the operating system and using an outdated operating system are probably the biggest contributing factors in poor PC performance. Other than wiping the hard drive and changing it to a single partition there are software packages like Partition Magic that can resize partitions on a hard drive without having to reformat and start all over but even 5 gig of free space isn't alot today. You might want to consider getting a new hard drive and transferring everything from both partitions on the old drive to the new drive and then using the old drive for music and picture storage.

There is nothing in the current HijackThis log that points to any viruses or malware at this time so I do not think we are looking at any type of malware issue here. If you would like to get mor information regarding Partition Magic and its use or how to transfer everything to a bigger hard drive I would suggest posting a question in the XP forum. They are the experts in the non-malware issues and might have some additional things that you could try.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 Tyke

Tyke
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:25 PM

Posted 12 February 2006 - 04:41 AM

Thank you so much for your time, OT. I'll take the question over to the XP forum then.

Cheers.
Tyke

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:25 AM

Posted 12 February 2006 - 08:34 AM

You are very welcome Tyke. Now that any questions regarding malware have been resolved I will close this topic. If you have any new issues in the future please start a new topic.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users