Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Substantial Lag Noticed


  • Please log in to reply
5 replies to this topic

#1 garnetwr

garnetwr

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 10 March 2006 - 11:39 PM

Over the past few weeks, I've noticed a substantial shift in my PC's performance... specifically, it has started to open and refresh IE very slowly.

I have already posted a HJT log file and was told it was clean. OldTimer suggested I post my concern here and have someone attempt to analyze the problem.

I have already run Ad-Aware SE (negligable finds), Spybot S&D (2 finds removed) and one other piece of software (2 finds removed)... system is still running slow.

What additional information can I provide?

BC AdBot (Login to Remove)

 


#2 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:23 PM

Posted 11 March 2006 - 12:25 AM

See the checklist here, step 4 in particular:

http://www.bleepingcomputer.com/forums/t/44690/slow-computer/

Regards,
John
Whereof one cannot speak, thereof one should be silent.

#3 garnetwr

garnetwr
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 14 March 2006 - 08:16 PM

See the checklist here, step 4 in particular:

http://www.bleepingcomputer.com/forums/t/44690/slow-computer/


Uncontrolled Applications

Step 4.
Review applications that self-launch on startup. You computer can be a battleground for your attention. Many programs, for instance, install a quick-launch feature that allows them to be opened quickly; other programs will include an automatic update feature that requires them to be running in the background. Each of these slows down your launching Windows and each requires a small bit of resources while your computer is running.
The easiest way to review and than to manage start-ups is to use one of the many small utilities available (see the BC list of free applications). If, for example, you have Spybot Search and Destroy, you can use its startup tool that lists startups and allows you to turn off any you do not need. If you are unsure about what can be safely deleted, remember that BC maintains a very comprehensive Startup Database that includes information about whether the questioned item is needed, optional, or not needed.
At the same time, remember that all those icons on your Desktop also take a small amount of boot time to place themselves.

Regards,
John


:thumbsup: I've reviewed the startup list in Spybot S&D; however, I'm not sure what should or should not be checked or unchecked. I have included the Startup log (along with 3 other reports) below. Please advise after reviewing these reports.

:cool: STARTUP LOG
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 357888
MD5: 679093afd939b3c1b88110ebf859984d

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 71328
MD5: f1f54205eaad3e37ca2c5a13437bb947

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 102455
MD5: 946bab1251f68c29d60162ad45121862

Located: HK_LM:Run, gcasServ
command: "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
file: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: e8177b5150cab1509d2e9807c3f6366c

Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\System32\hkcmd.exe
file: C:\WINDOWS\System32\hkcmd.exe
size: 106496
MD5: 17a09295aa7aa0ce20a3117a738f511d

Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06a1ecb63df139ec639e084d4ab3c9d7

Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\System32\igfxtray.exe
file: C:\WINDOWS\System32\igfxtray.exe
size: 155648
MD5: 202012e84e401c92e2e0c158a0dff510

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: c81be1b951c36e97d3da90da745da5f7

Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: 13922eb54890c77005268882629a31fe

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 364544
MD5: 7e84f46c1205996fb1b93a590fc397ba

Located: HK_LM:Run, PreloadApp
command: c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
file: c:\hp\drivers\printers\photosmart\hphprld.exe
size: 36864
MD5: 18575be35bb3312614c035352496f841

Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 90112
MD5: ff8ccc86c4e42f59b189bd28d362b599

Located: HK_LM:Run, QBCD Autorun
command: E:\autorun.exe restart QB_SEQUENCE first

Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 212992
MD5: d892b4e7dec77e7087bcab3e6d673f4c

Located: HK_LM:Run, Share-to-Web Namespace Daemon
command: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
file: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
size: 69632
MD5: 2f2bc80803f0638f6738e37f769e4bd0

Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: f9418981ee4d7e995d359833adab59d5

Located: HK_LM:Run, QAGENT (DISABLED)
command: C:\PROGRA~1\QUICKENW\QAGENT.EXE
file: C:\PROGRA~1\QUICKENW\QAGENT.EXE
size: 94208
MD5: a2af9dda0419abee9b8d10085f0c0a90

Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: c74c7963eec07af49dce44d64819b2bf

Located: HK_LM:RunOnceEx, (DISABLED)
command:

Located: HK_CU:Run, E6TaskPanel
command: "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
file: C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
size: 921600
MD5: bc5a485c63cf509ab6818564f10dde82

Located: HK_CU:Run, SpybotSD TeaTimer
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1038336
MD5: 58f7e6434d285f4c98ad3621e0bd8c8d

Located: HK_CU:Run, SpySweeper
command: "C:\Program Files\EarthLink TotalAccess\Spyware Blocker\SpywareBlocker.exe" /0
file: C:\Program Files\EarthLink TotalAccess\Spyware Blocker\SpywareBlocker.exe
size: 2523648
MD5: b7e216ec9b8566983efc1fb708b1831b

Located: Startup (user), SpywareGuard.lnk
command: C:\Program Files\SpywareGuard\sgmain.exe
file: C:\Program Files\SpywareGuard\sgmain.exe
size: 360448
MD5: 61c028aba5e49573a6332f4a7c744e87

:flowers: PROCESS LIST
Spybot - Search && Destroy process list report, 3/14/2006 6:56:16 PM

PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 124 ( 596) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
PID: 176 ( 596) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
PID: 192 ( 596) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
PID: 216 ( 596) C:\Program Files\ewido anti-malware\ewidoctrl.exe
PID: 320 ( 596) C:\WINDOWS\system32\drivers\KodakCCS.exe
PID: 340 ( 596) C:\Program Files\Norton AntiVirus\navapsvc.exe
PID: 460 ( 4) \SystemRoot\System32\smss.exe
PID: 504 ( 596) C:\Program Files\PurgeIE\PurgPro_Service.exe
PID: 516 ( 460) \??\C:\WINDOWS\system32\csrss.exe
PID: 540 ( 460) \??\C:\WINDOWS\system32\winlogon.exe
PID: 596 ( 540) C:\WINDOWS\system32\services.exe
PID: 608 ( 540) C:\WINDOWS\system32\lsass.exe
PID: 812 ( 596) C:\WINDOWS\system32\svchost.exe
PID: 860 ( 596) C:\WINDOWS\system32\svchost.exe
PID: 896 ( 596) C:\Program Files\Norton AntiVirus\SAVScan.exe
PID: 928 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 952 ( 596) C:\WINDOWS\System32\ScsiAccess.EXE
PID: 992 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 1028 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 1052 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 1168 ( 596) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PID: 1220 ( 596) C:\WINDOWS\system32\wdfmgr.exe
PID: 1372 ( 596) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PID: 1380 (1292) C:\WINDOWS\Explorer.EXE
PID: 1612 ( 596) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PID: 1632 ( 596) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
PID: 17724 ( 812) C:\Program Files\EarthLink TotalAccess\MailSvr.exe
PID: 1836 ( 596) C:\WINDOWS\system32\spoolsv.exe
PID: 2028 ( 596) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PID: 2280 ( 596) C:\WINDOWS\System32\alg.exe
PID: 2432 (1380) C:\windows\system\hpsysdrv.exe
PID: 2464 (1380) C:\WINDOWS\system32\dla\tfswctrl.exe
PID: 2480 (1380) C:\WINDOWS\System32\igfxtray.exe
PID: 2488 (1380) C:\WINDOWS\System32\hkcmd.exe
PID: 2548 (1380) C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
PID: 2568 (1380) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PID: 2696 (1380) C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
PID: 2732 ( 812) C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PID: 2904 (1380) C:\HP\KBD\KBD.EXE
PID: 3084 (1380) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
PID: 3160 (1380) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID: 3180 (1380) C:\Program Files\EarthLink TotalAccess\Spyware Blocker\SpywareBlocker.exe
PID: 3200 (1380) C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
PID: 3252 ( 812) C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
PID: 3260 (1380) C:\Program Files\SpywareGuard\sgmain.exe
PID: 3296 ( 812) C:\Program Files\Messenger\msmsgs.exe
PID: 3348 (3260) C:\Program Files\SpywareGuard\sgbhp.exe
PID: 3660 (1380) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PID: 6724 (1380) C:\Program Files\Internet Explorer\iexplore.exe
PID: 8588 ( 540) C:\WINDOWS\system32\taskmgr.exe

:trumpet: WINSOCK REPORT
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD nwlnkipx [IPX]
GUID: {11058240-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware UPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkipx *

Protocol 6: MSAFD nwlnkspx [SPX]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 7: MSAFD nwlnkspx [SPX] [Pseudo Stream]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 8: MSAFD nwlnkspx [SPX II]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 9: MSAFD nwlnkspx [SPX II] [Pseudo Stream]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 10: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{727575B3-0A69-4B04-A5E9-EAF575E758B4}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{727575B3-0A69-4B04-A5E9-EAF575E758B4}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A5D58E2-3F79-452F-8DB4-9B689ACF20CB}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A5D58E2-3F79-452F-8DB4-9B689ACF20CB}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ED1D9504-D184-4FC8-9247-9E2D5AC54D25}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ED1D9504-D184-4FC8-9247-9E2D5AC54D25}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09DE6183-7C63-4F31-B6DE-965EE97828EA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09DE6183-7C63-4F31-B6DE-965EE97828EA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{65156428-E8D9-493F-AD8C-9DC55CF697E0}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{65156428-E8D9-493F-AD8C-9DC55CF697E0}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5CF02133-7DCE-4F21-A7C6-1C7283A31786}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5CF02133-7DCE-4F21-A7C6-1C7283A31786}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
GUID: {E02DAAF0-7E9F-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\nwprovau.dll
Description: Microsoft Windows NT/2k/XP Novell Netware name space provider
DB filename: %SystemRoot%\system32\nwprovau.dll
DB protocol: NWLink IPX/SPX/NetBIOS*

:inlove: ALL INCLUSIVE REPORT

--- Search result list ---

--- Spybot - Search && Destroy version: 1.3 ---
2006-03-03 Includes\Cookies.sbi
2006-03-03 Includes\Dialer.sbi
2006-03-03 Includes\Hijackers.sbi
2006-03-03 Includes\Keyloggers.sbi
2004-11-29 Includes\LSP.sbi
2006-03-03 Includes\Malware.sbi
2003-04-28 Includes\plugin-ignore.ini
2006-03-03 Includes\PUPS.sbi
2006-03-03 Includes\Revision.sbi
2006-03-03 Includes\Security.sbi
2006-03-03 Includes\Spybots.sbi
2005-02-17 Includes\Tracks.uti
2006-03-03 Includes\Trojans.sbi


--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ MSXML4: Patch Available For XMLHTTP Vulnerability
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)


--- Startup entries list ---
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 357888
MD5: 679093afd939b3c1b88110ebf859984d

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 71328
MD5: f1f54205eaad3e37ca2c5a13437bb947

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 102455
MD5: 946bab1251f68c29d60162ad45121862

Located: HK_LM:Run, gcasServ
command: "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
file: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: e8177b5150cab1509d2e9807c3f6366c

Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\System32\hkcmd.exe
file: C:\WINDOWS\System32\hkcmd.exe
size: 106496
MD5: 17a09295aa7aa0ce20a3117a738f511d

Located: HK_LM:Run, hpsysdrv
command: c:\windows\system\hpsysdrv.exe
file: c:\windows\system\hpsysdrv.exe
size: 52736
MD5: 06a1ecb63df139ec639e084d4ab3c9d7

Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\System32\igfxtray.exe
file: C:\WINDOWS\System32\igfxtray.exe
size: 155648
MD5: 202012e84e401c92e2e0c158a0dff510

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KBD.EXE
file: C:\HP\KBD\KBD.EXE
size: 61440
MD5: c81be1b951c36e97d3da90da745da5f7

Located: HK_LM:Run, KernelFaultCheck
command: %systemroot%\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: 13922eb54890c77005268882629a31fe

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 364544
MD5: 7e84f46c1205996fb1b93a590fc397ba

Located: HK_LM:Run, PreloadApp
command: c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
file: c:\hp\drivers\printers\photosmart\hphprld.exe
size: 36864
MD5: 18575be35bb3312614c035352496f841

Located: HK_LM:Run, PS2
command: C:\WINDOWS\system32\ps2.exe
file: C:\WINDOWS\system32\ps2.exe
size: 90112
MD5: ff8ccc86c4e42f59b189bd28d362b599

Located: HK_LM:Run, QBCD Autorun
command: E:\autorun.exe restart QB_SEQUENCE first

Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file: C:\WINDOWS\SMINST\RECGUARD.EXE
size: 212992
MD5: d892b4e7dec77e7087bcab3e6d673f4c

Located: HK_LM:Run, Share-to-Web Namespace Daemon
command: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
file: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
size: 69632
MD5: 2f2bc80803f0638f6738e37f769e4bd0

Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: f9418981ee4d7e995d359833adab59d5

Located: HK_LM:Run, QAGENT (DISABLED)
command: C:\PROGRA~1\QUICKENW\QAGENT.EXE
file: C:\PROGRA~1\QUICKENW\QAGENT.EXE
size: 94208
MD5: a2af9dda0419abee9b8d10085f0c0a90

Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: c74c7963eec07af49dce44d64819b2bf

Located: HK_LM:RunOnceEx, (DISABLED)
command:

Located: HK_CU:Run, E6TaskPanel
command: "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
file: C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
size: 921600
MD5: bc5a485c63cf509ab6818564f10dde82

Located: HK_CU:Run, SpybotSD TeaTimer
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1038336
MD5: 58f7e6434d285f4c98ad3621e0bd8c8d

Located: HK_CU:Run, SpySweeper
command: "C:\Program Files\EarthLink TotalAccess\Spyware Blocker\SpywareBlocker.exe" /0
file: C:\Program Files\EarthLink TotalAccess\Spyware Blocker\SpywareBlocker.exe
size: 2523648
MD5: b7e216ec9b8566983efc1fb708b1831b

Located: Startup (user), SpywareGuard.lnk
command: C:\Program Files\SpywareGuard\sgmain.exe
file: C:\Program Files\SpywareGuard\sgmain.exe
size: 360448
MD5: 61c028aba5e49573a6332f4a7c744e87



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx
AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/14/2004 12:56:50 AM
Date (last access): 3/14/2006 6:41:32 PM
Date (last write): 12/14/2004 12:56:50 AM
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 0.7.0.0

{4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuard Download Protection)
BHO name: SpywareGuard Download Protection
CLSID name: SpywareGuardDLBLOCK.CBrowserHelper
description: SpywareGuard download protection
classification: Legitimate
known filename: dlprotect.dll
info link: http://www.wilderssecurity.net/spywareguard.html
info source: TonyKlein
Path: C:\Program Files\SpywareGuard\
Long name: dlprotect.dll
Short name: DLPROT~1.DLL
Date (created): 8/2/2003 11:24:02 PM
Date (last access): 3/14/2006 6:45:46 PM
Date (last write): 8/2/2003 11:24:02 PM
Filesize: 192512
Attributes: readonly archive
MD5: 964621E8B2415FEAA99026ED4F29D198
CRC32: DC8CF59D
Version: 0.2.0.2

{4B5F2E08-6F39-479a-B547-B2026E4C7EDF} (PnIEBrowserHelperObj Class)
BHO name:
CLSID name: PnIEBrowserHelperObj Class
Path: C:\Program Files\EarthLink TotalAccess\
Long name: PnEL.dll
Short name:
Date (created): 6/18/2004 8:35:46 PM
Date (last access): 3/14/2006 6:19:30 PM
Date (last write): 6/18/2004 8:35:46 PM
Filesize: 438272
Attributes: archive
MD5: 1C356115DBFA056149CEBBDF84B275DB
CRC32: A7F39B96
Version: 7.213.0.1



--- ActiveX list ---
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

ppctlcab (ppctlcab)
DPF name: ppctlcab
CLSID name:

{02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control)
DPF name:
CLSID name: Microsoft Office Template and Media Control
Path: C:\PROGRA~1\MICROS~2\OFFICE11\
Long name: IEAWSDC.DLL
Short name:
Date (created): 3/12/2004 12:36:20 PM
Date (last access): 3/14/2006 5:42:14 PM
Date (last write): 3/12/2004 12:36:20 PM
Filesize: 87240
Attributes: archive
MD5: 80D199A62276EF5B01BE351A9712AD89
CRC32: 6E6B8977
Version: 0.11.0.0

{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Path: C:\WINDOWS\Downloaded Program Files\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 11/12/2004 2:33:48 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 11/12/2004 2:33:48 PM
Filesize: 346888
Attributes: archive
MD5: 40FC24CEF49EAF0EBC7C51C67F89A952
CRC32: C2CCDE24
Version: 0.1.0.0

{200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class)
DPF name:
CLSID name: VerifyGMN Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: hpobjinstaller_gmn.dll
Short name: HPOBJI~1.DLL
Date (created): 6/29/2005 3:57:26 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 6/29/2005 3:57:26 PM
Filesize: 553632
Attributes: archive
MD5: 2934C965E5AB63C6B2467F53A2F2B0C9
CRC32: AE1783BE
Version: 0.1.0.0

{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:

{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 1/18/2005 12:07:18 AM
Date (last access): 3/14/2006 5:52:20 PM
Date (last write): 1/18/2005 12:07:18 AM
Filesize: 326656
Attributes: archive
MD5: 20393D64F69F26361A97FD9AFB3C9243
CRC32: 0B4DBA7F
Version: 0.11.0.0

{427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control)
DPF name:
CLSID name: Pixami Image Editor Control
Path: C:\WINDOWS\DOWNLO~1\
Long name: BPImageEditor.ocx
Short name: BPIMAG~1.OCX
Date (created): 7/26/2005 4:45:52 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 7/26/2005 4:45:52 PM
Filesize: 638976
Attributes: archive
MD5: 4A1E84CAF320B0D5A05EC1C6D8976B4D
CRC32: 436494BF
Version: 0.1.0.1

{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class)
DPF name:
CLSID name: QDiagAOLCCUpdateObj Class
Path: C:\WINDOWS\System32\
Long name: qdiagcc.ocx
Short name:
Date (created): 1/4/2004 7:45:30 PM
Date (last access): 3/14/2006 5:56:56 PM
Date (last write): 1/4/2004 7:45:30 PM
Filesize: 921600
Attributes: archive
MD5: EBF36AD6F95E7BBE70B827DBED547D62
CRC32: BEA66C98
Version: 0.1.0.0

{4B48D5DF-9021-45F7-A240-60304302A215} (Malicious Software Removal Tool)
DPF name:
CLSID name: Malicious Software Removal Tool
Path: C:\WINDOWS\Downloaded Program Files\
Long name: WebCleaner.dll
Short name: WEBCLE~1.DLL
Date (created): 11/15/2005 4:31:18 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 11/15/2005 4:31:18 PM
Filesize: 2351968
Attributes: archive
MD5: 0886FB18D110CCB4FE75228701A54B9B
CRC32: A3A31025
Version: 0.1.0.10

{74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)
DPF name:
CLSID name: HouseCall Control
description: Trend Micro Antivirus online scanner
classification: Legitimate
known filename: XSCAN53.OCX
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\DOWNLO~1\
Long name: xscan53.ocx
Short name:
Date (created): 3/24/2004 6:22:12 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 10/3/2005 2:32:36 PM
Filesize: 435712
Attributes: archive
MD5: CEABB644C38B0ACD0987CB8B84332822
CRC32: 3E38F34B
Version: 0.5.0.70

{77E32299-629F-43C6-AB77-6A1E6D7663F6} ()
DPF name:
CLSID name:

{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 2/8/2005 10:52:16 AM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 2/8/2005 10:52:16 AM
Filesize: 110592
Attributes: archive
MD5: D90D6B26641FED8E743E8E78F71F0C09
CRC32: C1BA2509
Version: 0.57.0.5

{AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control)
DPF name:
CLSID name: Get_ActiveX Control
Path: C:\WINDOWS\DOWNLO~1\
Long name: HPGetDownloadManager.ocx
Short name: HPGETD~1.OCX
Date (created): 10/31/2005 9:18:48 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 10/31/2005 9:18:48 PM
Filesize: 88136
Attributes: archive
MD5: 18A18CC6A379DEE1E67E297AD76A6533
CRC32: 2B60AF40
Version: 0.3.0.3

{C915801D-6F00-49CD-8A9A-8DE5C11ADDC1} (Pixami Drag/Drop Upload UI Control)
DPF name:
CLSID name: Pixami Drag/Drop Upload UI Control
Path: C:\WINDOWS\DOWNLO~1\
Long name: DragDropUploadUI.ocx
Short name: DRAGDR~1.OCX
Date (created): 10/4/2004 8:27:26 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 3/23/2005 4:09:14 PM
Filesize: 794624
Attributes: archive
MD5: A444382685BD20C97E34BDFADE23B06E
CRC32: A05B0058
Version: 0.1.0.3

{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class)
DPF name:
CLSID name: ActiveDataInfo Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: SymAData.dll
Short name:
Date (created): 4/14/2004 2:41:00 PM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 4/14/2004 2:42:08 PM
Filesize: 124112
Attributes: archive
MD5: 509273596B62B1533B6AD1544704A043
CRC32: A42751C1
Version: 0.1.0.0

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash8.ocx
Short name:
Date (created): 11/28/2005 10:40:16 AM
Date (last access): 3/14/2006 5:56:18 PM
Date (last write): 8/29/2005 4:59:50 PM
Filesize: 1435272
Attributes: archive
MD5: 900373C059C2B51CA91BF110DBDECB33
CRC32: F19599BC
Version: 0.8.0.0

{E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class)
DPF name:
CLSID name: ActiveDataObj Class
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ActiveData.dll
Short name: ACTIVE~1.DLL
Date (created): 6/12/2002 11:16:22 AM
Date (last access): 3/14/2006 5:50:22 PM
Date (last write): 6/12/2002 11:16:22 AM
Filesize: 112312
Attributes: archive
MD5: C0A5720A581109543B113A8BEAE7868C
CRC32: 1B08DE36
Version: 0.1.0.0



--- Process list ---
Spybot - Search && Destroy process list report, 3/14/2006 6:57:04 PM

PID: 0 ( 0) [System]
PID: 4 ( 0) System
PID: 124 ( 596) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
PID: 176 ( 596) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
PID: 192 ( 596) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
PID: 216 ( 596) C:\Program Files\ewido anti-malware\ewidoctrl.exe
PID: 320 ( 596) C:\WINDOWS\system32\drivers\KodakCCS.exe
PID: 340 ( 596) C:\Program Files\Norton AntiVirus\navapsvc.exe
PID: 460 ( 4) \SystemRoot\System32\smss.exe
PID: 504 ( 596) C:\Program Files\PurgeIE\PurgPro_Service.exe
PID: 516 ( 460) \??\C:\WINDOWS\system32\csrss.exe
PID: 540 ( 460) \??\C:\WINDOWS\system32\winlogon.exe
PID: 596 ( 540) C:\WINDOWS\system32\services.exe
PID: 608 ( 540) C:\WINDOWS\system32\lsass.exe
PID: 812 ( 596) C:\WINDOWS\system32\svchost.exe
PID: 860 ( 596) C:\WINDOWS\system32\svchost.exe
PID: 896 ( 596) C:\Program Files\Norton AntiVirus\SAVScan.exe
PID: 928 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 952 ( 596) C:\WINDOWS\System32\ScsiAccess.EXE
PID: 992 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 1028 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 1052 ( 596) C:\WINDOWS\System32\svchost.exe
PID: 1168 ( 596) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PID: 1220 ( 596) C:\WINDOWS\system32\wdfmgr.exe
PID: 1372 ( 596) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PID: 1380 (1292) C:\WINDOWS\Explorer.EXE
PID: 14072 ( 812) C:\Program Files\Messenger\msmsgs.exe
PID: 1612 ( 596) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PID: 1632 ( 596) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
PID: 1836 ( 596) C:\WINDOWS\system32\spoolsv.exe
PID: 2028 ( 596) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PID: 2280 ( 596) C:\WINDOWS\System32\alg.exe
PID: 2432 (1380) C:\windows\system\hpsysdrv.exe
PID: 2464 (1380) C:\WINDOWS\system32\dla\tfswctrl.exe
PID: 2480 (1380) C:\WINDOWS\System32\igfxtray.exe
PID: 2488 (1380) C:\WINDOWS\System32\hkcmd.exe
PID: 2548 (1380) C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
PID: 2568 (1380) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PID: 2696 (1380) C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
PID: 2732 ( 812) C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PID: 2904 (1380) C:\HP\KBD\KBD.EXE
PID: 3084 (1380) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
PID: 3160 (1380) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID: 3180 (1380) C:\Program Files\EarthLink TotalAccess\Spyware Blocker\SpywareBlocker.exe
PID: 3200 (1380) C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
PID: 3252 ( 812) C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
PID: 3260 (1380) C:\Program Files\SpywareGuard\sgmain.exe
PID: 3348 (3260) C:\Program Files\SpywareGuard\sgbhp.exe
PID: 3660 (1380) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PID: 6724 (1380) C:\Program Files\Internet Explorer\iexplore.exe
PID: 8588 ( 540) C:\WINDOWS\system32\taskmgr.exe


--- Browser start & search pages list ---
Spybot - Search && Destroy browser pages report, 3/14/2006 6:57:05 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.earthlink.net/partner/more/msie...ton/search.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
https://applications.marykayintouch.com/log...%2fdefault.aspx
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://start.earthlink.net
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.earthlink.net/partner/more/msie...ton/search.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.earthlink.net/partner/more/msie...ton/search.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://applications.marykayintouch.com/log...%2fdefault.aspx
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://start.earthlink.net
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.earthlink.net/partner/more/msie...ton/search.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD nwlnkipx [IPX]
GUID: {11058240-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware UPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkipx *

Protocol 6: MSAFD nwlnkspx [SPX]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 7: MSAFD nwlnkspx [SPX] [Pseudo Stream]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 8: MSAFD nwlnkspx [SPX II]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 9: MSAFD nwlnkspx [SPX II] [Pseudo Stream]
GUID: {11058241-BE47-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD nwlnkspx *

Protocol 10: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{727575B3-0A69-4B04-A5E9-EAF575E758B4}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{727575B3-0A69-4B04-A5E9-EAF575E758B4}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A5D58E2-3F79-452F-8DB4-9B689ACF20CB}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7A5D58E2-3F79-452F-8DB4-9B689ACF20CB}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ED1D9504-D184-4FC8-9247-9E2D5AC54D25}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ED1D9504-D184-4FC8-9247-9E2D5AC54D25}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09DE6183-7C63-4F31-B6DE-965EE97828EA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09DE6183-7C63-4F31-B6DE-965EE97828EA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{65156428-E8D9-493F-AD8C-9DC55CF697E0}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{65156428-E8D9-493F-AD8C-9DC55CF697E0}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5CF02133-7DCE-4F21-A7C6-1C7283A31786}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5CF02133-7DCE-4F21-A7C6-1C7283A31786}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
GUID: {E02DAAF0-7E9F-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\nwprovau.dll
Description: Microsoft Windows NT/2k/XP Novell Netware name space provider
DB filename: %SystemRoot%\system32\nwprovau.dll
DB protocol: NWLink IPX/SPX/NetBIOS*

#4 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:23 PM

Posted 15 March 2006 - 10:54 AM

Way too complicated!

I suggest you download and use a freeware ap called Startup Inspector

http://www.windowsstartup.com/

It will tell you what programs are in your startup menu and allow you to disable what is not necessary.

In my opinion, Spybot with Teatimer enabled and running is absolutely necessary along with Microsoft Windows Defender (replacement for MS Antispyware beta). So is AVG and your firewall.

What are not necessary are word processing programs, Quicktime, Office (or Corel), HP Share-to-Web, etc.

You show AVG which is an anti-virus ap running. You also show some Symantic ap running.

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 71328
MD5: f1f54205eaad3e37ca2c5a13437bb947

What is it? Is it a second AV ap? If so, you can have only one AV ap running at a time and that may be the cause of your computer being slow.

Run the Startup Inspector ap and report back what all the aps you listed are if you cannot figure out which to disable in the start menu.

You need ONE av ap, ONE firewall, your antimalware aps and your Windows Op System aps including System Restore.

Being that your system is clean, don't worry about the processes. They are a result of running aps and your op system's needs.

#5 garnetwr

garnetwr
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 18 March 2006 - 06:01 PM

Way too complicated!


Well... this was correct! I finally was able to get a cable tech out to my residence and he discovered a bad Cable Modem and a faulty "behind the wall" cable. :thumbsup:

After repairing both, system operates like a champ! :flowers:

Thanks to ALL for the assist. :trumpet:

#6 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:01:23 PM

Posted 18 March 2006 - 08:16 PM

You still have too many aps in the startup menu.

For instance - how often do you use aps like HP shared foto?

There are others that can be safely removed from the startup menu and be opened when you want to use them.

Startup Inspector gives you a much easier way to identify what each startup ap is, and therefore enables you to stop unnecessary aps from loading on startup.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users