View Full Version : Win XPSpybot start up log, could you check to see if I can uncheck anything Also ther
Hi the startup from spybot has more stuff then the MSCONFIG start up, Is there anything I can uncheck? Remove My System is slow to load. thanks
You probably see more stuff in Spybot's startup list than in msconfig because Spybot shows the winlogon entries.I don't suggest disabling them unless it's necessary,people have had problems with that in the past.Were those the ones you were looking at?
Yeah those and some of the other ones, what do you think any of those that I can get rid of? thanks
The winlogon ones,it's best to leave.In fact,if you try to disable them with Spybot they will probably not stay disabled,if Spybot 1.6 does it the same as Spybot 1.5.2.
Here's a list of some of the normal winlogon entries from my XP computer.They're all legit,and should be left alone.
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Just as well to leave the other two winlogon entries I see in your list,as well.
Other than the winlogon ones,you don't really have an overabundance of startup entries.
This one is users choice:
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 126976
MD5: E4CF942A4AEA9D27C87F190F65E7D0F6
http://www.castlecops.com/s1427-HotKeysCmds.html
http://www.bleepingcomputer.com/startups/hkcmd.exe-1939.html
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: 093D3EE722542BA2E7AD929AA3CA6ABC
This is listed as N for not required:
http://www.bleepingcomputer.com/startups/igfxtray-2147.html
Open Spybot,and go to System Startup.Please read the description at the links I posted,and decide if you would prefer the two items I listed in quotes above to be run at start-up,or if you would like to disable them.If you do decide on disabling those two,it'd be best if you highlight the entry with your mouse and then choose Toogle,or uncheck them,but don't use delete,in case you change your mind later.
what is the go to assist? The PCTVOICE what is that? What about the ctfmon? Spybot is saying it is a virus? but evrything I see seems to say it is legit but a resource hog?
drragostea
2008-08-17, 04:04
I remember that the processes such as:
igfxtray.exe
hkcmd.exe
ati2evxx.exe
All have to do with a Intel Chipset/Graphics Card. I have a ATI Radeon graphics card, so these startup entries will appear in my Startup Manager.
As for 'ctfmon.exe' it's usually for [foreign] language devices. Usually it is active if you are using another language other than English.
Here is a description for ctfmon.exe:
http://www.bleepingcomputer.com/startups/ctfmon.exe-1121.html
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Right filename and path,so yours should be legit.If you have IE 7,it's standard to have it in your startup list.For a little more info on that,please see here:
http://forums.spybot.info/showthread.php?t=17058
I believe Spybot now lists a couple different things that ctfmon could be,to avoid confusion,though.Do you see another description if you scroll down?
http://www.castlecops.com/s5669-PCTVOICE.html
Located: HK_LM:Run, PCTVOICE
command: pctspk.exe
file: C:\WINDOWS\system32\pctspk.exe
size: 163840
MD5: 0B86BC4C123D3CD08817B1848DB07AC6
http://www.castlecops.com/o20list-441.html
Located: WinLogon, GoToAssist
command: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
file: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
size: 10792
MD5: 3D6FD4FFDE6DE32C34DC280D0BE781
Spybot should show bad items as red,yellow items are
unknown, unneeded or unambiguous program (e.g. malware programs might use the same file name as legitimate programs)But,you have to decide what you need or want to run after looking at the info for yourself,if it is yellow.Green is legitimate,and in most cases should not be disabled.hth.
If you have any trouble with the descriptions posted,please let me know. :)
'ctfmon.exe' Should I dis able it, I only use english, If I do disable it can I get it back? I have not read the links you posted ( have to get to work will read them tonight) I do remember reading somewhere a while ago that there is a whole process to disable them.
drragostea
2008-08-17, 23:20
If you do not need it, then you can safely disable. The 'ctfmon.exe' will still be there when you need it.
The first link tells you that it is not necessary and will be up to the user's decision.
You could try disabling ctfmon this way:
http://www.dslreports.com/faq/15629
If you do disable it,you can reverse what was done in the link above if you change your mind.
I don't see a link that shows me how to reverse it if I diable it. Thanks
drragostea
2008-08-19, 20:16
Joe, one way to disable "ctfmon.exe" (since English is the primary language on your computer) would be to disable the entry from starting up in the Startup Manager (msconfig), although I found that didn't work if you start up IE7 :santa:.
Here are the instructions for disabling "ctfmon.exe":
1. Open Regional and Language Options from the Control Panel.
2. In the Languages tab, click Details... for Text services and input languages.
3. In the Advanced tab, place a check in Turn off advanced text services, and Apply.
If you want to enable the process, then just do the exact opposite (Untick "Turn off advanced text services").
Yes,if you disable ctfmon using msconfig,it usually reappears in startup when using IE 7.That's why I don't usually recommend disabling it unless it's causing problems or someone particularly wants it disabled.More trouble than it is worth,but that's just my thing. :)
My cp starts real slow and I heard it is a resource hog.
drragostea
2008-08-20, 01:57
There are several variables, whether that be a malware infection (not trying to scare you), multiple startup entries (talk about dozens :laugh:), or lacking the sufficient resources to run all of them.
Check your TaskManager: How many processes are running?
How much RAM is currently on your XP OS?
Okay,try disabling ctfmon.exe,then,and see if things are any better.After you're done disabling what you've chosen to from startup,could you post another startup log,so I can see it?Instructions above.Thanks. :)
It may be later in the day before I get a chance to look,if you post tomorrow.
Hi, I am getting ready to leave for vactaion, I will be back monday or tuesday, I will do it then, thanks for all of the help. Is there a better way of the 2 to disable it?
How can I show you the what the taskmanger has and the ram? thanks
drragostea
2008-08-21, 16:31
From Post #15, I'm asking you that because I wanted to know what is truly "slowing" down your computer.
TaskManager would be to press: Ctrl+Alt+Delete
For the RAM, go to System Properties in the Control Panel (Performance and Maintenance).
Joe, if you want a easier way to disable then go here:
http://forums.spybot.info/showpost.php?p=225334&postcount=12
Follow the instructions from the Control Panel. If you happen to find a "better" way to disable it than we (Zenobia and I) suggested feel free to do so ; ).
Okay,see you Monday or Tuesday,then. :)
In task manager there where 35 entries in there, some say my user name, System,some say network service some say local service, CPU colume some are zero some 01,02,03 the mem usage colume has all types of #. Some of teh entries are doubles, I guess since at this time I have 4 windows open for the internet. There is also another user on the CP I do not see any list under that name, I guess cause that account is not logged on.
Is tere a very I could copy it so you could see what is there?
celron cpu 2.00 ghz/1.99ghz 256 mb
My Cp is also set to update daily. Does that slow it down? It is just real slow on start up, I will log on under my user name it gets there fast, I my desktop comes up fast, But I can not open anything for a while then say I click on IE it takes a while to open my home page.
Thanks
drragostea
2008-08-25, 18:22
35 entries on my PC wouldn't be a problem. Your CPU seems okay. Just that the RAM that is in your PC is a "potential" for the slowdown.
The recommended minimum amount of RAM installed in the Windows Operating System is 512MB. Half of that might be problem... if you're running a lot of processes (just my guess).
Do you mind if you explain a little more on the "hog"? Like how is your computer slowing down?
Have you cleared the cache, and cookies from your browsers? How about the temp. files on the computer? Will a disk defragment do?
If you did disable anything from startup,could you post a startup log,so I can check to see that nothing needed was disabled.Thanks.
As far as the cp running slow when I turn it on I get to the screen to choose which user in under a min which is fine, when I select mine my desk top pops right up along with the icons but if I click on IE it takes forever to get to my homepage, 4 to 5 min sometimes before I can get going, it seems that my cp is trying to download updates or at least check for them evrytime and avg is also trying to update, could that be it? thanks
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---
2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-08-18 TeaTimer.exe (1.6.2.23)
2008-08-12 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-08-05 Includes\Adware.sbi
2008-08-19 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-08-05 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-08-19 Includes\Hijackers.sbi
2008-08-19 Includes\HijackersC.sbi
2008-08-05 Includes\Keyloggers.sbi
2008-08-12 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-08-20 Includes\Malware.sbi
2008-08-19 Includes\MalwareC.sbi
2008-08-05 Includes\PUPS.sbi
2008-08-19 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-08-19 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-08-12 Includes\Spyware.sbi
2008-08-12 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-08-05 Includes\Trojans.sbi
2008-08-20 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Located: HK_LM:Run, AVG8_TRAY
command: C:\PROGRA~1\AVG\AVG8\avgtray.exe
file: C:\PROGRA~1\AVG\AVG8\avgtray.exe
size: 1232152
MD5: 348A781AEF0870A56549F53BB37A233A
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: 093D3EE722542BA2E7AD929AA3CA6ABC
Located: HK_LM:Run, PCTVOICE (DISABLED)
command: pctspk.exe
file: C:\WINDOWS\system32\pctspk.exe
size: 163840
MD5: 0B86BC4C123D3CD08817B1848DB07AC6
Located: HK_LM:Run, PD0620 STISvc
command: RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
file: C:\WINDOWS\system32\P0620Pin.dll
size: 36864
MD5: 64780CE5DC0815647A1167E5CCD034A9
Located: HK_LM:Run, SynTPLpr
command: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
file: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 110592
MD5: B437E814DC6AA842C482F64D9D2AFA1C
Located: HK_LM:Run, WlanUtilAB
command: C:\Program Files\LanExpress\WirelessAS\Utility\Wlan11ag.exe -hide
file: C:\Program Files\LanExpress\WirelessAS\Utility\Wlan11ag.exe
size: 454656
MD5: 917220C599A012018BEC929DBDC0F184
Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F
Located: HK_LM:Run, HotKeysCmds (DISABLED)
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 126976
MD5: E4CF942A4AEA9D27C87F190F65E7D0F6
Located: HK_LM:Run, SynTPEnh (DISABLED)
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 610304
MD5: 634DC62870B9E0C6C6AE25A75AC9895A
Located: HK_CU:Run, ctfmon.exe
where: PE_C_DONNA...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, MSMSGS
where: PE_C_DONNA...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
Located: HK_CU:Run, SpybotSD TeaTimer
where: PE_C_DONNA...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, Yahoo! Pager
where: PE_C_DONNA...
command: C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
file: C:\Program Files\Yahoo!\Messenger\ypager.exe
size: 2502656
MD5: C4F15909D8EACBFD7AB5EF8BC992D735
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, Creative WebCam Tray (DISABLED)
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: "C:\Program Files\Creative\Shared Files\CamTray.exe"
file: C:\Program Files\Creative\Shared Files\CamTray.exe
size: 258048
MD5: 3C1F1E471308E688C51B2184FD6E3ABD
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, GoToAssist
command: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
file: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
size: 10792
MD5: 3D6FD4FFDE6DE32C34DC280D0BE781C2
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Okay,everything you disabled looks fine. :)
The recommended minimum amount of RAM installed in the Windows Operating System is 512MB. Half of that might be problem
I agree,more RAM might be better.
Have you experienced the slowdown since downloading/upgrading to AVG 8,or was the problem there before?
I believe it was there before, should I set teh update check for windows to once a week instead of daily? avg 8 does not have many options and if I set it so I check in manualy the icon in the tray is always it a problem state.
drragostea
2008-08-26, 23:56
Check updates for what? AVG or Windows Update?
If you're talking about the AVG 8.0 icon in the taskbar (place next to the clock) then it is normal.
the icon in the task bar is for avg, avg and windows both update daily should I change that? So when ever I turn my cp on for the first time they are both trying to search for updates, could that be slowing things down?
Should I install hijackthis? thanks
drragostea
2008-08-27, 04:19
There is no point in installing HiJack This if you do not know how to utilize it. HJT is not a anti-malware tool, but a diagnostic tool which presents you with a log upon a scan.
I don't suggest disabling Automatic Updates (that might as well use the Internet Connection, but not System Resources.
With 256MB of RAM, it would be best to configure AVG not to automatic update. You might come up with a gray icon later... :scratch:
And I have to say so too... when avast! anti-virus updates my computer will "lag" for a few moments, and then avast! will pop-up telling me that my database has been updated.
Hijackthis logs are never done in this section of the forum.
I don't suggest disabling automatic windows updates,or avg's automatic updates,either.
Do things speed up after all the checking for updates is done?
I was just wondering,has your computer been rebooted since you posted your last startup log?
Yes I believe it speeds up after it has finished checking for updates, I figured I could run HJT and then post the log so others could look at it and tell me what is going on, is there a spot on this site to do that?
Thanks for your help so far guys. yes I have rebooted it why? Also I can not get the tea timer icon to stop moveing the lock in circles.
drragostea
2008-08-28, 21:14
Hijackthis logs are never done in this section of the forum.
I figured I could run HJT and then post the log so others could look at it and tell me what is going on, is there a spot on this site to do that?
Yes, HJT logs are not to be posted in this section of the forum.
I'm suspecting that AVG's automatic updates are the cause of "slowing" down your startup. I can relate to this because I've also noticed that my system was a bit 'slow' to warm up during boot, and from my observations, it was most likely due to avast!'s automatic updates (the auto updates took a bite out of the machine's CPU).
Joe, the choice is yours to make. You can test out if disabling automatic updates will "speed" up your machine's startup (and that will also confirm my suspicions :santa:), or you can leave it as it is. And if you have the sufficient fiances you can consider upgrading the amount of RAM that is installed (add more) in your computer.
There is "tweak" to stop TeaTimer from moving in "circles", because there is not a significant amount of reports. Is it a bother?
:laugh: One thing I find good about the "moving" is that TeaTimer is telling the user that it's 'working'.
I figured I could run HJT and then post the log so others could look at it and tell me what is going on, is there a spot on this site to do that?
Yes,there is,but in most cases your problem has to be related to malware problems if posting a hijack this log in the malware removal section.
Could you post a new startup log,please?I'd like to look at something,if you don't mind.
drragostea
2008-08-29, 00:57
There is "tweak" to stop TeaTimer from moving in "circles", because there is not a significant amount of reports. Is it a bother?
:laugh: One thing I find good about the "moving" is that TeaTimer is telling the user that it's 'working'.
Sorry. Tweak:
There is no "tweak" to stop TeaTimer...
My 98 se cp the tea timer does not move and I have 1.6 in that.
What is the best way to disable the avg updater?
Should I have win update once a week instead of daily?
Should i install and run HJT?
Here is a up to date log.
How much a ram what type and what is the price I have a dell insprion 1100 thanks
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---
2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-08-18 TeaTimer.exe (1.6.2.23)
2008-08-12 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-08-05 Includes\Adware.sbi
2008-08-19 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-08-05 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-08-19 Includes\Hijackers.sbi
2008-08-19 Includes\HijackersC.sbi
2008-08-05 Includes\Keyloggers.sbi
2008-08-12 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-08-20 Includes\Malware.sbi
2008-08-19 Includes\MalwareC.sbi
2008-08-05 Includes\PUPS.sbi
2008-08-19 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-08-19 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-08-12 Includes\Spyware.sbi
2008-08-12 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-08-05 Includes\Trojans.sbi
2008-08-20 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Located: HK_LM:Run, AVG8_TRAY
command: C:\PROGRA~1\AVG\AVG8\avgtray.exe
file: C:\PROGRA~1\AVG\AVG8\avgtray.exe
size: 1232152
MD5: 348A781AEF0870A56549F53BB37A233A
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: 093D3EE722542BA2E7AD929AA3CA6ABC
Located: HK_LM:Run, PD0620 STISvc
command: RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
file: C:\WINDOWS\system32\P0620Pin.dll
size: 36864
MD5: 64780CE5DC0815647A1167E5CCD034A9
Located: HK_LM:Run, SynTPLpr
command: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
file: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 110592
MD5: B437E814DC6AA842C482F64D9D2AFA1C
Located: HK_LM:Run, WlanUtilAB
command: C:\Program Files\LanExpress\WirelessAS\Utility\Wlan11ag.exe -hide
file: C:\Program Files\LanExpress\WirelessAS\Utility\Wlan11ag.exe
size: 454656
MD5: 917220C599A012018BEC929DBDC0F184
Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F
Located: HK_LM:Run, HotKeysCmds (DISABLED)
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 126976
MD5: E4CF942A4AEA9D27C87F190F65E7D0F6
Located: HK_LM:Run, PCTVOICE (DISABLED)
command: pctspk.exe
file: C:\WINDOWS\system32\pctspk.exe
size: 163840
MD5: 0B86BC4C123D3CD08817B1848DB07AC6
Located: HK_LM:Run, SynTPEnh (DISABLED)
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 610304
MD5: 634DC62870B9E0C6C6AE25A75AC9895A
Located: HK_CU:Run, ctfmon.exe
where: PE_C_DONNA...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, MSMSGS
where: PE_C_DONNA...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
Located: HK_CU:Run, SpybotSD TeaTimer
where: PE_C_DONNA...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, Yahoo! Pager
where: PE_C_DONNA...
command: C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
file: C:\Program Files\Yahoo!\Messenger\ypager.exe
size: 2502656
MD5: C4F15909D8EACBFD7AB5EF8BC992D735
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, Creative WebCam Tray (DISABLED)
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: "C:\Program Files\Creative\Shared Files\CamTray.exe"
file: C:\Program Files\Creative\Shared Files\CamTray.exe
size: 258048
MD5: 3C1F1E471308E688C51B2184FD6E3ABD
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, GoToAssist
command: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
file: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
size: 10792
MD5: 3D6FD4FFDE6DE32C34DC280D0BE781C2
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
drragostea
2008-08-29, 21:58
I am not sure what may be causing the animation not to occur in Windows 98 SE. Is that becoming a problem?
The best way to disable AVG's automatic updates is simply to disable it.
There is an option to for Windows XP to check for updates daily?! And every week?!
Even if you did run HJT there would be no point, unless you can utilize it (information in the log). What it will simply do is provide information about the running processes, services, and start up for basics.
The log does not provide how much RAM is installed on the PC. You can check my going to Control Panel>Performance and Maintenance.
--
There seems to be two entries of "ctfmon.exe". Have you disabled it?
There is a hotkey process that uses resources, if you wish to disable it...
You run Windows Messenger?
If you prefer it,you could set Automatic Updates to search for updates every Tuesday,at a time that would be convenient for you.A lot of times,that is the day Windows Updates happen.
You should not install and run Hijackthis unless you have a qualified antispyware expert analyzing it for you.
I wanted to look at a new startup log because I was interested in these:
where: PE_C_DONNA...
But,that should be okay,from what I found on it.
Instead of disabling automatic updates for avg just yet,let's try something a little different.
Let's disable teatimer temporarily instead,just to see what happens.
Open Spybot,click mode,advanced mode,tools,Resident,and then uncheck Resident "Teatimer."
Reboot your computer,then after you're logged into your computer,try opening your browser.
Once you're done,you can reenable Teatimer by going to tools,then resident,and checkmarking Resident "Teatimer."
Please let me know whether you got to your homepage quicker with Teatimer disabled.
You can return Spybot to normal mode by opening Spybot,clicking mode,then selecting default mode.
I disabled teatimer and things seemed to have picked up, it still is a little slow but faster then before,
Win I set to update only on Tue.
AVG says auto update is disabled but it still seems to be updating anyideas?
I post a hijackthis thread in the malware section if you like to look.
Instantmessenger is on the other users loggin not on mine, the 2 ctfmon you see was I disabled it and then when I restarted it it came back the one was unchecked and then the new one was there, can I get rid of one?
I disabled ctfmon what will I not be able to do now?
Here is a new spybot start log, I see that is is still listed under the other users name, will that efect my start up?
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---
2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-08-18 TeaTimer.exe (1.6.2.23)
2008-08-12 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-08-05 Includes\Adware.sbi
2008-08-26 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-06-03 Includes\Dialer.sbi
2008-08-05 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-08-19 Includes\Hijackers.sbi
2008-08-26 Includes\HijackersC.sbi
2008-08-05 Includes\Keyloggers.sbi
2008-08-26 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-08-27 Includes\Malware.sbi
2008-08-26 Includes\MalwareC.sbi
2008-08-05 Includes\PUPS.sbi
2008-08-26 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-08-26 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-08-12 Includes\Spyware.sbi
2008-08-26 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-08-05 Includes\Trojans.sbi
2008-08-27 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Located: HK_LM:Run, AVG8_TRAY
command: C:\PROGRA~1\AVG\AVG8\avgtray.exe
file: C:\PROGRA~1\AVG\AVG8\avgtray.exe
size: 1235736
MD5: B95536F0B568C4476A78966CFA7BA006
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: 093D3EE722542BA2E7AD929AA3CA6ABC
Located: HK_LM:Run, PD0620 STISvc
command: RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
file: C:\WINDOWS\system32\P0620Pin.dll
size: 36864
MD5: 64780CE5DC0815647A1167E5CCD034A9
Located: HK_LM:Run, SynTPLpr
command: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
file: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 110592
MD5: B437E814DC6AA842C482F64D9D2AFA1C
Located: HK_LM:Run, WlanUtilAB
command: C:\Program Files\LanExpress\WirelessAS\Utility\Wlan11ag.exe -hide
file: C:\Program Files\LanExpress\WirelessAS\Utility\Wlan11ag.exe
size: 454656
MD5: 917220C599A012018BEC929DBDC0F184
Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F
Located: HK_LM:Run, HotKeysCmds (DISABLED)
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 126976
MD5: E4CF942A4AEA9D27C87F190F65E7D0F6
Located: HK_LM:Run, PCTVOICE (DISABLED)
command: pctspk.exe
file: C:\WINDOWS\system32\pctspk.exe
size: 163840
MD5: 0B86BC4C123D3CD08817B1848DB07AC6
Located: HK_LM:Run, SynTPEnh (DISABLED)
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 610304
MD5: 634DC62870B9E0C6C6AE25A75AC9895A
Located: HK_CU:Run, ctfmon.exe
where: PE_C_DONNA...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
Located: HK_CU:Run, MSMSGS
where: PE_C_DONNA...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
Located: HK_CU:Run, SpybotSD TeaTimer
where: PE_C_DONNA...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, Yahoo! Pager
where: PE_C_DONNA...
command: C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
file: C:\Program Files\Yahoo!\Messenger\ypager.exe
size: 2502656
MD5: C4F15909D8EACBFD7AB5EF8BC992D735
Located: HK_CU:Run, Creative WebCam Tray (DISABLED)
where: S-1-5-21-789336058-764733703-1060284298-1004...
command: "C:\Program Files\Creative\Shared Files\CamTray.exe"
file: C:\Program Files\Creative\Shared Files\CamTray.exe
size: 258048
MD5: 3C1F1E471308E688C51B2184FD6E3ABD
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, GoToAssist
command: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
file: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
size: 10792
MD5: 3D6FD4FFDE6DE32C34DC280D0BE781C2
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
-----------------------------
http://forums.spybot.info/showthread.php?t=33563
drragostea
2008-09-03, 04:32
@Zenobia, here is my question... :scratch:
where: PE_C_DONNA...
Hm. What does it mean? Another user?
Joe, I'll try to help you out the best that I can, but I need that question to be answered from Zenobia. What hits me, that I've never encountered a startup log, that is booting processes from another user... well from my experience.
ctfmon.exe is used for Foreign Languages. So it will start regardless if you disable it (and when you open IE). So follow the instructions to disable it in this thread.
md usa spybot fan
2008-09-03, 04:50
drragostea:
DONNA is the name of another user on the system and the startup entries marked "where: PE_C_DONNA" are in that users registry hive.
Please see the note from tashi in your malware forum topic.Unless you believe the computer is infected,we can continue on here.If you plan on continuing in the malware forum,we need to stop the topic here,so we don't interfere with a helper. :)
I don't think its a good idea to leave AVG's Automatic Updates permanently disabled.If you just want to disable them temporarily just to see if things are any faster,try going to Components->Update Manager.Untick Start Automatic Updates,then click Save Changes.It should then say database update is disabled.I think that would do it,I've never disabled my AVG auto updates before.
You can reenable automatic updates by going to Components->Update Manager,then checking Start Automatic Updates,then click Save Changes.
You can adjust the times the updates download,to when your computer will be on but you aren't using it much,if that would help.
Also,try going to Tools,Advanced Settings....,open Schedules.Look at Virus database Update Schedule,and Program Update Schedule.What is checkmarked there?
Here is a new spybot start log, I see that is is still listed under the other users name, will that efect my start up?
ctfmon and Instant Messenger in the other users startup shouldn't affect your startup.
How did you disable ctfmon.exe?
I have a slight delay on IE with Teatimer,but not as long as you do.
You can reenable Teatimer now,unless you don't plan on using it anymore.Open Spybot,click mode,Advanced Mode,Tools,Resident,checkmark Resident "Teatimer".
I followed the instrucitons from pg 2 post 12 to disable the ctfmon.
I like to update avg my self, but I am goin to let it do the updates,
I would like to cont here for a while you guys are give me things to check and since I have been working with you for a couple of weeks I would like to stick here.
I am going to turn tea timer back on.
Note The animation on my 98 se machine started after the last spybot update.
In the virus and program update the same things are checked except teh times are diffrent, they have run on start up and run even if low power and they also have enable this task. if you turn off auto update from the update manager from teh virus setting changes.
Don't worry about ctfmon.exe for now.
Okay,I'd like to try this,just to see.Please make sure Teatimer is reenabled.Now,please open Avg.Doubleclick Update Manager.Uncheckmark Start Automatic Updates,then click Save.Next,go to Tools,then Advanced Settings....then Virus database Update Schedule.Uncheck all three checkmarks.Click Apply,then OK.Please do the same under Program Update Schedule.Please reboot your computer.
Once you're logged back into windows,try opening your browser.Is it faster now?
Once you're done checking,please open Avg.Doubleclick Update Manager.Checkmark Start Automatic Updates,then click Save.Next,go to Tools,then Advanced Settings....then Virus database Update Schedule.Check all three checkmarks.Click Apply,then OK.Please do the same under Program Update Schedule.May not be necessary,but reboot your computer for good measure.
Please let me know how it went.
Ok I did that but it is still slow to start I think that the tea timer was the what made it start the quickest.
I have avg to not update auto, java is the 19 th of every month and windows is every tuesday, yesterday while I was on the CP windows sonwload service pack 3? how come and why if it was not tue? thanks
drragostea
2008-09-06, 01:07
Java's Automatic Updater (jusched.exe) is not necessary (in my opinion), because it will take a good few months before Java releases another update. The current version is 'Version 6 Update 7' FYI. You can (might as well, depending on your motive) [safely] disable it (to save a tiny bite of your resources; 256MBs of RAM).
Yes, Windows XP Service Pack 3 is legitimate.
Why did it update when it was not set to update on that day? Can I check java once in awhile my self?
Can I check java once in awhile my self?
if you mean check for updates to java, then yes. open the control panel on your computer and click on java and after that on update then click on "update now"
drragostea
2008-09-06, 21:07
Assuming you are running Windows XP SP2 (SP3), what is the current status of your Automatic Updates in the Security Center?
A green tab would mean that WU is set to update automatically.
A yellow tab would mean that WU is set to prompt the user when new updates are available.
A red tab would mean that WU is not set to download updates automatically. It usually means that the user will manually check for the updates.
--
You can go the Java website to test if you have the most recent version:
http://www.java.com/en/download/installed.jsp?detect=jre&try=1
--
Okay.But I'd suggest you please set Avg back to updating automatically.That was just a test.
Microsoft generally releases updates on Tuesdays,but not always.
You could try this:Open AVG,go to Tools,Advanced Settings...,open Schedules,then Virus database Update Schedule.Uncheck,if checked,Run on computer startup if task has been missed and uncheck,if checked,"Run the update again as soon as the internet connection is available"
Go to Program Update Schedule and uncheck,if checked,"Run the update again as soon as the internet connection is available."
I don't think too much can be done if the delay with your browser is better with Teatimer disabled,since Teatimer scans.That would be your decision,either Teatimer protection,or speed.
This seems more like a slow browser problem,instead of a slow startup problem.
Storing temp internet files in your cache generally can make web browsing faster,since your computer can use the files stored to call up part or all of web pages faster.But,from time to time you might want to clear these out,since they take up space.If you'd like to clear these out,you can open Tools,Internet Options,under browsing History,click delete,then checkmark whatever you decide to remove,and click delete again.Best one to checkmark would be temporary internet files.
For a slow computer in general,you might like to have a look here:
http://miekiemoes.blogspot.com/2008/02/help-my-computer-is-slow.html
I read that link and it was great,
The tab on updates is green I have it set once a week.
Java new verison is 6 update 7, I have ver 6 update 1 should I update? what does it do?
Also My cp downloaded update SP3 yesterday even though my CP is set to download on TUE should I install it? If so I clicked cancel so how would I get it back? thanks alot
drragostea
2008-09-09, 00:06
Where are you seeing Version 6 Update 1? In the Add/Remove Programs window?
Windows XP SP3 is legitimate. You can download and install with no problems.
As a general idea, tashi (Member of Team Spybot) has posted a sticky which told users that a dated (outdated) version of Java could be a vulnerability for Vundo/Virtumonde infections.
Updating will patch vulnerabilities in Java, but it does not make it Immune.
Glad you liked the link. :)
Here's the sticky post about updating Java,please follow it,including removing older versions:
http://forums.spybot.info/showpost.php?p=12880&postcount=2
And here's a link for configuring windows updates:
http://support.microsoft.com/kb/306525
Service Pack 3 should start to download again,I believe.Please see the Restore Declined Updates part in the link above,and see if it helps.
As far as the java version, I went to teh link you posted and it told me what version I had.
So you guys agree that SP3 is safe to download, I read on the net it had some problems when it first came out. Do you guys run it?
Also how could I figure out what memory to buy, is it hard to change in a laptop? I did it on my desktop no problem.
And thanks for the help so far you guys have been great.
You're welcome,and drragostea,too,I'm sure. :)
Yes,it's a good idea to update to Service Pack 3 if you're relatively certain your computer is free of malware.
There's a scanner at Crucial you could try:
http://www.crucial.com/systemscanner/
is it hard to change in a laptop?
I've never done that yet,myself,just the desktop.But,this link might help a little:
http://www.computermemoryupgrade.net/installing-laptop-memory.html
drragostea
2008-09-11, 00:30
Thanks for covering my place Zenobia... (too much chocolate which knocked me out for two days :D:).
Sure, if you upgrade to the latest Java version it would be even better (Version 6 Update 7).
Here's my two cents (thoughts). Usually when something first comes out (Blu-ray Players, Chrome, Service Packs, etc.) it will not be perfect, as patches and tweaks will need to be made. Real life consumer products such as HDTV's and Blu-ray Players was extremely expensive when they first came out, because it was brand new. Now newer, more powerful versions have replaced the original one. These were just examples.
As a general idea, labtops (handheld PC) are not as "powerful" as desktop themselves, because desktops (box PC) have more potential (such as fit more components). One example would be the Hard Drive capacity and the RAM installed.
My Sony VAIO is quite old, so I wouldn't bother upgrading the RAM or such... I'll wait for a new PC when the time is right.
-
You're welcome.