View Full Version : slow pc
Hi again.
It started when my internet conection was droping after fixing the connection my laptop started to slow down.
I reinstaled windous,scaned for viruses and scaned with spybot but found nothing,after I reinstaled my windous it got worse.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:19 PM, on 2/28/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\DOCUME~1\Dora\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dora\Desktop\HiJackThis.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs:
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 3781 bytes
Hi
The log looks clean. Do you have both firewall and antivirus part of Comodo installed and enabled? If you do, then you have to either uninstall Comodo Antivirus or Antivir. Multiple antivirus programs in same system cause slowness and other symptoms.
I didnt install COMODO Antivirus
Hi again,
Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.
Double-click ATF Cleaner.exe to open it
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Kaspersky Online Scanner (http://www.kaspersky.com/kos/eng/partner/us/languages/english/check.html?n=1225554235248)
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
Read the requirements and privacy statement then click on the Accept button.
The program will launch and start to download the latest definition files.
You will be prompted to install an application from Kaspersky. Click Run
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
Click on Save Report As....
Change the Files of type to Text file (.txt) before clicking on the Save button.
Save this report to a convenient place.
Copy and paste that information into your topic.
The scan will take a while so be patient and let it run. As it scans your machine very deeply it could take hours to complete, Kaspersky suggests running it during a time of low activity.
If you need a tutorial, see here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif)
Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt
Save both reports to your desktop. Post them back to your topic.
Kasper scan
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, March 1, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, March 01, 2009 13:18:18
Records in database: 1858975
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
Scan statistics:
Files scanned: 18756
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 00:19:12
File name / Threat name / Threats count
C:\Program Files\DAEMON Tools\SetupDTSB.exe Infected: not-a-virus:WebToolbar.Win32.WhenU.a 1
The selected area was scanned.
DDS
DDS (Ver_09-02-01.01) - NTFSx86
Run by Dora at 15:53:22.45 on Sun 03/01/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.626 [GMT 2:00]
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
FW: COMODO Firewall *enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\DOCUME~1\Dora\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Documents and Settings\Dora\Desktop\dds.scr
============== Pseudo HJT Report ===============
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
Notify: igfxcui - igfxdev.dll
AppInit_DLLs:
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\dora\applic~1\mozilla\firefox\profiles\tuynzeog.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-2-25 11840]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-2-28 110992]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-2-28 24336]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-2-25 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-2-25 151297]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2009-2-28 700152]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-2-25 52032]
=============== Created Last 30 ================
2009-03-01 12:59 34 a------- c:\documents and settings\dora\jagex_runescape_preferences.dat
2009-03-01 12:59 <DIR> --d----- c:\windows\.jagex_cache_32
2009-02-28 12:35 155,384 a------- c:\windows\system32\guard32.dll
2009-02-28 12:35 110,992 a------- c:\windows\system32\drivers\cmdguard.sys
2009-02-28 12:35 24,336 a------- c:\windows\system32\drivers\cmdhlp.sys
2009-02-28 12:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\comodo
2009-02-27 21:40 <DIR> --d----- c:\windows\system32\appmgmt
2009-02-26 19:22 <DIR> --d----- c:\program files\Raxco
2009-02-26 16:42 499,712 a------- c:\windows\system32\msvcp71.dll
2009-02-26 16:42 348,160 a------- c:\windows\system32\msvcr71.dll
2009-02-26 16:42 <DIR> --d----- c:\windows\system32\Adobe
2009-02-26 09:05 <DIR> --d----- c:\docume~1\dora\applic~1\uTorrent
2009-02-25 21:24 32 a----r-- c:\documents and settings\all users\hash.dat
2009-02-25 21:23 <DIR> --d----- c:\documents and settings\dora\.narya
2009-02-25 21:20 <DIR> --d----- c:\program files\Three Rings Design
2009-02-25 21:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-25 21:19 73,728 a------- c:\windows\system32\javacpl.cpl
2009-02-25 17:05 754 a------- c:\windows\WORDPAD.INI
2009-02-25 16:26 57,472 a------- c:\windows\system32\drivers\redbook.sys
2009-02-25 16:26 9,344 a------- c:\windows\system32\drivers\compbatt.sys
2009-02-25 16:26 14,080 a------- c:\windows\system32\drivers\CmBatt.sys
2009-02-25 16:26 14,080 a------- c:\windows\system32\drivers\battc.sys
2009-02-25 16:26 74,240 ac------ c:\windows\system32\dllcache\usbui.dll
2009-02-25 16:26 74,240 a------- c:\windows\system32\usbui.dll
2009-02-25 16:25 8,832 a------- c:\windows\system32\drivers\wmiacpi.sys
2009-02-25 16:24 <DIR> --d----- c:\program files\common files\ODBC
2009-02-25 16:24 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-02-25 16:24 <DIR> --d--r-- c:\documents and settings\all users\Documents
2009-02-25 16:23 797,189 ac------ c:\windows\system32\dllcache\NT5IIS.CAT
2009-02-25 16:22 <DIR> --d----- C:\Documents and Settings
2009-02-25 16:22 261 a------- c:\windows\system32\$winnt$.inf
2009-02-25 15:52 <DIR> --d----- c:\program files\Yahoo!
2009-02-25 14:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-02-25 14:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-02-25 14:57 <DIR> --d----- c:\program files\COMODO
2009-02-25 14:55 <DIR> --d----- c:\program files\Avira
2009-02-25 14:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-02-25 14:53 <DIR> --d----- c:\program files\SpywareBlaster
2009-02-25 14:52 <DIR> --d----- c:\program files\DAEMON Tools
2009-02-25 14:51 <DIR> --d----- c:\program files\Marvell
2009-02-25 14:50 <DIR> --d----- c:\docume~1\dora\applic~1\TMP
2009-02-25 14:45 <DIR> --d----- c:\program files\Realtek
2009-02-25 14:35 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-02-25 14:34 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-02-25 14:33 <DIR> --d----- c:\program files\common files\MSSoap
2009-02-25 14:32 <DIR> --d----- c:\program files\Online Services
2009-02-25 14:32 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-02-25 14:32 <DIR> --d----- c:\program files\Messenger
2009-02-25 14:32 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-02-25 14:31 <DIR> --d----- c:\program files\Windows NT
==================== Find3M ====================
2009-02-25 16:12 68,160 a------- c:\windows\War3Unin.dat
2009-02-25 16:06 139,264 a------- c:\windows\War3Unin.exe
2009-02-25 16:06 2,829 a------- c:\windows\War3Unin.pif
2009-02-25 14:52 223,128 a------- c:\windows\system32\drivers\dtscsi.sys
2009-02-25 14:51 664,064 a------- c:\windows\system32\drivers\sptd.sys
2009-02-25 14:51 96,256 a------- c:\windows\system32\drivers\sptd5581.sys
2009-02-25 14:45 315,392 a------- c:\windows\HideWin.exe
2009-02-25 14:35 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-25 14:32 21,640 a------- c:\windows\system32\emptyregdb.dat
============= FINISH: 15:53:53.62 ===============
Attach
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-02-01.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/25/2009 2:39:08 PM
System Uptime: 3/1/2009 9:03:51 AM (6 hours ago)
Motherboard: Acer | | Volvi2
Processor: Intel Pentium II processor | U2E1 | 1729/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 51 GiB total, 47.123 GiB free.
D: is FIXED (NTFS) - 51 GiB total, 44.194 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Modem Device on High Definition Audio Bus
Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_10250093&REV_1000\4&83DAAF5&0&0102
Manufacturer:
Name: Modem Device on High Definition Audio Bus
PNP Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_10250093&REV_1000\4&83DAAF5&0&0102
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_01051A32&REV_01\4&29E2C51B&0&00E1
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_01051A32&REV_01\4&29E2C51B&0&00E1
Service:
==== System Restore Points ===================
RP1: 2/25/2009 2:41:18 PM - System Checkpoint
RP2: 2/25/2009 2:45:53 PM - Installed Realtek High Definition Audio Driver
RP3: 2/25/2009 2:50:58 PM - Installed Marvell Miniport Driver
RP4: 2/25/2009 2:55:44 PM - Avira AntiVir Personal - 2/25/2009 14:55
RP5: 2/25/2009 5:00:14 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP6: 2/25/2009 9:18:37 PM - Installed Java(TM) 6 Update 12
RP7: 2/26/2009 4:42:16 PM - Shockwave Player
RP8: 2/26/2009 7:22:36 PM - Installed PerfectDisk 10 Home Edition.
RP9: 2/27/2009 9:40:22 PM - Removed PerfectDisk 10 Home Edition.
RP10: 3/1/2009 10:30:06 AM - System Checkpoint
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11
Avira AntiVir Personal - Free Antivirus
COMODO Internet Security
Eurobattle.net Installer
HijackThis 2.0.2
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 12
Marvell Miniport Driver
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Mozilla Firefox (3.0.6)
Realtek High Definition Audio Driver
Software Update for Web Folders
Spybot - Search & Destroy
SpywareBlaster 4.1
Warcraft III: All Products
WinRAR archiver
Yahoo! Messenger
==== Event Viewer Messages From Past Week ========
2/25/2009 5:23:01 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Documents and Settings\Dora\Desktop\Ghost11\ghost.exe. Reference error message: The operation completed successfully. .
2/25/2009 5:23:01 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
2/25/2009 5:23:01 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
2/25/2009 2:39:18 PM, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.
2/25/2009 2:43:48 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\usbui.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.
==== End Of File ===========================
Hi again,
Fix these entries with hjt (start hjt, do a system scan, check entries & click 'fix checked'):
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O20 - AppInit_DLLs:
Reboot and post a fresh hjt log.
Check this (http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html) link for hints to improve system performance.
It is not exacly slow but when I play a game it gets lower frames per second the more time I play the game,the more it drags on the lower and lower my frames per second lowers,before it worked fine.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:30:15 PM, on 3/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\DOCUME~1\Dora\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Documents and Settings\Dora\Desktop\HiJackThis.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 3720 bytes
Hi
Now we're entering the area of computing that I'm not so good at. Since the issue doesn't seem to be malware related I recommend you post at http://forums.pcpitstop.com for example. They help there with non malware related issues :)
It seems that I will not get to much help there...
Thanks anyway.
Hi
I'm sure people there do their best to help you :) After all, they can help you more than I here.
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.