1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Is my PC infected? or is it just old & slow?

Discussion in 'Virus & Other Malware Removal' started by AmyRenee, Nov 12, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. AmyRenee

    AmyRenee Thread Starter

    Joined:
    Nov 12, 2007
    Messages:
    3
    Can anyone here help me? My PC has slowed down to a crawl lately & i can't figure out why. When i restart it, it takes forever to load & i don't have very many programs that load.
    I also get a warning from time to time that says virtual memory is low & it keeps increasing
    the page file. I've tried programs like A-squared, AVG antispy, superantispy & they can't find anything. I did try a program uniblue registry booster & it found well over 200 problems but it wasn't freeware & wouldn't fix but only 15 items. Anyhow, i did a hijackthis
    & am posting it here, if someone could take a look at it for me i'd appreciate it! Thanks, AmyRenee
    Logfile of HijackThis v1.99.1
    Scan saved at 8:22:35 PM, on 11/12/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Softex\OmniPass\OPXPApp.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\lxcrcoms.exe
    C:\Documents and Settings\Owner\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus8.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus8.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus8.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus8.hpwis.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,[email protected]
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O16 - DPF: Animal Ark by pogo - http://www.pogo.com/v/8.1.0.16/applet/animal/animal-en_US.cab
    O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/v/8.1.1.15/applet/battlephlinx/battlephlinx-en_US.cab
    O16 - DPF: Bingo Luau by pogo - http://game1.pogo.com/v/8.1.1.16/applet/freebingo/freebingo-en_US.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/v/8.1.1.13/applet/blackjack/blackjack-en_US.cab
    O16 - DPF: Command and Conquer Attack Copter by pogo - http://game1.pogo.com/applet-8.0.7.27/ccstrike/ccstrike-en_US.cab
    O16 - DPF: Dominoes by pogo - http://game1.pogo.com/v/8.1.1.13/applet/domino/domino-en_US.cab
    O16 - DPF: Its Outta Here 2 by pogo - http://game1.pogo.com/v/8.1.1.7/applet/itsoutofhere/itsoutofhere-en_US.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/v/8.1.1.1/applet/mahjong2/mahjong2-en_US.cab
    O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/v/8.1.1.1/applet/paigow/paigow-en_US.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/v/8.1.1.1/applet/flinger/flinger-en_US.cab
    O16 - DPF: Pinochle by pogo - http://game1.pogo.com/v/8.1.1.13/applet/pinochle/pinochle-en_US.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/v/8.1.1.1/applet/popfu/popfu-en_US.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/v/8.1.1.34/applet/poppit2/poppit2-en_US.cab
    O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/v/8.1.1.1/applet/hotstreak/hotstreak-en_US.cab
    O16 - DPF: Spades 2 by pogo - http://game1.pogo.com/v/8.1.1.13/applet/spades2/spades2-en_US.cab
    O16 - DPF: Spooky Slots - http://game1.pogo.com/v/8.1.1.35/applet/spooky/spooky-en_US.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/v/8.1.1.13/applet/sweettooth/sweettooth-en_US.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/v/8.1.1.1/applet/peaks/peaks-en_US.cab
    O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/v/8.1.1.1/applet/memories/memories-en_US.cab
    O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
    O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192921799406
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1192921968281
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Hi and welcome
    How much memory does it have
     
  3. AmyRenee

    AmyRenee Thread Starter

    Joined:
    Nov 12, 2007
    Messages:
    3
    It's a compaq presario, AMD Athlon XP 2400+, 2.00 Ghz, 112 MB of RAM
     
  4. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Windows XP with only 112MB of RAM....I am surprised it runs at all.
    You can try adding more memory, you should definitely see a change in system performance then.
     
  5. AmyRenee

    AmyRenee Thread Starter

    Joined:
    Nov 12, 2007
    Messages:
    3
    Hi, I took your advice & installed more memory today. There is a very big difference with my pc's performance! "Thank You!" I also bought the full version of Registry Booster 2 by UniBlue & it cleaned my messy registry thoroughly! So far it seems like a great product! Everything seems to be working smoothly. I now have 624 MB RAM. I'm going to add another hijackthis file, if you don't mind could you double check it for me? Let me know if it all looks ok? I'd appreciate it! Thanks again for your help! AmyRenee
    Here is my new scan:
    Logfile of HijackThis v1.99.1
    Scan saved at 3:50:43 PM, on 11/16/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Softex\OmniPass\OPXPApp.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\lxcrcoms.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Owner\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus8.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus8.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus8.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus8.hpwis.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,[email protected]
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O16 - DPF: Animal Ark by pogo - http://www.pogo.com/v/8.1.0.16/applet/animal/animal-en_US.cab
    O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/v/8.1.1.15/applet/battlephlinx/battlephlinx-en_US.cab
    O16 - DPF: Bingo Luau by pogo - http://game1.pogo.com/v/8.1.1.16/applet/freebingo/freebingo-en_US.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/v/8.1.1.13/applet/blackjack/blackjack-en_US.cab
    O16 - DPF: Command and Conquer Attack Copter by pogo - http://game1.pogo.com/applet-8.0.7.27/ccstrike/ccstrike-en_US.cab
    O16 - DPF: Dominoes by pogo - http://game1.pogo.com/v/8.1.1.13/applet/domino/domino-en_US.cab
    O16 - DPF: Its Outta Here 2 by pogo - http://game1.pogo.com/v/8.1.1.7/applet/itsoutofhere/itsoutofhere-en_US.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/v/8.1.1.1/applet/mahjong2/mahjong2-en_US.cab
    O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/v/8.1.1.1/applet/paigow/paigow-en_US.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/v/8.1.1.1/applet/flinger/flinger-en_US.cab
    O16 - DPF: Pinochle by pogo - http://game1.pogo.com/v/8.1.1.13/applet/pinochle/pinochle-en_US.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/v/8.1.1.1/applet/popfu/popfu-en_US.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/v/8.1.1.34/applet/poppit2/poppit2-en_US.cab
    O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/v/8.1.1.1/applet/hotstreak/hotstreak-en_US.cab
    O16 - DPF: Spades 2 by pogo - http://game1.pogo.com/v/8.1.1.13/applet/spades2/spades2-en_US.cab
    O16 - DPF: Spooky Slots - http://game1.pogo.com/v/8.1.1.35/applet/spooky/spooky-en_US.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/v/8.1.1.13/applet/sweettooth/sweettooth-en_US.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/v/8.1.1.1/applet/peaks/peaks-en_US.cab
    O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/v/8.1.1.1/applet/memories/memories-en_US.cab
    O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
    O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192921799406
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1192921968281
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
     
  6. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Looks fine :)
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/651154

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice