1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

[Resolved] Stepdads computer sluggish?

Discussion in 'Windows XP' started by r00ted, Sep 24, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Well...my stepdads computer has been really sluggish lately...and Im not sure what it is.......but could someone take a look at these logs please?

    Thank you

    I have attached the startup list, and I will just copy and paste the small hijackthis log:

    Logfile of HijackThis v1.97.2
    Scan saved at 7:50:30 AM, on 9/24/2003
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\Smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Microsoft IntelliPoint 4.12\Mouse\SETUP\MSH\Mouse\point32.exe
    C:\WINDOWS\System32\pupxpman.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\System32\CTHELPER.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    C:\Program Files\mIRC\mirc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Carl Lewis\My Documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://test.askchopper.com/cgi-bin/forums/YaBB.pl
    O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh304181.dll
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
    O4 - HKLM\..\Run: [PwrUpTweakMe] C:\WINDOWS\System32\PUPXPTWK.EXE /TWEAK
    O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft IntelliPoint 4.12\Mouse\SETUP\MSH\Mouse\point32.exe
    O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\System32\pupxpman.exe
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\Smc.exe -startgui
    O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
    O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: ICQ Lite (HKLM)
    O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
    O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37877.4446180556
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/dj/qdiagh.cab?306
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/12119/CTPID.cab

    Thanks again guys, I really appreciate it.
     

    Attached Files:

  2. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    First you can have HJT fix this :
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe


    Then download and update as well as scan and fix what it finds with Spybot search and destroy .
     
  3. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Okay I fixed that Updreg entry with HJT, as well as scanned with Spybot and fixed everything. There was no immediate threats or registry inconsistencies but I fixed everything else (Run history, Assistant history, recent opened files, run history, URL history, etc) overall nothing that big that would cause much of a slowdown.

    Sooooo. is the Updreg.exe the only thing that would be removable from startup?
     
  4. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    I would remove IRC form startup as well as power up xp and creative cd entries by going to start / run / msconfig and startup tab. You can also try unchecking the hewlet packard entries with the exception of the print spooler entry. The printer may still work while not on startup and if not then just go back in and check it..
     
  5. KeithKman

    KeithKman

    Joined:
    Dec 28, 2002
    Messages:
    1,983
  6. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Alright, lil update. I removed the hpztsb07 entry from msconfig, I havent restarted yet though.....but Im trying the online virus scans (I was clean with Norton AV).

    Okay, I tried all the online scans and I seem to be virus free.
     
  7. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    You could also take a look at the running services from start, control panel, administrative tools , services...Compare the running services against this list to see what can be set to manual or shut down completely.
     
  8. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Okay. I set those services up, but by looking at my Task Manager, I think the problem seems to be coming from smc.exe which is Sygate's Personal Firewall Pro.so.my question, is there any way to keep SyGate from hogging all of my resources? Right now it is using like 23000k of memory according to the taskManager
     
  9. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    It is a resource hog and not recommended very often . Most here use Kerio which is the easiest on resources or Zone alarm .
     
  10. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Does Kerio come with any sort of IP and/or IP range blocker? Thats the reason why I was using Sygate, because ZoneAlarm Pro supports blocking IP ranges and stuff, but I cant figure it out using the XML code from xs.tech.nu
     
  11. keebs

    keebs

    Joined:
    Sep 26, 2003
    Messages:
    265
    hi , just press ctrl alt delete and check the CPU section on the usage that the program is using im guessing its iexplore.exe because when ever i open internet explorer it starts working sluggishly t0o but when i end iexplorer it starts running faster hope this works cya =] just in case dont end EXPLORER.exe
     
  12. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Yea, thats what I did and I found iexplore and explorer.exe were the only other 2 process with mem usage in the xx thousands :p

    On a sidenote....I figured out what it was I think.....cause, Sygate like logs every freakin packet to a log...sooo...I shut the packet logging off, and then I just set the other log functions to a lesser number and it doesnt seem as bad. But yea...Sygate was definately the culprit :p

    Anyway to get rid of the logging all together?
     
  13. keebs

    keebs

    Joined:
    Sep 26, 2003
    Messages:
    265
    solved yes or no =]
     
  14. r00ted

    r00ted Thread Starter

    Joined:
    Mar 9, 2003
    Messages:
    70
    Solved
     
  15. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    Please click on the report button and ask for the thread to be marked as solved then..
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/167047

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice