Slow xp Home pos virus

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Hookstar.uk

Thread Starter
Joined
Jul 1, 2002
Messages
70
Hi everybody and a happy new year to you all.

Just a small problem, I am having some slow page uploading on my pc from time to time, and some times trouble executing some progs .. could it be a virus.
Now I have tried running homecall AV but wont upload, I have AVG running and is bang up to date and have outpost running.

I have copied my start up file to see if anybody can shelve any light in any of my problems.

Many thanks in advance.

StartupList report, 02/01/2003, 12:35:31
StartupList version: 1.40.1
Started from : C:\Documents and Settings\Terry\Local Settings\Temp\Temporary Directory 4 for startuplist14.zip\StartupList.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Terry\Local Settings\Temp\Temporary Directory 4 for startuplist14.zip\StartupList.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

WinFast Schedule = C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
AVG_CC = C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
NeroCheck = C:\WINDOWS\system32\NeroCheck.exe
InCD = C:\Program Files\ahead\InCD\InCD.exe
Outpost Firewall = C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

TClockEx = C:\Program Files\TClockEx\TCLOCKEX.EXE

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
StubPath = "C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

*Registry value not found*
*Registry value not found*
*Registry key not found*
*Registry key not found*
*Registry value not found*
*Registry value not found*
*Registry key not found*
*Registry key not found*

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

*INI section not found*
*INI section not found*
*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Download Program Files:

[sys Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PCPitStop.dll
CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx
CODEBASE = http://a840.g.akamai.net/7/840/537/2002121801/housecall.antivirus.com/housecall/xscan53.cab

[Update Class]
InProcServer32 = C:\WINDOWS\System32\iuctl.dll
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37621.2577777778

[IntraLaunch.MainControl]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\INTRALAUNCH.OCX
CODEBASE = file://D:\Resources\IntraLaunch.CAB

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx
CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

--------------------------------------------------
End of report, 6,570 bytes
Report generated in 0.101 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
 
Joined
Dec 9, 2000
Messages
45,855
Actually it looks clean. I don't see any obvious issues there and the only question marks might be

WinFast Schedule = C:\Program Files\WinFast\WFTVFM\WFWIZ.exe

and your Palm hotsync installation, neither of which I'm really familiar with.

When it happens, you might want to do a ctrl-alt-del and look at the Task Manager to see if any process is consuming an abnormally high cpu percent. There can be some problems with Explorer.exe on certain systems.
 
Joined
Oct 3, 2002
Messages
3,362
thats weird.....there was no startup file listed when i checked this the first time and now its here
 

Hookstar.uk

Thread Starter
Joined
Jul 1, 2002
Messages
70
Thanks for replying Jtoast and Rog.

Firstly I have run Panda on line and it found no Viruses :D and run Adaware.. I know its not up to date but I also run outpost which is.

Secondly : WinFast Schedule = C:\Program Files\WinFast\WFTVFM\WFWIZ.exe, that is a TV pci card that lets me watch TV on the pc .. sad I know

Palm hotsync is my hand held computer, the sync is the connection between home pc and work pc.

And yep that sounds feasable Rog.. Ctrl- alt-dlt when it happens again will and have a look at whats running.

just for interest Im running:

Elite mobo ECS K7S5A
AMD athlon 1800xp
256 ram
40G Maxtor 7200 rpm silent
Nvedia Geforce 2 MX

Cheers

Hook:D
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top