[solved]Computer Has Slowed Down!!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bappida69

Thread Starter
Joined
Jul 2, 2004
Messages
22
Hi world,

This is a great forum and I hope someone can help out. My machine has slowed down considerably over the past few days. I ran Adaware. Ran Spybot 1.3, but that gives me a message in the middle of scan(Error during check! 2020 search). I ran HijackThis. Here is the log file:

Logfile of HijackThis v1.98.2
Scan saved at 9:30:17 PM, on 8/31/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
G:\WINNT\System32\smss.exe
G:\WINNT\system32\winlogon.exe
G:\WINNT\system32\services.exe
G:\WINNT\system32\lsass.exe
G:\WINNT\system32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\WINNT\system32\LEXBCES.EXE
G:\WINNT\system32\spoolsv.exe
G:\WINNT\system32\LEXPPS.EXE
G:\PROGRA~1\Grisoft\AVG6\avgserv.exe
G:\WINNT\System32\svchost.exe
G:\WINNT\system32\gearsec.exe
G:\WINNT\system32\hidserv.exe
G:\Program Files\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
G:\WINNT\system32\regsvc.exe
G:\WINNT\System32\SCardSvr.exe
G:\WINNT\system32\MSTask.exe
G:\WINNT\System32\WBEM\WinMgmt.exe
G:\WINNT\System32\mspmspsv.exe
G:\WINNT\system32\svchost.exe
G:\WINNT\Explorer.EXE
G:\Program Files\Visioneer OneTouch\OneTouchMon.exe
G:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
G:\WINNT\system32\pctspk.exe
G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
G:\Program Files\QuickTime\qttask.exe
G:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\COMPAQ\CPQINET\CPQInet.exe
G:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
G:\progra~1\kiwial~1\partner\saap.exe
G:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
G:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
G:\Program Files\Microsoft Office\Office\FINDFAST.EXE
G:\Program Files\Microsoft Office\Office\OSA.EXE
G:\Program Files\PrintKey2000\Printkey2000.exe
G:\Program Files\WinZip\WZQKPICK.EXE
G:\WINNT\system32\Vcnxjb.exe
G:\WINNT\system32\XheTsnO3.exe
G:\WINNT\system32\svchost.exe
G:\WINNT\system32\wuauclt.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\Program Files\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tdwaterhouse.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tdwaterhouse.com/
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - G:\WINNT\system32\msbe.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PrinTray] G:\WINNT\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [OneTouch Monitor] G:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [CPQEASYACC] G:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [MMTray] G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "G:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] G:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [29WRM9B5WFX7SJ] G:\WINNT\system32\Tspif2Ng.exe
O4 - HKLM\..\Run: [AVG_CC] G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [yzez] G:\WINNT\yzez.exe
O4 - HKCU\..\Run: [Yahoo! Pager] G:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "G:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: DriveSelect.lnk = G:\Program Files\321Studios\Xpress\DriveSelect.exe
O4 - Global Startup: Microsoft Find Fast.lnk = G:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = G:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Printkey2000.lnk = G:\Program Files\PrintKey2000\Printkey2000.exe
O4 - Global Startup: WinZip Quick Pick.lnk = G:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - G:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - G:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll

Any advise is more than welcome!!

Thanks.
 
Joined
Oct 13, 2003
Messages
2,367
Run this uninstaller to get rid of the peper.a trojan:

http://www.zerosrealm.com/downloads/uninst.exe

*Note: Just click on the uninst.exe and let it run. When it is finished it will just close. There will be no dialogue. Also you must be connected to the internet for the uninstaller to be effective.

Restart your computer and post a fresh HJT log.
 
Joined
Jul 13, 2004
Messages
51
Yeah, then look at my signature. You may also want to defrag and delete your cache.

Ford Rocks
 

bappida69

Thread Starter
Joined
Jul 2, 2004
Messages
22
Hi,

Thanks for the resposne. Ran the uninstaller, restarted the p/c and here is the new Hijackthis log.

Logfile of HijackThis v1.98.2
Scan saved at 7:02:36 AM, on 9/1/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
G:\WINNT\System32\smss.exe
G:\WINNT\system32\winlogon.exe
G:\WINNT\system32\services.exe
G:\WINNT\system32\lsass.exe
G:\WINNT\system32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\WINNT\system32\LEXBCES.EXE
G:\WINNT\system32\spoolsv.exe
G:\WINNT\system32\LEXPPS.EXE
G:\PROGRA~1\Grisoft\AVG6\avgserv.exe
G:\WINNT\System32\svchost.exe
G:\WINNT\system32\gearsec.exe
G:\WINNT\system32\hidserv.exe
G:\Program Files\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
G:\WINNT\system32\regsvc.exe
G:\WINNT\System32\SCardSvr.exe
G:\WINNT\system32\MSTask.exe
G:\WINNT\System32\WBEM\WinMgmt.exe
G:\WINNT\System32\mspmspsv.exe
G:\WINNT\system32\svchost.exe
G:\WINNT\Explorer.EXE
G:\Program Files\Visioneer OneTouch\OneTouchMon.exe
G:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
G:\WINNT\system32\pctspk.exe
G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
G:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
G:\Program Files\QuickTime\qttask.exe
C:\COMPAQ\CPQINET\CPQInet.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
G:\WINNT\yzez.exe
G:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
G:\Program Files\Microsoft Office\Office\FINDFAST.EXE
G:\Program Files\Microsoft Office\Office\OSA.EXE
G:\Program Files\PrintKey2000\Printkey2000.exe
G:\Program Files\WinZip\WZQKPICK.EXE
G:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\WINNT\system32\wuauclt.exe
G:\Program Files\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tdwaterhouse.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tdwaterhouse.com/
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - G:\WINNT\system32\msbe.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PrinTray] G:\WINNT\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [OneTouch Monitor] G:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [CPQEASYACC] G:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [MMTray] G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "G:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] G:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [AVG_CC] G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [yzez] G:\WINNT\yzez.exe
O4 - HKCU\..\Run: [Yahoo! Pager] G:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "G:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: DriveSelect.lnk = G:\Program Files\321Studios\Xpress\DriveSelect.exe
O4 - Global Startup: Microsoft Find Fast.lnk = G:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = G:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Printkey2000.lnk = G:\Program Files\PrintKey2000\Printkey2000.exe
O4 - Global Startup: WinZip Quick Pick.lnk = G:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - G:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - G:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll


I will also try defragmenting later.

Any advise is more than welcome!!

Thanks
 
Joined
Oct 13, 2003
Messages
2,367
Open HJT and put checkmarks next to these:

O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - G:\WINNT\system32\msbe.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"

O4 - HKLM\..\Run: [29WRM9B5WFX7SJ] G:\WINNT\system32\Tspif2Ng.exe

O4 - HKLM\..\Run: [yzez] G:\WINNT\yzez.exe

Include the ones below if you want. They're optional fixes that'll stop the programs from auto loading at start up. I'd definitely recommend fixing the FindFast entry.

O4 - HKLM\..\Run: [CPQEASYACC] G:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [MMTray] G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe

O4 - Global Startup: Microsoft Find Fast.lnk = G:\Program Files\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Office Startup.lnk = G:\Program Files\Microsoft Office\Office\OSA.EXE

Close ALL browser windows and click "Fix checked."

Restart your computer and post another HJT log. (y)
 

bappida69

Thread Starter
Joined
Jul 2, 2004
Messages
22
Thanks a lot for your replies and suggestions. I can definetely see improvement in my PC!! Heres the HijackThis log file

Logfile of HijackThis v1.98.2
Scan saved at 9:23:16 PM, on 9/2/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
G:\WINNT\System32\smss.exe
G:\WINNT\system32\winlogon.exe
G:\WINNT\system32\services.exe
G:\WINNT\system32\lsass.exe
G:\WINNT\system32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\WINNT\system32\LEXBCES.EXE
G:\WINNT\system32\spoolsv.exe
G:\WINNT\system32\LEXPPS.EXE
G:\PROGRA~1\Grisoft\AVG6\avgserv.exe
G:\WINNT\System32\svchost.exe
G:\WINNT\system32\gearsec.exe
G:\WINNT\system32\hidserv.exe
G:\Program Files\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
G:\WINNT\system32\regsvc.exe
G:\WINNT\System32\SCardSvr.exe
G:\WINNT\system32\MSTask.exe
G:\WINNT\System32\WBEM\WinMgmt.exe
G:\WINNT\System32\mspmspsv.exe
G:\WINNT\system32\svchost.exe
G:\WINNT\Explorer.EXE
G:\Program Files\Visioneer OneTouch\OneTouchMon.exe
G:\WINNT\system32\pctspk.exe
G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
G:\Program Files\QuickTime\qttask.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
G:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
G:\Program Files\Microsoft Office\Office\OSA.EXE
G:\Program Files\PrintKey2000\Printkey2000.exe
G:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
G:\Program Files\WinZip\WZQKPICK.EXE
G:\WINNT\system32\wuauclt.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\Program Files\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tdwaterhouse.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tdwaterhouse.com/
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PrinTray] G:\WINNT\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [OneTouch Monitor] G:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [MMTray] G:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "G:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] G:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AVG_CC] G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKCU\..\Run: [Yahoo! Pager] G:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "G:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: DriveSelect.lnk = G:\Program Files\321Studios\Xpress\DriveSelect.exe
O4 - Global Startup: Office Startup.lnk = G:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Printkey2000.lnk = G:\Program Files\PrintKey2000\Printkey2000.exe
O4 - Global Startup: WinZip Quick Pick.lnk = G:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - G:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - G:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll

Is there anything else in here??

Thanks!!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top