1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Win XP Slow Down, HJ Log attached

Discussion in 'Windows XP' started by Garyb, Sep 22, 2004.

Thread Status:
Not open for further replies.
  1. Garyb

    Garyb Thread Starter

    Sep 3, 1999
    I don't think I have Spyware. I have Gb Mb GA-81PE1000Pro, 800Fsb, P4 @2.8Ghz 800mhz, Maxtor 160Gb Sata Hdd 8Mg buffer, Plextor 8X Dvd burner, Sony Dvd/Cdr, 1Gb Kingston 400 Ram (2x512), Creative Sb Aud Ls, Ati Aiw Pro 9600 128Mb.

    I run Norton System Works 2003, Zone alarm Pro, Adaware Se, Spybot, Spyblaster, spyguard, Winpatrol, Win Startup Monitor, StartUp Contorl, Mozilla, and Mozilla Firefox. My computer starting taking about 3-4 times longer to boot up than normal about 3 days ago. Usually a defrag will make things work better. I ran Norton defrag and it took hours to finish. Normally it takes about 30 minutes. After this didn't help I went into config and did the start up without any programs or processes running. I did Xp defrag and the display mode indicated a lot of red area more than half being fragmented. This defrag took my machine about 4 hours to run. Didn't help much! The only thing I have done that I recall is DL & install Win Xp Media Player 10 and updated my Norton's definitions. I ran Nortons Windows checker and found some active x files missing and shortcuts that were missing files which I let it repair. I think I did this before the problem. I have looked in every folder & file on my computer (I have an 18 Yr. Old that uses my computer) and I don't see anything wrong, but I am not an Expert. I need some help here, My HJ Log is below. I see a good many calls for a file that was not there, Could this be my problem? I could not post the HJ log that showed everything that it could not find because it was too big. I generated the "too large file" by including the Option, "List empty sections". The text exceeded the 3000 byte limit for this forum. I would be glad to email it if it is needed. Any help here would be greatly appreciated!

    StartupList report, 9/22/2004, 6:47:59 PM
    StartupList version: 1.52.2
    Started from : C:\2Hijack\HijackThis.EXE
    Detected: Windows XP SP1 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    * Showing rarely important sections

    Running processes:

    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
    C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\ClipMate5\ClipMt51.exe
    C:\Program Files\SpywareGuard\sgmain.exe


    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\Gary\Start Menu\Programs\Startup]
    ClipMate5.lnk = C:\Program Files\ClipMate5\ClipMt51.exe
    SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe


    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,


    Autorun entries from Registry:

    Zone Labs Client = C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
    WinPatrol = "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
    Run StartupMonitor = StartupMonitor.exe
    NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
    mmtask = C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
    EPSON Stylus CX6400 = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
    CTSysVol = C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
    ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"


    Autorun entries from Registry:

    (Default) =


    Autorun entries from Registry:

    PhotoShow Deluxe Media Manager = C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
    ATI Launchpad =


    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe


    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*


    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present


    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden


    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    NAV Helper - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}


    Enumerating Task Scheduler jobs:

    Norton AntiVirus - Scan my computer.job
    Symantec NetDetect.job


    Enumerating Download Program Files:

    [Symantec AntiVirus scanner]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\avsniff.dll
    CODEBASE = http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab

    [WUWebControl Class]
    InProcServer32 = C:\WINDOWS\System32\wuweb.dll
    CODEBASE = http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1092688777265

    [Symantec RuFSI Registry Information Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
    CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

    [ActiveDataInfo Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\SymAData.dll
    CODEBASE = https://www-secure.symantec.com/techsupp/activedata/SymAData.dll

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [ActiveDataObj Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ActiveData.dll
    CODEBASE = https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab


    Enumerating Windows NT/2000/XP services

    AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (autostart)
    Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    Ati HotKey Poller: %SystemRoot%\System32\Ati2evxx.exe (autostart)
    ATI Smart: C:\WINDOWS\system32\ati2sgag.exe (autostart)
    ATI WDM TV Tuner: System32\DRIVERS\atintuxx.sys (autostart)
    ATI WDM TV Audio Crossbar: System32\DRIVERS\atinxsxx.sys (autostart)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
    Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Kodak DCFS2K Driver: system32\drivers\dcfs2k.sys (autostart)
    DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    InCD Helper: C:\Program Files\Ahead\InCD\InCDsrv.exe (autostart)
    Kodak Camera Connection Software: %SystemRoot%\system32\drivers\KodakCCS.exe (autostart)
    Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart)
    ATI WDM Specialized MVD Codec: System32\DRIVERS\atinmdxx.sys (autostart)
    Norton AntiVirus Auto Protect Service: "C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe" (autostart)
    Norton Unerase Protection: "C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE" (autostart)
    ATI WDM Specialized PCD Codec: System32\DRIVERS\atinpdxx.sys (autostart)
    PfModNT: \??\C:\WINDOWS\System32\drivers\PfModNT.sys (autostart)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    SAVRTPEL: \??\C:\WINDOWS\System32\Drivers\SAVRTPEL.SYS (autostart)
    ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    ScsiAccess: C:\WINDOWS\System32\ScsiAccess.EXE (autostart)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
    SYMTDI: \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS (autostart)
    Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows User Mode Driver Framework: C:\WINDOWS\System32\wdfmgr.exe (autostart)
    Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    vsdatant: \??\C:\WINDOWS\System32\vsdatant.sys (autostart)
    TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
    Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    WMDM PMSP Service: C:\WINDOWS\System32\MsPMSPSv.exe (autostart)
    Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)


    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\System32\webcheck.dll
    SysTray: C:\WINDOWS\System32\stobject.dll

    End of report, 13,090 bytes
    Report generated in 0.094 seconds
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Similar Threads - Slow Down attached
  1. vajovic
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/277017

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice