1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Windows Xp running slow when it used to be super fast

Discussion in 'Windows XP' started by nrcricardo, Jan 4, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    Hi i have a major problem my windows xp is running very slow when it used to be super fast , now it just keeps jamming for a good 30 seconds and all sorts , could i possibly have a virus on this once super fast machine which only had 1gb ram of memory and did suprise me of its speed at one point but now has degraded, please i need help on what could be the cause.
     
  2. Saga Lout

    Saga Lout

    Joined:
    Sep 15, 2004
    Messages:
    3,791
    Do you not have an anti-virus programme? Clutter is another cause of slowing - download CCleaner from http://www.piriform.com and ATF Cleaner from http://www.atribune.org - each will find things the other does not. Just use the cleaner in CCleaner for the time being - leave Registry issues for another day.

    If this has been a sudden thing, you may be malware infected. Run your AV and if you don't have one, try AVG which has a free version from http://www.free.grisoft.com. You should also scan with a strong malware scanner and one such is MalwareBytes fropm http://www.malwarebytes.com.

    Post back if you still have a problem after using those and restarting in between and afterwards, for other suggestions but these are urgent jobs in the circumstances.
     
  3. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    what shall i do when the malware scan is complete
     
  4. Saga Lout

    Saga Lout

    Joined:
    Sep 15, 2004
    Messages:
    3,791

    The two vary but you can trust them both to fix anything they find and the restart. If you opted for Quick Scans, let the full scan run after the restart. It may take a while but it will be worthwhile.
     
  5. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
    Please click here to download and install version 2.0.2 of the HijackThis Installer.

    Run it and select Do a system scan and save a logfile.

    The log will be saved in Notepad. Copy and paste the log in your next post.

    Do not fix anything
     
  6. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    i have finished my malware scan and 10 files infected were found all in my c drive what shall i do next ????
     
  7. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    i also got rid off stuff using the atf cleaner, but that didnt make much difference but thank you anyway for your help.
     
  8. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    this is what i found when i used hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:54:26, on 04/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16945)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\IoctlSvc.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ThreatFire\TFService.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rundll32.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\ThreatFire\TFTray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Opera\opera.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.search.yahoo.com/search?fr=mcafee&p=%s
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
    O2 - BHO: (no name) - {38DEB5B8-6BCF-4D90-8A66-30931ABC764E} - C:\WINDOWS\system32\wvUliggg.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: FLV Splitter - {47E792CF-0BBE-4F7A-859C-194B0768650A} - C:\WINDOWS\system32\flvDX.dll (file missing)
    O3 - Toolbar: FLV Source - {C9ECE7B3-1D8E-41F5-9F24-B255DF16C087} - C:\WINDOWS\system32\flvDX.dll (file missing)
    O3 - Toolbar: FLV Video Decoder - {7CEEEECF-3FEE-4548-B529-C254CAF4D182} - C:\WINDOWS\system32\flvDX.dll (file missing)
    O3 - Toolbar: MONOGRAM Musepack Splitter - {C3E2E983-0198-4F73-9E5C-8365BB4C4131} - C:\WINDOWS\system32\MPCDx.ax (file missing)
    O3 - Toolbar: MONOGRAM Musepack Splitter - {7E563A5E-12F1-45C1-A29F-032E21C2F7FC} - C:\WINDOWS\system32\MPCDx.ax (file missing)
    O3 - Toolbar: MONOGRAM AMR Splitter - {24FA7933-FE18-46A9-914A-C2AA0DBACE93} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Splitter - {D7AF1F00-A702-4D1B-8490-8B7E0CDC3DEF} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Mux - {AAA4AACD-FD95-4240-9C45-9EB98E5DAC52} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Mux - {B6EAE677-074B-43EA-9239-5E509F87C652} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Decoder - {50DDA33E-C529-4343-9689-338ADC793BB5} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Decoder - {BA327E17-6AE9-430B-8246-1A90208AD1D7} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Encoder - {99735894-CAF4-488B-8275-B8CB1998216E} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: MONOGRAM AMR Encoder - {9B2DBA95-39D2-4537-8BBF-CED535E8DE56} - C:\WINDOWS\system32\nbDX.dll (file missing)
    O3 - Toolbar: RealMedia Splitter - {E21BE468-5C18-43EB-B0CC-DB93A847D769} - C:\WINDOWS\system32\RealMediaDX.ax (file missing)
    O3 - Toolbar: RealMedia Source - {765035B3-5944-4A94-806B-20EE3415F26F} - C:\WINDOWS\system32\RealMediaDX.ax (file missing)
    O3 - Toolbar: RealVideo Decoder - {238D0F23-5DC9-45A6-9BE2-666160C324DD} - C:\WINDOWS\system32\RealMediaDX.ax (file missing)
    O3 - Toolbar: RealAudio Decoder - {941A4793-A705-4312-8DFC-C11CA05F397E} - C:\WINDOWS\system32\RealMediaDX.ax (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: CActiveIMMAppEx_Trident - {50D5107A-D278-4871-8989-F4CEAAF59CFC} - C:\WINDOWS\system32\msls50.dll (file missing)
    O3 - Toolbar: VBPropertyBag - {D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731} - C:\WINDOWS\system32\msvbvm60.dll
    O3 - Toolbar: SSubTimer6.CTimer - {71A27034-C7D8-11D2-BEF8-525400DFB47A} - C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
    O3 - Toolbar: SSubTimer6.GSubclass - {71A27032-C7D8-11D2-BEF8-525400DFB47A} - C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O4 - Global Startup: McAfee Security Scan.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.download.com
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

    --
    End of file - 15415 bytes
     
  9. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
    Download and run Autoruns.

    Select the Internet Explorer tab.

    Under HKLM\Software\Microsoft\Internet Explorer\Toolbar,

    Right-click on everything related to MONOGRAM AMR, FLV, Real, CActiveIMMAppEx_Trident and delete.
     
  10. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
    You should also get rid of PC Tools and Ad-Aware. You already have Malwarebytes' Anti-Malware which is superior.
     
  11. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
    You have too many Startup applications loading with Windows and too many processes running in the background. This can significantly increase your Startup time and affect overall performance.

    You should definitely trim down your Startup list. Other than your security software, very few applications need to load with Windows at startup.

    Click on Start > Run > and type msconfig.

    Under the Startup tab, uncheck all unnecessary applications.

    For more detailed information, you can also download Autoruns.

    Run Autoruns and select the Logon tab.

    Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, you'll see all the applications running at Startup. Simply uncheck the items you don't need.

    Use these three websites to help you decide which items to uncheck:

    Simply copy and paste the .exe files you see at the end of your HijackThis log's 04 (Startup) entries one by one. Forget about 04 entries with HKUS or RunOnce. They won't show in msconfig. RunOnce entries will show in Autoruns though.

    1- System Lookup (my favorite - for this one, you can paste the whole 04 entry)

    2- PC Review - Startup Files Database

    3- Startup Applications List

    Remember, a lot of applications can be started manually when needed.

    A list of names and files will appear. At the end of each entry, you'll notice a symbol:

    Y = Normally leave to run at start-up

    N = Not required - often infrequently used tasks that can be started manually, if necessary

    U = User's choice - depends whether a user deems it necessary

    X = Malware, spyware, adware, or other potentially unwanted items

    ? = Currently unknown status

    Make sure to choose the correct information in the list, relating to the actual programs installed on your computer. Do not be alarmed by red "Xs" pointing to malware, especially if I haven't seen any in your HijackThis log. I do check before recommending this trimming.

    Example:

    Copy the following entry from your HijackThis log:

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    Paste it in this website: 1- System Lookup

    Now here is what you get. On line #7, you'll see the Name (QuickTime Task), the Filename (Qttask.exe), the Description and at the end of the line, you'll see a N, meaning Not required - often infrequently used tasks that can be started manually, if necessary. So, you can without a doubt uncheck it from your Startup list.

    After rebooting, when the small System Configuration Utility window appears, ignore the message. Put a check mark in that window, then click OK.


    Some Services may also be disabled.

    Simply paste your HijackThis log's 023 (Services) entries in the following website:

    System Lookup

    Then, after deciding which Services to disable,

    click on Start > Run > type services.msc

    Scroll down to the chosen service and double-click on it. Change the Startup type from Automatic to Manual.
     
  12. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    many of my files from the 04 HKLM section in my hijack list have a red x showing when i paste them in system lookup , do i delete all of them , i somehow dont think that is safe as certain files are system 32 and i have been warned about tampering with those files , i am confused help would be much appreciated at this time
     
  13. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
    No, make sure you're looking at the right applications. There is no sign of infection in your log.
     
  14. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    is it the HKLM or the HKCU of my files i should be copying and pasting
     
  15. nrcricardo

    nrcricardo Thread Starter

    Joined:
    Mar 25, 2009
    Messages:
    46
    but most of the files beginng with HK show a red x , i copy the file from my hijackthis log and paste it in the filename search on the system lookup page link
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/890989

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice