Is this pc clean 7 replies

Please wait...

ikyojo

AKA Daxs

50 XP

26th July 2007

0 Uploads

411 Posts

0 Threads

#1 11 years ago

Ok i have a problem I've been trying to clean up my step dad's pc what a hell of job. He is so stubborn and wont reformat. Anyway im having the trouble of when i log on its takes forever to load the task bar and icons. But i can control alt delete and then bam i can run any task and its fairly fast and doing anything i choose to run. anything in the os is painfully slow the computer isn't too bad is a P4 3.0GHZ a 6600GT and 1GB of ram which i think is ok for xp and basic stuff. Anyway wanted to know if this hijackthis log is clean if so what do you think could be causing the problem. BTW exeploer.exe is running when i press control alt delete before the icons and stuff loads. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:03:42 PM, on 24/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal

Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\imapi.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe H:\HijackThis.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Missim.org R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Missim.org R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) R3 - URLSearchHook: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file) O3 - Toolbar: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Yahoo!7 Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-796845957-1580436667-682003330-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-796845957-1580436667-682003330-1006\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?') O4 - HKUS\S-1-5-21-796845957-1580436667-682003330-1006\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?') O4 - S-1-5-21-796845957-1580436667-682003330-1006 Startup: FrostWire On Startup.lnk = C:\Program Files\FrostWire\FrostWire.exe (User '?') O4 - Startup: FrostWire On Startup.lnk = C:\Program Files\FrostWire\FrostWire.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKxdm021YYAU O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Adobe Form Control) - http://www.ato.gov.au/formflow/codebase/FormCtl.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/WebfettiInitialSetup1.0.0.15-3.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {224F7DEA-B7C1-11D3-AB40-00902712A5C9} (PLSAddin Class) - http://www.ato.gov.au/formflow/codebase/plsspeller.cab O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1140936257078 O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Adobe Script Object) - http://www.ato.gov.au/formflow/codebase/scriptobject.cab O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Adobe Soft Font Installer) - http://www.ato.gov.au/formflow/codebase/fontinstaller.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{54256065-811A-4758-9A14-57333180513C}: Domain = vic.bigpond.net.au O17 - HKLM\System\CS1\Services\Tcpip\..\{54256065-811A-4758-9A14-57333180513C}: Domain = vic.bigpond.net.au O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/PAIGEP~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

-- End of file - 9793 bytes




MrFancypants Forum Administrator

The Bad

218,791 XP

7th December 2003

0 Uploads

20,063 Posts

12 Threads

#2 11 years ago

The hijack this log doesn't tell me much (except that you seem to have a bunch of toolbars installed which may slow things down).

But if the OS is slow after start-up the reason for this may be that one of the tasks crashed, so maybe you should just close one task after another until you find the one that slows things down. Then either uninstall the corresponding component or disable the task with a bootmanager (those programs are freeware and allow you to select which programs to load at startup).

The best way to get rid of the problems would of course be to formet the PC, to patch it and install anti-virus and anti-spyware programs before you connect to the internet. If it is still slow after that you probably have a hardware problem.




>Omen<

Modern Warfare

50 XP

1st January 2005

0 Uploads

7,395 Posts

0 Threads

#3 11 years ago
MrFancypants;5251507The hijack this log doesn't tell me much...

It tells a LOT actually if you just use one of the online analyzers.

As you can see by pasting the log into the analyzer it has 4 labeled Nasty as well as one labeled Extremely Nasty. HjT recommends removing these, which you can do easily via the Fix Checked tab after scanning. The others with question marks look OK, though the top one labeled Proxy Server override despite being labeled Very safe is a concern if it's not a proxy server you set up yourself.

Anything with an X should typically be removed. If you're ever unsure on the others, consult a forum that specializes in reading HjT logs, like this one. For the most part you can tell by the name of the program and/or if it's active or not (installed/uninstalled). Commonly malware will be hidden with anonymous designations via numbers or such.




ikyojo

AKA Daxs

50 XP

26th July 2007

0 Uploads

411 Posts

0 Threads

#4 11 years ago

^Thank you so much




ikyojo

AKA Daxs

50 XP

26th July 2007

0 Uploads

411 Posts

0 Threads

#5 11 years ago

Ok so i did what you said and removed everything the pc is clean now but the start-up problem was still there. So what i did was went into msconfig did a diagnostic start up and bam desktop straight away when it loaded i narrowed it down to services and in the end it turned out to be the Shell Hardware Detection now i cant understand why this would make they pc so slow would you guys be able to give me a helping hand?




>Omen<

Modern Warfare

50 XP

1st January 2005

0 Uploads

7,395 Posts

0 Threads

#6 11 years ago

Are you sure it isn't one or more problematic programs enabled as startups that is causing the slow boot? Try disabling one at a time to see. I had an issue recently where the Online Armor firewall I switched to was causing slow bootups. Some progs work fine until you install them on a system with certain hardware and/or software.

Shell Hardware Detection shouldn't slow your boot time severely. It's on by default and on Automatic. Also, are you sure everything is updated on drivers, Windows updates, etc? That can cause slow boots. Don't forget MB chipset driver, DirectX, etc.

You could also try a CHKDSK /r scan on bootup to see if any bad HDD sectors are found and repaired.




ikyojo

AKA Daxs

50 XP

26th July 2007

0 Uploads

411 Posts

0 Threads

#7 11 years ago

Nope i am 100% sure that is this i can have everything including all start up programs but if i disable this service the pc loads so much faster and doesn't constantly pause. I did a google and the only thing that it stops working is when you put a cd or usb into your computer it dosen't come up with autoplay so far everything else works normal.




>Omen<

Modern Warfare

50 XP

1st January 2005

0 Uploads

7,395 Posts

0 Threads

#8 11 years ago

Shell Hardware Detection is part of the system files. If it's causing slow boots you could have a certain amount of system file corruption, which may have been caused by the malware. Did you try a CHKDSK /r scan? It may find and repair such a problem.