i need help with my slow ass computer please help.
Logfile of HijackThis v1.99.1
Scan saved at 1:11:56 PM, on 8/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Azureus\Azureus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dan\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_2.1.1.74.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g...ng_2_0_0_24.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
0
hijack this analysis please
Started by chuck1081105, Aug 30 2006 06:24 PM
1 reply to this topic
#2 OFFLINE
-
- Spyware Moderators
-
- 606 posts
Power Member
- Gender:Male
- Location:Netherlands
Posted 30 August 2006 - 06:42 PM
Only one thing in your log that needs attention.
First please disable your Windows Defender Real-time Protection as it may interfere with the fix that we need to make.
Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.
When we're done it is very important that you enable Real-time Protection again.
Now check the following line in HijackThis, then press "Fix Checked":
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
Restart your computer, then delete the C:\Program Files\License_Manager folder.
Now for some housekeeping:
Shut down Internet Explorer and Outlook Express.
Go to Control Panel/Internet, and clear your temporary Internet Files.
Also clear your History.
Go to the 'Content' tab, click 'Autocomplete', and clear your forms and passwords cache.
Now go to the Advanced tab, and click Restore Defaults.
Go to the Security tab > Internet, and click restore defaults there as well.
Empty the entire contents of your Documents and Settings\UserName\Local Settings\Temp folder (it probably has the hidden attribute!), and empty your recycle bin.
You could also achieve some performance gain by disabling unneccessary services
Here's a site that will be of help in determining what can stay, and what can be disabled in your particular configuration.
http://www.theelderg...vices_guide.htm
I urge you to create a restore point before you start disabling services. Many of them are interdependent, and disabling one you think you can do without can affect one or more others you may need.
Also, have you recently defragmented your drive? If not, I suggest you do:
Start > Run > Dfrg.msc
It's also a very good idea to compact your registry; you can use NTRegopt for that:
http://www.onlythebestfreeware.com/program...?program_id=180
Finally, Click Start , and then click Run .
In the Open box, type sfc /scannow (Note: there's a space following "sfc"!), and then click OK . You may be prompted to insert the Windows XP installation CD-ROM.
Windows will verify the integrity of the system files, will detect whether any system files are missing or corrupted, and will restore the correct version from either the Windows CD-ROM, or from your Windows\ServicePackFiles folder.
Now test to see whether things run a little more crisply.
Good luck!
First please disable your Windows Defender Real-time Protection as it may interfere with the fix that we need to make.
Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.
When we're done it is very important that you enable Real-time Protection again.
Now check the following line in HijackThis, then press "Fix Checked":
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
Restart your computer, then delete the C:\Program Files\License_Manager folder.
Now for some housekeeping:
Shut down Internet Explorer and Outlook Express.
Go to Control Panel/Internet, and clear your temporary Internet Files.
Also clear your History.
Go to the 'Content' tab, click 'Autocomplete', and clear your forms and passwords cache.
Now go to the Advanced tab, and click Restore Defaults.
Go to the Security tab > Internet, and click restore defaults there as well.
Empty the entire contents of your Documents and Settings\UserName\Local Settings\Temp folder (it probably has the hidden attribute!), and empty your recycle bin.
You could also achieve some performance gain by disabling unneccessary services
Here's a site that will be of help in determining what can stay, and what can be disabled in your particular configuration.
http://www.theelderg...vices_guide.htm
I urge you to create a restore point before you start disabling services. Many of them are interdependent, and disabling one you think you can do without can affect one or more others you may need.
Also, have you recently defragmented your drive? If not, I suggest you do:
Start > Run > Dfrg.msc
It's also a very good idea to compact your registry; you can use NTRegopt for that:
http://www.onlythebestfreeware.com/program...?program_id=180
Finally, Click Start , and then click Run .
In the Open box, type sfc /scannow (Note: there's a space following "sfc"!), and then click OK . You may be prompted to insert the Windows XP installation CD-ROM.
Windows will verify the integrity of the system files, will detect whether any system files are missing or corrupted, and will restore the correct version from either the Windows CD-ROM, or from your Windows\ServicePackFiles folder.
Now test to see whether things run a little more crisply.
Good luck!
