System takes forever to start and everything running slow. Thanks. Logfile of HijackThis v1.99.1 Scan saved at 11:18:52 PM, on 11/3/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\StartupMonitor.exe C:\imnnq_nt\imnsvdem.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\WinBatch\System\popmenu.exe C:\Crap\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Cox High Speed Internet O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file) O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [IMNNQ] nqdetach.exe imnss.exe start server O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - Global Startup: PopMenu exe.lnk = C:\Program Files\WinBatch\System\popmenu.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...apple.com/qt505/us/win/QuickTimeInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/096855fc2bb813018015/netzip/RdxIE601.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003080601/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) - O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) - O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe O23 - Service: System Commander MBR check (WinMBR) - Unknown owner - C:\SC\WINMBR.EXE
Ok. Renamed the HiJackThis.exe to MyOwnCopyOfThis.exe in the C:\Crap\HijackThis directory. I hope this is what you meant. Here is results of new scan. Logfile of HijackThis v1.99.1 Scan saved at 4:01:25 PM, on 11/4/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\StartupMonitor.exe C:\imnnq_nt\imnsvdem.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\WinBatch\System\popmenu.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\mozilla.org\Mozilla\mozilla.exe C:\Crap\HijackThis\MyOwnCopyOfThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Cox High Speed Internet O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file) O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [IMNNQ] nqdetach.exe imnss.exe start server O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - Global Startup: PopMenu exe.lnk = C:\Program Files\WinBatch\System\popmenu.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...apple.com/qt505/us/win/QuickTimeInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/096855fc2bb813018015/netzip/RdxIE601.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003080601/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) - O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) - O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe O23 - Service: System Commander MBR check (WinMBR) - Unknown owner - C:\SC\WINMBR.EXE Thanks, Brody24
Go here to download the trial version of AVG Anti-spyware. Install and open AVGAS. Click "Update" then click "Start update". After updating, close AVGAS. Note: Print or copy these instructions to Notepad and asave them. You will be in safe mode and can't access the internet. Restart your computer in safe mode(press F8 upon boot, select "Safe Mode" from menu and press Enter). Open AVGAS and click "Scanner". Click "Complete System Scan". When it finishes scanning, set all items to "Quarantine". Click "Apply All Actions". Click "Save Report" and save it to the desktop. Restart in normal mode. Post back with the AVGAS report and a new HijackThis log.
Ok...will do. However, I do have Anti-Vir installed and running, along as a firewall. Is there something else I should be doing? Brody24
Yes, you need an anti-spyware program. Get AVGAS and also look into getting Spybot Search and Destroy. Spybot is free, but there's no real-time protection.
Niobis: Thanks for info. I did already have Ad-aware, Spybot, and Spyware blaster, but have installed AVG. Here's the Hijack log, followed by the AVG log. Logfile of HijackThis v1.99.1 Scan saved at 10:35:02 PM, on 11/4/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\StartupMonitor.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\imnnq_nt\imnsvdem.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\WinBatch\System\popmenu.exe C:\Program Files\mozilla.org\Mozilla\mozilla.exe C:\Crap\HijackThis\MyOwnCopyOfThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Cox High Speed Internet O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file) O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [IMNNQ] nqdetach.exe imnss.exe start server O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - Global Startup: PopMenu exe.lnk = C:\Program Files\WinBatch\System\popmenu.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...apple.com/qt505/us/win/QuickTimeInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/096855fc2bb813018015/netzip/RdxIE601.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003080601/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) - O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) - O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe O23 - Service: System Commander MBR check (WinMBR) - Unknown owner - C:\SC\WINMBR.EXE AVG Report: --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 10:22:57 PM 11/4/2006 + Scan result: C:\Documents and Settings\default\My Documents\Downloads\work_downloads\vnc-3.3.3r9_x86_win32.zip/vnc_x86_win32/vncviewer/vncviewer.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Cleaned with backup (quarantined). C:\Program Files\ORL\VNC\VNCHooks.dll -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Cleaned with backup (quarantined). C:\Program Files\ORL\VNC\WinVNC.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Cleaned with backup (quarantined). C:\Program Files\ORL\VNC\vncviewer.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Cleaned with backup (quarantined). :mozilla.131:C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\wqyziq85.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. ::Report end
Go to Virus Total file scan Click "[bold]Browse[/bold]" beside the "Select file" area. Find and select this file: C:\imnnq_nt\[bold]imnsvdem.exe[/bold] Click '[bold]Send[/bold]". Copy/paste the results and save to Notepad. Post the resutls in your next reply.
Ok- Complete scanning result of "IMNSVDEM.EXE", received in VirusTotal at 11.05.2006, 15:47:05 (CET). Antivirus Version Update Result AntiVir 7.2.0.37 11.03.2006 no virus found Authentium 4.93.8 11.05.2006 no virus found Avast 4.7.892.0 11.03.2006 no virus found AVG 386 11.04.2006 no virus found BitDefender 7.2 11.05.2006 no virus found CAT-QuickHeal 8.00 11.04.2006 no virus found ClamAV devel-20060426 11.05.2006 no virus found DrWeb 4.33 11.05.2006 no virus found eTrust-InoculateIT 23.73.45 11.03.2006 no virus found eTrust-Vet 30.3.3176 11.03.2006 no virus found Ewido 4.0 11.05.2006 no virus found Fortinet 2.82.0.0 11.05.2006 no virus found F-Prot 3.16f 11.04.2006 no virus found F-Prot4 4.2.1.29 11.04.2006 no virus found Ikarus 0.2.65.0 11.03.2006 no virus found Kaspersky 4.0.2.24 11.05.2006 no virus found McAfee 4888 11.03.2006 no virus found Microsoft 1.1609 11.04.2006 no virus found NOD32v2 1.1853 11.03.2006 no virus found Norman 5.80.02 11.03.2006 no virus found Panda 9.0.0.4 11.04.2006 no virus found Sophos 4.10.0 10.26.2006 no virus found TheHacker 6.0.1.112 11.03.2006 no virus found UNA 1.83 11.03.2006 no virus found VBA32 3.11.1 11.04.2006 no virus found VirusBuster 4.3.15:9 11.05.2006 no virus found Aditional Information File size: 48640 bytes MD5: 0c2c1482158fb0b26d267f1f42bfbfb7 SHA1: 07d84207177ee82b4a405a58297c3ea805cefc36
You may uninstall AVGAS if you don't want/need it. Spyware Blaster isn't showing in the HjT log that why I ask you download and use it. Do you use StartupMonitor? Go here to run [bold]ActiveScan[/bold]. When it finishes, click "[bold]See Report[/bold]". If anything other than cookies is found post the log here.
Use CCleaner to clean the cookies. Open CCleaner. Click Options > Advance > uncheck "Only delete files in Windows Temp folders older than 48 hours". Click Cleaner > Run Cleaner. Search for and locate the file: SysTray.Exe Right-click it and select Properties. Is it 'copyright by Microsoft'? If it is then you're clean. If startup is still slow you can take things you don't need off startup. Go to Start > Run > type msconfig and click OK. Then go to the Startup tab. Make sure you know what you are unchecking as most are needed system files. Edit: maybe check for a rootkit. Download F-Secure Blacklight (blbeta.exe) to the desktop from here. Open it and click [bold]Accept Agreement[/bold]. Click "[bold]Scan[/bold]". After the scan is complete, click "[bold]Next[/bold]", then "[bold]Exit[/bold]". It will create a log on the desktop named "[bold]fsbl-xxxxxxx.log[/bold]" (the xxxxxxx will be the date and time of the scan) Post that log in your next reply.
Ran CCLeaner. Deleted basically everything it had an issue with. Blacklight 11/06/06 17:10:53 [Info]: BlackLight Engine 1.0.47 initialized 11/06/06 17:10:53 [Info]: OS: 5.1 build 2600 (Service Pack 2) 11/06/06 17:10:54 [Note]: 7019 4 11/06/06 17:10:54 [Note]: 7005 0 11/06/06 17:10:58 [Note]: 7006 0 11/06/06 17:10:58 [Note]: 7011 1900 11/06/06 17:10:58 [Note]: 7026 0 11/06/06 17:10:59 [Note]: 7026 0 11/06/06 17:11:13 [Note]: FSRAW library version 1.7.1020 11/06/06 17:13:40 [Note]: 7007 0 SysTray looks ok. Something is still goofy though. From the time I hit enter on the "enter id/password" screen until I see the FIRST desktop icon is a little over 5 MINUTES. This process used to be pretty quick. Maybe a minute. Tops! Running more than a single program drags the system to it's knees. I used to have tons of things open all at once. When I look at Windows task manager, I see about 85% of my PF usage already taken. Here's my individual stats: Phyical Memory Total 130124 Available 23928 System cache 34200 Kernal Memory (k) Total 32372 Paged 25512 Nonpaged 6860 Totals Handles 6728 Threads 381 Processes 36 Commit Charge (k) Total 257060 Limit 313312 Peak 261920Phyical Memory Total 130124 Available 23928 System cache 34200 Kernal Memory (k) Total 32372 Paged 25512 Nonpaged 6860 Totals Handles 6728 Threads 381 Processes 36 Commit Charge (k) Total 257060 Limit 313312 Peak 261920 In anycase, thanks for you help.
Maybe increase your virtual memory. Right-click My Computer > Properties > Advance tab > Performance settings > Advance tab > under Virtual Memory click Change. Under Paging file size for selected drive click the Customize size box. You can set it as high as you like as long as you're under the "Space available" size. But, don't set it too high or it will take away all your HD space. Personally, with a 40 GB HD, mine is set to: "Initial Size: 800 MB" "Maximum size: 1536 MB" It just depends on the size of your HD and how much space you can spare for extra VM.
Well, things are better. It's now taking 3min to boot instead of 5, and performance is reasonable now. Thanks for your help.
