• Announcements

    • Andrew Browne

      Support for other products than adaware, ad block and Web Companion

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock


      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/

Sign in to follow this  
Followers 0
kjs2025

Excessive memory usage - slow PC

36 posts in this topic

Hi all. I am afraid I am not very technical at all with PC’s so please bear that in mind with any responses. Thank you

My PC appears to be running very slowly and when I checked under Window Task Manager it shows the highest usage as follows, when CPU only between 0-4% :-

Mem Usage VM Size
Iexplore.exe 234,156k 220,576k
System 109,860k 304k
Svchost.exe 28,384k 29,120k
Explorer.exe 25,936k 31,588k

I have taken a Hijack log as I saw this mentioned on several posts as I thought it may help (see below).

I would be very grateful for any guidance on how to correct/improve this situation.
Thank you in anticipation.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:27, on 15/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksbackup.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rainbow Technologies\SuperPro\6.1\Server\Server\WinNT\spnsrvnt.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Common Files\Gerber Technology\acmkmgr.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5061024
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.co.uk/"]http://www.google.co.uk/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5061024
R3 - URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: (no name) - {64466B8E-20A7-4A4A-AFF4-AAD9CA68B52C} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.4\dealioToolbarIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [btbb_McciTrayApp] "C:\Program Files\BT Business Broadband Desktop Help\btbb\BTHelpNotifier.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [SentinelSuperProServer] C:\Program Files\Rainbow Technologies\SuperPro\6.1\Server\Server\Win9x\spnsrv9x.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AVG PC Tuneup 2011] "C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe" -UseTray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AccuMark Startup Manager.lnk = ?
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Gerber LaunchPad.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MozyPro Status.lnk = C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksstat.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: IExplorer Security - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Public Domain Expert Toolbar Lite - {7EAD9CDA-E227-4164-B269-ADF8A9048C5F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Public Domain Expert Toolbar Lite - {7EAD9CDA-E227-4164-B269-ADF8A9048C5F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [url="http://www.landmarkinfo.co.uk"]http://www.landmarkinfo.co.uk[/url]
O15 - Trusted Zone: http://*.landmarkinfo.co.uk
O15 - Trusted Zone: [url="http://www.promap.co.uk"]http://www.promap.co.uk[/url]
O15 - Trusted Zone: http://*.promap.co.uk
O15 - Trusted Zone: [url="http://www.promapserver.co.uk"]http://www.promapserver.co.uk[/url]
O15 - Trusted Zone: http://*.promapserver.co.uk
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - [url="http://www.ipix.com/viewers/ipixx.cab"]http://www.ipix.com/viewers/ipixx.cab[/url]
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - [url="https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB"]https://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB[/url]
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - [url="http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab"]http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab[/url]
O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} (Hewlett-Packard Printer Diagnostics) - [url="http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB"]http://h50203.www5.hp.com/HPISWeb/Customer...SWebManager.CAB[/url]
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - [url="http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab"]http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.7.cab[/url]
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - [url="http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab"]http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab[/url]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - [url="http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab"]http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab[/url]
O16 - DPF: {644F656A-013E-4198-BE03-1D7A4F6AB550} (Promap Control) - [url="https://www.promapserver.co.uk/controls/latest/promap.cab"]https://www.promapserver.co.uk/controls/latest/promap.cab[/url]
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - [url="http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab"]http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url="http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201547957953"]http://www.update.microsoft.com/microsoftu...b?1201547957953[/url]
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} (GoToMeeting Web Starter) - [url="https://www1.gotomeeting.com/default/applets/g2mdlax.cab"]https://www1.gotomeeting.com/default/applets/g2mdlax.cab[/url]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab[/url]
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - [url="http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab"]http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab[/url]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/url]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: evacuative - {4d5b7736-a3bc-4e5b-9fa2-1bcc3e587abb} - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MozyPro Backup Service (MyBusinessWorksbackup) - MyBusinessWorks - C:\Program Files\MozyPro (Corporate Edition)\MyBusinessWorksbackup.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: SentinelLM - Rainbow Technologies, Inc. - C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe
O23 - Service: SuperProServer - Rainbow Technologies - C:\Program Files\Rainbow Technologies\SuperPro\6.1\Server\Server\WinNT\spnsrvnt.exe

--
End of file - 15386 bytes

Share this post


Link to post
Share on other sites
Sincere apologies - I just saw the note requesting NOT to post the Hijack Log here on my post - should I remove the log or re-direct the post to another forum?

Share this post


Link to post
Share on other sites
Hi kjs2025,

I moved your topic from the forum "General support" to "Help with Stubborn Infections", where we handle infected computers.

Please, to get help with cleaning your computer follow the instructions in the topic [url="http://www.lavasoftsupport.com/index.php?showtopic=30823"]Read This Before You Post![/url].

Share this post


Link to post
Share on other sites
Hi CeciliaB

did as you requested and have attached both the OTL and Extras files.

please advise if there is anything further you require or I should do

kind regards

Share this post


Link to post
Share on other sites
Hi kjs2025,

When did the PC start to be very slow?

Please uninstall:
Dealio Toolbar, reason [url="http://www.systemlookup.com/CLSID/61104-DealioToolbarIE_dll.html"]http://www.systemlookup.com/CLSID/61104-De...lbarIE_dll.html[/url]
Freeze.com NetAssistant, reason [url="http://www.systemlookup.com/CLSID/38629-NetAssistant_dll.html"]http://www.systemlookup.com/CLSID/38629-Ne...istant_dll.html[/url]
Restart the computer and post a new OTL.txt.

Have you configured a proxy server or is that a left-over from an infection?

Share this post


Link to post
Share on other sites
Hi CeciliaB

1) did as you suggested and OTL file attached

2) PC has started to slow gradually over last few weeks.....takes me a long time to get logged on fully first thing

3) Sorry not sure what a proxy server is, if you could explain please I might be able to shed some light on it

thank you for you help

Share this post


Link to post
Share on other sites
Hi kjs2025,

2) More than 30 days ago? I wonder since OTL only lists files that has been created or modified during the last 30 days and I cannot see anything peculiar during the last 10 days of of June.
If you believe it is more than 30 days ago, you can run OTL and change the 30 days settings to next higher value.

It is possible that it is a hardware problem, for example a hard disk that gets more and more bad sectors. Since it is an XP computer I guess the computer is rather old now.

3) [url="http://en.wikipedia.org/wiki/Proxy_server"]http://en.wikipedia.org/wiki/Proxy_server[/url]
It can be used for example to surf anonymously or get an US IP address to be able to see TV series only open for US computers.

Share this post


Link to post
Share on other sites
Hi CeciliaB

3) what should I do about the proxy server ? I do use a VPN service for my laptop but I guess that has nothing to do with it?

2) Do ypu recommend I do a longer OTL log then? Today my SYSTEM is 136,036k and IEXPLORE.EXE is 99,444k of memory usage. What would you suggest?

many thanks

Kevin

Share this post


Link to post
Share on other sites
Hi kjs2025,

3) Then maybe it is the VPN service.

2) I don't know when your computer started to be slow, but we can check other things first.
The first thing you have to do is to check that you have backups of all your important files, in case that the hard disk suddenly gets really bad.
Let us then see what a simple hard disk test reports. Download and install HD Tune (not Pro): [url="http://www.hdtune.com/download.html"]http://www.hdtune.com/download.html[/url]

Do you know how to make screen shots (Print Screen)?
I would like to see screen shots of the tabs:
Health
Benchmark

Do not run the "Error Scan".

Share this post


Link to post
Share on other sites
Thanks CeciliaB

2) I use MozyPro for automated backup.....will that be ok to ensure all my important files are backed up ok?

Share this post


Link to post
Share on other sites
You are welcome :)

Sorry, but I cannot answer that since I don't know which files that have been copied. You have to check that you find all your important files, favourites/bookmarks, e-mails etc. on the server.

Share this post


Link to post
Share on other sites
How do I check that quickly please to make sure they are there? Not linked to a server - just home based PC?

Share this post


Link to post
Share on other sites
With server I meant where the copies of your files are stored. It most be possible to see what files that are stored in Mozy Pro, otherwise it would be impossible to fetch them.

If you cannot find it yourself, let us hope that someone that have used Mozy Pro reads this.

Share this post


Link to post
Share on other sites
The benchmark result is rather normal, but since there is no information on the Health tab I suggest that you perform a full test of the hard disk with the test program from its manufacturer.
[url="http://www.seagate.com/www/en-us/support/downloads/seatools/"]http://www.seagate.com/www/en-us/support/downloads/seatools/[/url]
"SeaTools for Windows" is installed in Windows while "SeaTools for DOS" is burned to a CD that the computer have to start from. Select which one you prefer to use and read the tutorial and "Learn more" to know how to use the program.

Share this post


Link to post
Share on other sites
Before I do that, something that may or maynot be connected is that my PC is not closing fully.....often I get the message that windows is closing yet when I return the next morning the PC has not shut down fully

any ideas?

thank you

Share this post


Link to post
Share on other sites
[quote name='kjs2025' post='128446' date='Jul 26 2011, 08:05 PM']Before I do that, something that may or maynot be connected is that my PC is not closing fully.....often I get the message that windows is closing yet when I return the next morning the PC has not shut down fully

any ideas?

thank you[/quote]


P.S. did do as you said and run Seagate software and ran Short & Long generic tests and both passed. Anything else I should attempt using this software?

Share this post


Link to post
Share on other sites
You are welcome!
Good that the hard disk passed the tests :)

When Windows doesn't shut down it usually is a program that doesn't stop running as it is supposed to do. Try to close as much as possible before shutting down Windows, even antivirus programs and other programs that are visible next to the clock.

[2011/07/18 09:27:05 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job
I don't know but it looks like that job is started when you log on and if it is time consuming it will slow down the start of Windows.

It is possible that there is a conflict between AVG and Ad-Aware. Try to inactivate one of them and see if the computer behaviour improves.

Run an online scan with Eset [url="http://www.eset.com/onlinescan/"]http://www.eset.com/onlinescan/[/url]
To shorten the scanning time disable your AVG and Ad-Aware while scanning.

Un-check "Remove found threats"
Check "Scan Archives"

Click "Advanced Settings"
Check:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Click Scan

When the scan completes the log file C:\Program\Eset\Eset Online Scanner\log.txt is created. Open it in Notepad and paste its content in your answer.

Share this post


Link to post
Share on other sites
See [url="http://www.lavasoftsupport.com/index.php?showtopic=30670&view=findpost&p=124418"]http://www.lavasoftsupport.com/index.php?s...st&p=124418[/url] for instruction of how to turn off Ad-Watch and see [url="http://www.bleepingcomputer.com/forums/topic114351.html"]http://www.bleepingcomputer.com/forums/topic114351.html[/url] for AVG instruction.

PS. And it is, of course, not a dumb question :(

Share this post


Link to post
Share on other sites
Hi CeciliaB

have only got the Free version of Adware and could not work out how to disable it....please could tell me how to do this

many thanks

Share this post


Link to post
Share on other sites
Hi kjs2025,

Read the descriptions on:
[url="http://www.ehow.com/how_7185662_disable-lavasoft-ad_aware-service.html"]http://www.ehow.com/how_7185662_disable-la...re-service.html[/url]
[url="http://www.bleepingcomputer.com/forums/topic114351.html/page__view__findpost__p__1329638"]http://www.bleepingcomputer.com/forums/top...ost__p__1329638[/url]
[url="http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications.html#post656328"]http://www.pchelpforum.com/anti-virus/1101...html#post656328[/url]
[url="http://www.bleepingcomputer.com/forums/topic114351.html/page__view__findpost__p__649847"]http://www.bleepingcomputer.com/forums/top...post__p__649847[/url]

Share this post


Link to post
Share on other sites
Hi kjs2025,

Have these programs been installed? Eset doesn't like them.
C:\Documents and Settings\CSS\Desktop\notemagic.exe
C:\Documents and Settings\Kevin John Surgett\Desktop\InternationalPrimoPDF.exe
C:\Documents and Settings\LPP\My Documents\LPP\MIND MOVIE CLIPS\registryfix.exe
Maybe one or two of them were responsible of installing the toolbars you uninstalled earlier.

Some minor fixes:
Close all programs including antivirus programs and other similar programs. Otherwise they might stop OTL.
How? See [url="http://www.bleepingcomputer.com/forums/topic114351.html"]http://www.bleepingcomputer.com/forums/topic114351.html[/url]

Start the program OTL.
Copy all the lines in the box:
[code]:OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {64466B8E-20A7-4A4A-AFF4-AAD9CA68B52C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O9 - Extra 'Tools' menuitem : IExplorer Security - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - Reg Error: Value error. File not found
O9 - Extra Button: Public Domain Expert Toolbar Lite - {7EAD9CDA-E227-4164-B269-ADF8A9048C5F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Public Domain Expert Toolbar Lite - {7EAD9CDA-E227-4164-B269-ADF8A9048C5F} - Reg Error: Key error. File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O22 - SharedTaskScheduler: {4d5b7736-a3bc-4e5b-9fa2-1bcc3e587abb} - evacuative - Reg Error: Value error. File not found
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:399EDB8F
:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]
[REBOOT][/code]
Paste them into the field Custom Scans/Fixes.
Click on Run Fix.

If you are asked to restart the computer do that.

Notepad will pop-up with a log. Copy it and paste it into your answer. Paste also a new standard log from OTL.
If it is not pop-upped, you can find it in the folder c:\_OTL\Moved Files and its name contains the date and time for when OTL was run.

Be sure that antivirus programs etc. are active before connecting to internet.

Share this post


Link to post
Share on other sites
Hi CeciliaB

files attached as requested - should I also uninstal the programs you mentioned Eset didn't like?

kind regards

kjs2025

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0