system
July 10, 2007, 8:15pm
1
I have windows XP home on my computer which is 4 years old! But it has become so slow. It takes a long time to launch applications and programmes such as internet explorer etc.
I have run virus scans, adaware, spyboy, AVG antispyware, super antispyware, spyware doctor etc they have found some spyware and removed it. But the compuer is still so slow!
why?
If you still detecting any strange behavior or even you’re sure you’re not clean, maybe it will be good to test your machine with anti-rootkit applications . I suggest AVG , Panda and/or F-Secure BlackLight .
Also, if you still detecting strange behaviors or you want to be sure you’re clean, maybe making a HijackThis log to post here and, specially, scan and submit to on-line analysis the RunScanner log would help to identify the problem and the solution.
system
July 10, 2007, 10:04pm
3
Hi Edwards :
Do you "Delete" your various "Temporary" Files on a regular basis,
perhaps using a program like the FREE "ATF Cleaner", available at
www.atribune.org/content/view/25/2/ . Do you COMPLETELY
REMOVE all unwanted programs ?
system
July 11, 2007, 9:10pm
4
If you still detecting any strange behavior or even you’re sure you’re not clean, maybe it will be good to test your machine with anti-rootkit applications . I suggest AVG , Panda and/or F-Secure BlackLight .
Also, if you still detecting strange behaviors or you want to be sure you’re clean, maybe making a HijackThis log to post here and, specially, scan and submit to on-line analysis the RunScanner log would help to identify the problem and the solution.
Thanks, I will post a hijacklog in due course!
Will you be able to assist with run scanner log?
There is a button for automatic analysis of your log in the top of the application 8)
But we can help if you find any ‘red’ item.
system
July 12, 2007, 5:13am
6
system
July 14, 2007, 1:44pm
7
hi, this is my hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 13:56:53, on 14/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\WHITTA~1\LOCALS~1\Temp\Temporary Directory 1 for
hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ntlworld.com/broadband
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ntlworld.com/broadband
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} -
C:\Program
Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: McAfee SiteAdvisor -
{0BF43445-2F28-4351-9252-17FE6E806AA0} -
C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client
Foundation\CFD.exe
O4 - HKLM..\Run: [Motive SmartBridge]
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM..\Run: [QuickTime Task] “C:\Program
Files\QuickTime\qttask.exe”
-atboottime
O4 - HKLM..\Run: [SiteAdvisor] C:\Program
Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE
/AUTORUN
O4 - HKLM..\Run: [COMODO Firewall Pro] “C:\Program
Files\Comodo\Firewall\CPF.exe” /background
O4 - HKLM..\Run: [SmartDefrag] “C:\Program Files\IObit\IObit
SmartDefrag\IObit SmartDefrag.exe” /startup
O4 - HKLM..\Run: [SDTray] “C:\Program Files\Spyware
Doctor\SDTrayApp.exe”
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKCU..\Run: [IE Privacy Keeper] “C:\Program Files\UnH
Solutions\IE
Privacy Keeper\IEPrivacyKeeper.exe” -startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: broadband medic.lnk = C:\Program
Files\ntl\broadband
medic\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125225002687
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX
Scan
Agent 6.5) -
http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} -
http://www.trendmicro.com/spyware-scan/as4web.cab
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} -
C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program
Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO -
C:\Program
Files\Comodo\Firewall\cmdagent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program
Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON
CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC
Tools -
C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools -
C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program
Files\SiteAdvisor\6066\SAService.exe
and this is the link to my run scanner log:
http://www.runscanner.net/report.aspx?report=7b63677b-6753-4d84-93e3-20b971ce659c
Look at O20 item…
See http://www.wikifortio.com/654670/Edwards19179.html
cfd.exe c:\program files\broadjump\client foundation\cfd.exe
mpbtn.exe c:\program files\ntl\broadband medic\bin\mpbtn.exe
BJCFD c:\program files\broadjump\client foundation\cfd.exe
[/quote]
Do you recognize these ones?
Are you using the ‘bad’ XoftSpy application?
system
July 14, 2007, 2:23pm
9
Look at O20 item…
See http://www.wikifortio.com/654670/Edwards19179.html
cfd.exe c:\program files\broadjump\client foundation\cfd.exe
mpbtn.exe c:\program files\ntl\broadband medic\bin\mpbtn.exe
BJCFD c:\program files\broadjump\client foundation\cfd.exe
Do you recognize these ones?
Are you using the ‘bad’ XoftSpy application?
[/quote]
Hi
should “O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll” be fixed with hijackthis? Is this a major security risk, why?
Are you using the ‘bad’ XoftSpy application? i used to use it bus unistalled it along time ago! Do i need to stop this process straight away? how can i stop c:\windows\tasks\xoftspy.job?
i recognize the other items!
RejZoR
July 14, 2007, 2:32pm
10
Simple…
First run Windows Disk Cleaner to clean all the unneeded stuff (temporary files).
Then download this tool, scan with it and fix everything it finds:
http://www.snapfiles.com/get/winregrepair.html
Next step is this tool (not much to write about it just follow the steps):
http://www.snapfiles.com/get/alregdefrag.html
In the end use this tool on all your partitions/disks (it may take a while first time):
http://www.snapfiles.com/get/alregdefrag.html
Make sure you do in the same order for best possible results.
All tools are very straight forward so i don’t think you’ll have much problems with them. They are very effective though and completelly free to use. Hope it helps.
DavidR
July 14, 2007, 2:33pm
11
First you don’t appear to have any anti-virus on your system or it is disabled.
should "O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll" be fixed with hijackthis? Is this a major security risk, why?
I would say no it shouldn’t be fixed.
Are you using the 'bad' XoftSpy application? i used to use it bus unistalled it along time ago! Do i need to stop this process straight away? how can i stop c:\windows\tasks\xoftspy.job?
Xoftspy had a chequered past and was considered adware, this has now been unlisted at spywarewarrior.com , but my thoughts are that there are a number of tools that are up to the task that didn’t have a chequered history.
system
July 14, 2007, 2:39pm
12
Simple…
First run Windows Disk Cleaner to clean all the unneeded stuff (temporary files).
Then download this tool, scan with it and fix everything it finds:
http://www.snapfiles.com/get/winregrepair.html
Next step is this tool (not much to write about it just follow the steps):
http://www.snapfiles.com/get/alregdefrag.html
In the end use this tool on all your partitions/disks (it may take a while first time):
http://www.snapfiles.com/get/alregdefrag.html
Make sure you do in the same order for best possible results.
All tools are very straight forward so i don’t think you’ll have much problems with them. They are very effective though and completelly free to use. Hope it helps.
I will give those a go, the last 2 tools are the same ones! Is that correct or have you posted the same 2 up twice ;D
Also do you know of eny other suitable tools that may help to improve the computers performance?
RejZoR
July 14, 2007, 3:24pm
13
Second link should be tis one:
http://www.snapfiles.com/get/adiskdefrag.html
They are from the same developer so i accidantely posted the same link.
Have you tried CCleaner? You can get it here: http://www.filehippo.com/download_ccleaner/ . After install run issues at least 3 times or until shows nothing to fix and cleaner twice.
DavidR
July 14, 2007, 5:23pm
15
Do you think that is better than your Power Defragmenter with contig then ?
system
July 14, 2007, 5:37pm
16
I have Power Defragmenter with contig, but the built in defragger in XP does a better job. Yes, Power Defragmenter with contig is faster.
DavidR
July 14, 2007, 5:48pm
17
I honestly can’t see how the XP defragmenter does a better job as I check with the windows defrag, analyse to check if it needs defragmenting I run Power Defragmenter, if I check after it is complete (Very Quick) it shows zero fragmentation. So I can’t see how you can get better than zero fragmentation.
The time taken to defragment a disk with XP’s defragmenter I could almost etch the contents of the disk in stone, a slight exaggeration I know, but like if too short for the XP defrag.
szc
July 14, 2007, 6:02pm
18
On my both machines (desktop (AMD Athlon 64 X2 as well as on laptop Intel Core 2 Duo) Auslogics Disk Defrag is at least 1/3 faster than Power Defragmenter.
I must admit I have just moved to Auslogic from power defrag
system
July 14, 2007, 7:00pm
20
RejZoR if you know of any other programmes that could help i will be most grateful!