Jump to content


Photo

Boot up time slow


  • This topic is locked This topic is locked
78 replies to this topic

#51 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 25 July 2008 - 08:22 AM

ok thanks once again
i have one more question sorry for the hassle

you recommended spybot and spy guard but they both conflict each other and i have spybot installed which one is better?
and also i uninstalled ad aware 6.0 and then u recommended adaware 2008 free do i really need that or am i good with spybot malware bytes anti malware and spyblaster.

also which type of ram will i need as there are loads ddr ddr2 etc. 400mhz 800mhz. i dont know which one my computer takes

Edited by jagtar, 25 July 2008 - 08:26 AM.


#52 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 25 July 2008 - 09:09 AM

You're welcome jagtar. As I previously mentioned you do not need SpywareGuard. Spybot Search and Destroy is better in my opinion. I only said if you wanted to update your Ad-Aware the latest version is 2008 Free but you don't need that. I recommend just staying with what you have now: Spybot Search and Destroy, Malwarebytes' Anti-Malware, and SpywareBlaster.

Regarding the RAM, what model number is your computer. I believe it is an HP computer. Once i know the model number of your computer I can find which type of RAM you need. If you aren't sure what the model is then just post whatever you think might be the model number.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#53 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 25 July 2008 - 09:14 AM

no it is not a HP computer it is a philips freevents. this is what i have written on my computer on top of it;
MT1400 windows xp home edition even tho its is media centre edition
intel pentium 4 processor 519 (3.06ghz 1MB FSB533) (is that good?)
512 MB DDR (400Mhz)
160gb HDD (7200rpm) << whats that?
16x DVD + R/RW (double layer)
Tv Tuner/WLAN (802.11b/g)

#54 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 25 July 2008 - 09:37 AM

Jagtar, you wrote everything we need to know right there.

intel pentium 4 processor 519 (3.06ghz 1MB FSB533) (is that good?) -- Yes that's the processor, it is very good but the Front Side Bus (FSB) is a little slow.

512 MB DDR (400Mhz) ---- That's the RAM you need, DDR 400Mhz RAM. That's the back side bus (BSB) speed and is rather slow as well. This limits your processor's performance. I believe you should put in DDR 533Mhz RAM for optimum performance so the BSB and FSB match.

160gb HDD (7200rpm) --- That's your hard drive's speed. The hard drive doesn't have too much space but 7200 rpm is very fast.

16x DVD + R/RW (double layer) --- That's your DVD-Rom drive.

Tv Tuner/WLAN (802.11b/g) ---- Wireless card.

Edited by HackPolice, 25 July 2008 - 09:37 AM.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#55 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 25 July 2008 - 10:22 AM

what is a good FSB then since mine is only 533

512 MB DDR (400Mhz thats the ram that came with my computer but installed another 512mb ddr ram into it thats why i have now a gb of ram

160gb HDD you say this doesnt have enough space what HDD gb is good? although i have only used 27.5gb of my hard drive

so u suggest to take mine 512 ddr 400mhz out and put in 1gb 533mhz would it make any differen if i had two rams and the mhz were both different

i have searched the net and i can only find 400mhz of ram the highest value; i checked this website http://www.cclonline.com


hackpolice please help my computer is runnin slow and programs are takin their time to open. also i cliked IE to view pcpitstop but it just didnt respond also i get windows search 4.0 startin up when i dont want it to i also think my registrys are messed up have a look at my log please;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09:05, on 25/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Power2GoExpress] SOUNDMAN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...t/PCPitStop.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1216300318109
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 8414 bytes

Edited by jagtar, 25 July 2008 - 11:09 AM.


#56 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 25 July 2008 - 11:51 AM

A great FSB for a processor is 800mhz or 1033mhz. A good FSB for a processor is 667mhz. A great BSB for RAM is 800mhz. A good BSB for RAM is 667mhz. Your processor (FSB) and RAM (BSB) are both very low. This is the main cause for your system being slow. You cannot use RAM sticks with two different BSB mhz values together... You can use different RAM values like one 512mb and 1 GB stick but I would NOT recommend that because your motherboard would have to support it and it wouldn't be efficient. A 160GB Hard drive is not a lot nowadays. It all depends on how much space you need though. I suggest that you get a better motherboard, processor, and RAM but at this point it would be worth it just to get a new computer if you want to improve performance. You can only improve the performance of a computer so much based on the hardware inside of the computer. Your HijackThis log is clean.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#57 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 25 July 2008 - 11:59 AM

ok thanks before i leave you could you please help me clear ma temp files Internet cache internet temp files registry fixes etc to optimize performace any tools u suggest will be helpful.

Also i have windows xp and i haev disabled the welcome screen in control panel so when i start my computer i get this box which says user name n password and a blue background but now the background is all black and when my computer is shuttin down or restartin i get this black background when it should be blue any suggestions

Edited by jagtar, 25 July 2008 - 12:04 PM.


#58 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 25 July 2008 - 12:17 PM

I believe we already cleared out the temp files jagtar but we will do it again anyways.

Download ATF Cleaner
Double click ATF-Cleaner.exe.
Click Select All at the bottom of the list.
Then click the button Empty Selected.
If you use the Firefox or Opera browser please also do this:
Click Firefox or Opera at the top and then click Select All from the list.
Click the button Empty Selected.
Note: if you want to keep your saved passwords please click No at the prompt.

Click Exit at the Main menu to close ATF Cleaner.

As for the background colors I am not even sure what you mean and I don't believe that it is a big deal. If you would like help with it then please describe it in more detail for me.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#59 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 25 July 2008 - 12:21 PM

thanks do u ave any tools so you can check my registry just in case i have errors.

the problem is this when i turn my computer on and i get to the login screen ihave this box which displays my username and my password and i press ok to log in

but the backgeound of this should be windows xp blue but it is jus plain black

this is the same when i am loggin off shuttin down or restarting

#60 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 25 July 2008 - 12:54 PM

Jagtar we already fixed your registry earlier with some of the tools we used so your registry is fine. I am not sure about why the colors would be reversed but I really can't see it as a problem. If you want I could ask someone with more experience and we can try to resolve this issue?

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#61 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 25 July 2008 - 12:57 PM

i have resolved the colour issue. i think my registry is messed because i imported a old one by accident and it only imported half could you check please

also you recommended me to download ATF-Cleaner do u suggest that i keep this on my desktop and run it everytime before i shut down my computer or something like that? however when i run the cleaner and i next log into my computer the startup icons on the startuptray take a long time to load. but my bars are reduced when loading into windows. ( i believe this has something to do with the prefetch files being delted)

how often a week do u suggest i should defragment my drive using the built in defrager by windows

is there no way at all apart from uninstalling norton 360 to get rid of the csvchst program not responding when shutting down or restarting my computer because this slow my computer and makes it hang a while before restarting or shutting down.

also i have unistalled norton 360 and took ur advice and got avg 8.0 (am i meant to install the avg antivirus tool bar during installation) however which firewall do u suggest i know u recommened comodo Pro or Online Armor and there are many more but could you speifically tell me which firewall and provide a link please and also a linnk to how to install and use which ever firewall u suggest thanks

i have heard of Avira AntiVir is this better than AVG

Edited by jagtar, 25 July 2008 - 07:10 PM.


#62 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 25 July 2008 - 07:30 PM

Hello jagtar. I am glad you resolved the color issue by yourself.

I would recommend that you keep ATF Cleaner and run it once a month. I also think that the startup icons taking longer to load might have to do with deleting the prefetch files. If you want you could just select everything except the prefetch files when using ATF Cleaner.

I suggest you analyze before defragmenting and see what Windows suggests. Windows will let you know whether defragmenting will make a difference in computer performance. I would recommend checking if you need to defragment once every few months.

There may have been a way to get rid of the ccsvchst error without removing Norton. It is up to you whether you want to remove Norton or not; especially considering that you paid for a subscription already. I do however believe that one of the free Anti-Virus and free Firewall programs I recommended make a more effective combination for protecting your computer. This is just a personal preference however. It is up to you whether or not you want to install the AVG toolbar but I would not recommend it because it may slow down your computer.

I would recommend any of the 3 following firewalls. Click the names of the firewalls to learn more information about each one.

Comodo Firewall

Online Armor Firewall

Sunbelt Kerio Firewall

Please open HijackThis and click Open the Misc Tools section. Then click Open Uninstall Manager.... Click Save list.... Choose a location and click Save. Please copy and paste the contents of that text file into your next reply.

Also jagtar if you can, please explain in further detail what exactly it is you mean by number of bars scrolling across the screen.

Edited by HackPolice, 25 July 2008 - 09:29 PM.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#63 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 26 July 2008 - 03:56 AM

hello yes but i got norton 360 on a cd with a serial. i downloaded AVG and comodo firewall however comodo took its time to load on startup so i uninstalled it and got Sunbelt Kerio Firewall. however now my windows security alert says there are one or more firewalls running even though i got rid of comodo.

also i think my startup is still slow even with AVG you think i installed it correct is there no tutorial. i have heard of Avira AntiVir is this better than AVG.

this is my hijackthis log u wanted;

Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.0
Adobe Shockwave Player 11
Agere Systems PCI Soft Modem
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG Free 8.0
Broadband Help
C-Media WDM Audio Driver
ConvertXtoDVD 3.1.2.34
Cypress USB Mass Storage Driver Installation
Digital Media Reader
DVD Decrypter (Remove Only)
DVD Shrink 3.2
GearDrvs
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Hauppauge MCE2005 Software Encoder
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB915800-v4)
hp instant support
HP Memories Disc
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1100 series
hp psc 1100 series
Java™ 6 Update 7
LimeWire PRO 4.18.3
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.0.1)
MSXML 4.0 SP2 (KB936181)
Napster
Nero 8
neroxml
Norton 360
Philips Media Manager 3.2.1.0004
Power2Go 4.0
PowerDVD
Ralink Wireless LAN Card
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
Roxio Burn Engine
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
SiSAGP driver
SiSRaidPackage
Spybot - Search & Destroy
SpywareBlaster 4.1
Sunbelt Personal Firewall
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB942763)
Update for Windows XP (KB951978)
Update Rollup 2 for Windows XP Media Center Edition 2005
USB Storage Adapter FX (SM1)
VideoLAN VLC media player 0.8.6i
Vuze
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
WinRAR archiver

i think my registry is messed because i imported a old one by accident and it only imported half could you check please


this is my hijackthis log incase;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:33, on 26/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1216300318109
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 7192 bytes




also hackpolice could you tell me how to configure my sunbelt firewall to the best settings. Also when loggin into windows now i have to wait a while for everything to load. i.e the icons on my system tray and avg takes it time. also when everything is loaded and i click friefox i have to wait ages for it to open.

the numbers of bars i will try to explain clearly;

when i turn on my computer i get the windows xp logo and underneath that is a scrolling bar showin windows is loading these are the bars that take like 8 bars to complete before i get into my login screen. where i type my username and password.

sorry for the hassle but i hope u can read everything i have put above ^^^ thank you

another thing avg uses 47 100 k of my process and i think this is slowing it down but could you please tell me which is the best antivirus to get out of AVG, Avira AntiVir or AVAST home edition.

Edited by jagtar, 26 July 2008 - 10:52 AM.


#64 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 26 July 2008 - 01:09 PM

You did not completely remove Norton from your computer. If you would like to completely remove Norton please read the following link:

How to uninstall Norton AntiVirus 2003/2004/2005/2006/2007/2008:
- Vista/XP/2000 - Click Here (note: this removes ALL Norton 2003/2004/2005/2006/2007/2008 products from your computer)

AVG has a couple of features that may make it slower such as the Safe Surf and Safe Search features. I think that Avira AntiVir is good as well. If you would like to switch to Avira then you can uninstall AVG through Start > Control Panel > Add or Remove Programs and then download and install Avira AntiVir here. Here is a great tutorial on how to install and use Avira AntiVir.

I believe that those AVG features I mentioned above may be contributing to the slow startup and firefox loading slowly. Here is a tutorial I found on the Sunbelt Personal Firewall.

I will help you with your registry once I consult someone with more experience.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#65 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 26 July 2008 - 01:17 PM

i downloaded comodo firewall however comodo took its time to load on startup so i uninstalled it and got Sunbelt Kerio Firewall. however now my windows security alert says there are one or more firewalls running even though i got rid of comodo.

aslo the sunbelt personal firewall i got is only a 30 day trial

could you please chek my log and tell me how to remove unneccesary startup prgrams;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:20, on 26/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Power2GoExpress] SOUNDMAN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1216300318109
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 7731 bytes


do i need to scan and post a report so you can check my registry

Edited by jagtar, 26 July 2008 - 01:20 PM.


#66 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 26 July 2008 - 01:28 PM

I noticed that you have some peer-to-peer programs (LimeWire and Napster). Please read the following by TonyKlein about such programs:

2.) Watch what you download!

  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself.
  • Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others are amongst the most notorious. If you insist on using P2P software, please read this article from MalwareRemoval.com for information on Clean and infected P2P Programs.
  • Note also that even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected. Do not open any files without being certain of what they are!


Please thoroughly read my previous post to resolve the multiple firewall issue. It appears as though Norton was not entirely uninstalled.

After the Sunbelt Firewall trial expires you can continue to use it but with limited features because it will be the free version.

You don't really have any unnecessary startup items in my opinion. Earlier on I recommended that you remove unnecessary startup entries so we already removed ones that I believed to be extraneous.

Please wait for me to hear back from a more experience user regarding the registry.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#67 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 26 July 2008 - 01:30 PM

Please thoroughly read my previous post to resolve the multiple firewall issue. It appears as though Norton was not entirely uninstalled.

in the previous post you didnt mention how to resolve the multiple firewal issue. i have ran the norton tool but the hijack log still says i have norton but when i go into control panel and add or remove programs norton is not there. if i disable subelt firewall my windows security says comodo pro is on even thought it is uninstalled

do you think i should use DSS to scan my system and post you the log for any errors in the registry

Edited by jagtar, 26 July 2008 - 01:37 PM.


#68 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 26 July 2008 - 01:38 PM

Ok now I see one sign of Norton in your new hijackthis log. I don't see any signs of Comodo though.

Please open HijackThis and click Do a system scan only. Place a check mark in the box next to the following item(s) (if present):

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)

Make sure all windows besides HijackThis are closed and then click Fix checked.

Now close HijackThis.

Please let me know if you are still getting a message about firewall conflicts.

Let's wait for a more experienced expert before dealing with the registry.

Edited by HackPolice, 26 July 2008 - 01:39 PM.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#69 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 26 July 2008 - 01:48 PM

noope it didnt work my windows security says at least one of the firewalls installed on this computer is currently on

and when i disable sunbelt firewall

my windows security then says comodo pro is protecting you when i dont even have it

antoher question when i go to run and type in msconfig and then go to boot.ini my timeout is 3 sec is that what it is meant to be on

UPDATE i resolved the multiple firewall problem by referring to the following;

This is a common problem.

"In control panel click on Administrative Tools, then Services, from the list of services find Windows Management Instrumentation right click mouse and from dropdown list and stop the service.

Find folder C:\windows\system32\wbem, inside this folder identify the repository folder and delete ONLY this folder (the repository folder) from your computer.

In Administrative Tools find Windows Management Instrumentation service again, and re-start the service by right clicking mouse and pressing start from dropdown list. Restarting this service re-builds the repository folder database on your computer, which should now only contain information about your currently installed antivirus & firewall programs.

To reset the Windows Security Centre you must re-boot your computer."

could you please answer;
another question when i go to run and type in msconfig and then go to boot.ini my timeout is 3 sec is that what it is meant to be o

thank you

one more final thing i know u recommed me to keep atf cleaner but i heard of cc cleaner is this better than atf cleaner as it removes recent documents and fixes the registry i.e missing registrys which are left over after uninstalling programs. If you recommend cc cleaner is better could you tell me how to use it and when to run it and also durin installtion i get add run cc cleaner option to the recycle bin and open cc cleaner option to the recycle bin shoudl these be checked or unchecked what do u recommened thanks

and in my hijackthis log in the previoust post i have 04: nero check do u think i should fix tht using hijack ie delteing it


also when i log into my computer and i double click fire fox for the first time it takes a while to load up but then when i close it n open it again it is fast is this normal

Edited by jagtar, 26 July 2008 - 02:37 PM.


#70 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 26 July 2008 - 03:30 PM

Hello jagtar. The only way to really fix the registry is to restore a good backup or reformat and reinstall. Looking and modifying the registry is generally Not a good idea. Make sure that you truly know what you are doing and have a good backup of the registry before modifying anything. For future reference you could use an imaging program, such as Nero, to make a copy of your whole setup before touching the registry.

The number of bars scrolling across the screen as Windows loads will not give you any accurate indication of time. If you want you can look at a clock and time these bars to see if there is a difference.

My boot.ini timeout is set to 30 seconds. I would not recommend ccleaner over ATF Cleaner because ccleaner tries to install yahoo toolbar. I prefer ATF Cleaner.

NeroCheck checks for driver issues so I wouldn't recommend fixing it but it's your choice.

You may want to consider reformating and reinstalling because I do not know the scope of your registry problem.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#71 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 26 July 2008 - 03:42 PM

my boot ini is 3 scnds im sure it was 30 before shall i change it. i don't think my registry is messed because my cpu is running fine. i installed cc cleaner it did not install yahoo toolbar. shall i uninstall it it does fix registry as atf does not. i also have heard of regseeker.. well i will take ur adivce which do u recommend out of the three cc cleaner does not try to install yahoo tool bar no more but fixes registry so does reg seeker atf doesnt so what u recommend

you did not answer this in my previous post, when i log into my computer and i double click fire fox for the first time it takes a while to load up but then when i close it n open it again it is fast is this normal

also what do u mean by this. The number of bars scrolling across the screen as Windows loads will not give you any accurate indication of time. If you want you can look at a clock and time these bars to see if there is a difference.

also do defrag my computer do u suggest the built in defragger in windows xp or software such as defraggler

Edited by jagtar, 26 July 2008 - 04:09 PM.


#72 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 26 July 2008 - 04:21 PM

The timeout in my boot.ini on both my XP and Vista machines is 30 seconds so I think that the default is 30 seconds. You can set the timeout value to any number between 3 and 999 seconds. This is just the time you have to select which operating system to boot into before the default boot is automatically selected.

I don't know what program you are talking about because I see no registry "fix" in ccleaner. You must be using some other program. I don't know what regseeker is. I would strongly advise against fixing the registry when there is nothing wrong with it. Since I don't know what program you are talking about I would not feel comfortable advising you to do anything with that program. Furthermore I see no need for a fix registry program as the registry won't get messed up unless you don't know what you are doing and try to manually modify it.

I don't think that is normal with firefox. Perhaps you are not giving the computer enough time to load all of the startup processes before trying to open firefox.

You can't count the number of bars and say that is any accurate indication of system performance. If you really want to see if the loading time for your computer is changing then the only way to do that is by watching a clock and seeing how long it takes to load.

As for defragging, I would just suggest the defrag that comes with the computer because I see no reason to complicate things. You rarely need to defragment the computer.

Edited by HackPolice, 26 July 2008 - 04:22 PM.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#73 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 26 July 2008 - 04:24 PM

in cc cleaner when you open it up you get a tab on the right and side which says regsitry (called issues in previous versions) and then u scan for issues such as missing shared dlls

so shall i uninstall cc cleaner and stick wi atf cleaner how do i modify the boot time so i cn see if there is differene when timin the bars wit a clock

also i have avira antivirus do you think im good with this or is avast better and which one of these will slow the system down more cos avg slowed it down more than avira so is avast better in this way.

this all i got to ask thank you for all ur support i hope you could answer all these questions in this post. and chek my log once more before i leave you;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:50:18, on 26/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1216300318109
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 7082 bytes


one more thing in my hijackthis uninstal list i have norton 360 how do i remove this from the list and when installin avg free 8.0 it says installer has deetcted that there is an outdated version of the program roxio easy cd and dvd creator which contains a bug amongst others can cause problems with avg. however i dont even have the program roxio easy cd and dvd creator

Edited by jagtar, 27 July 2008 - 12:14 PM.


#74 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 27 July 2008 - 03:07 PM

Hello jagtar. I do not recall ccleaner having a registry section but I could be wrong. I would recommend sticking with ATF Cleaner. I would not recommend modifying the boot time. I think that Avir AntiVir is a great anti-virus. I believe that Avira will cause the least strain on your computer.

To remove Norton 360 from the list in HijackThis just select it and click Delete this entry. It is uninstalled regardless of whether it shows in that list or not.

Don't worry about what AVG said because you have Avira now. It could be Roxio Burn Engine which is in your uninstall list but I would not worry about this and would recommend that you leave it alone.

Your HijackThis log appears to be clean. You're welcome jagtar. I am glad that we could help you.

Best Wishes,
HackPolice

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#75 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 27 July 2008 - 03:27 PM

thank you for everything i know i have kept you busy and asked a lot of stuff sorry :(

before you leave me do you have any final advice tips etc..

thanks once again best wishes

one final thing when should i run the following as in daily weekly monthly or how many times in a day , week , month;
defragmentation
spybot
spybot - immunization
spyware blaster
Malwarebytes' Anti-Malware
atf cleaner
clean out system restore points
scan computer with avira antivir antivirus

final log;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:49:25, on 27/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1216300318109
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 7058 bytes


do the followin need fixing;
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

or any more

Edited by jagtar, 27 July 2008 - 03:51 PM.


#76 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 27 July 2008 - 04:17 PM

You're welcome jagtar.

You can fix O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) since it is related to Norton and you removed Norton. Also I would recommend fixing O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file). Other than that your log appears to be fine.

one final thing when should i run the following as in daily weekly monthly or how many times in a day , week , month;
defragmentation - every few months
spybot - weekly or whenever you think you have malware
spybot - immunization - twice a week
spyware blaster - twice a week
Malwarebytes' Anti-Malware - weekly or whenever you think you have malware
atf cleaner - every few months
clean out system restore points - not necessary unless you just finished getting rid of an infection
scan computer with avira antivir - weekly or whenever you think you are infected

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#77 jagtar

jagtar

    Member

  • Full Member
  • Pip
  • 63 posts

Posted 27 July 2008 - 04:40 PM

ok thanks

#78 HackPolice

HackPolice

    Malware Exterminator

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 575 posts

Posted 27 July 2008 - 05:10 PM

You're very welcome. Glad we could help. :thumbup:

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Hello :)


My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#79 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Retired Staff
  • PipPipPipPipPip
  • 15,830 posts

Posted 03 August 2008 - 05:39 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.




Member of UNITE
Support SpywareInfo Forum - click the button