Jump to content


Photo

Programs Take 5 Min+ To Open!


  • This topic is locked This topic is locked
6 replies to this topic

#1 afstud501

afstud501

    Member

  • Full Member
  • Pip
  • 1 posts

Posted 06 October 2005 - 09:26 PM

Help! All my computer applications (ex. Internet Explorer, Outlook Express, MS Office, Symatec, even Alt+Ctrl+Delete) take over 5 minutes before they finally open. When I double click on a program, the hour-glass will appear, but then it soon returns to the regular mouse arrow and the program does not open for another few minutes.

I have tried just about everything: Adware, Symantec Antivirus, Spybot Search & Destroy, McAfee Anti-Virus, Spysweeper, and even HiJack This! When I first ran theses programs it found a KaZaa file and few bogus media files. But those have all been deleted. The only thing these programs detect now is BTIEN (Huntbar). I have had BTIEN on my computer for over 2 years, because I simply have not found a way to remove it from my registry. However, even with the BTIEN file on my computer, I never had any problems. Now all of a sudden my computer start up is slow.

Here is my HiJack This Log... I don't see anything suspicious... PLEASE HELP!

Logfile of HijackThis v1.99.0
Scan saved at 10:09:12 PM, on 10/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PoloStud021\My Documents\My Received Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish....fishActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...99/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,26/mcgdmgr.cab
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Webroot Spy Sweeper Engine - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

#2 Triple

Triple

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 06 October 2005 - 10:15 PM

I'm not able to help you with the log (others can do that) but untill they get to it..

Goto start button, click run, type in "msconfig" and then goto the startup tab and uncheck everything. apply and reboot.

And how much memory do you have?

I'm sure theres most likely other problems.. but that should help it alittle untill they can look at it for you.

#3 hornet777

hornet777

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 607 posts

Posted 07 October 2005 - 04:32 AM

Not sure if I would follow Triple's advice afstud, since MSCONFIG in WinXP is different from its counterpart in DOS-based Windows. Might be better to sit tight and have your log analysed by the peeps here before doing anything rash.
After all is invested in correctness, then how does it stand with truth?

#4 LostAccount

LostAccount

    Forum Deity

  • Trusted Advisor
  • PipPipPipPipPip
  • 1,291 posts

Posted 07 October 2005 - 07:54 AM

Triple, please see The various helper groups here. Do join the team if you want to post help, we'd love to have you with us. :)

afstud501, please read this if you have not received help after 3 days:
http://www.spywarein...showtopic=48793
<span style='font-size:8pt;line-height:100%'><b>Useful Software</b>:</span>
<a href='https://www.kaspersky.com'target='_blank'><i>Kaspersky</i></a>, <a href='https://housecall.trendmicro.com/' target='_blank'>Housecall <i>Trendmicro</i></a>, <a href='https://www.emsisoft.com' target='_blank'><i>a2 free edition</i></a>, <a href='https://www.kerio.com' target='_blank'><i>Kerio Personal Firewall</i></a>, <a href='https://www.lavasoftusa.com' target='_blank'><i>Ad-aware SE</i></a>, <a href='https://security.kolla.de' target='_blank'><i>Spybot S&D</i></a>, <a href='https://www.merijn.org/files/hijackthis.zip' target='_blank'><i>HJT</i></a>, <a href='https://www.cwshredder.net' target='_blank'><i>CWShredder</i></a>, <a href='https://www.mvps.org/winhelp2002/hosts.htm' target='_blank'><i>MVPS HOSTS file by WinHelp2002</i></a>, <a href='https://netfiles.uiuc.edu/ehowes/www/resource.htm' target='_blank'><i>IE-SPYAD by eburger68</i></a>, <a href='https://www.javacoolsoftware.com/' target='_blank'><i>Spywareguard and Spywareblaster</i></a>, <a href='https://www.winpatrol.com' target='_blank'><i>Winpatrol</i></a>, <a href='https://www.mozilla.org' target='_blank'><i>Mozilla & Firefox</i></a>

#5 1972vet

1972vet

    Advanced Member

  • Security Colleague
  • PipPipPip
  • 112 posts

Posted 07 October 2005 - 12:02 PM

Greetings afstud501 and welcome to SWI,

Until someone can assist you with your hijackthis log, I should advise you
that you will indeed be asked to download the newest version of hijackthis.
You can find it here:
http://castlecops.co...s-file-328.html

In the meantime, if you'd like to try Symantec's removal tool for huntbar
removal, I suppose it would do no harm to try it.
Learn more about it here, and download the tool:
http://securityrespo....websearch.html

Another thought, while you're waiting for someone to get you all cleaned up
and running smooth, I can suggest that you might try to run those scans again that you mentioned, only this time try it in safe mode.

You can boot into safe mode by restarting your computer and as it begins to come
back up and while the screen is black, begin tapping on the F8 key until you see the
advance menu for safe mode. Select safe mode and hit enter. Once in safe mode
your system will be running minimal services which will assist to facilitate an effective
scan and removal of some malware that you might have.

When things start to get a little off balance for you, the first things your should consider are:
1) Do I have all the latest Microsoft Windows Update's?
2) Have I updated all of my protection and maintenance software?
3) Did I run all my spyware/adware detection and removal software applications this week?
4) Did I run my antivirus scan this week? Have I tried to run any of the free
on line virus scans this week?
5) Did I run my antitrojan scanner this week?

All of those are (not just important, but...) necessary for healthy computing.
Remember to download, keep updated, and run:
1) anti virus software
2) firewall software (third party, not just windows xp on board firewall)
3) anti adware/spyware software
4) anti trojan software

There is a great deal of "very good" free protection software available, so there
really is no good reason for not having them as part of your arsenal.

You can find a good variety of protection software (free) to choose from here:
http://castlecops.com/downloads.html

Regards and happy computing,

Disabled Vet
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.
MSMVP 2009/2010
Performance and Maintenance for Windows XP Vista and 7

#6 Triple

Triple

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 07 October 2005 - 03:59 PM

hornet777, how can my suggestion hurt anything? and how is it "rash"?

It doesn't remove anything.. just stops them from loading at startup..

You can got back to default with one click.. or go back and recheck everything again if you want it to run on startup.

I fail to see how it could cause ANY harm at all.

#7 jw50

jw50

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 18,969 posts

Posted 09 October 2005 - 06:36 PM

User is being helped here:

http://forums.spywar...showtopic=58136

This topic is closed.




Member of UNITE
Support SpywareInfo Forum - click the button