Jump to content


Photo

Hijack This Log


  • This topic is locked This topic is locked
21 replies to this topic

#1 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 04 December 2005 - 02:06 PM

My computer takes a long time on startup. Ive looked through the board and tried the different program suggestions, but none seem to work. Can someone take a look and see if there is anything obvious that would be slowing it down? THANKS!!!
oh, also, I use Windows XP professional.

Logfile of HijackThis v1.99.1
Scan saved at 3:02:08 PM, on 12/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tcnj.edu/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [MPFEXE] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - Startup: Introducing Media Manager.lnk = C:\Program Files\Common Files\Microsoft Shared\Media Manager\SPLASHA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...s/yinst0401.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-24.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...84/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.del...U/TLIEFlash.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,21/mcgdmgr.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.del...ll/gtdownde.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#2 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 09 December 2005 - 09:16 PM

I apologize for the delay getting to you, the helpers here are all volunteers and we have been very busy here lately.


I do not see anything obvious in your log, so I am going to ask some questions to narrow it down a little.

Did the problem come on suddenly? or was it gradual over time?

Have you recently done a program update to your mcafee? Like from version 2004 to 2005?

Which version of Aol are you using?

Also can you tell me how much memory you have and what your processor speed is?

Also how large is your hard drive and how much space is free?

If you do not know how to find out any of this information, let me know and I will try to give more specific instructions.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#3 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 10 December 2005 - 12:14 AM

Hi, thanks so much for the help! i completely understand the delay as so many people rely on you guys for help

ive had the problem for some time now, but im not sure if it came suddenly or if it happened gradually...but within the last year, it was starting pretty fast.

As far as McAfee goes, my subscription was just renewed, and it has the automatic updates, so i dont think there were any major changes with that.

Also, I rarely use AOL...I am connected to a college campus with its own network...but when I am home, I use AOL 8.0.

Memory and Processor Speed: 2.66 GHz and 256 MB of RAM...its a dell inspiron 5100 laptop

Hope this can figure out something! thanks

#4 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 10 December 2005 - 09:30 PM

Lets try something.

1. Double-click My Computer, from View menu-> Explorer Bar-> Search.
2. Click Change preferences, and then click Without Indexing Service.
3. Click No, do not enable Indexing Service, and then click OK.

Reboot and let me know if that helps.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#5 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 01:00 AM

hi, i did that, and rebooted, and it still took just as long...
from beginning to when my desktop appears, its only 1 minute and 10 seconds...
but then from that til when i can use it, it took a little over 8 minutes.

as to what loads during this time(from what i can see in the status bar thing in the bottom right), McAfee opens first, then disables, then the Power Icon shows up, then the sound icon, and then it takes a while and the Update icon appears (which i cant do yet because I need the Windows Cd which i needed to order from Dell b/c i lost the orginal), and then McAfee re-enables, and then the Dell Suport Alerts icon shows up.

and also, i didnt answer this before, but my harddrive is 37.2 GB and theres 18.3 GB of free space.

thanks again

#6 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 08:23 AM

.... Update icon appears (which i cant do yet because I need the Windows Cd which i needed to order from Dell b/c i lost the orginal)......


By update icon, are you talking about Windows update? And you have already tried to update, but it asked for the cd? Just checking because it rarely asks for the cd.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#7 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 10:32 AM

yes it is the Windows Update....I've tried numerous times, and it keeps asking for the CD..I emailed Microsoft and Dell about it (because everyone else I know DIDNT need the CD), but they said sometimes people do. Its the update for Service Pack 3... I even tried the download that says "if you get a message that says you need the CD, use this link instead"....but that one didnt work either

#8 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 10:35 AM

You mean Sevice pack 2 right? Because there is not a Service Pack 3, however there was a hoax that went around about it.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#9 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 11:08 AM

Is Service Pack 3 really a hoax??? Well, yes, that is what shows up to install. "Office XP Sercie Pack 3".

under details, it says

"Size: 52.3 MB

Office XP Service Pack 3 (SP3) provides the latest updates to Microsoft Office XP. SP3 contains significant security enhancements, as well as stability and performance improvements. This service pack applies to any level of Office XP. It contains all updates included in SP1 and SP2, in addition to updates released after SP2. SP3 applies to the following Office XP products: Word 2002, Excel 2002, Outlook 2002, PowerPoint 2002, Access 2002, FrontPage 2002, Publisher 2002, and Office XP Web Components.

More information for this update can be found at [url="http://www.microsoft.com/downloads/details.aspx?FamilyId=85AF7BFD-6F69-4289-8BD1-EB966BCDFB5E&displaylang=en""]http://www.microsoft.com/downloads/details...aylang=en"[/url]

#10 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 11:10 AM

it is listed on Microsoft.com as a real thing...

http://www.microsoft...&DisplayLang=en

#11 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 11:16 AM

Ok that makes sense now....

Its Office xp service pack 3, not windows xp service pack 3.

and yes the office updates often require the cd.


When you tried the link to install with no cd did you download larger the fullfile option?

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#12 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 11:59 AM

oh, sorry for the misunderstanding... yea, i tried the larger full file - that didnt work either

#13 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 12:04 PM

I do not know for sure if this will work for office updates, but perhaps if we turn off automatic updates temporarily it will stop trying to do that office update and speed up your boot time.

Please go to Start->Control Panel->Automatic updates, and Turn off Automatic updates.

Then reboot and let me know what happens this time.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#14 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 12:37 PM

i did that, and it took almost exactly the same time :weep:

#15 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 12:48 PM

Did the icon for that office update popup again?

Either way go ahead and turn automatic updates back on since it did not make a difference.

While you are booting during the slow period hit Ctrl-Alt-Delete So taskmanger comes up and go to processes and let me know which processes are using the highest percentages.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#16 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 03:35 PM

the update thing did show up...but this time it was a shield with a red X and a bubble that said i should change it to automatic updates.

okay...(all of these are .exe)

these had the highest

McShield - 21 K
Explorer - 18 k
SVChost - 17 K
Notify Alert - 10 K

the following all had between 6 and 9 k's

wmiprvse
spoolsv
lexpps
mcvsshld
wvualt
mcvsescn
mscifapp
mpftray
mcagent
lsass

then there were a lot that were under that..
also, i noticed that for Physical Memory, it said
Total - 261,104
Available- 20,136
System Cache - 104,124

I really dont know much about that, but does it look like theres very little available?

#17 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 04:49 PM

Couple interesting things in the information you posted. All these processes are Mcafee related. It is probably one of your largest memory users.

McShield - 21 K
mcvsshld
mcvsescn
mscifapp
mpftray
mcagent

also, i noticed that for Physical Memory, it said
Total - 261,104
Available- 20,136
System Cache - 104,124

I really dont know much about that, but does it look like theres very little available?


I agree I think you would probably see a significant increase in performance if you went to 512mb memory.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#18 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 06:40 PM

i disabled McAfee ActiveShield from starting on startup, and made it so the privacy service doesn't automatically sign me in...this brought it down from 8 minutes to 4 minutes (plus a few seconds to enable ActiveShield manually)

do you think that getting the 512mb would be worth it considering the ONLY problem with my computer is the startup? Everything else works fine

#19 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 08:06 PM

Thats a decision that is hard to make, a 256mb piece is probably $40-$50 dollars US and extra memory would make other file operations a little faster.

If you do not reboot frequently and leave it on it is probably less of an inconvenience that it boots slow.

I am not that worried about the privacy service, but am somewhat concerned about turning active shield off during reboot. Technically Mcafee should catch things coming in and should not be needed at boot, but I have seen many cases where the anti-virus does not catch something until a reboot and when the file becomes active.

I guess you just have to be careful and make sure you turn active shield on before going on the internet or opening email.

The other thing you can try if it becomes a problem is a different antivirus that is not as memory intensive. Avast! makes a good free anti-virus.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#20 joejoe22

joejoe22

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 11 December 2005 - 08:13 PM

thanks!

#21 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 11 December 2005 - 08:14 PM

Your Welcome

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints

#22 aczechgurl

aczechgurl

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 5,577 posts

Posted 01 January 2006 - 12:59 PM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
an email with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Aczechgurl




Please consider Supporting SWI's fight against Malware.

Member of ASAP (Alliance of Security Analysis Professionals)

Fight back Malware Complaints




Member of UNITE
Support SpywareInfo Forum - click the button