Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Security and Virus > computer running very slow

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

computer running very slow

Reply to Message Icon

Name: vargen
Date: June 8, 2008 at 02:51:56 Pacific
OS: WinXP
CPU/Ram: x86 Family 15 Model 2 27
Product: Fujitsu Simens Scenic P 3
Comment:

My computer has been running very slow lately. I've ran scans by Ad-Aware 2007 and norton360, defrag and some more window cleaning things. But without any result. Is there somone who have a suggestion.

Best regards,
Vargen



Sponsored Link
Ads by Google

Response Number 1
Name: btk1w1
Date: June 8, 2008 at 03:54:23 Pacific
Reply:

Heya Vargen,

To verify whether your pc is slow due to infection you can run an online scan.

Do an online scan with Kaspersky

Click here to go to Kaspersky Online Scanner

Please be patient with the online scan as they can take a while to complete.

1.Click on "Kaspersky Online Scanner".
2.You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
3.The program will launch and then begin downloading the latest definition files.
4.Once the files have been downloaded click on "NEXT".
5.Now click on "Scan Settings".
6.In the scan settings make that the following are selected:
7.Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)
8.Scan Options:
Scan Archives
Scan Mail Bases
9.Click OK.
10.Under select a target to scan, select "My Computer".

The program will start and scan your system.

The scan will take a while so be patient and let it run.

Once the scan is complete it will display if your system has been infected.

If there are items of concern post back and let us know.


0

Response Number 2
Name: vargen
Date: June 8, 2008 at 04:04:35 Pacific
Reply:

Hello btk1w1.

Thank you very much for your quick answer. As I wrote I have already ran scan with Norton 360 with updated virusdefinitions. Do you think Kaspersky scan will find threaths that Norton 360 doesn't? I thoght maybe Hijackthis would find things that Norton didn't?

Best regards
vargen


0

Response Number 3
Name: btk1w1
Date: June 8, 2008 at 04:08:27 Pacific
Reply:

Feel free to post your HJT log, I can have a look at it.

Kaspersky has a very comprehensive virus database and I haven't seen much get past it.


0

Response Number 4
Name: vargen
Date: June 8, 2008 at 04:35:07 Pacific
Reply:

This is very kind of you. Thank you for helping.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:23, on 08.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Windows

Live\WLLoginProxy.exe
C:\Programfiler\HP\Digital Imaging\Smart Web

Printing\hpswp_clipbook.exe
C:\Programfiler\Outlook Express\msimn.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.startsiden.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL

= http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?Lin...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName

= Koblinger
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} -

C:\Programfiler\HP\Digital Imaging\Smart Web

Printing\hpswp_printenhancer.dll
O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -

C:\Programfiler\Fellesfiler\Symantec

Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture -

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -

C:\Programfiler\BitComet\tools\BitCometBHO_1.1.6.14.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no

file)
O2 - BHO: Windows Live Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} -

C:\Programfiler\Fellesfiler\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper -

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live

Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

- C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Windows Live Toolbar -

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live

Toolbar\msntb.dll
O3 - Toolbar: Norton-verktøylinjen -

{90222687-F593-4738-B738-FBEE9C7B26DF} -

C:\Programfiler\Fellesfiler\Symantec

Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec

Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng]

"C:\Programfiler\Fellesfiler\Symantec

Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m

"C:\Programfiler\Fellesfiler\Symantec

Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software

Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [Windozelsd BasdLL dgitr Verifier] scrov.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe

(User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe

(User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe

(User 'Default user')
O8 - Extra context menu item: &Windows Live Search -

res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -

http://favorites.live.com/quickadd....
O8 - Extra context menu item: E&ksporter til Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: StumbleUpon: &Blog This -

res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: HP Smart valgmetode -

{DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programfiler\HP\Digital

Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}

- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}

- C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.fujitsu-siemens.com
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine

Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?lin...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -

http://messenger.zone.msn.com/binar...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -

http://software-dl.real.com/14d956e...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download

Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} -

https://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img

/operations/symbizpr/xcontrol/SymDlBrg.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}

(MessengerStatsClient Class) -

http://messenger.zone.msn.com/binar...

ab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553535000} -

http://fpdownload2.macromedia.com/g...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash

Object) -

http://fpdownload2.macromedia.com/g...
O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305}

(IlosoftImageUploadCtl Class) -

http://webc.vargset.com/controls/Il...
O23 - Service: Adobe LM Service - Adobe Systems -

C:\Programfiler\Fellesfiler\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec

Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation

- C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec

Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) -

Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec

Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation -

C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe
O23 - Service: hpdj5100 - Unknown owner -

C:\DOCUME~1\Bruker\LOKALE~1\Temp\hpdj5100.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation -

C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. -

C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation -

C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) -

Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec

Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation -

C:\Programfiler\Fellesfiler\Symantec

Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner -

C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 8550 bytes


0

Response Number 5
Name: btk1w1
Date: June 8, 2008 at 05:21:47 Pacific
Reply:

There is one bad entry and a couple of suspicious entries in your HJT log.

scrov.exe is malware.

Did you intentionally install StumbleUpon?

Is vargset familiar to you?

Go into task manager by right clicking the clock on the taskbar. Under the Processes tab look for scrov.exe and if it is there highlight and end task.

Next run HJT and fix these 2 lines


O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\RunServices: [Windozelsd BasdLL dgitr Verifier] scrov.exe


Download Malware Bytes AntiMalware (MBAM) to your desktop.

Click here to to start MBAM download

Once downloaded close all windows (including this one) and double click the file on your desktop Download_mbam-setup.exe

During the installation leave the options to Launch and Update checked.

When the installation has finished MBAM will open, perform the complete scan.

Remove everything it finds.

When MBAM has finished you should get a notepad document open up copy and paste all of the contents back here along with a fresh HJT log.


0

Related Posts

See More



Response Number 6
Name: vargen
Date: June 8, 2008 at 07:24:31 Pacific
Reply:

1

Malwarebytes' Anti-Malware 1.15
Database versjon: 839

16:16:21 08.06.2008
mbam-log-6-8-2008 (16-16-21).txt

Skann type: Full Skann (C:\|)
Objekter skannet: 152122
Tid tilbakelagt: 45 minute(s), 34 second(s)

Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 1
Registerverdier infisert: 0
Registerfiler infisert: 2
Mapper infisert: 0
Filer infisert: 0

Minneprosesser infisert:
(Ingen mistenkelige filer funnet)

Minnemoduler infisert:
(Ingen mistenkelige filer funnet)

Registernøkler infisert:
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

Registerverdier infisert:
(Ingen mistenkelige filer funnet)

Registerfiler infisert:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

Mapper infisert:
(Ingen mistenkelige filer funnet)

Filer infisert:
(Ingen mistenkelige filer funnet)

I did not remove the two HJT-files.


2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:23:03, on 08.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programfiler\BitComet\tools\BitCometBHO_1.1.6.14.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton-verktøylinjen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd....
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: StumbleUpon: &Blog This - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: HP Smart valgmetode - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.fujitsu-siemens.com
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/pa...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?lin...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binar...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/14d956e...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - https://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553535000} - http://fpdownload2.macromedia.com/g...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/g...
O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.vargset.com/controls/Il...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe
O23 - Service: hpdj5100 - Unknown owner - C:\DOCUME~1\Bruker\LOKALE~1\Temp\hpdj5100.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 8507 bytes


0

Response Number 7
Name: btk1w1
Date: June 8, 2008 at 08:19:59 Pacific
Reply:

You didn't select these two registry data items that were detected as infected by MBAM for removal:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

Other than that your logs are clean.

If you are still experiencing a slow pc have a look in task manager to check that ccSvcHst.exe isn't the culprit. If it is showing high CPU usage it is a Norton process causing it.


0

Response Number 8
Name: vargen
Date: June 8, 2008 at 08:38:10 Pacific
Reply:

Silly, but I thoght these were OK and didn't follow your advice at first even when you said remove everything. I will remove them now.

And again - thanks a lot doing this for me.

:-) vargen


0

Response Number 9
Name: vargen
Date: June 8, 2008 at 14:34:13 Pacific
Reply:

Hello btk1w1 !

Unfortunately these efforts seem to have only little impact. I'm very happy though that you helped me through these steps. I got rid of some problems at least.

I see another strange thing now. In the device manager, nothing is visible. It's not possible to install or update drivers. But this problem does not belong here in this forum I suppose.

:-) vargen


0

Response Number 10
Name: btk1w1
Date: June 8, 2008 at 16:07:25 Pacific
Reply:

Hiya Vargen,

That's cool, there's an easy fix.

1. Click Start, click Run, type

services.msc

and then click OK.

2. Double-click Plug and Play.

If you receive a Configuration Manager message, click OK.

3. In the Startup Type list, click Automatic, and then click OK.

4. Close Services.

5. Restart the computer.

Let me know how you go with this.


0

Response Number 11
Name: btk1w1
Date: June 8, 2008 at 19:11:24 Pacific
Reply:

Hello again Vargen,

There's are 2 links below with information and a patch in reference to XP SP3 update and Norton 2008 products. e.g. Device Manager empty.

Thanks to Sabertooth for the info and link.

http://www.computing.net/answers/wi...

http://service1.symantec.com/SUPPOR...


0

Response Number 12
Name: vargen
Date: June 9, 2008 at 07:53:12 Pacific
Reply:

Hi there btk1w1 !
A night and a working day has gone since I last logged in. I just tried both tips you mentioned in the last two posts, but the problem remains :-(


0

Response Number 13
Name: btk1w1
Date: June 9, 2008 at 09:18:29 Pacific
Reply:

Heya Vargen,

Try the link below to restore the device manager, line 107 - right hand side

http://www.kellys-korner-xp.com/xp_...

Let me know how this goes


0

Response Number 14
Name: vargen
Date: June 9, 2008 at 14:48:09 Pacific
Reply:

Hey btk1w1,

You impress me with your patience. I'm happy to try your suggestions, I wouldn't have thought about them myself. Nevertheless, it didn't work with the devicemanager register restore either.

I installed HP Photosmart C4380 a week or two ago. It worked fine, but one day it wouldn't do scans. So I removed the software and tried to make a fresh install. Now I can't manage to install the driver. I've followed the instructions, I've tried to do it manually in all the ways I can think of. But without luck.

I think the pc was running slow before this happend, but the "white screen" in device manager happend after I started to post here - (i am not suggesting you are the reason why it occured) - just telling about it, maybe it means something to you.

Looking forward to be hearing from you again, but right now it's past midnight and I must go to bed.

:-) vargen



0

Response Number 15
Name: btk1w1
Date: June 28, 2008 at 06:18:14 Pacific
Reply:

Heya vargen,

Sorry it's been so long, a thread has just been created in regards to device manager and SP3.

Read this new post here in regards to your device manager and SP3, I think it is the reason why device manager started playing up.

Thanks to XpUser for this thread:

M$ Fix for XP SP3 Snafu


0

Response Number 16
Name: vargen
Date: July 2, 2008 at 12:45:18 Pacific
Reply:

Hi there btklwl
Thanks a lot to you and XpUser. The fix did solve the device manager missing-things problem. Very Nice!

My machine is still running slow though, but I can live with it for the time beiing.

:-) vargen


0

Sponsored Link
Ads by Google
Reply to Message Icon



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home


Sponsored links
Ads by Google


Results for: computer running very slow
Computer become very slow www.computing.net/answers/security/computer-become-very-slow/2471.html

Computer running VERY slow - virus www.computing.net/answers/security/computer-running-very-slow-virus-/24643.html

Why is my computer running so slow? www.computing.net/answers/security/why-is-my-computer-running-so-slow/9309.html