|
| ||
| HiJackThis-log for viewing - please help :-) I'm not that much of a computer brainer... so here goes: My computer has been running really slowly lately (I have defragmented it) - and I've got a lot of running processes. Could any of you tell me if you see anything strange in this log I created using HiJackThis? Thanks in advance. Clusen ---------------- StartupList report, 18-12-2003, 07:14:14 StartupList version: 1.52 Started from : C:\Documents and Settings\Claus Peter Hastrup\Skrivebord\HijackThis.EXE Detected: Windows XP SP1 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmer\AVPersonal\AVGUARD.EXE C:\WINDOWS\System32\Ati2evxx.exe C:\Programmer\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\CTsvcCDA.exe C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Programmer\VirusBuster\Bin\VBCMServ.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmer\QKeys\QKeys.EXE C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Programmer\ScanSoft\OmniPageSE\opware32.exe C:\Programmer\QuickTime\qttask.exe C:\PROGRA~1\FLLESF~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe C:\Programmer\Creative\ShareDLL\CtNotify.exe C:\WINDOWS\System32\RunDll32.exe C:\Programmer\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Programmer\Java\j2re1.4.2_01\bin\jusched.exe C:\Programmer\AVPersonal\AVGNT.EXE C:\Programmer\Creative\ShareDLL\MEDIADET.EXE C:\WINDOWS\System32\ctfmon.exe C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe C:\Programmer\MSN Messenger\MsnMsgr.Exe C:\Programmer\Internet Explorer\IEXPLORE.EXE C:\Programmer\Bridge Base Online\NetBridgeVu.exe C:\Programmer\Internet Explorer\IEXPLORE.EXE C:\Programmer\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Claus Peter Hastrup\Skrivebord\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Common Startup: [C:\Documents and Settings\All Users\Menuen Start\Programmer\Start] Adobe Gamma Loader.lnk = ? Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run ATIModeChange = Ati2mdxx.exe ATIPTA = C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe QKeys = C:\Programmer\QKeys\QKeys.EXE AdaptecDirectCD = "C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" Omnipage = C:\Programmer\ScanSoft\OmniPageSE\opware32.exe HPDJ Taskbar Utility = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe QuickTime Task = "C:\Programmer\QuickTime\qttask.exe" -atboottime XTNDConnect PC - ErPhn2 = C:\PROGRA~1\FLLESF~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe MsnMsgr = "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\FLLESF~1\Real\Toolbar\realbar.dll - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -------------------------------------------------- Enumerating Download Program Files: [QuickTime Object] InProcServer32 = C:\Programmer\QuickTime\QTPlugin.ocx CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab [OSInfo Control] InProcServer32 = C:\WINDOWS\OSInfo.ocx CODEBASE = http://www.sis.com/support/chipdetect/OSInfo.cab [SiS_OCX Control] InProcServer32 = C:\WINDOWS\SIS_OCX.ocx CODEBASE = http://www.sis.com/support/chipdetec...todetectNT.cab [Shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/s...irector/sw.cab [RdxIE Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\RdxIE.dll CODEBASE = http://207.188.7.150/08696bb7914ae43...p/RdxIE601.cab [HouseCall Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab [InstallShield International Setup Player] InProcServer32 = c:\windows\downlo~1\isetup.dll CODEBASE = http://www.installengine.com/engine/isetup.cab [HeartbeatCtl Class] InProcServer32 = C:\WINDOWS\DOWNLO~1\hrtbeat.ocx CODEBASE = http://fdl.msn.com/zone/datafiles/heartbeat.cab [CSS Web Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\cssweb.dll CODEBASE = http://www.eb.dk/codekstra/cabs/cssweb.cab [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx CODEBASE = http://download.macromedia.com/pub/s...sh/swflash.cab -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- End of report, 6.708 bytes Report generated in 0,030 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only |
| ||
| Re: HiJackThis-log for viewing - please help :-) Just looking at it, you have a few more svchost.exe loads, and several IEXPLORER.EXE loads. Do you have several Explorer windows open during this log generation? And I would eliminate the Office Startup in your startup folder (useless in my experience). AS well you have ATI and Quicktime loading in the Taskbar. Definitely Eliminate Quicktime, and unless you use features in the ATI Control Panel on a regular basis and right click on the desktop is too much effort, I would get rid of ATI as well. Other than that, nothing else jumps out at me. By the way, how much RAM does your system have? Anyone else??? |
| All times are GMT -4. The time now is 12:51 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC