0

I'm not that much of a computer brainer... so here goes: My computer has been running really slowly lately (I have defragmented it) - and I've got a lot of running processes. Could any of you tell me if you see anything strange in this log I created using HiJackThis?

Thanks in advance.
Clusen

----------------

StartupList report, 18-12-2003, 07:14:14
StartupList version: 1.52
Started from : C:\Documents and Settings\Claus Peter Hastrup\Skrivebord\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\AVPersonal\AVGUARD.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programmer\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Programmer\Fles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\VirusBuster\Bin\VBCMServ.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\QKeys\QKeys.EXE
C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\FLLESF~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe
C:\Programmer\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Programmer\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Programmer\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programmer\AVPersonal\AVGNT.EXE
C:\Programmer\Creative\ShareDLL\MEDIADET.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\Fles filer\Real\Update_OB\realsched.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Bridge Base Online\NetBridgeVu.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Claus Peter Hastrup\Skrivebord\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menuen Start\Programmer\Start]
Adobe Gamma Loader.lnk = ?
Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ATIModeChange = Ati2mdxx.exe
ATIPTA = C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
QKeys = C:\Programmer\QKeys\QKeys.EXE
AdaptecDirectCD = "C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
Omnipage = C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
HPDJ Taskbar Utility = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
QuickTime Task = "C:\Programmer\QuickTime\qttask.exe" -atboottime
XTNDConnect PC - ErPhn2 = C:\PROGRA~1\FLLESF~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe
MsnMsgr = "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\FLLESF~1\Real\Toolbar\realbar.dll - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}

--------------------------------------------------

Enumerating Download Program Files:

[QuickTime Object]
InProcServer32 = C:\Programmer\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[OSInfo Control]
InProcServer32 = C:\WINDOWS\OSInfo.ocx
CODEBASE = http://www.sis.com/support/chipdetect/OSInfo.cab

[SiS_OCX Control]
InProcServer32 = C:\WINDOWS\SIS_OCX.ocx
CODEBASE = http://www.sis.com/support/chipdetect/SiSAutodetectNT.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[RdxIE Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\RdxIE.dll
CODEBASE = http://207.188.7.150/08696bb7914ae433f717/netzip/RdxIE601.cab

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx
CODEBASE = http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab

[InstallShield International Setup Player]
InProcServer32 = c:\windows\downlo~1\isetup.dll
CODEBASE = http://www.installengine.com/engine/isetup.cab

[HeartbeatCtl Class]
InProcServer32 = C:\WINDOWS\DOWNLO~1\hrtbeat.ocx
CODEBASE = http://fdl.msn.com/zone/datafiles/heartbeat.cab

[CSS Web Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\cssweb.dll
CODEBASE = http://www.eb.dk/codekstra/cabs/cssweb.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
End of report, 6.708 bytes
Report generated in 0,030 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

2
Contributors
1
Reply
2
Views
13 Years
Discussion Span
Last Post by Paladine
0

Just looking at it, you have a few more svchost.exe loads, and several IEXPLORER.EXE loads. Do you have several Explorer windows open during this log generation?


And I would eliminate the Office Startup in your startup folder (useless in my experience).

AS well you have ATI and Quicktime loading in the Taskbar. Definitely Eliminate Quicktime, and unless you use features in the ATI Control Panel on a regular basis and right click on the desktop is too much effort, I would get rid of ATI as well.

Other than that, nothing else jumps out at me.

By the way, how much RAM does your system have?

Anyone else???

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.