0

Hi

Just wondering if you could check out my hijackthis log. Over the last two wks my PC has been playing up - running slow at startup, internet, loading apps with Win Media Player having the most problems. I ran a variety of scans and didnt really find anything substantial. It sems to be running a little better after I uninstalled some PC maintanance/tune up programs and spyware programs. The majority of issues seemed to stem from the registry, however previously it had posed not much of a problem.

Anyway pls see my hijackthis log below. Any feedback/comments much appreciated!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:53:26 PM, on 10/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\jen\Desktop\analysethis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.ninemsn.com.au
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O24 - Desktop Component 1: (no name) - http://www.djforums.com/

--
End of file - 4067 bytes

2
Contributors
8
Replies
9
Views
10 Years
Discussion Span
Last Post by gerbil
0

Hi Again!

Just wondering if I can assume that the lack of response indicates that there in nothing worth worrying about and I have a spyware free notebook?

Pls pls let me know....

THX HEAPS!

:icon_cheesygrin:

0

Hello, jen...
no, it just means we go outside n play occasionally.
Lessee, a nice, light and clean installation you have there. Be even nicer with FF instead of IE7.
Slowness.... right, I see you have One-care loaded up with Kaspersky AV. If you switch off One-Care's AV scanner/guard [can you do that?] things may go better. One care less. You cannot run two resident or active AV services together, there is no way of knowing how they will interact; it's usually badly.
I don't use an active AS, and I don't get caught either.. I do use Spywareblaster which is CPU load-free cos it sets the registry up to block certain software from entering or running.

0

Hi
Thx so much for your response and yeah, I try to keep my PC running as smooth and as spyware free as possible. The last few days actually I have thought about uninstalling OneCare completely and uding Ksp as my primary defense. I like the msny more finctions it possess and is very user frinedly. It really does tell you what is running behind the scenes.

Anyway, what are your thoghts on uninstalling OneCare? I will Download Fire Fox now as IE7 definately lets in a lot more cookies and Temp files. I will download it now.

I eagerly swsit your response.
Thx heaps
Rgds Jen

0

Apologies for the spelling mistakes above...I am late for work!

I eagerly await your response :)

0

I'd certainly remove OC because it has an active AV portion which will not work with K. I use a [free] non-active AS and am happy with that, although I rarely scan with it.
FF is good; where I am able it is my main browser.

0

Hi again!!

Well I removed OC and yes my PC is def working better thankyou! Next time when I trial software I'll make sure its only one program at a time! lol

Although its workingv much better I dont think it is 100% normal but maybe thats just because it needs a good tune up? The registry is a mess!! When I run CCleaner or Advanced Windows Care v2, they find approx. 30 reg errors!! And thats after I did a scan a mere couple hrs prior!! Is there something I am doing wrong? I dont understand why so many reg errors....perhaps you can help me?

:-/

0

Think of the registry as... oh... a cellar of salt, a salt shaker... when you clean it you remove your 30 grains... the registry is huge and a few null [not bad...] entries won't slow windows accessing it much.
Defragmenting your HD may help.... I gotta tell you, XP prefers to be in a partition by itself with no data files coming and going - it stretches itself out, gets comfortable by organising itself to make the bits you use most more accessible. With data chunks getting written n erased around it, XP files get broken up.. disorganised.
30 reg errors is really very few.
Get Spywareblaster and turn off active AS. I scan with AVG AS maybe once every couple months -it's always disappointed. Bu.ut... if you go to the dodgy spots where the weakwilled hang out, you'll get pests. Some things you only have to mouse-over, some sites will infect you if you just enter them, dclicking unknown links n objects makes it easy for em. Don't set your IE security lower than medium and you should be ok.

0

Typical reg errors are broken links - say you delete a file you had worked on, it is likely the pgm had a link to it; it will be broken - that's an error, but it only shows in your pgm as a recent document in an wasy access table. It will be gone too from the Most Recently Used table.. that's another reg error. But those things get cycled out as other files are referenced, so they self-heal over time.
I have Adaware too, but rarely use it [on demand only, like AVG AS].. Consider.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.