| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 112980 | 2010-09-29 22:48:00 | Check this HJT log please | brig (1359) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1140577 | 2010-09-29 22:48:00 | This computer has Windows XP and has only 256 Mb RAM, 2.93 GHz Celeron. Even with the inadequate Ram it is running much too slow and I can't find any problems using the usual scans. Can you Speedy , or anyone else, spot anything in this HJT log that needs removing? Thanks brig Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:41:34 AM, on 9/30/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17080) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe c:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 4827 bytes |
brig (1359) | ||
| 1140578 | 2010-09-29 22:52:00 | 256 Mb RAM is the basic for running XP.You need more ram. | Pancake (6359) | ||
| 1140579 | 2010-09-29 22:58:00 | And uninstall all versions of Java, its out of date. Then install the latest version ONLY Tick these then tick fix checked Close browsers O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime |
Speedy Gonzales (78) | ||
| 1140580 | 2010-09-29 23:38:00 | Thanks Speedy "256 Mb RAM is the basic for running XP.You need more ram." Pancake I've dealt with computers trying to run XP with 256 RAM before, but this one is seriously slow- something else is up |
brig (1359) | ||
| 1140581 | 2010-09-29 23:41:00 | Kill / disable the indexing service in services. Defrag it. Having MSE on it probably wont help things. Uninstall Bonjour, you dont need it | Speedy Gonzales (78) | ||
| 1140582 | 2010-09-29 23:48:00 | Kill / disable the indexing service in services. Defrag it. Having MSE on it probably wont help things. Uninstall Bonjour, you dont need it Ok Speedy, I already did the first two things and will wipe Bonjour Thanks |
brig (1359) | ||
| 1140583 | 2010-09-30 09:18:00 | scrounge a stick of ram from somewhere! If you don't use it , run windows messenger, open tools menu, options, preferences untick "run windows messenger" when windows starts. Update to IE8 and update adobe acrobat reader or replace it. check event viewer log for persistent errors |
apsattv (7406) | ||
| 1140584 | 2010-09-30 19:53:00 | scrounge a stick of ram from somewhere! If you don't use it , run windows messenger, open tools menu, options, preferences untick "run windows messenger" when windows starts. Update to IE8 and update adobe acrobat reader or replace it. check event viewer log for persistent errors Thanks for the suggestions brig |
brig (1359) | ||
| 1 | |||||