Forum Home
Press F1
 
Thread ID: 65184 2006-01-10 05:37:00 Laggy computer Espia (9815) Press F1
Post ID Timestamp Content User
1357692 2006-01-10 08:19:00 download this (www.majorgeeks.com), extract it to a folder (DO NOT RUN IT INSIDE WINZIP ETC) and run it. copy paste back in this thread.

info on the page if you get stuck. 		tweak'e (69)
1357693 2006-01-10 10:21:00 A good hard-drive defragment might solve the problem.

Cheers :) 		Renmoo (66)
1357694 2006-01-10 10:33:00 Check scheduled tasks and see if anything is set to run every hour or so . . . even a legit program can cause problems if it's corrupted/incompatible etc . . .

and to check for possible bad tasks make sure you click advanced -> view hidden tasks . 		Agent_24 (57)
1357695 2006-01-11 03:02:00 ok well . . . is there a place where i can check all my scheduled tasks? i dont really think i have any . .

so you want me to post the log file?
it's kinda long though . . .

Logfile of HijackThis v1 . 99 . 1
Scan saved at 10:57:11 AM, on 11/01/2006
Platform: Windows XP SP2 (WinNT 5 . 01 . 2600)
MSIE: Internet Explorer v6 . 00 SP2 (6 . 00 . 2900 . 2180)

Running processes:
C:\WINDOWS\System32\smss . exe
C:\WINDOWS\system32\winlogon . exe
C:\WINDOWS\system32\services . exe
C:\WINDOWS\system32\lsass . exe
C:\WINDOWS\system32\Ati2evxx . exe
C:\WINDOWS\system32\svchost . exe
C:\WINDOWS\System32\svchost . exe
C:\WINDOWS\system32\spoolsv . exe
C:\WINDOWS\system32\CTsvcCDA . EXE
C:\WINDOWS\system32\drivers\KodakCCS . exe
C:\Program Files\Network Associates\Common Framework\FrameworkService . exe
C:\Program Files\Network Associates\VirusScan\mcshield . exe
C:\Program Files\Network Associates\VirusScan\vstskmgr . exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm . exe
C:\Program Files\P4P\p2psvr . exe
C:\WINDOWS\system32\ScsiAccess . EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent . exe
C:\WINDOWS\system32\svchost . exe
C:\WINDOWS\system32\Ati2evxx . exe
C:\WINDOWS\Explorer . EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray . exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx . exe
C:\Program Files\Network Associates\VirusScan\SHSTAT . EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI . exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon . exe
C:\Program Files\Microsoft AntiSpyware\gcasServ . exe
C:\Program Files\OptusNet DSL Internet\DSC . exe
C:\Program Files\Java\jre1 . 5 . 0_04\bin\jusched . exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ . exe
C:\Program Files\QuickTime\qttask . exe
C:\Program Files\User Logger\UsrLog . exe
C:\Program Files\HP\HP Software Update\HPWuSchd2 . exe
C:\WINDOWS\system32\ctfmon . exe
C:\Program Files\MSN Messenger\msnmsgr . exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect . exe
C:\Program Files\Shareaza\Shareaza . exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08 . exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare . exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater . exe
C:\Program Files\WinZip\WZQKPICK . EXE
C:\Program Files\LimeWire\LimeWire . exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry . exe
C:\Program Files\Adobe\Photoshop CS\Photoshop . exe
C:\Program Files\Mozilla Firefox\firefox . exe
C:\Documents and Settings\Daniel\Desktop\hijackthis\HijackThis . exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = . msn . com/0SEENUS/SAOS01" target="_blank">g . msn . com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dsl . optusnet . com . au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = . msn . com/0SEENUS/SAOS01" target="_blank">g . msn . com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
R3 - URLSearchHook: MyURLSearchHook Class - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - C:\Program Files\P4P\ToolBar . dll
R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINDOWS\system32\socul . dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\ Yahoo! \Companion\Installs\cpn\ycomp5_5_7_0 . d ll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7 . 0\ActiveX\AcroIEHelper . dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01 . 03 . 0000 . 1005\en-xu\stmain . dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01 . 02 . 3000 . 1001\en-us\msntb . dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01 . 02 . 3000 . 1001\en-us\msntb . dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\ Yahoo! \Companion\Installs\cpn\ycomp5_5_7_0 . d ll
O4 - HKLM\ . . \Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg . exe
O4 - HKLM\ . . \Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray . exe
O4 - HKLM\ . . \Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx . exe
O4 - HKLM\ . . \Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck . exe
O4 - HKLM\ . . \Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT . EXE" /STANDALONE
O4 - HKLM\ . . \Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI . exe" /StartedFromRunKey
O4 - HKLM\ . . \Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\tbmon . exe"
O4 - HKLM\ . . \Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ . exe"
O4 - HKLM\ . . \Run: [IMJPMIG8 . 1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG . EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\ . . \Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst . exe /SYNC
O4 - HKLM\ . . \Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP . EXE /SYNC
O4 - HKLM\ . . \Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP . EXE /IMEName
O4 - HKLM\ . . \Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC . exe
O4 - HKLM\ . . \Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1 . 5 . 0_04\bin\jusched . exe
O4 - HKLM\ . . \Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask . exe" -atboottime
O4 - HKLM\ . . \Run: [User Logger] C:\Program Files\User Logger\UsrLog . exe run
O4 - HKLM\ . . \Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2 . exe"
O4 - HKCU\ . . \Run: [CTFMON . EXE] C:\WINDOWS\system32\ctfmon . exe
O4 - HKCU\ . . \Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr . exe" /background
O4 - HKCU\ . . \Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect . exe /R
O4 - HKCU\ . . \Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza . exe" -tray
O4 - Startup: LimeWire On Startup . lnk = C:\Program Files\LimeWire\LimeWire . exe
O4 - Global Startup: Adobe Gamma Loader . lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader . exe
O4 - Global Startup: Adobe Reader Speed Launch . lnk = C:\Program Files\Adobe\Acrobat 7 . 0\Reader\reader_sl . exe
O4 - Global Startup: HP Digital Imaging Monitor . lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08 . exe
O4 - Global Startup: HP Image Zone ???? . lnk
O4 - Global Startup: Kodak EasyShare software . lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare . exe
O4 - Global Startup: Kodak software updater . lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater . exe
O4 - Global Startup: Microsoft Office . lnk = C:\Program Files\Microsoft Office\Office10\OSA . EXE
O4 - Global Startup: WinZip Quick Pick . lnk = C:\Program Files\WinZip\WZQKPICK . EXE
O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save . htm
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\FDM\Free Download Manager\dlall . htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\FDM\Free Download Manager\dllink . htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\FDM\Free Download Manager\dlselected . htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\FDM\Free Download Manager\dlpage . htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1 . 5 . 0_04\bin\npjpi150_04 . dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1 . 5 . 0_04\bin\npjpi150_04 . dll
O9 - Extra button: ÎҵĶ©ÔÄ - {8755CE6E-0BF7-4441-8751-FB728941B0B4} - C:\Program Files\P4P\rss . dll
O9 - Extra button: SoQ - {8F67DCF3-B1DF-4A39-A787-3775784BF737} - http://www . soq . com (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe
O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save . htm (HKCU)
O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save . htm (HKCU)
O14 - IERESET . INF: START_PAGE_URL=http://dsl . optusnet . com . au/
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - . msn . com/binFrameWork/v10/StagingUI . cab34120 . cab" target="_blank">zone . msn . com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - . zone . msn . com/binary/MessengerStatsPAClient . cab31267 . cab" target="_blank">messenger . zone . msn . com
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - . zone . msn . com/binary/MineSweeper . cab31267 . cab" target="_blank">messenger . zone . msn . com
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - . msn . com/BinFrameWork/v10/ZBuddy . cab32846 . cab" target="_blank">zone . msn . com
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - . msn . com/binframework/v10/ZPAChat . cab32846 . cab" target="_blank">zone . msn . com
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - . zone . msn . com/binary/MessengerStatsClient . cab31267 . cab" target="_blank">messenger . zone . msn . com
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - . msn . com/binFramework/v10/ZIntro . cab34246 . cab" target="_blank">zone . msn . com
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - . msn . com/bingame/zpagames/zpa_pool . cab36107 . cab" target="_blank">zone . msn . com
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - . msn . com/binframework/v10/StProxy . cab35645 . cab" target="_blank">zone . msn . com
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - . popcap . com/games/popcaploader_v6 . cab" target="_blank">www . popcap . com
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds . dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp . dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\SoDAHK . DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx . exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag . exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA . EXE
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS . exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing . exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc . - C:\Program Files\Network Associates\Common Framework\FrameworkService . exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc . - C:\Program Files\Network Associates\VirusScan\mcshield . exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc . - C:\Program Files\Network Associates\VirusScan\vstskmgr . exe
O23 - Service: P4P Service - Sohu . com Inc . - C:\Program Files\P4P\p2psvr . exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12 . exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess . EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc . - C:\Program Files\Analog Devices\SoundMAX\SMAgent . exe

so are you gonna go through that and see if there's anything bad . . . . ?

thx for helping me :) 		Espia (9815)
1357696 2006-01-11 03:19:00 for starters running all that p2p software is never a good thing exspecialy without a firewall.

get rid of the p2p software for starters. if it won't uninstall properly use HJT to clean break it out. 		tweak'e (69)
1357697 2006-01-11 03:32:00 Boot into safe mode, and run HJT again. Tick these entries and tick fix checked.

C:\Program Files\P4P\p2psvr.exe - Dont know what this is. Do you?

C:\Program Files\User Logger\UsrLog.exe maybe this (securityresponse.symantec.com) which is spyware.

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

The entries below, dont have to be in startup.

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [User Logger] C:\Program Files\User Logger\UsrLog.exe run

O4 - Global Startup: HP Image Zone ???? .lnk

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O9 - Extra button: ÎҵĶ©ÔÄ - {8755CE6E-0BF7-4441-8751-FB728941B0B4} - C:\Program Files\P4P\rss.dll - dont know what this is.

O9 - Extra button: SoQ - {8F67DCF3-B1DF-4A39-A787-3775784BF737} - http://www.soq.com (file missing)

O20 - AppInit_DLLs: C:\WINDOWS\system32\SoDAHK.DLL - dont know what this is

O23 - Service: P4P Service - Sohu.com Inc. - C:\Program Files\P4P\p2psvr.exe - dont know what this is. 		Speedy Gonzales (78)
1357698 2006-01-11 04:05:00 The P2P entries may belong to Limewire.

If u havent ticked these entries yet, dont delete them. Unless u remove Limewire. 		Speedy Gonzales (78)
1357699 2006-01-11 05:10:00 ok all done.. now to wait to see if it still lags...

thx heaps 		Espia (9815)
1357700 2006-01-13 01:01:00 well.. the problem is a lot better now... i think that's said wrong.. O.o
it works better now but the problem is still there.. i comes later and with less lag so it's heaps better :) thx

now there's another problem but i didnt think it was big so i didnt mention it... sometimes the computer restarts by it self unexpectedly. This happens very rarely - like once a month it doesnt matter if you cant fix this though it's not too big an issue 		Espia (9815)
1357701 2006-01-13 02:32:00 I suspect this could be due to Wake on LAN or Wake on Ring. Search through this forum for more information.

Cheers :) 		Renmoo (66)
1 2 3 4