Running slowly lately, logs posted

[moochieh]

My computer has been running a bit slowly lately, so I went through the newly updated preliminary instructions and posted the logs. I was wondering if there is anything I can do to speed it up and am looking for recommendations on which applications to remove. I know I need to get rid of some of the many antivirus things on my computer. Please give me some suggestions. Thanks a lot!

 

[moochieh]

It's not urgent or anything and I completely understand if other people get priority over me, just it would really be a big help to have someone tell me which programs to get rid of that I don't need.

 

[rf6647]

When it comes to Internet Security (Real Time Monitoring programs), generally there is the only one rule. In the 'old days' it was simply 1 firewall + 1 antivirus. Today, 'antimalware' is the buzz with different vendors packaging things to fit their view of Internet Security.

For your case, remove these applications:

• Uninstall Symantec / Norton
  
• Uninstall AVG using conventional means

Draft Draft Draft - Revised (vb8178) - Dec. 26, 2008 - Draft Draft Draft

How to Manage Startup Applications Using HiJackThis

HJT Capabilities

• HiJackThis is a useful tool for managing startup applications.
• HJT log is a convenient listing of startup (O4) applications.
• HJT 'tick & fix' has the ability to eliminate programs from running at startup
• Changes can be reversed (a.k.a. - undo)
• O4 items appear in msconfig > startup
• O23 Listing of Services can be assessed using this method, as well.

HJT Usage

• Tick & Fix - Same effect as regedit
  • Main Menu > System Scan Only > tick items to be fixed > Fix Checked
• Undo From Advance Menu
  • > other stuff > Config > Backups > tick items

Global Startup -

• Shortcuts to applications
  • appearing in startup folders: Right click 'Start' > 'explore'
• HJT has the same effect as manual deletes
  • Individual user
  • All users
  • Default user

Tick & Fix

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: MiniEYE-MiniREAD Launch.lnk = C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe

Control From Application – recommend decline startup and automatic updates

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE  >>Creative Sound
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Control From HJT – any item above lacking tick box to remove from startup

HJT >  Tick & Fix
* Equivalent to using msconfig > startup tab 
* Other usage removes ‘orphaned’ items appearing in msconfig / startup

Dirty Startup - - Control from the application is the only way to prevent re-occurrence here.

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

Untouchable - - Required or High Usage

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Documents and Settings\Michael\Desktop\AntiVirus\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Getca] C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper  >> audio; unknown startup requirement;
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r

special case – system generated. OK to eliminate? Do not know. User choice to remove the application.

O4 - HKUS\S-1-5-18\..\RunOnce: [POSTRBT] C:\Program Files\Norton AntiVirus\Navw32.exe /REMEDIATE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [POSTRBT] C:\Program Files\Norton AntiVirus\Navw32.exe /REMEDIATE (User 'Default user')
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

Candidate List for Manual Start of Service –

• Do Not HJT Tick/Fix
• If user experiences a diminished capability, selectively revisit this list.

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Technical References:
HJT Tutorial
bleepingcomputer / startups/
Moved from Castlecops

​

Technical Details:
http://www.systemlookup.com/search.php?type=filename&search=tfswctrl.exe&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=Ati2ptxx.exe&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=DVDLauncher&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=CTSysVol&s=
http://www.bleepingcomputer.com/startups/P17.dll-3948.html
http://www.bleepingcomputer.com/startups/P17.dll-3948.html
http://www.systemlookup.com/search.php?list=&type=filename&search=PCMService&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=dsca.exe&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=sgtray.exe&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=mm_tray.exe&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=WkUFind.exe&s=
http://www.bleepingcomputer.com/startups/PCMService.exe-4001.html
http://www.systemlookup.com/search.php?list=&type=filename&search=aim6.exe&s=
http://www.systemlookup.com/search.php?list=&type=filename&search=SimplifyMedia.exe&s=
http://www.bleepingcomputer.com/startups/IAAnotif-2074.html
http://www.bleepingcomputer.com/startups/iaanotif.exe-2074.html
http://www.bleepingcomputer.com/startups/DiscUpdateManager-15124.html
http://www.bleepingcomputer.com/startups/DMAScheduler-16876.html



​

 

[Bobbye]

Nice job, rf6647!

Might want to include this for the Tracking Cookies in SAS:
Reset Cookies:

For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

Update Adobe:

Your Adobe Reader is out of date. Vulnerabilities can be exploited. Click here to download the latest version v9: https://www.techspot.com/downloads/2083-adobe-reader-dc.html
OR
Install the FoxIt Reader: this does the same thing as Adobe, but doesn’t have the bloat: http://www.foxitsoftware.com/pdf/rd_intro.php

 

[moochieh]

Thank you both for replying. I would like to know what to do for certain applications that do not give the option to disable startup. Also, should I uninstall previous versions of programs (like adobe and others) or do the newer versions require the old versions to run?

 

[Bobbye]

certain applications that do not give the option to disable startup.

You aren't clear on this but the best way is:

Start> Run> msconfig> enter> Selective Startup> startup tab> UNCHECK everything you don't want to start on boot> Apply> OK.

Reboot> **NOTE> you will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.

TIP: The only processes that need to start on boot are:

Antivirus
Firewall
Touchpad if on laptop
Network process if set up

Everything else, including the printer, can be started manually as needed.

Also, should I uninstall previous versions of programs (like adobe and others) or do the newer versions require the old versions to run?

Uninstall all earlier versions of Java and Adobe. Most of their updates are for security so old versions shouldn't be on the system.

Some of the NET versions need to be retained if you have them.
__________________