Friends computer. LITTERED with infections!

By Sjbrand99 ยท 10 replies
Feb 23, 2007
  1. Hi there.

    So my m8 is a bit of a n00b and he ased me to fix his computer after he noticed it was running very slow.

    So, I installed Spybot. AVG pro, ad-aware pro, registryfix 5.5 and CCleaner.
    I ran them all..... an cleared up literally thousands of problems. Re-ran them all to find that it had done the trick.

    He had HUNDEREDS of background processes running on his computer, practicly every program set to run on start-up, and his disk was fragmented like a b***h.

    So i defragged' for a while and did other things like uninstall LOADS of unneeded programs, deleted many things using HijackThis. (I do no what to delete that is safe etc.)

    HOWEVER, It is still lagging alot and I need to ask if there is anything else I can find to remove or see if I can do anymore.


    MS XP sp 2
    Intel cenrtino Duo T2400 @ 1.83 GHz
    1gb RAM
    Nvida GeForce Go 7400

  2. tomrca

    tomrca TS Rookie Posts: 1,000

  3. Sjbrand99

    Sjbrand99 Banned Topic Starter Posts: 260

    I had already changed Hijackthis to a random name. I had done a Trend m scan and the Panda online. Both came up with nothing. Ran all the tools. Everything else already done.

    I think it is more of a case of processes and lag in the computer.

  4. tomrca

    tomrca TS Rookie Posts: 1,000

    post the hjt log as an attachment
  5. Sjbrand99

    Sjbrand99 Banned Topic Starter Posts: 260

    Attached log. Most recent.
  6. tomrca

    tomrca TS Rookie Posts: 1,000

    i can't see anything either in the log. howard will most llikely look at it too.
    just how many processes are running, and do you know how to stop them via msconfig?
  7. Sjbrand99

    Sjbrand99 Banned Topic Starter Posts: 260

    Yes. I stopped ALL in msconfig on start-up, just leaving a few that he needed that were MS-based.

    ATM he has 32, as opposed to the 80 before i started cleaning!
  8. tomrca

    tomrca TS Rookie Posts: 1,000

    maybe a silly question, but what about a defrag?

    thats was a lot
  9. Sjbrand99

    Sjbrand99 Banned Topic Starter Posts: 260

    If you read my first post, you wouldn't have sent me to that Cleaning thred because I have done all of those things and mentioned them. Then I mentioned that I had defragged.

    In fact I defragged a few times between restarts.
  10. tomrca

    tomrca TS Rookie Posts: 1,000

    must have overlooked the defrag bit.
    i have asked jobeard to have a look too.
  11. jobeard

    jobeard TS Ambassador Posts: 11,177   +990

    Here's my opinion:
    STOP all autoupdaters, redundant and can be performed manually
    SOME services are just a waste of time {igfxsrvc,ctfmon}
    I distain all IM programs; your choices may be different
    $ egrep "<\?|disable" hjthis.log.txt
    C:\WINDOWS\system32\igfxsrvc.exe        <<disable as unnecessary
    C:\WINDOWS\system32\ctfmon.exe          <<disable as unnecessary
    C:\Documents and Settings\Anthony Barker\Desktop\Programs\RunThis.exe.exe <<???is this Hijackthis.exe ?
    these autoupdates are unnecessary -- perform updates manually
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\ProgramFiles\Java\jre1.5.0_08\bin\ssv.dll  <<disable
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"  <<disable
    >>disable O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe << disable
    >>disable O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}- C:\Program Files\Messenger\msmsgs.exe
    >>disable O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    <?A?> O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - [url][/url]
    >>disable O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    <?B?> O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd)- Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPc
    ap\rpcapd.ini (file missing)
    <?A?> if you installed XUpload.ocx to upload data to a webserver, fine, otherwise DELETE IT via Spybot S&D
    <?B?> if you installed this fine, otherwise uninstall / disable this is frequently part of Ethereal
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...