Slow, sluggish PC
- Thread starter lkm222
- Start date
- Status
Rage_3K_Moiz
Posts: 5,403 +43
What antivirus programs are you running? Also, what are your system specifications? Sounds like a spyware problem but I need to be sure it's not a hardware one.
Thank You I HAVE Pencillin Trend Micro installed but keep it disabled the majority of the time. Machine specs follow:
OS Name Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer Microsoft Corporation
System Manufacturer ASUSTek Computer Inc.
System Model K8N
System Type X86-based PC
Processor x86 Family 15 Model 12 Stepping 0 AuthenticAMD ~2009 Mhz
BIOS Version/Date American Megatrends Inc. 1002.002, 8/16/2004
SMBIOS Version 2.3
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)"
Time Zone Mountain Standard Time
Total Physical Memory 1,536.00 MB
Available Physical Memory 1.01 GB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 3.35 GB
Page File C:\pagefile.sys
OS Name Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer Microsoft Corporation
System Manufacturer ASUSTek Computer Inc.
System Model K8N
System Type X86-based PC
Processor x86 Family 15 Model 12 Stepping 0 AuthenticAMD ~2009 Mhz
BIOS Version/Date American Megatrends Inc. 1002.002, 8/16/2004
SMBIOS Version 2.3
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)"
Time Zone Mountain Standard Time
Total Physical Memory 1,536.00 MB
Available Physical Memory 1.01 GB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 3.35 GB
Page File C:\pagefile.sys
Rage_3K_Moiz
Posts: 5,403 +43
No wonder. Never disable AV software. It's probably spyware/trojan of some sort. Try a sweep with the AV software and with anti-spyware like Ad-Aware and/or Spybot: Search & Destroy.
Rage_3K_Moiz
Posts: 5,403 +43
Sure why not.
well you sounded rather strident. I thought perhaps you would be adamant that one of the programs you suggested would be superior and you would want me to D/L and run that?Logfile of HijackThis v1.99.1
Scan saved at 2:10:15 AM, on 10/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\safe-share\SafeShare.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe
C:\Program Files\KCeasy\KCeasy.exe
C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\KCeasy\giFT\giFTl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\Opera.exe
F:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\TextPad 4\TextPad.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
C:\Documents and Settings\Leslie Moore\Application Data\Opera\Opera\profile\cache4\temporary_download\canvasx_eval.exe
C:\WINDOWS\system32\MSIEXEC.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Unshare] C:\Program Files\safe-share\SafeShare.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Super Utilities] C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe /min
O4 - HKCU\..\Run: [KCeasy] C:\Program Files\KCeasy\KCeasy.exe /hide
O8 - Extra context menu item: Block All Images from the Same Server - F:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - F:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - F:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - F:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - F:\Program Files\Avant Browser\Search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 2:10:15 AM, on 10/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\safe-share\SafeShare.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe
C:\Program Files\KCeasy\KCeasy.exe
C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\KCeasy\giFT\giFTl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\Opera.exe
F:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\TextPad 4\TextPad.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
C:\Documents and Settings\Leslie Moore\Application Data\Opera\Opera\profile\cache4\temporary_download\canvasx_eval.exe
C:\WINDOWS\system32\MSIEXEC.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Unshare] C:\Program Files\safe-share\SafeShare.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Super Utilities] C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe /min
O4 - HKCU\..\Run: [KCeasy] C:\Program Files\KCeasy\KCeasy.exe /hide
O8 - Extra context menu item: Block All Images from the Same Server - F:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - F:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - F:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - F:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - F:\Program Files\Avant Browser\Search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
tomrca
Posts: 924 +3
hi lkm222. there is adware vulnerabilities on your pc
if you are still having problems, go here be sure to follow all instructions, and alter the name of hjt. you must not run your pc without a firewall or an active antivirus programme, otherwise you are really looking to be hacked!!
please post your hjt as a txt attachment , instructions are there.
if you are still having problems, go here be sure to follow all instructions, and alter the name of hjt. you must not run your pc without a firewall or an active antivirus programme, otherwise you are really looking to be hacked!!
please post your hjt as a txt attachment , instructions are there.
N3051M
Posts: 2,094 +3
Apart from some p2p software and the program "SafeShare" that looks a bit sus, there's nothing much more on that list you've provided. However, you must rename the hijackthis.exe file to hijackthis1991.exe or something else because some malware hides itself from the original file name. Scan again then post it as a .log or .txt attatchment. Have a read of this and tomrca's link too.
I see that you have a Peer to peer program as well. Having this active and also disabling your main line of defense (your AV software/firewall etc) just invites disaster.
I see that you have a Peer to peer program as well. Having this active and also disabling your main line of defense (your AV software/firewall etc) just invites disaster.
Rage_3K_Moiz
Posts: 5,403 +43
And do exercise more caution in the future. Good luck with ur problem, hope it's resolved ASAP.:grinthumb
- Status
Latest posts
-
Apple is rolling out AirPlay support for TVs in hotel rooms
- Cal Jeffrey replied
-
Fallout TV show secures second season after stellar debut- midian182 replied
