Results 1 to 6 of 6

Thread: Spyware or faulty hardware?

  1. 11-01-2007, 01:39 PM #1
    ura Guest

    Spyware or faulty hardware?

    For some reason my PC is hickuping lately. I keep avast and zonealarm always
    on, and i've run adaware, spybot, spydoctor, tuneup2007 to fix all i could,
    but it didn't help. When i start PC, normaly desktop woould be ready really
    quick, now it takes a while for desktop icons to be loaded, or they seem to
    be loaded but if you moe cursor over the taskbar the mouse pointer turn to
    hourglass...or ocaisonaly there is an error that something couldn't be
    loaded.

    Programs will get lagged for no apparent reasons (taking forever to do a
    what is normaly a wuick task), when i press right mouse button there will
    sometimes be a lag pause, internet explorer windows when surfing will freeze
    up for a while, etc. I did some benchmark testing on memory and CPU but it
    tested ok. Really don't know what to do anymore, any suggestions?

    this is the log i got from WinPatrol:

    Log created by WinPatrol version 12.2.2007.0:12.2.2007.0
    Scan saved at 7:38:34 PM, on 11/01/2007
    Platform: Windows XP SP2 Service Pack 2 (Build 2600)
    MSIE: Internet Explorer (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\system32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\explorer.exe
    C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\aswUpdSv.exe
    C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRAM FILES\Creative\SOUND BLASTER X-FI\VOLUME PANEL\VolPanlu.exe
    C:\PROGRAM FILES\Creative\SHARED FILES\CTSched.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\PROGRAM FILES\EIZO\SCREENMANAGER PRO FOR LCD\Lcdctrl.exe
    C:\PROGRAM FILES\Java\JRE1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRAM FILES\ZONE LABS\ZONEALARM\zlclient.exe
    C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe
    C:\PROGRAM FILES\DAEMON TOOLS\daemon.exe
    C:\WINDOWS\system32\CTSVCCDA.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
    C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
    C:\PROGRAM FILES\OUTLOOK EXPRESS\msimn.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.net.hr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
    O1 - Hosts: 127.0.0.
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: wssclient - {8D99D2A3-317C-4929-8A5D-21140259D93A} - c:\Program
    Files\wss.dll
    O4 - HKLM\..\Run: [SkyTel]SkyTel.EXE
    O4 - HKLM\..\Run: [GBB36X Configure]C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [VolPanel]C:\Program Files\Creative\Sound Blaster
    X-Fi\Volume Panel\VolPanlu.exe /r
    O4 - HKLM\..\Run: [CreativeTaskScheduler]C:\Program Files\Creative\Shared
    Files\CTSched.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz]nwiz.exe /install
    O4 - HKLM\..\Run:
    [NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!]C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ScreenManager Pro for LCD]C:\Program
    Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
    O4 - HKLM\..\Run: [Easy-PrintToolBox]C:\Program
    Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program
    Files\Java\jre1.6.0_01\bin\jusched.exe
    O4 - HKLM\..\Run: [P17Helper]Rundll32 SPIRun.dll,RunDLLEntry
    O4 - HKLM\..\Run: [ZoneAlarm Client]C:\Program Files\Zone
    Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [Nero DriveSpeed]C:\Program Files\Ahead\Nero
    Toolkit\DriveSpeed.exe
    O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP
    Studios\WinPatrol\winpatrol.exe
    O4 - HKCU\..\Run: [SetDefaultMIDI]MIDIDef.exe
    O4 - HKCU\..\Run: [DAEMON Tools]C:\Program Files\DAEMON
    Tools\daemon.exe -lang 1033
    O4 - Global Startup: PowerReg Scheduler.exe=C:\Documents and
    Settings\nanji\Start Menu\Programs\Startup\PowerReg Scheduler.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger -
    {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    Files\Messenger\msmsgs.exe
    O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program
    Files\Java\jre1.6.0_01\bin
    O11 - Options group: [] -
    O14 - IERESET.INF: START_PAGE_URL =
    http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
    O14 - IERESET.INF: SEARCH_PAGE_URL =
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
    O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
    O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
    O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
    O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
    http://www.update.microsoft.com/wind...?1193940252390
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab
    Class) -
    http://www.nvidia.com/content/Driver...sysreqlab2.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_01) -
    http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
    http://fpdownload.macromedia.com/pub...sh/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    AutoUpdate Support Package) -
    http://www.creative.com/su2/CTL_V020...5030/CTPID.cab
    O21 - WPDShServiceObj - WPDShServiceObj Class -
    {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
    C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service - ALWIL Software - C:\Program
    Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
    Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - - C:\Program Files\Alwil
    Software\Avast4\ashMaiSv.exe /service
    O23 - Service: avast! Web Scanner - - C:\Program Files\Alwil
    Software\Avast4\ashWebSv.exe /service
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -
    C:\WINDOWS\system32\CTSVCCDA.EXE
    O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation -
    C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SiSoftware Database Agent Service - SiSoftware - C:\Program
    Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\Win32\RpcDataSrv.exe
    O23 - Service: SiSoftware Sandra Agent Service - SiSoftware - C:\Program
    Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\RpcSandraSrv.exe
    O23 - Service: PC Tools Auxiliary Service - PC Tools - C:\Program
    Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service - PC Tools - C:\Program
    Files\Spyware Doctor\swdsvc.exe
    O23 - Service: TuneUp Theme Extension - TuneUp Software GmbH -
    C:\WINDOWS\system32\uxtuneup.dll
    O23 - Service: TrueVector Internet Monitor - -
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service

    --- Additional WinPatrol Info ---
    Default Browser: Internet Explorer - Internet Explorer version
    6.00.2900.2180
    MSIE: Internet Explorer (6.00.2900.2180)
    Firefox 2.0.0.8 installed in C:\Program Files\Mozilla Firefox.
    1308 IE Cookies in Folder: C:\Documents and Settings\nanji\Cookies\

    WP00 - HKLM\CS1: BootExecute = autocheck autochk *
    WP00 - HKLM\CCS: BootExecute = autocheck autochk *
    WP00 - HKLM\CS2: BootExecute = autocheck autochk *
    WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe

    WP03 - Windows Automatic Update = 1:Turn off Automatic Updates.


    WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL \DefaultPrefix:
    Default = http://
    WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL \Prefixes: www =
    http://

    WP31 - Scheduled Tasks: [RegCure.job]C:\Program Files\RegCure\RegCure.exe
    Never
    WP31 - Scheduled Tasks: [RegCure Program Check.job]C:\Program
    Files\RegCure\RegCure.exe 11/01/2007 7:24 PM
    WP31 - Scheduled Tasks: [1-Click Maintenance.job]C:\Program Files\TuneUp
    Utilities 2007\SystemOptimizer.exe Never

    WP32 - Hidden File: C:\BOOT.BAK
    WP32 - Hidden File: C:\boot.ini
    WP32 - Hidden File: C:\IO.SYS
    WP32 - Hidden File: C:\MSDOS.SYS
    WP32 - Hidden File: C:\NTDETECT.COM
    WP32 - Hidden File: C:\ntldr
    WP32 - Hidden File: C:\pagefile.sys
    WP32 - Hidden File: C:\WINDOWS\ctfile.rfc
    WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
    WP32 - Hidden File: C:\WINDOWS\Thumbs.db
    WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
    WP32 - Hidden File: C:\WINDOWS\winnt.bmp
    WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
    WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\DEFAULT.rrr.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.rrr.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\SOFTWARE.rrr.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
    WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.dat
    WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.idx
    WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\mlfcache.dat
    WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
    WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest
    WP32 - Hidden File: C:\WINDOWS\system32\zllictbl.dat

    WP33 - File Type .AVI: [AVI Video]C:\Program
    Files\Real\RealPlayer\RealPlay.exe %1
    WP33 - File Type .BAT: [MS-DOS Batch File]%1 %*
    WP33 - File Type .CAB: [WinRAR archive]C:\Program Files\WinRAR\WinRAR.exe %1
    WP33 - File Type .CAT: [Security Catalog]rundll32.exe
    cryptext.dll,CryptExtOpenCAT %1
    WP33 - File Type .CHM: [Compiled HTML Help file]C:\WINDOWS\hh.exe %1
    WP33 - File Type .COM: [MS-DOS Application]%1 %*
    WP33 - File Type .CMD: [Windows NT Command Script]%1 %*
    WP33 - File Type .DOC: [Dokument Microsoft Worda]C:\Program Files\Microsoft
    Office\Office10\WINWORD.EXE /n /dde
    WP33 - File Type .EML: [Outlook Express Mail Message]C:\Program
    Files\Outlook Express\msimn.exe /eml:%1
    WP33 - File Type .EXE: [Application]%1 %*
    WP33 - File Type .INF: [Setup Information]C:\WINDOWS\System32\NOTEPAD.EXE %1
    WP33 - File Type .JS: [JScript Script File]C:\WINDOWS\System32\WScript.exe
    %1 %*
    WP33 - File Type .LOG: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
    WP33 - File Type .MSI: [Windows Installer
    Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
    WP33 - File Type .MSG: [Outlookova stavka]C:\Program Files\Microsoft
    Office\Office10\OUTLOOK.EXE /f %1
    WP33 - File Type .MID: [Winamp media file]C:\Program Files\Winamp\winamp.exe
    %1
    WP33 - File Type .MP3: [Winamp media file]C:\Program Files\Winamp\winamp.exe
    %1
    WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
    WP33 - File Type .RAM: [RealPlayer Presentation]C:\Program
    Files\Real\RealPlayer\RealPlay.exe %1
    WP33 - File Type .REG: [Registration Entries]regedit.exe %1
    WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft
    Office\Office10\WINWORD.EXE /n /dde
    WP33 - File Type .SBS: [Spyware supplemental file]C:\Program Files\Spybot -
    Search & Destroy\SpybotSD.exe %1
    WP33 - File Type .SCR: [Screen Saver]%1 /S
    WP33 - File Type .TXT: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
    WP33 - File Type .URL: [Internet Shortcut]rundll32.exe shdocvw.dll,OpenURL
    %l
    WP33 - File Type .VBS: [VBScript Script File]C:\WINDOWS\System32\WScript.exe
    %1 %*
    WP33 - File Type .VBE: [VBScript Encoded Script
    File]C:\WINDOWS\System32\WScript.exe %1 %*
    WP33 - File Type .WSF: [Windows Script File]C:\WINDOWS\System32\WScript.exe
    %1 %*
    WP33 - File Type .WSH: [Windows Script Host Settings
    File]C:\WINDOWS\System32\WScript.exe %1 %*
    WP33 - File Type .XLS: [Radni list Microsoft Excela]C:\Program
    Files\Microsoft Office\Office10\EXCEL.EXE /e

    Memory currently in use: 19%
    Physical Memory Free: 1,680,136 KB
    Paging File Free: 3,771,516 KB
    Virtual Memory Free: 2,052,864 KB


    --
    End of file


    Any help is much aprechiated as this is driving me nuts!

    thanks



    Reply With Quote Reply With Quote
  2. 11-01-2007, 02:26 PM #2
    john blaster Guest

    Re: Spyware or faulty hardware?

    you are running

    avast
    zonealarm
    adaware
    spybot
    spydoctor
    tuneup2007

    With all that stuff running, it is amazing that your computer can
    process anything else.

    It is well known that wares such as McAfee or Norton can easily take
    up between 50% and 90% of your cpu's processing power. Norton takes
    50% by default.

    Your computer has more protection than a tank, so don't expect to be
    running like an Indy car.

    You probably have windows defender running also.



    On Thu, 1 Nov 2007 19:39:21 +0100, "ura" <urarara@yahoo.com> wrote:

    >For some reason my PC is hickuping lately. I keep avast and zonealarm always
    >on, and i've run adaware, spybot, spydoctor, tuneup2007 to fix all i could,
    >but it didn't help. When i start PC, normaly desktop woould be ready really
    >quick, now it takes a while for desktop icons to be loaded, or they seem to
    >be loaded but if you moe cursor over the taskbar the mouse pointer turn to
    >hourglass...or ocaisonaly there is an error that something couldn't be
    >loaded.
    >
    >Programs will get lagged for no apparent reasons (taking forever to do a
    >what is normaly a wuick task), when i press right mouse button there will
    >sometimes be a lag pause, internet explorer windows when surfing will freeze
    >up for a while, etc. I did some benchmark testing on memory and CPU but it
    >tested ok. Really don't know what to do anymore, any suggestions?
    >
    >this is the log i got from WinPatrol:
    >
    >Log created by WinPatrol version 12.2.2007.0:12.2.2007.0
    >Scan saved at 7:38:34 PM, on 11/01/2007
    >Platform: Windows XP SP2 Service Pack 2 (Build 2600)
    >MSIE: Internet Explorer (6.00.2900.2180)
    >Boot mode: Normal
    >
    >Running processes:
    >C:\WINDOWS\system32\smss.exe
    >C:\WINDOWS\system32\winlogon.exe
    >C:\WINDOWS\system32\services.exe
    >C:\WINDOWS\system32\lsass.exe
    >C:\WINDOWS\system32\svchost.exe
    >C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    >C:\WINDOWS\explorer.exe
    >C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\aswUpdSv.exe
    >C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\ashServ.exe
    >C:\WINDOWS\system32\spoolsv.exe
    >C:\PROGRAM FILES\Creative\SOUND BLASTER X-FI\VOLUME PANEL\VolPanlu.exe
    >C:\PROGRAM FILES\Creative\SHARED FILES\CTSched.exe
    >C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    >C:\PROGRAM FILES\EIZO\SCREENMANAGER PRO FOR LCD\Lcdctrl.exe
    >C:\PROGRAM FILES\Java\JRE1.6.0_01\bin\jusched.exe
    >C:\WINDOWS\system32\rundll32.exe
    >C:\PROGRAM FILES\ZONE LABS\ZONEALARM\zlclient.exe
    >C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe
    >C:\PROGRAM FILES\DAEMON TOOLS\daemon.exe
    >C:\WINDOWS\system32\CTSVCCDA.EXE
    >C:\WINDOWS\system32\nvsvc32.exe
    >C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\ashWebSv.exe
    >C:\WINDOWS\system32\wscntfy.exe
    >C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
    >C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
    >C:\PROGRAM FILES\OUTLOOK EXPRESS\msimn.exe
    >
    >R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    >http://www.net.hr/
    >R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    >http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
    >R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    >http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
    >O1 - Hosts: 127.0.0.
    >O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    >C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    >O2 - BHO: wssclient - {8D99D2A3-317C-4929-8A5D-21140259D93A} - c:\Program
    >Files\wss.dll
    >O4 - HKLM\..\Run: [SkyTel]SkyTel.EXE
    >O4 - HKLM\..\Run: [GBB36X Configure]C:\WINDOWS\system32\JMRaidTool.exe boot
    >O4 - HKLM\..\Run: [VolPanel]C:\Program Files\Creative\Sound Blaster
    >X-Fi\Volume Panel\VolPanlu.exe /r
    >O4 - HKLM\..\Run: [CreativeTaskScheduler]C:\Program Files\Creative\Shared
    >Files\CTSched.exe /logon
    >O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
    >O4 - HKLM\..\Run: [nwiz]nwiz.exe /install
    >O4 - HKLM\..\Run:
    >[NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    >O4 - HKLM\..\Run: [avast!]C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    >O4 - HKLM\..\Run: [ScreenManager Pro for LCD]C:\Program
    >Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
    >O4 - HKLM\..\Run: [Easy-PrintToolBox]C:\Program
    >Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    >O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program
    >Files\Java\jre1.6.0_01\bin\jusched.exe
    >O4 - HKLM\..\Run: [P17Helper]Rundll32 SPIRun.dll,RunDLLEntry
    >O4 - HKLM\..\Run: [ZoneAlarm Client]C:\Program Files\Zone
    >Labs\ZoneAlarm\zlclient.exe
    >O4 - HKLM\..\Run: [Nero DriveSpeed]C:\Program Files\Ahead\Nero
    >Toolkit\DriveSpeed.exe
    >O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP
    >Studios\WinPatrol\winpatrol.exe
    >O4 - HKCU\..\Run: [SetDefaultMIDI]MIDIDef.exe
    >O4 - HKCU\..\Run: [DAEMON Tools]C:\Program Files\DAEMON
    >Tools\daemon.exe -lang 1033
    >O4 - Global Startup: PowerReg Scheduler.exe=C:\Documents and
    >Settings\nanji\Start Menu\Programs\Startup\PowerReg Scheduler.exe
    >O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    >C:\Program Files\Messenger\msmsgs.exe
    >O9 - Extra 'Tools' menuitem: Windows Messenger -
    >{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    >Files\Messenger\msmsgs.exe
    >O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program
    >Files\Java\jre1.6.0_01\bin
    >O11 - Options group: [] -
    >O14 - IERESET.INF: START_PAGE_URL =
    >http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
    >O14 - IERESET.INF: SEARCH_PAGE_URL =
    >http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    >O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
    >O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
    >O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
    >O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
    >O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
    >O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
    >http://www.update.microsoft.com/wind...?1193940252390
    >O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab
    >Class) -
    >http://www.nvidia.com/content/Driver...sysreqlab2.cab
    >O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_01) -
    >http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    >O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    >http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    >O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    >http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    >O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
    >http://fpdownload.macromedia.com/pub...sh/swflash.cab
    >O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    >AutoUpdate Support Package) -
    >http://www.creative.com/su2/CTL_V020...5030/CTPID.cab
    >O21 - WPDShServiceObj - WPDShServiceObj Class -
    >{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
    >C:\WINDOWS\system32\WPDShServiceObj.dll
    >O23 - Service: avast! iAVS4 Control Service - ALWIL Software - C:\Program
    >Files\Alwil Software\Avast4\aswUpdSv.exe
    >O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
    >Software\Avast4\ashServ.exe
    >O23 - Service: avast! Mail Scanner - - C:\Program Files\Alwil
    >Software\Avast4\ashMaiSv.exe /service
    >O23 - Service: avast! Web Scanner - - C:\Program Files\Alwil
    >Software\Avast4\ashWebSv.exe /service
    >O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -
    >C:\WINDOWS\system32\CTSVCCDA.EXE
    >O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation -
    >C:\WINDOWS\system32\nvsvc32.exe
    >O23 - Service: SiSoftware Database Agent Service - SiSoftware - C:\Program
    >Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\Win32\RpcDataSrv.exe
    >O23 - Service: SiSoftware Sandra Agent Service - SiSoftware - C:\Program
    >Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\RpcSandraSrv.exe
    >O23 - Service: PC Tools Auxiliary Service - PC Tools - C:\Program
    >Files\Spyware Doctor\svcntaux.exe
    >O23 - Service: PC Tools Security Service - PC Tools - C:\Program
    >Files\Spyware Doctor\swdsvc.exe
    >O23 - Service: TuneUp Theme Extension - TuneUp Software GmbH -
    >C:\WINDOWS\system32\uxtuneup.dll
    >O23 - Service: TrueVector Internet Monitor - -
    >C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
    >
    >--- Additional WinPatrol Info ---
    >Default Browser: Internet Explorer - Internet Explorer version
    >6.00.2900.2180
    >MSIE: Internet Explorer (6.00.2900.2180)
    >Firefox 2.0.0.8 installed in C:\Program Files\Mozilla Firefox.
    >1308 IE Cookies in Folder: C:\Documents and Settings\nanji\Cookies\
    >
    >WP00 - HKLM\CS1: BootExecute = autocheck autochk *
    >WP00 - HKLM\CCS: BootExecute = autocheck autochk *
    >WP00 - HKLM\CS2: BootExecute = autocheck autochk *
    >WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe
    >
    >WP03 - Windows Automatic Update = 1:Turn off Automatic Updates.
    >
    >
    >WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL \DefaultPrefix:
    >Default = http://
    >WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL \Prefixes: www =
    >http://
    >
    >WP31 - Scheduled Tasks: [RegCure.job]C:\Program Files\RegCure\RegCure.exe
    >Never
    >WP31 - Scheduled Tasks: [RegCure Program Check.job]C:\Program
    >Files\RegCure\RegCure.exe 11/01/2007 7:24 PM
    >WP31 - Scheduled Tasks: [1-Click Maintenance.job]C:\Program Files\TuneUp
    >Utilities 2007\SystemOptimizer.exe Never
    >
    >WP32 - Hidden File: C:\BOOT.BAK
    >WP32 - Hidden File: C:\boot.ini
    >WP32 - Hidden File: C:\IO.SYS
    >WP32 - Hidden File: C:\MSDOS.SYS
    >WP32 - Hidden File: C:\NTDETECT.COM
    >WP32 - Hidden File: C:\ntldr
    >WP32 - Hidden File: C:\pagefile.sys
    >WP32 - Hidden File: C:\WINDOWS\ctfile.rfc
    >WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
    >WP32 - Hidden File: C:\WINDOWS\Thumbs.db
    >WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
    >WP32 - Hidden File: C:\WINDOWS\winnt.bmp
    >WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
    >WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\DEFAULT.rrr.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.rrr.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\SOFTWARE.rrr.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
    >WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.dat
    >WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.idx
    >WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\mlfcache.dat
    >WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
    >WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest
    >WP32 - Hidden File: C:\WINDOWS\system32\zllictbl.dat
    >
    >WP33 - File Type .AVI: [AVI Video]C:\Program
    >Files\Real\RealPlayer\RealPlay.exe %1
    >WP33 - File Type .BAT: [MS-DOS Batch File]%1 %*
    >WP33 - File Type .CAB: [WinRAR archive]C:\Program Files\WinRAR\WinRAR.exe %1
    >WP33 - File Type .CAT: [Security Catalog]rundll32.exe
    >cryptext.dll,CryptExtOpenCAT %1
    >WP33 - File Type .CHM: [Compiled HTML Help file]C:\WINDOWS\hh.exe %1
    >WP33 - File Type .COM: [MS-DOS Application]%1 %*
    >WP33 - File Type .CMD: [Windows NT Command Script]%1 %*
    >WP33 - File Type .DOC: [Dokument Microsoft Worda]C:\Program Files\Microsoft
    >Office\Office10\WINWORD.EXE /n /dde
    >WP33 - File Type .EML: [Outlook Express Mail Message]C:\Program
    >Files\Outlook Express\msimn.exe /eml:%1
    >WP33 - File Type .EXE: [Application]%1 %*
    >WP33 - File Type .INF: [Setup Information]C:\WINDOWS\System32\NOTEPAD.EXE %1
    >WP33 - File Type .JS: [JScript Script File]C:\WINDOWS\System32\WScript.exe
    >%1 %*
    >WP33 - File Type .LOG: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
    >WP33 - File Type .MSI: [Windows Installer
    >Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
    >WP33 - File Type .MSG: [Outlookova stavka]C:\Program Files\Microsoft
    >Office\Office10\OUTLOOK.EXE /f %1
    >WP33 - File Type .MID: [Winamp media file]C:\Program Files\Winamp\winamp.exe
    >%1
    >WP33 - File Type .MP3: [Winamp media file]C:\Program Files\Winamp\winamp.exe
    >%1
    >WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
    >WP33 - File Type .RAM: [RealPlayer Presentation]C:\Program
    >Files\Real\RealPlayer\RealPlay.exe %1
    >WP33 - File Type .REG: [Registration Entries]regedit.exe %1
    >WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft
    >Office\Office10\WINWORD.EXE /n /dde
    >WP33 - File Type .SBS: [Spyware supplemental file]C:\Program Files\Spybot -
    >Search & Destroy\SpybotSD.exe %1
    >WP33 - File Type .SCR: [Screen Saver]%1 /S
    >WP33 - File Type .TXT: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
    >WP33 - File Type .URL: [Internet Shortcut]rundll32.exe shdocvw.dll,OpenURL
    >%l
    >WP33 - File Type .VBS: [VBScript Script File]C:\WINDOWS\System32\WScript.exe
    >%1 %*
    >WP33 - File Type .VBE: [VBScript Encoded Script
    >File]C:\WINDOWS\System32\WScript.exe %1 %*
    >WP33 - File Type .WSF: [Windows Script File]C:\WINDOWS\System32\WScript.exe
    >%1 %*
    >WP33 - File Type .WSH: [Windows Script Host Settings
    >File]C:\WINDOWS\System32\WScript.exe %1 %*
    >WP33 - File Type .XLS: [Radni list Microsoft Excela]C:\Program
    >Files\Microsoft Office\Office10\EXCEL.EXE /e
    >
    >Memory currently in use: 19%
    >Physical Memory Free: 1,680,136 KB
    >Paging File Free: 3,771,516 KB
    >Virtual Memory Free: 2,052,864 KB
    Reply With Quote Reply With Quote
  3. 11-01-2007, 02:42 PM #3
    ura Guest

    Re: Spyware or faulty hardware?

    > avast
    > zonealarm
    > adaware
    > spybot
    > spydoctor
    > tuneup2007
    >
    > With all that stuff running, it is amazing that your computer can
    > process anything else.
    >
    > It is well known that wares such as McAfee or Norton can easily take
    > up between 50% and 90% of your cpu's processing power. Norton takes
    > 50% by default.
    >
    > Your computer has more protection than a tank, so don't expect to be
    > running like an Indy car.
    >
    > You probably have windows defender running also.

    Uh, no no you misunderstood, i only have Avast and ZoneAlarm always running,
    or rather autoloaded.. The other programs are the programs i ran trying to
    solve the problem. I've had this PC for about 7 month now, and the problem
    only started a few days back.


    Reply With Quote Reply With Quote
  4. 11-03-2007, 02:27 PM #4
    Quilljar Guest

    Re: Spyware or faulty hardware?

    I have found that clearing out the Temp folder ( run %temp% )will often
    help, and/or use CCleaner which is excellent for speeding up slow Win XP
    computers. If you have Norton or McAvee, uninstall them and replace with the
    free AVG. The AVG Pro is the same but without support. As you seldom need
    it, it wd be up to you to decide. I have used AVG and installed it on about
    20 computers with perfect results over the last three years.

    --
    Yrs Quilly


    "ura" <urarara@yahoo.com> wrote in message
    news:fgda86$3d4$1@sunce.iskon.hr...
    >> avast
    >> zonealarm
    >> adaware
    >> spybot
    >> spydoctor
    >> tuneup2007
    >>
    >> With all that stuff running, it is amazing that your computer can
    >> process anything else.
    >>
    >> It is well known that wares such as McAfee or Norton can easily take
    >> up between 50% and 90% of your cpu's processing power. Norton takes
    >> 50% by default.
    >>
    >> Your computer has more protection than a tank, so don't expect to be
    >> running like an Indy car.
    >>
    >> You probably have windows defender running also.
    >
    > Uh, no no you misunderstood, i only have Avast and ZoneAlarm always
    > running, or rather autoloaded.. The other programs are the programs i ran
    > trying to solve the problem. I've had this PC for about 7 month now, and
    > the problem only started a few days back.
    >

    Reply With Quote Reply With Quote
  5. 11-04-2007, 02:08 PM #5
    Woody Guest

    Re: Spyware or faulty hardware?

    Start Task Manager and find out what processes are eating the cpu cycles.
    Also disable all the startup items in MSconfig. These are always starting
    points in determining slow systems. Also turn on bootlog to see what is
    loading during boot.


    "Quilljar" <Not@home.today> wrote in message
    news:YMCdnUuygZxWVrHanZ2dnUVZ8tGqnZ2d@bt.com...
    >I have found that clearing out the Temp folder ( run %temp% )will often
    >help, and/or use CCleaner which is excellent for speeding up slow Win XP
    >computers. If you have Norton or McAvee, uninstall them and replace with
    >the free AVG. The AVG Pro is the same but without support. As you seldom
    >need it, it wd be up to you to decide. I have used AVG and installed it on
    >about 20 computers with perfect results over the last three years.
    >
    > --
    > Yrs Quilly
    >
    >
    > "ura" <urarara@yahoo.com> wrote in message
    > news:fgda86$3d4$1@sunce.iskon.hr...
    >>> avast
    >>> zonealarm
    >>> adaware
    >>> spybot
    >>> spydoctor
    >>> tuneup2007
    >>>
    >>> With all that stuff running, it is amazing that your computer can
    >>> process anything else.
    >>>
    >>> It is well known that wares such as McAfee or Norton can easily take
    >>> up between 50% and 90% of your cpu's processing power. Norton takes
    >>> 50% by default.
    >>>
    >>> Your computer has more protection than a tank, so don't expect to be
    >>> running like an Indy car.
    >>>
    >>> You probably have windows defender running also.
    >>
    >> Uh, no no you misunderstood, i only have Avast and ZoneAlarm always
    >> running, or rather autoloaded.. The other programs are the programs i ran
    >> trying to solve the problem. I've had this PC for about 7 month now, and
    >> the problem only started a few days back.
    >>
    >


    Reply With Quote Reply With Quote
  6. 11-04-2007, 06:29 PM #6
    Quilljar Guest

    Re: Spyware or faulty hardware?

    You can also use CCleaner to turn off start-up programs. It may be easier
    for the less technically minded...myself for example !

    --
    Yrs Quilly


    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules