Spyware or faulty hardware?

john blaster · 11-01-2007, 02:26 PM

you are running

avast
zonealarm
adaware
spybot
spydoctor
tuneup2007

With all that stuff running, it is amazing that your computer can
process anything else.

It is well known that wares such as McAfee or Norton can easily take
up between 50% and 90% of your cpu's processing power. Norton takes
50% by default.

Your computer has more protection than a tank, so don't expect to be
running like an Indy car.

You probably have windows defender running also.

On Thu, 1 Nov 2007 19:39:21 +0100, "ura" <urarara@yahoo.com> wrote:

>For some reason my PC is hickuping lately. I keep avast and zonealarm always
>on, and i've run adaware, spybot, spydoctor, tuneup2007 to fix all i could,
>but it didn't help. When i start PC, normaly desktop woould be ready really
>quick, now it takes a while for desktop icons to be loaded, or they seem to
>be loaded but if you moe cursor over the taskbar the mouse pointer turn to
>hourglass...or ocaisonaly there is an error that something couldn't be
>loaded.
>
>Programs will get lagged for no apparent reasons (taking forever to do a
>what is normaly a wuick task), when i press right mouse button there will
>sometimes be a lag pause, internet explorer windows when surfing will freeze
>up for a while, etc. I did some benchmark testing on memory and CPU but it
>tested ok. Really don't know what to do anymore, any suggestions?
>
>this is the log i got from WinPatrol:
>
>Log created by WinPatrol version 12.2.2007.0:12.2.2007.0
>Scan saved at 7:38:34 PM, on 11/01/2007
>Platform: Windows XP SP2 Service Pack 2 (Build 2600)
>MSIE: Internet Explorer (6.00.2900.2180)
>Boot mode: Normal
>
>Running processes:
>C:\WINDOWS\system32\smss.exe
>C:\WINDOWS\system32\winlogon.exe
>C:\WINDOWS\system32\services.exe
>C:\WINDOWS\system32\lsass.exe
>C:\WINDOWS\system32\svchost.exe
>C:\WINDOWS\system32\ZoneLabs\vsmon.exe
>C:\WINDOWS\explorer.exe
>C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\aswUpdSv.exe
>C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\ashServ.exe
>C:\WINDOWS\system32\spoolsv.exe
>C:\PROGRAM FILES\Creative\SOUND BLASTER X-FI\VOLUME PANEL\VolPanlu.exe
>C:\PROGRAM FILES\Creative\SHARED FILES\CTSched.exe
>C:\Program Files\Alwil Software\Avast4\ashDisp.exe
>C:\PROGRAM FILES\EIZO\SCREENMANAGER PRO FOR LCD\Lcdctrl.exe
>C:\PROGRAM FILES\Java\JRE1.6.0_01\bin\jusched.exe
>C:\WINDOWS\system32\rundll32.exe
>C:\PROGRAM FILES\ZONE LABS\ZONEALARM\zlclient.exe
>C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe
>C:\PROGRAM FILES\DAEMON TOOLS\daemon.exe
>C:\WINDOWS\system32\CTSVCCDA.EXE
>C:\WINDOWS\system32\nvsvc32.exe
>C:\PROGRAM FILES\ALWIL SOFTWARE\Avast4\ashWebSv.exe
>C:\WINDOWS\system32\wscntfy.exe
>C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
>C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
>C:\PROGRAM FILES\OUTLOOK EXPRESS\msimn.exe
>
>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
>http://www.net.hr/
>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
>http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
>http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
>O1 - Hosts: 127.0.0.
>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
>C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
>O2 - BHO: wssclient - {8D99D2A3-317C-4929-8A5D-21140259D93A} - c:\Program
>Files\wss.dll
>O4 - HKLM\..\Run: [SkyTel]SkyTel.EXE
>O4 - HKLM\..\Run: [GBB36X Configure]C:\WINDOWS\system32\JMRaidTool.exe boot
>O4 - HKLM\..\Run: [VolPanel]C:\Program Files\Creative\Sound Blaster
>X-Fi\Volume Panel\VolPanlu.exe /r
>O4 - HKLM\..\Run: [CreativeTaskScheduler]C:\Program Files\Creative\Shared
>Files\CTSched.exe /logon
>O4 - HKLM\..\Run: [NvCplDaemon]C:\WINDOWS\system32\NvCpl.dll,NvStartup
>O4 - HKLM\..\Run: [nwiz]nwiz.exe /install
>O4 - HKLM\..\Run:
>[NvMediaCenter]C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
>O4 - HKLM\..\Run: [avast!]C:\Program Files\Alwil Software\Avast4\ashDisp.exe
>O4 - HKLM\..\Run: [ScreenManager Pro for LCD]C:\Program
>Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
>O4 - HKLM\..\Run: [Easy-PrintToolBox]C:\Program
>Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
>O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program
>Files\Java\jre1.6.0_01\bin\jusched.exe
>O4 - HKLM\..\Run: [P17Helper]Rundll32 SPIRun.dll,RunDLLEntry
>O4 - HKLM\..\Run: [ZoneAlarm Client]C:\Program Files\Zone
>Labs\ZoneAlarm\zlclient.exe
>O4 - HKLM\..\Run: [Nero DriveSpeed]C:\Program Files\Ahead\Nero
>Toolkit\DriveSpeed.exe
>O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP
>Studios\WinPatrol\winpatrol.exe
>O4 - HKCU\..\Run: [SetDefaultMIDI]MIDIDef.exe
>O4 - HKCU\..\Run: [DAEMON Tools]C:\Program Files\DAEMON
>Tools\daemon.exe -lang 1033
>O4 - Global Startup: PowerReg Scheduler.exe=C:\Documents and
>Settings\nanji\Start Menu\Programs\Startup\PowerReg Scheduler.exe
>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
>C:\Program Files\Messenger\msmsgs.exe
>O9 - Extra 'Tools' menuitem: Windows Messenger -
>{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
>Files\Messenger\msmsgs.exe
>O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program
>Files\Java\jre1.6.0_01\bin
>O11 - Options group: [] -
>O14 - IERESET.INF: START_PAGE_URL =
>http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
>O14 - IERESET.INF: SEARCH_PAGE_URL =
>http://www.microsoft.com/isapi/redir...ie&ar=iesearch
>O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
>O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
>O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
>O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
>O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
>O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
>http://www.update.microsoft.com/wind...?1193940252390
>O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab
>Class) -
>http://www.nvidia.com/content/Driver...sysreqlab2.cab
>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_01) -
>http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
>O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
>http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
>http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
>http://fpdownload.macromedia.com/pub...sh/swflash.cab
>O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
>AutoUpdate Support Package) -
>http://www.creative.com/su2/CTL_V020...5030/CTPID.cab
>O21 - WPDShServiceObj - WPDShServiceObj Class -
>{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
>C:\WINDOWS\system32\WPDShServiceObj.dll
>O23 - Service: avast! iAVS4 Control Service - ALWIL Software - C:\Program
>Files\Alwil Software\Avast4\aswUpdSv.exe
>O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
>Software\Avast4\ashServ.exe
>O23 - Service: avast! Mail Scanner - - C:\Program Files\Alwil
>Software\Avast4\ashMaiSv.exe /service
>O23 - Service: avast! Web Scanner - - C:\Program Files\Alwil
>Software\Avast4\ashWebSv.exe /service
>O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -
>C:\WINDOWS\system32\CTSVCCDA.EXE
>O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation -
>C:\WINDOWS\system32\nvsvc32.exe
>O23 - Service: SiSoftware Database Agent Service - SiSoftware - C:\Program
>Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\Win32\RpcDataSrv.exe
>O23 - Service: SiSoftware Sandra Agent Service - SiSoftware - C:\Program
>Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\RpcSandraSrv.exe
>O23 - Service: PC Tools Auxiliary Service - PC Tools - C:\Program
>Files\Spyware Doctor\svcntaux.exe
>O23 - Service: PC Tools Security Service - PC Tools - C:\Program
>Files\Spyware Doctor\swdsvc.exe
>O23 - Service: TuneUp Theme Extension - TuneUp Software GmbH -
>C:\WINDOWS\system32\uxtuneup.dll
>O23 - Service: TrueVector Internet Monitor - -
>C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
>
>--- Additional WinPatrol Info ---
>Default Browser: Internet Explorer - Internet Explorer version
>6.00.2900.2180
>MSIE: Internet Explorer (6.00.2900.2180)
>Firefox 2.0.0.8 installed in C:\Program Files\Mozilla Firefox.
>1308 IE Cookies in Folder: C:\Documents and Settings\nanji\Cookies\
>
>WP00 - HKLM\CS1: BootExecute = autocheck autochk *
>WP00 - HKLM\CCS: BootExecute = autocheck autochk *
>WP00 - HKLM\CS2: BootExecute = autocheck autochk *
>WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe
>
>WP03 - Windows Automatic Update = 1:Turn off Automatic Updates.
>
>
>WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL \DefaultPrefix:
>Default = http://
>WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL \Prefixes: www =
>http://
>
>WP31 - Scheduled Tasks: [RegCure.job]C:\Program Files\RegCure\RegCure.exe
>Never
>WP31 - Scheduled Tasks: [RegCure Program Check.job]C:\Program
>Files\RegCure\RegCure.exe 11/01/2007 7:24 PM
>WP31 - Scheduled Tasks: [1-Click Maintenance.job]C:\Program Files\TuneUp
>Utilities 2007\SystemOptimizer.exe Never
>
>WP32 - Hidden File: C:\BOOT.BAK
>WP32 - Hidden File: C:\boot.ini
>WP32 - Hidden File: C:\IO.SYS
>WP32 - Hidden File: C:\MSDOS.SYS
>WP32 - Hidden File: C:\NTDETECT.COM
>WP32 - Hidden File: C:\ntldr
>WP32 - Hidden File: C:\pagefile.sys
>WP32 - Hidden File: C:\WINDOWS\ctfile.rfc
>WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
>WP32 - Hidden File: C:\WINDOWS\Thumbs.db
>WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
>WP32 - Hidden File: C:\WINDOWS\winnt.bmp
>WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
>WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\DEFAULT.rrr.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.rrr.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\SOFTWARE.rrr.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
>WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.dat
>WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.idx
>WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\mlfcache.dat
>WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
>WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest
>WP32 - Hidden File: C:\WINDOWS\system32\zllictbl.dat
>
>WP33 - File Type .AVI: [AVI Video]C:\Program
>Files\Real\RealPlayer\RealPlay.exe %1
>WP33 - File Type .BAT: [MS-DOS Batch File]%1 %*
>WP33 - File Type .CAB: [WinRAR archive]C:\Program Files\WinRAR\WinRAR.exe %1
>WP33 - File Type .CAT: [Security Catalog]rundll32.exe
>cryptext.dll,CryptExtOpenCAT %1
>WP33 - File Type .CHM: [Compiled HTML Help file]C:\WINDOWS\hh.exe %1
>WP33 - File Type .COM: [MS-DOS Application]%1 %*
>WP33 - File Type .CMD: [Windows NT Command Script]%1 %*
>WP33 - File Type .DOC: [Dokument Microsoft Worda]C:\Program Files\Microsoft
>Office\Office10\WINWORD.EXE /n /dde
>WP33 - File Type .EML: [Outlook Express Mail Message]C:\Program
>Files\Outlook Express\msimn.exe /eml:%1
>WP33 - File Type .EXE: [Application]%1 %*
>WP33 - File Type .INF: [Setup Information]C:\WINDOWS\System32\NOTEPAD.EXE %1
>WP33 - File Type .JS: [JScript Script File]C:\WINDOWS\System32\WScript.exe
>%1 %*
>WP33 - File Type .LOG: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
>WP33 - File Type .MSI: [Windows Installer
>Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
>WP33 - File Type .MSG: [Outlookova stavka]C:\Program Files\Microsoft
>Office\Office10\OUTLOOK.EXE /f %1
>WP33 - File Type .MID: [Winamp media file]C:\Program Files\Winamp\winamp.exe
>%1
>WP33 - File Type .MP3: [Winamp media file]C:\Program Files\Winamp\winamp.exe
>%1
>WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
>WP33 - File Type .RAM: [RealPlayer Presentation]C:\Program
>Files\Real\RealPlayer\RealPlay.exe %1
>WP33 - File Type .REG: [Registration Entries]regedit.exe %1
>WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft
>Office\Office10\WINWORD.EXE /n /dde
>WP33 - File Type .SBS: [Spyware supplemental file]C:\Program Files\Spybot -
>Search & Destroy\SpybotSD.exe %1
>WP33 - File Type .SCR: [Screen Saver]%1 /S
>WP33 - File Type .TXT: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
>WP33 - File Type .URL: [Internet Shortcut]rundll32.exe shdocvw.dll,OpenURL
>%l
>WP33 - File Type .VBS: [VBScript Script File]C:\WINDOWS\System32\WScript.exe
>%1 %*
>WP33 - File Type .VBE: [VBScript Encoded Script
>File]C:\WINDOWS\System32\WScript.exe %1 %*
>WP33 - File Type .WSF: [Windows Script File]C:\WINDOWS\System32\WScript.exe
>%1 %*
>WP33 - File Type .WSH: [Windows Script Host Settings
>File]C:\WINDOWS\System32\WScript.exe %1 %*
>WP33 - File Type .XLS: [Radni list Microsoft Excela]C:\Program
>Files\Microsoft Office\Office10\EXCEL.EXE /e
>
>Memory currently in use: 19%
>Physical Memory Free: 1,680,136 KB
>Paging File Free: 3,771,516 KB
>Virtual Memory Free: 2,052,864 KB

Thread: Spyware or faulty hardware?

Thread Tools

Display

Threaded View

Re: Spyware or faulty hardware?

Thread Information

Users Browsing this Thread

Posting Permissions