mdkuni
asked on
hijackthis log for sluggish internet
Could someone be so kind as to look over my log. The pc seems to be running slow lately. I have ran adaware and spybot search and destroy. Plus virus scanner and all is clean! Thanks!
Logfile of HijackThis v1.97.7
Scan saved at 1:49:43 AM, on 4/26/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\system32\spools v.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Command Software\Command AntiVirus\avinitnt.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
c:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\inetsr v\inetinfo .exe
C:\WINDOWS\System32\NMSSvc .exe
C:\PROGRA~1\COMMAN~1\COMMA N~1\untray .exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.ex e
C:\WINDOWS\System32\PROMon .exe
C:\WINDOWS\System32\hkcmd. exe
C:\PROGRA~1\COMMAN~1\COMMA N~1\dvprpt .exe
c:\Program Files\Command Software\Command AntiVirus\schscnt.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.e xe
C:\PROGRA~1\COMMAN~1\COMMA N~1\avtray .exe
C:\WINDOWS\system32\dla\tf swctrl.exe
C:\Program Files\Common Files\Real\Update_OB\reals ched.exe
C:\Program Files\AWS\WeatherBug\Weath er.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Internet Downloads\hijackthis\Hijac kThis.exe
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Start Page = http://charter.msn.com/
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = http://charter.msn.com
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Charter featuring MSN
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyServer = http://proxy:8080
O1 - Hosts: 172.28.10.32 samsafs01
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEH elper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-0 0123456789 0} - C:\WINDOWS\system32\dla\tf swshx.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0 0A0C908246 7} - C:\WINDOWS\System32\msdxm. ocx
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\ bin\SSRunS cript.exe" /script "C:\Program Files\Support.com\Charter\ vbs\verify connection .vbs" /args //b startupdelay
O4 - HKLM\..\Run: [untray] C:\PROGRA~1\COMMAN~1\COMMA N~1\untray .exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.ex e
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtr ay.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd. exe
O4 - HKLM\..\Run: [dvprpt] C:\PROGRA~1\COMMAN~1\COMMA N~1\dvprpt .exe
O4 - HKLM\..\Run: [CSAV_CheckViruses] C:\PROGRA~1\COMMAN~1\COMMA N~1\vchk.e xe
O4 - HKLM\..\Run: [BluetoothAuthenticationAg ent] rundll32.exe irprops.cpl,,BluetoothAuth entication Agent
O4 - HKLM\..\Run: [avtray] C:\PROGRA~1\COMMAN~1\COMMA N~1\avtray .exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tf swctrl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals ched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe " -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCt r\Binaries \MSConfig. exe /auto
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin \REGIST~1. EXE
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weath er.exe 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe " /background
O4 - HKCU\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcm d.exe
O4 - Global Startup: VPN Dialer (OnStartup).lnk = ?
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.h tm
O9 - Extra button: AIM (HKLM)
O9 - Extra button: SWF Catcher (HKLM)
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://charter.msn.com
O16 - DPF: axscanner - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: axscannerruntime - http://www.pestscan.com/scanner/axscannerruntime.cab
O16 - DPF: mscomctl - http://www.pestscan.com/scanner/mscomctl.cab
O16 - DPF: msvcp71 - http://download.pestpatrol.com/Downloads/Components/msvcp71.cab
O16 - DPF: msvcr71 - http://download.pestpatrol.com/Downloads/Components/msvcr71.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-4 4455354000 0} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-0 0105AA9B6A E} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-0 0609723787 7} (InstallFromTheWeb ActiveX Control) - http://msfm.interwise.com/IWCampus/student/client/iftwclix.cab
O16 - DPF: {544EB377-350A-4295-9BEB-E AB8392E09C 6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E 099162EEEC 5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-0 0C04F9A3B6 1} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-0 0609423508 4} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-3 6F43A218F4 A} (Microsoft RDP Client Control (redist)) - http://ibm-c990c5009c3/tsweb/msrdp.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-0 0105A1F0D6 8} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-0 0104B06BDE 3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-0 0608CEC297 C} - http://download.weatherbug.com/minibug/tricklers/AWS/minibuginstaller.cab?rand=200332215
O16 - DPF: {AA59BA6E-B44F-4514-AB3C-0 C1DD2306FC 3} (MSN Money Charting) - http://fdl.msn.com/public/investor/v12/invinstl.exe
O16 - DPF: {B942A249-D1E7-4C11-98AE-F CB76B08747 F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-4 36EDC304C8 C} (ContentAuditX Control) - http://www.contentwatch.com/audit/includes/ContentAuditControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4 4455354000 0} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9 B663A28DFC B} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-F B9E207A39E 6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4324/mcfscan.cab
Logfile of HijackThis v1.97.7
Scan saved at 1:49:43 AM, on 4/26/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\spools
C:\WINDOWS\Explorer.EXE
c:\Program Files\Command Software\Command AntiVirus\avinitnt.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
c:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\inetsr
C:\WINDOWS\System32\NMSSvc
C:\PROGRA~1\COMMAN~1\COMMA
C:\Program Files\Analog Devices\SoundMAX\Smtray.ex
C:\WINDOWS\System32\PROMon
C:\WINDOWS\System32\hkcmd.
C:\PROGRA~1\COMMAN~1\COMMA
c:\Program Files\Command Software\Command AntiVirus\schscnt.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.e
C:\PROGRA~1\COMMAN~1\COMMA
C:\WINDOWS\system32\dla\tf
C:\Program Files\Common Files\Real\Update_OB\reals
C:\Program Files\AWS\WeatherBug\Weath
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Internet Downloads\hijackthis\Hijac
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
O1 - Hosts: 172.28.10.32 samsafs01
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-0
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\
O4 - HKLM\..\Run: [untray] C:\PROGRA~1\COMMAN~1\COMMA
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.ex
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtr
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.
O4 - HKLM\..\Run: [dvprpt] C:\PROGRA~1\COMMAN~1\COMMA
O4 - HKLM\..\Run: [CSAV_CheckViruses] C:\PROGRA~1\COMMAN~1\COMMA
O4 - HKLM\..\Run: [BluetoothAuthenticationAg
O4 - HKLM\..\Run: [avtray] C:\PROGRA~1\COMMAN~1\COMMA
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCt
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weath
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcm
O4 - Global Startup: VPN Dialer (OnStartup).lnk = ?
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.h
O9 - Extra button: AIM (HKLM)
O9 - Extra button: SWF Catcher (HKLM)
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://charter.msn.com
O16 - DPF: axscanner - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: axscannerruntime - http://www.pestscan.com/scanner/axscannerruntime.cab
O16 - DPF: mscomctl - http://www.pestscan.com/scanner/mscomctl.cab
O16 - DPF: msvcp71 - http://download.pestpatrol.com/Downloads/Components/msvcp71.cab
O16 - DPF: msvcr71 - http://download.pestpatrol.com/Downloads/Components/msvcr71.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-4
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-0
O16 - DPF: {4E330863-6A11-11D0-BFD8-0
O16 - DPF: {544EB377-350A-4295-9BEB-E
O16 - DPF: {644E432F-49D3-41A1-8DD5-E
O16 - DPF: {74D05D43-3236-11D4-BDCD-0
O16 - DPF: {74FFE28D-2378-11D5-990C-0
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-3
O16 - DPF: {90C9629E-CD32-11D3-BBFB-0
O16 - DPF: {917623D1-D8E5-11D2-BE8B-0
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-0
O16 - DPF: {AA59BA6E-B44F-4514-AB3C-0
O16 - DPF: {B942A249-D1E7-4C11-98AE-F
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-4
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9
O16 - DPF: {EF791A6B-FC12-4C68-99EF-F
Empty your temp files, temporary internet files.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help! I keep up tp date with the defrag and cleaning the temps. I will try removing the tgcmd.exe Thanks everyone.