Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CPU Usage is higher than stated?

Started by UberMario , Nov 14 2006 04:19 AM

  • Please log in to reply

#1
UberMario
Posted 14 November 2006 - 04:19 AM

UberMario

    Member

  • Member
  • PipPip
  • 96 posts
Okay, I've had this problem for a while now. This is a brand new dual-core processor laptop, brag brag, etc etc. It's slower than my '95 at times. I have a feeling it originated from downloading GuitarFX, but I'm not too sure.

Anyways, this is the big problem:

Posted Image

originally I had about 55-65 processes at a time. I cleared a tonne of those, hoping for my performance to rise to its full potential. Nothing.

Posted Image

This laptop is still lagging behind, I was thinking maybe it was because of all this Acer Empowering Technology programs pre-installed to my computer. I don't believe so. Anyways, I'll get to the point. Wait I already did. CPU Usage and Processes % don't match up. Along with the Commit Charge not matching up (I think that's saying #mb/#mb ram from the Mem Usage column)

So, here's my hjt log.

Logfile of HijackThis v1.99.1
Scan saved at 2:08:23 AM, on 14/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\ImageShack\QuickShot\QuickShot.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\LAVASOFT\AD-AWA~1\AD-AWARE.EXE
C:\Documents and Settings\Owner\Desktop\New Folder\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ImageShackUtil] C:\Program Files\ImageShack\QuickShot\QuickShot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.image...hackToolbar.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...ce/kdfense8.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.gamengame...utComponent.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe




And my uninstall list since I'm not too sure about this stuff...




Acer Empowering Technology
Acer ePerformance Management
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer OrbiCam
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0
Adobe Photoshop CS
Adobe Reader 7.0.8
Age of Empires III
AppCore
Apple Software Update
AppleWorks 6
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
ATI Parental Control & Encoder
AuditionSEA
AV
ccCommon
CleanUp!
FirstClass® Client
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
ImageShack Toolbar for Internet Explorer
Internet Worm Protection
iTunes
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2
KSignAccessToolkit v1.0
LimeWire 4.12.6
LiveUpdate 3.1 (Symantec Corporation)
Macromedia Dreamweaver 8
Macromedia Extension Manager
Macromedia Fireworks 8
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Mozilla Firefox (1.5.0.8)
Native Instruments Guitar Combos
Native Instruments GuitarRig2 RTAS VSTi DXi
Norton AntiVirus
Norton AntiVirus (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Protection Center
NTI Backup NOW! 4
NTI CD & DVD-Maker
Panda ActiveScan
PowerDVD
PowerProducer
QuickShot 1.52
QuickTime
Realtek High Definition Audio Driver
Redmoon Classic v3.94e
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Shareaza version 2.2.1.0
Skype 2.5
SMSC IrCC V5.1.3600.7
Soft Data Fax Modem with SmartCP
SONAR 5 Producer Edition
Sonic Encoders
Sound_Player_Lilith_0991b (Uninstall Only)
SPBBC 32bit
StepMania (remove only)
StepMania CVS 4.0 (remove only)
Symantec
SymNet
Synaptics Pointing Device Driver
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update Rollup 2 for Windows XP Media Center Edition 2005
Winamp (remove only)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB912067
WinRAR archiver
WinTasks Trial


-also. what the [bleep]: Posted Image

Pixely icons? Maybe it'll go away with restarting. It never happened before.
  • 0

Advertisements

#2
Metallica
Posted 22 November 2006 - 03:31 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
1. Launch Notepad, and copy/paste the contents of the quote box below into a new Notepad file. Save it with file name options.txt and save as file type: all files to your desktop.

RegSearch Options File

[Search]
7E853D72-626A-48EC-A868-BA8D5E23E045

[Exclude]

[Options]
Filter=KVDLUI



2. Download Registry Search to your desktop.
  • Right click on the compressed RegSearch folder, and choose "Extract All". In the box that pops open, click "Next", then "Next" again, and then "Finish". You now have another RegSearch folder on your desktop.
  • Open the new folder, and double click on regsearch.exe
  • Click "Import" in the lower left corner and browse to the options.txt file that you just saved on your desktop. Do not choose the one in the RegSearch folder itself.
  • Click OK and Registry Search will scan your registry for the file(s), and a Notepad box will open with a report.
  • Please reply here with the entire contents of the Notepad file from RegSearch.
Having a gut feeling where this will end, I would also like to know for how long is your Norton subscription valid?

Regards,
  • 0

#3
UberMario
Posted 22 November 2006 - 03:37 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 22/11/2006 1:37:23 AM for strings:
; 'symantec'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_USERS


[HKEY_USERS\S-1-5-21-3789650702-3533403575-3308377663-1005\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Symantec AntiVirus\\vpc32.exe"="Symantec AntiVirus"
"C:\\PROGRA~1\\Symantec\\LIVEUP~1\\LUALL.EXE"="LiveUpdate Wizard"
"C:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe"="Symantec AntiVirus"
"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"="Symantec User Session"
"C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"="Symantec AntiVirus"

; End Of The Log...


Edit: Oh yeah, the Norton subscription is valid as long as this computer has electrons flowing through it.

Edited by UberMario, 22 November 2006 - 03:40 AM.

  • 0

#4
Metallica
Posted 22 November 2006 - 03:48 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts

; Results at 22/11/2006 1:37:23 AM for strings:
; 'symantec'


Can you do the search for the CLSID I specified please?

7E853D72-626A-48EC-A868-BA8D5E23E045


Jumping to the conclusion that you didn't pay any money for Norton, how would you feel about switching to a faster AV?

Regards,
  • 0

#5
UberMario
Posted 22 November 2006 - 03:58 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Shoot I opened the wrong one options.txt, assuming Register Search was on the desktop when I clicked the Import button.

REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 22/11/2006 1:54:07 AM for strings:
; '7e853d72-626a-48ec-a868-ba8d5e23e045'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_USERS\S-1-5-21-3789650702-3533403575-3308377663-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_USERS\S-1-5-21-3789650702-3533403575-3308377663-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7E853D72-626A-48EC-A868-BA8D5E23E045}\iexplore]

; End Of The Log...


How come this is bad? Someone that used to work for GeeksToGo gave it to us...

I'm guessing the faster AV isn't free is it >_> . I just uninstalled a brand new year subscription of Norton Antivirus because apparently this ripped version is supposed to be faster since it's only checking certain things and doesn't have useless add ons like children's filtered websites and such.

Edit: wait a second. going up there...

Norton AntiVirus
Norton AntiVirus (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Protection Center

were installed. I'm guessing I either didn't fully uninstall the previous version or that guy lied.

Edited by UberMario, 22 November 2006 - 04:00 AM.

  • 0

#6
Metallica
Posted 22 November 2006 - 04:17 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
If you do not want to spend any money there are still honest ways to get an antivirus.
http://www.free-av.com/

A ripped version has two problems:
- You can NEVER trust the source
- There is NO support
and that while Norton has enough problems by itself (mostly resource-hog wise)

Let me know if you decide to remove Norton so I can continue to help you.

Regards,
  • 0

#7
UberMario
Posted 22 November 2006 - 04:22 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
So, basically the only thing you can find that is wrong with my system is the Cracked Norton? and is the bought Norton any better? I was going to get BitDefender but the people at Futureshop psyched my dad out for him to think that the second we plug a cable into the laptop it'll crash because there's no antivirus.

ps. removing norton.

Edited by UberMario, 22 November 2006 - 04:22 AM.

  • 0

#8
UberMario
Posted 22 November 2006 - 04:50 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
So, I uninstalled Norton. I almost re-installed it because that's what it said in the uninstallation website, but that was if I wanted it back since I guess it's supposed to uninstall back installations of Norton or something... anyways.

What was so bad about the antivirus? Did it bug you that it was cracked or what it actually a problem?
  • 0

#9
Metallica
Posted 22 November 2006 - 04:54 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
I'm not saying that the bought Norton is better. Reread my post.

Explaining a bit. there have been reports of cracked Norton versions that were "blind" for certain malware and that had malware built-in. That is why I said you never know if you can trust the source.

If you are looking to buy an AV that doesn't slow your computer down, I would recommend NOD32:
http://www.eset.com/

Run HijackThis and put a checkmark before these items:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ImageShackUtil] C:\Program Files\ImageShack\QuickShot\QuickShot.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Then click Fix checked and reboot.

After you have uninstalled Norton and installed a new AV, post a new HijackThis log.
And let me know how the computer is running.

Regards,
  • 0

#10
UberMario
Posted 22 November 2006 - 05:02 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Will that actually prevent qttask from coming back? I msconfig once in a while and disable it and it re-enables within a few restarts.

I was just wondering if that was what you were getting at on the Norton since it isn't valid and you got on it's case at once.

Also Quickshot.exe is safe. Imageshack printscreener/uploader all in one. Idles around in the taskbar.

http://img227.images...06025952sl2.png

oh weird, it print screened just the bar (maybe because my mouse was over it and I pressed the printscreen the top window button...)

http://img215.images...06030141ik1.png

there. Yellow frog.

Anyways, I'll do that with hijackthis anyways. one second.
  • 0

Advertisements

#11
UberMario
Posted 22 November 2006 - 05:22 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

I couldn't find those... I'll post the hijackthis log after I restart (I'm on the month trial of the NOD32 you recommended). Is it a personal preference, good on performance, or a reknownly known good antivirus?
  • 0

#12
UberMario
Posted 22 November 2006 - 05:44 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Logfile of HijackThis v1.99.1
Scan saved at 3:33:03 AM, on 22/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.image...hackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1163549835087
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...ce/kdfense8.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.gamengame...utComponent.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

Is it normal for one of the svchosts to shoot up to 50% cpu usage and stay there? It was at 70,000K Mem Usage... Now it's down to 47,000K Mem Usage. I tried to remove as many processes in the Windows Task Manager panel as I could. When I bought this, it was at 60-70 running processes constantly.

http://img215.images...06033754mx1.png

That's it right now. I probably took out some things I shouldnt in msconfig... I looked them all up but I didn't really pay much attention to them as long as they weren't extremely manditory. Maybe you could help me with that after we cover this stuff? I'm saying this for the sake of my thread's title. I used to have it so that the percent in the "CPU Usage:" spot would be around 40-60 and the processes said otherwise with the system idle process at 95% or so. Do you know anything about this? It shows it on the first picture I posted.

Oooone more thing. Does YOUR login music lag?! No one's should, right? That woul be an insult to microsoft if they made it so that they had so many processes at startup that their own default music when loading windows would lag. AUGH it did that when I restarted. It usually does that when I load it up. I also have a very hard time to make my music play without it lagging. I try to set it's priority in the windows task manager to something higher and it doesnt make any difference...
  • 0

#13
Metallica
Posted 22 November 2006 - 07:49 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts

(I'm on the month trial of the NOD32 you recommended). Is it a personal preference, good on performance, or a reknownly known good antivirus?


I have two favorites:
- Nod because it's fast and has good heuristics (recognizes viruses by behavior)
- Kaspersky because of detection rate, but certainly not fast.

Since you had speed problems I advised NOD32

qttask will write itself back once you use it.

The startup for imageshack isn't required. Could be handy if you use it all the time, but I couldn't imagine that.

Can you fix this one and reboot.
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
That's a leftover.

Then give me another report on how it's running.
If it's still lagging I am going to send you to the OS forums to have a look at your drivers.
Maybe there is something wrong with the sound drivers, but I'm no expert on that stuff.

Regards,
  • 0

#14
UberMario
Posted 23 November 2006 - 01:44 AM

UberMario

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
It is still lagging, regardless. Even with no windows open but winamp (by the way, is winamp good?). Everything else seems fine, I guess.

Logfile of HijackThis v1.99.1
Scan saved at 11:44:38 PM, on 22/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ImageShack\QuickShot\QuickShot.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\Owner\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ImageShackUtil] C:\Program Files\ImageShack\QuickShot\QuickShot.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.image...hackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1163549835087
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...ce/kdfense8.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.gamengame...utComponent.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
  • 0

#15
Metallica
Posted 23 November 2006 - 05:51 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Your log looks fine too.

I'd like you to start a thread here:
http://www.geekstogo...2003_NT-f5.html

State your problems with the sound and give them a link to this thread.
e.g. http://www.geekstogo...howtopic=138472
so they can see what we have done sofar.

Regards,
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP