Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer dying slowly...?


  • Please log in to reply

#1
Anansay

Anansay

    Member

  • Member
  • PipPip
  • 13 posts
I've looked for something similar to what I'm experiencing and nothing pops up as familiar. So I'm posting.

The problems started when I wanted to listen to music via Windows Media Player while surfing the 'net. At first everything worked fine and then tiny things started happening. After about fifteen minutes of both programs running simultaneously, the browser (Mozilla at the time) seemed to stutter. When I'd switch pages (follow links) the page wouldn't show up and I'd have to use the scroll bar to get it to appear. If that didn't work, I'd make the font bigger until a scroll bar appeared and then I'd get fed up, close down Mozilla and restart it.
I didn't see it at the time and only recently guessed that these problems ONLY happened when I was running ANY media player program, ie: RealPlayer, CDPlayer, etc. So I stopped doing that. I'm not quite sure what prompted the sudden animosity between those two programs...?

And then... Now I can't seem to double-click on, say, the clock on the bottom-right of my screen. Nothing happens. I have to right-click, choose 'Open' and then it works. It does the same when I'm in Windows Explorer, when I'm browsing through the RUN feature.
Last night, the strangest thing happened. A few programs were running simultaneously (MSN messenger; Yahoo messenger; Firefox [downloaded that a few days ago to see if it was Mozilla messing up, it's still happening] Microsoft Word) and suddenly the computer froze, went to the dreaded BLUE SCREEN OF DEATH and then informed that a whole whack of programs had committed illegal actions and were being shut down, REPEATEDLY. Programs such as: ZoneAlarm, MSNMSGR (SP?), TeaTimer (a SpyBot program), etc. I'd click okay and it would prompt me again, and again and again. So I Reset the computer.
This morning, it happened again, same Blue Screen and same massive illegal operations shut down prompts.
It hasn't happened since (crosses fingers) but now I'm worried that my computer may be dying a slow death and if there's anything I can do to prevent it/fix it...?

I've run Ad-Aware and Spybot. And Norton's Antivirus 2002 last scanned on April 7, 2005 with nothing found.

Any ideas?

Thanks,
Anansay
  • 0

Advertisements


#2
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
Open your computer and get a can of compressed air. BLAST THE DUSTBUNNIES TO HECK!!!!!!!!!!!!!!!!!!!

Warning: HOLD ALL THE FANS STILL WITH YOUR FINGER OR A TOOTHPICK WHILE BLASTING THEM. Compressed air will spin a fan far faster than it was designed for and that will burn out your bearings.

That is a start....The peculiar slow down can be heat related, so let's get that out of the way
  • 0

#3
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Hello,

Sorry it took so long to respond. :tazz:

Unfortunately, I could not get a hold of a can of air, but I did vacuum the inside of my computer. You're right: it was very dusty!
I'm not sure if vacuuming will give the same result as the can, but...

I'm still experiencing the same problems. ;)
There is still no response when I double-click on any of the icons/programs in the lower right hand corner of the screen, nor on any icon on my desktop, or in Windows Explorer. I have to right-click and then click on Open.
And now it seems that if I run ANY program at the same time as Firefox, Firefox will do the same thing: become "splotchy". Like it can't quite get itself up and running.

Any other ideas?
I promise to respond faster! :)

Anansay

P.S. I do have a friend who is very adept at computers but he is ill these days and I hesitate to bother him if it's something I can do myself.
Oh yeah, another thing that's just really another nail in the proverbial coffin: it seems somebody stepped away from the computer too soon and knocked the CD-ROM's tray out so now I have no CD-ROM with which to do a re-install, should that become necessary. ;)
  • 0

#4
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
Next step is to visit the forum at the bottom of my signature. I see you have already done several of things posted at the top, but follow the remaining suggestions.

while you're waiting, do a thorough scandisk and defrag
  • 0

#5
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I've already run SpyBot (I actually had NO spyware the last time!--two days ago) and AdAware. They usually find about ten different "things" and I "fix" them.

I've run CWShredder and it fixed one thing. (sorry, can't remember the name. ;) )

I can't do a defrag. For some reason it just hangs. the first time I did it, I set it to defrag and then went to bed. When I got up the next morning, it was still at 0%. ;)

Half the time, when I reboot/turn the computer on, it will perform a scandisk because the shutdown didn't go smoothly. It never finds anything wrong.

And, I can't seem to update windows. At first it brought up the download page (in Internet Explorer) and then it froze. When I tried it again, nothing happened. Not even a download window. :tazz:


I'll include a HighjackThis log. I don't know if it'll be any good at this point but..

Log:

Logfile of HijackThis v1.99.1
Scan saved at 11:30:32 AM, on 4/17/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\MESSENGERPLUS! 3\MSGPLUS.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\THEWEATHERNETWORK\WEATHEREYE\WEATHEREYE.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\DOWNLOADS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.haseujxsc...hoszEtR6qWL.cgi
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WeatherEye] C:\program files\TheWeatherNetwork\WeatherEye\WeatherEye
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O16 - DPF: {32564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -

Edited by Anansay, 17 April 2005 - 09:36 AM.

  • 0

#6
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
You cannot do a defrag because your antivirus is interagating the disk...disable the AV and it will finish. In fact, hit ctrl-alt-del and close everything except systray and explorer,, then defrag.

Also run scandisk

Is that the whole log?

Uninstall message plug, it loads crap in the background.

Do you have a windows cd
  • 0

#7
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I've defraged, FINALLY! It took 14 hours! I started it at 9 yesterday morning and it didn't stop until 10:30pm. It just kept restarting everytime the mouse was touched. Weird... (my harddrive is only a 6GB.)

I did a scandisk--no errors--and deleted Messenger Plus!3.

And then I rebooted the computer. Still can't doublle-click on any icons. :tazz:


Anything else I can do? ;)
  • 0

#8
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
Yes, I don't know how I missed it before....you do have a piece of spyware on there and normally I would just point you to malware, but they're backlogged and I feel like a dolt for not seeing it.

Reboot your computer, run hijack without ANYTHING else running. Post that log.
  • 0

#9
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I'm not quite sure what you mean by "nothing running" so I ran HighJack this twice.
The first log was after a straight reboot, no shutting down of anything.
The second log was after I shut down everything but Explorer and Systray through CTRL-ALT-DEL.

First log:

Logfile of HijackThis v1.99.1
Scan saved at 9:27:14 AM, on 4/19/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\THEWEATHERNETWORK\WEATHEREYE\WEATHEREYE.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\DOWNLOADS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.haseujxsc...hoszEtR6qWL.cgi
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WeatherEye] C:\program files\TheWeatherNetwork\WeatherEye\WeatherEye
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O16 - DPF: {32564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -


----------------------------------

Second log:

Logfile of HijackThis v1.99.1
Scan saved at 9:28:36 AM, on 4/19/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\DOWNLOADS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.haseujxsc...hoszEtR6qWL.cgi
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WeatherEye] C:\program files\TheWeatherNetwork\WeatherEye\WeatherEye
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O16 - DPF: {32564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
  • 0

#10
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
I am trying to figure out why this is running
C:\WINDOWS\SYSTEM\RPCSS.EXE


The RPCSS program is the Microsoft Remote Procedure Call Service and its purpose is to help with the development and debugging of distributed applications, apps that are resident on machines other than the local one. It is a mild security risk, but also sometimes a necessary process.


I don't think norton uses it, nor do I think Avast uses it--btw, it looks like Norton and Avast both run at startup, but I don't see Avast as a running process?

Maybe Zonealarm uses it?


Is this your homepage?

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.haseujxsc...hoszEtR6qWL.cgi


This is windows critical update information...let's turn it off for now
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup

This you should remove
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present


Did you remove the information on the 016 elements?

O16 - DPF: {32564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
  • 0

Advertisements


#11
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

I am trying to figure out why this is running
C:\WINDOWS\SYSTEM\RPCSS.EXE
The RPCSS program is the Microsoft Remote Procedure Call Service and its purpose is to help with the development and debugging of distributed applications, apps that are resident on machines other than the local one. It is a mild security risk, but also sometimes a necessary process.
I don't think norton uses it, nor do I think Avast uses it--btw, it looks like Norton and Avast both run at startup, but I don't see Avast as a running process?

Maybe Zonealarm uses it?


I had Avast running and then I deleted it when I got Norton's. I have no idea why it's still on my computer.
Should I delete it because I'm no longer using Avast?

Is this your homepage?

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.haseujxsc...hoszEtR6qWL.cgi


No, it isn't.

Did you remove the information on the 016 elements?

O16 - DPF: {32564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -

View Post


No, I didn't. Should I do it now?
  • 0

#12
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
how did you delete avast?
  • 0

#13
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I used CTRL-ALT-DEL.
  • 0

#14
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
that stops it..it does not uninstal it...

go to control panel, add/remove software. remove it from there
  • 0

#15
Anansay

Anansay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
My bad. :tazz: Typo.
That's what I did--used the Control Panel.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP