Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

systems still slow

Started by bla , Jun 16 2004 09:36 PM

  • Please log in to reply

#1
bla
Posted 16 June 2004 - 09:36 PM

bla

    New Member

  • Member
  • Pip
  • 5 posts
I got a virus and avg removed it, but my system is still running VERY slow. Here's my hijackthis log if it helps.

Logfile of HijackThis v1.97.7
Scan saved at 10:30:50 PM, on 6/16/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\SYSTEM32\dmremote.exe
C:\WINDOWS\SYSTEM32\dplaysvr.exe
C:\WINDOWS\SYSTEM32\hkcmd.exe
C:\WINDOWS\SYSTEM32\logagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\rsmsink.exe
C:\WINDOWS\SYSTEM32\sessmgr.exe
C:\WINDOWS\SYSTEM32\upnpcont.exe
C:\Program Files\Spyware Blaster\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Dynamic Mission Administration] C:\Windows\SYSTEM32\smadmin
O4 - HKLM\..\Run: [Dynamic Mission Remote Administration] C:\Windows\SYSTEM32\dmremote
O4 - HKLM\..\Run: [Download Local Host] C:\Windows\SYSTEM32\dllhst3g
O4 - HKLM\..\Run: [Geographical Dimensional Intelligence] C:\Windows\SYSTEM32\gdi
O4 - HKLM\..\Run: [Media Player Notification] C:\Windows\SYSTEM32\mpnotify
O4 - HKLM\..\Run: [Nodding Diaphragm Discovery Electrode Apparatus Piercing Into Reaction] C:\Windows\SYSTEM32\nddeapir
O4 - HKLM\..\Run: [Periodical Xeno Health Post-Installer] C:\Windows\SYSTEM32\pxhpinst
O4 - HKLM\..\Run: [Rinse Dingy People Clean Insane People] C:\Windows\SYSTEM32\rdpclip
O4 - HKLM\..\Run: [Ready-Smart Mercenary Smog Informational New Kinetics] C:\Windows\SYSTEM32\rsmsink
O4 - HKLM\..\Run: [Save Your Dump] C:\Windows\SYSTEM32\savedump
O4 - HKLM\..\Run: [Session Manager] C:\Windows\SYSTEM32\sessmgr
O4 - HKLM\..\Run: [Smoky Earth Together Health College] C:\Windows\SYSTEM32\sethc
O4 - HKLM\..\Run: [Somebody Has My Great Ranch Audio Tool Elephants] C:\Windows\SYSTEM32\shmgrate
O4 - HKLM\..\Run: [Some Keys] C:\Windows\SYSTEM32\skeys
O4 - HKLM\..\Run: [Should Men Leave Only Giving Some Victory Catch] C:\Windows\SYSTEM32\smlogsvc
O4 - HKLM\..\Run: [Tennis Smote Collection Upgrader] C:\Windows\SYSTEM32\tscupgrd
O4 - HKLM\..\Run: [USER] C:\Windows\SYSTEM32\user
O4 - HKLM\..\Run: [User Should Read Media Letters Nothing Knowing Action] C:\Windows\SYSTEM32\usrmlnka
O4 - HKLM\..\Run: [User Periodical Reaching Body Dialog Apple] C:\Windows\SYSTEM32\usrprbda
O4 - HKLM\..\Run: [User Shutdown Actor] C:\Windows\SYSTEM32\usrshuta
O4 - HKLM\..\Run: [Versus Satan Saviour Victorious Clump] C:\Windows\SYSTEM32\vssvc
O4 - HKLM\..\Run: [Windows Media Player Stub] C:\Windows\SYSTEM32\wmpstub
O4 - HKLM\..\Run: [Wow Debian] C:\Windows\SYSTEM32\wowdeb
O4 - HKLM\..\Run: [Windows Product New Periodical Installer] C:\Windows\SYSTEM32\wpnpinst
O4 - HKLM\..\Run: [Active Movie] C:\Windows\SYSTEM32\actmovie
O4 - HKLM\..\Run: [Fix Map Intelligence] C:\Windows\SYSTEM32\fixmapi
O4 - HKLM\..\Run: [Intelligent Map Information] C:\Windows\SYSTEM32\imapi
O4 - HKLM\..\Run: [Undo Previous Next Post Connecting Original New Together] C:\Windows\SYSTEM32\upnpcont
O4 - HKCU\..\Run: [Uninstall EI] C:\Windows\EIUninst
O4 - HKCU\..\Run: [Texas Smog Next Today Xeno] C:\Windows\tsntx
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab

Edited by bla, 16 June 2004 - 09:42 PM.

  • 0

Advertisements

#2
Hemal
Posted 17 June 2004 - 06:14 AM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
welcome bla,

have you checked for spyware, if not please click the link in my signature and run a few of those programs, see if that helps
  • 0

#3
bla
Posted 17 June 2004 - 10:58 AM

bla

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I ran spybot and adaware and the said my systems clean. I don't know what kind of infection I have. What are all those wierd entries? Thanks.

Edited by bla, 17 June 2004 - 10:59 AM.

  • 0

#4
admin
Posted 17 June 2004 - 11:34 AM

admin

    Founder Geek

  • Community Leader
  • 24,639 posts
Those are some strange entries. <_< (actually, they're kinda funny) :D

Before we start cleaning up your log please run a free online virus scan here:
http://housecall.antivirus.com/

And a free trojan scan here:
http://www.moosoft.com/
  • 0

#5
Smokey
Posted 17 June 2004 - 11:36 AM

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Wow! This is a new one. <_< This is a strange infection. Go ahead and do as admin suggested. :D
  • 0

#6
bla
Posted 17 June 2004 - 11:52 AM

bla

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I am very impatient and those tests take WAY too long to download on my dialup. What else can I do?
  • 0

#7
bla
Posted 10 August 2004 - 03:33 PM

bla

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
here's my post

Edited by bla, 10 August 2004 - 03:34 PM.

  • 0

#8
ditto
Posted 10 August 2004 - 03:51 PM

ditto

    - i pwn n00bs -

  • Member
  • PipPipPipPip
  • 1,260 posts
Let's see a new log
  • 0

#9
bla
Posted 10 August 2004 - 04:06 PM

bla

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Logfile of HijackThis v1.97.7
Scan saved at 5:05:50 PM, on 8/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\SYSTEM32\dmremote.exe
C:\WINDOWS\SYSTEM32\dplaysvr.exe
C:\WINDOWS\SYSTEM32\hkcmd.exe
C:\WINDOWS\SYSTEM32\logagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\SYSTEM32\rsmsink.exe
C:\WINDOWS\SYSTEM32\sessmgr.exe
C:\WINDOWS\SYSTEM32\upnpcont.exe
C:\Program Files\Spyware Blaster\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Dynamic Mission Administration] C:\Windows\SYSTEM32\smadmin
O4 - HKLM\..\Run: [Dynamic Mission Remote Administration] C:\Windows\SYSTEM32\dmremote
O4 - HKLM\..\Run: [Download Local Host] C:\Windows\SYSTEM32\dllhst3g
O4 - HKLM\..\Run: [Geographical Dimensional Intelligence] C:\Windows\SYSTEM32\gdi
O4 - HKLM\..\Run: [Media Player Notification] C:\Windows\SYSTEM32\mpnotify
O4 - HKLM\..\Run: [Nodding Diaphragm Discovery Electrode Apparatus Piercing Into Reaction] C:\Windows\SYSTEM32\nddeapir
O4 - HKLM\..\Run: [Periodical Xeno Health Post-Installer] C:\Windows\SYSTEM32\pxhpinst
O4 - HKLM\..\Run: [Rinse Dingy People Clean Insane People] C:\Windows\SYSTEM32\rdpclip
O4 - HKLM\..\Run: [Ready-Smart Mercenary Smog Informational New Kinetics] C:\Windows\SYSTEM32\rsmsink
O4 - HKLM\..\Run: [Save Your Dump] C:\Windows\SYSTEM32\savedump
O4 - HKLM\..\Run: [Session Manager] C:\Windows\SYSTEM32\sessmgr
O4 - HKLM\..\Run: [Smoky Earth Together Health College] C:\Windows\SYSTEM32\sethc
O4 - HKLM\..\Run: [Somebody Has My Great Ranch Audio Tool Elephants] C:\Windows\SYSTEM32\shmgrate
O4 - HKLM\..\Run: [Some Keys] C:\Windows\SYSTEM32\skeys
O4 - HKLM\..\Run: [Should Men Leave Only Giving Some Victory Catch] C:\Windows\SYSTEM32\smlogsvc
O4 - HKLM\..\Run: [Tennis Smote Collection Upgrader] C:\Windows\SYSTEM32\tscupgrd
O4 - HKLM\..\Run: [USER] C:\Windows\SYSTEM32\user
O4 - HKLM\..\Run: [User Should Read Media Letters Nothing Knowing Action] C:\Windows\SYSTEM32\usrmlnka
O4 - HKLM\..\Run: [User Periodical Reaching Body Dialog Apple] C:\Windows\SYSTEM32\usrprbda
O4 - HKLM\..\Run: [User Shutdown Actor] C:\Windows\SYSTEM32\usrshuta
O4 - HKLM\..\Run: [Versus Satan Saviour Victorious Clump] C:\Windows\SYSTEM32\vssvc
O4 - HKLM\..\Run: [Windows Media Player Stub] C:\Windows\SYSTEM32\wmpstub
O4 - HKLM\..\Run: [Wow Debian] C:\Windows\SYSTEM32\wowdeb
O4 - HKLM\..\Run: [Windows Product New Periodical Installer] C:\Windows\SYSTEM32\wpnpinst
O4 - HKLM\..\Run: [Active Movie] C:\Windows\SYSTEM32\actmovie
O4 - HKLM\..\Run: [Fix Map Intelligence] C:\Windows\SYSTEM32\fixmapi
O4 - HKLM\..\Run: [Intelligent Map Information] C:\Windows\SYSTEM32\imapi
O4 - HKLM\..\Run: [Undo Previous Next Post Connecting Original New Together] C:\Windows\SYSTEM32\upnpcont
O4 - HKCU\..\Run: [Uninstall EI] C:\Windows\EIUninst
O4 - HKCU\..\Run: [Texas Smog Next Today Xeno] C:\Windows\tsntx
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.ma...director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab

Edited by bla, 10 August 2004 - 04:07 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP