Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Clean up [resolved]


  • Please log in to reply

#1
kalder

kalder

    Member

  • Member
  • PipPip
  • 15 posts
Hi!!
I've recently managed (thanks to Metallica) to clean up my computer...Now i'm currently using Ad-aware, Spybot and Hijackthis to handle little problems and prevent any spyware intrusion.
I'd just like to reduce (if possible) the number of processes, entries, ecc... running to speed up the machine, specially at startup...but I've got no idea if it's useful or even possible...
So I wait any suggestion...
Thanks!
here's my log:

Logfile of HijackThis v1.98.2
Scan saved at 11.16.25, on 14/12/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\cidaemon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Symantec Shared\SymTray.exe
C:\Programmi\Logitech\iTouch\iTouch.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Programmi\Mp3tag\Mp3tagQuickPick.exe
C:\Programmi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.tiscali.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmi\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Programmi\File comuni\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmi\File comuni\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmi\MP3\Clone CD\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [EPSON Stylus C62 Series (copia 2)] C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 "EPSON Stylus C62 Series (copia 2)" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programmi\File comuni\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Programmi\File comuni\Symantec Shared\Symtrdr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O16 - DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} (Entire Screen Builder Web Viewer) - http://vblu.uni-bocc...WClientFull.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw...nt/iftwclix.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B465461F-32A3-4FEF-A4E6-8108B69DF7B5}: NameServer = 1.253.128.10,1.253.128.11
  • 0

Advertisements


#2
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Metallica rocks.

Go to start>>run>>type in msconfig and hit enter.

You should have a box. Click on the last tab and it will have a list of start-up processes.

You can google what is checked or go to www.answersthatwork.com and decide what you want to have at start-up. Some processes are essential. You will have to check selective start-up and reboot after you finish.

Good luck. :tazz:
  • 0

#3
kalder

kalder

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I just can't get any box typing msconfig as you suggested...

kalder
  • 0

#4
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
what happens when you type in msconfig? and click OK?
  • 0

#5
kalder

kalder

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
well...I'll try to translate from italian :-)
It pops up a windows error message (the one with white cross on a red circle) which says: impossible to find the "msconfig" file or one of its components. Verify that the path and the file name are correct and that all the needed libraries available
Do you understand what I mean?
Thanks
  • 0

#6
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Thanks. What you need to do is left-click on start. You will see the word "run"

Click on "run". You should be able to type in "msconfig" - do not use the quotes.

Can you do that?
  • 0

#7
kalder

kalder

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I did exactly as you asked me.
It simply doesn't works!! When I click "ok", it comes out with the message I quoted before
Thank you
  • 0

#8
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
My bad - you're running windows 2000 and that doesn't allow it.

In that case, look at all the 04 entries in Hijack This. You can do a google search or go to answersthatwork.com

Research what you need at start-up and what you don't need. Some are necessary processes and others aren't. Also, it will give you a much deeper understanding of whnat is going on with your system.

When you decide what you want to keep and what you don't, you can post back what you want to take off and we can walk you through taking it off your systemthrough Hijack This. :tazz:
  • 0

#9
kalder

kalder

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I think I'd have no problem removing:
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Programmi\File comuni\Symantec Shared\SymTray.exe
O4 - HKLM\..\Run: [EPSON Stylus C62 Series (copia 2)] C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 "EPSON Stylus C62 Series (copia 2)" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
I didn't find any info about this one: O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Programmi\File comuni\Symantec Shared\Symtrdr.exe
I only found some Hjt logs on various sites...Any suggestion? Maybe I should leave it...
Thanks
  • 0

#10
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
If it's running well, I would leave it alone. Usually, the only one I recommend getting rid of when cleaning up logs is quicktime.
The epson would be a good one also.
It's up to you, but sometimes we can "tweak" a machine too much.

I try to think of a computer like one of my kids when they were babies: when they were sleeping and at peace, I didn't wake them up. Why interrupt something that is going well?
  • 0

#11
admin

admin

    Founder Geek

  • Administrator
  • 24,501 posts

I try to think of a computer like one of my kids when they were babies: when they were sleeping and at peace, I didn't wake them up. Why interrupt something that is going well?

:tazz:

;)
(picture's worth a thousand words)
  • 0

#12
kalder

kalder

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I agree with you...So you suggest me to get rid of quicktime and epson, but to leave ALL the others I wanted to remove?
What should I do? Just fix them with hjt?
  • 0

#13
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
You may wish to print out a copy of these instructions to follow while you complete this procedure.

Please save Hijack This in a permanent folder (i.e. C:\HJT). This ensures backups are saved and accessible.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.

O4 - HKLM\..\Run: [EPSON Stylus C62 Series (copia 2)] C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 "EPSON Stylus C62 Series (copia 2)" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime

Reboot.

If you want to investigate all the 04 entries, go to answers that work typing in the last part -----.exe. Then follow the above procedure.
  • 0

#14
kalder

kalder

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Ok, done!
Thank you for the assistance,
Ciao!
kalder
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP