computer slow

Bramp

Bramp

Member
EDIT: I was just going through the list of threads, looks like everyone is doing this? Just don't want to get over looked, as whoever reads these scans might get tired of this? Thank you for any time you can give ^_^


Hello,

My computer runs slower then it did when it was new, and I consistently have CPU usage go to 100% regularly. svchost.exe has a higher mem usage the it used to also.

I have been doing some reading and it looks like I should do a scan with hijack this, so here it is.

Do I look okay?



Logfile of HijackThis v1.99.1
Scan saved at 8:51:09 PM, on 6/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Secretmaker\secretmaker.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - C:\WINDOWS\system32\smiehlp.dll
O2 - BHO: (no name) - {CE57DA55-F491-45C6-B3DB-6C98E4B17CDC} - C:\Program Files\Secretmaker\secretmakerie.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: SECRETMAKER - {7435856C-6CA1-45CF-A00D-82178387F223} - C:\Program Files\Secretmaker\secretmakerie.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - Global Startup: SECRETMAKER.lnk = C:\Program Files\Secretmaker\secretmaker.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: + &Mass Downloader: download this file - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: + Mass Downloader: download &All files - C:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O10 - Broken Internet access because of LSP provider 'smnsp.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: SCV - http://www.omnovia.com/pages/sc2/image/SCV.CAB
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.shockwave.com/content/ricochetlostworlds/ReflexiveWebGameLoader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} (RingCentral Message Player Control) - http://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
 
Last edited:
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
These things usually spell trouble ^^^^^

Not sure about this, can you pinpoint what it is?
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

This doesn't look good either:
O2 - BHO: (no name) - {CE57DA55-F491-45C6-B3DB-6C98E4B17CDC} - C:\Program Files\Secretmaker\secretmakerie.dll

Do you know what this is?
O8 - Extra context menu item: + &Mass Downloader: download this file - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: + Mass Downloader: download &All files - C:\Program Files\Mass Downloader\Add_All.htm

Other than that, it looks all clear, just to help out, you have a lot of BHOs and toolbars, perhaps you should get rid of some.
 
There are several reasons why a system will slow down after a period of time. From the HJT log here the first noticed however is the (files missing) type problem seen often. If you know that these here are from a program you installed the reinstall to replace these may help speed things up as well as using the msconfig utility to reduce items that start up along with Windows.
Here are a few items to review.
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Broken Internet access because of LSP provider 'smnsp.dll' missing

Need a good registry cleaner? Invalid registry entries called "orphans" are far more common then most people realize. These will appear frequently after the installation and then removal of several programs where a good cleaner can be a help there at times. RegCleaner is a freeware you can download from http://www.majorgeeks.com/RegCleaner_d460.html
For reducing the number of unnecessary startups with the msconfig utility simply type in "msconfig" at the Run prompt off of the Start menu and press the enter key to open a new screen. On the right you can go right to the last two tabs the last itself being the startup group with the next to last being the services group. There you can put a check to hide all Microsoft services in order to further reduce startups by choice. Defragmenting a hard drive after initially finishing the installation of softwares after a fresh installation of Windows is essentially a must. Defrag in XP will give you an analysis first to show you the percentage of fragmentation found.
 
Thank you guys for your help. Really was not sure what to look for in these scans but now I see what I can look for.

On another note I have ran Spybot, Ad-Aware SE, Spyremover, Spysweeper, and PC Bug Doctor, and so what should I do? Some of those programs I no longer have, and they do not show up in add remove programs, such as.

O8 - Extra context menu item: + &Mass Downloader: download this file - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: + Mass Downloader: download &All files - C:\Program Files\Mass Downloader\Add_All.htm

I went to the location where they are located but it’s not there? Hidden files? What the?

What about this stuff how do I fix this???

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O10 - Broken Internet access because of LSP provider 'smnsp.dll' missing
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

This one is a program I use… so I suppose its okay? it’s a intruder blocker, pop up blocker, and the works.

O2 - BHO: (no name) - {CE57DA55-F491-45C6-B3DB-6C98E4B17CDC} - C:\Program Files\Secretmaker\secretmakerie.dll

Now this one is weird…
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

I have no idea what that is.. It’s not it add remove programs, so I went to manually delete it and I get this error:

“Cannot delete prismxl.sys access is denied. Make sure the disk is not full or write-protected, and that the file is not currently in use”

Any more assistance you guys can give would be great. Oh and Buzz1927 if your around lol what’s your input on this matter?


Thanks Bramp.... :D


EDIT: forgot to mention when I go to this web site (http://fantasyartdesign.com/3dgallery/a-digital/02pictures-3d.htm) my CPU usage goes to 100% and I was on this site combined with a computer to landline calling program and my PF usage went to full.. that has never happened b4, let alone on one web site and a simple program.

I usually run 8 browsers with Java applets and lots of streaming stock quotes with no problems....
 
Last edited:
You should be able to remove the unwanted objects through Hijackthis, regardless of location, read only or hidden.
 
SC7 said:
You should be able to remove the unwanted objects through Hijackthis, regardless of location, read only or hidden.
Click to expand...


oh I did not know, i'll get back to you guys if i have any further need...

thanks :cool:
 
run a bunch of spyware scans like adaware and spysubtract and ccleaner. the svchost thing i seem to be having the same problem. do you or have you ever had a lexmark printer?
 
way2evil said:
run a bunch of spyware scans like adaware and spysubtract and ccleaner. the svchost thing i seem to be having the same problem. do you or have you ever had a lexmark printer?
Click to expand...


ccleaner is a freeware i'll get that and run it right now, spysubtract is trial use will they allow me to remove harmfull stuff from my computer with a trial program or ask me to pay like all the others LOL...

And yes I have a lexmark printer, model z715 I got it new with the computer a year and a half ago.

will run the scanners bbl...
 
and spybot SD. the lexmark software is no good. it takes over windows software, the spooling service, which was fine until lexmark is instlaled. the lexmark software cannot be reomved or the spooling service will not work. the processes that are lexmark are lexpps.exe and lexbces.exe. dont terminate them. they are what makes the svchost spike. i hate it too i know but if you terminate them bye bye printing
 
The main reason you saw "access denied" when trying to delete those files through Windows Explorer is that they were still actively being used by something or loaded by an orphanned registry key. HiJack This will not delete files but entries in the system registry. If the effort there fails you would have to go into the registry after booting in safe mode to manually insure removing any otherwise inaccessible values there. Once the file is still from no longer being loaded you simply drag it away to the garbage can.
 
Enlighten said:
Run your anti-vrius software, as well as do some scans with spyware softwares and registry repair softwares
Click to expand...

The main problem with those there is you run their test to see a ton of errors found only to have to buy the full version to have them repaired. Some better freewares like Spybot Search+Destroy, SpywareBlaster, AdAdware SE Personal, Ewido, and several others can be found at http://www.majorgeeks.com/downloads31.html
For the Windows Defender, http://www.microsoft.com/downloads/...afa4-f7f14e605a0d&displaylang=en&Hash=9GKF84F
AVG 7.1 Free edition along with Ewido can also be found at the two links here.
For the AVG free edition http://free.grisoft.com/doc/2/lng/us/tpl/v5
For Ewido http://free.grisoft.com/doc/20/lng/us/tpl/v5
 
Thanks guys for your assistance it has helped out quiet a bit. I think I now have, and ran every scanner you guys mentioned. The computer does run much smoother, although svchost.exe still has it’s moments. Im starting to think this could also be heat related. I live in South Carolina and it was 101 yesterday and my AC does not work very well. I have had the cover off for maybe the past month now for better air flow, could this potentially become a problem? At first my computer ran better with the cover off, and then after a period of time, bogged down again hence the reason why I got on here and asked you guy.

I guess the reason I am saying this is because I wonder if anyone else leaves their cover off?

hope everyone had a great weekend, happy late 4th guys :D

Bramp... :cool:
 
Presently the side cover is off on the system here due to a failing bios that may even be giving false temp readings. SpeedFan does indicate above average temps when Windows will stall or memory timings are returned to the correct 200mhz setting for the cpu used here. The better the temps are from using a good cooling setup the better the performance should be.

In addition to running a few removers defragging the hard drive on a regular monthly and even weekly basis when moving, deleting, copying large numbers of files can be an asset there. At any time you can use the option to analyze the percentage if any fragmented files of the one or more hard drives on a system through the accessories\system tools\defrag tool. But temps can be far more critical at times. Even in the winter months a good sign is seeing low overall temps on a system. Need some extra cooling? http://www.coolerguys.com has a few things to look over.
 
You must log in or register to reply here.
Back
Top