pausy and a little slow

jp198780

jp198780

New Member
as the title says, this is a HJT, 4 my GX110, iunno if it's a spyware, i scanned with Ewido and it only found Tracking Cookies and they were Medium, and it could be my CPU adapter, it did this before, and i had changed the settings, i havnet been on here a while, soo it has 2 be spyware or something:

Logfile of HijackThis v1.99.1
Scan saved at 12:45:38 AM, on 7/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\windows\System32\svchost.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\LClock\LClock.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Price\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netservices.verizon.net/port...MzE4MDAxMzAxJTI2&.ys=WnmGSesgyLEqWEmBYJUDfg--
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [LClock] C:\Program Files\LonghornClock\lclock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://www.runaware.com/dolphin/wficat.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119323346363
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125191189985
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {88B507F9-C6B2-45CC-AAB6-720A652DE11C} (TenOfTen Class) - https://download.verizon.net/sfp/Cabs/hst/webinstall/HstWebInstall.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.verizon.net/sfp/Cabs/hst/webinstall/HstWebInstall.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
 
And often it has nothing to even with stuff that got on your system when you see slowdowns. Defragging the hard drive on a regular basis as well as reducing the unneeded startups from installing a load of programs in the msconfig utility as well as running a cleaner on the system registry can make a world of difference when the current installation has been on a long period of time. These are things to often neglected.

Besides running the Yahoo browser the only thing that looks like the system file checker can easily repair is the "O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)" registry entry. You can try fixing it with HiJack This but not likely to see a file replacement if needed. With an XP installation disk in the cd drive you would run the "sfc /scannow" command at the Run prompt off of the Start menu.
 
I wouldn't rush there. That looks more like something needing repair not removal. That key refers to Windows logon notifier which strongly implies a mandatory system file. The system file checker would be the choice there to see if some file is actually damaged or as this shows missing. If you delete the wrong thing you could end up needing a repair install of Windows itself. The main purpose of HiJack This is a means to spot things that don't belong in the registry or you would prefer to remove from prior knowledge.
 
The system file checker won't hurt you there. Removing a needed entry in the registry could well do that however. That entry could also be one for MSN messenger or Windows Live if you tried that and later removed it leaving an invalid no longer used "orphan" in the reg. This is one reason why periodically running a cleaner to locate and remove loose and not needed keys and other values from the registry. You perform a fresh install of XP along with the normal programs and RegCleaner the one used still finds stuff. http://www.majorgeeks.com/RegCleaner_d460.html
 
i did delete MSN Messenger, thats probrably what it's 4, i still think theres somethnig up with my CPU Adapter.
 
If you were a gambler I'd say reinstall messenger just to see if your next log after saw the same (file missing) in it there. You wouldn't. But a reg cleaner would still be the safer way to remove the value if there is any doubt. If you knew the exact keys and string, DWord, and other values were for messenger you could edit the registry directly to delete them specifically. RegCleaner is a freeware that won't get you into trouble there by deleting the wrong thing.
 
If you are running the Ewido 'Real Time Guard', disable that feature and use Ewido as a on-demand scanner only.Many users have complained about the heavy resourses this 'guard' uses and it slowing down systems.
 
With AVG 7.1 Free edition loading with Windows as well as other protective programs you can see this often. Getting a good firewall program inplace can save a lot of anxiety when something unfamiliar tries to get on your system from some new site you come across. This will also help many viruses flagged on incoming emails where you don't know the sender. Lately I've been seeing some rather unusual emails coming in from ??? Bank of ??? I simply block sender on all these using the message tab on the Outlook Express explorer bar.
 
yess, i've been experiencing the same type of e-mails, well not really now, but like 2 months ago, i was alwayss getting them.
 
Cleaning your browser history often, using a good program like AdAware SE Personal to clean "data miners" off of your drive, and deleting a ton of offline content can help in keeping the crud level down so you don't get hammered with the tons of spam and other nonsense that floods inboxes. When you get to some sites with the unstopable popup ads you know it's time run a cleaner again. I find that often running any extended web searches.
 
I have it here already. I haven't spend the time with others have since I manually go right after anything I want off of the drive. That comes from those old MSDos days there. This is a freeware that gives you options when deleting whatever off of your drive. That can be a big help at times.

AdAware is one regular program used here since it first was seen with an older build when looking cleaning other types of "slime" off your system after coming across some adware/spyware infested site. That one will even block a number of "browser hijackers" that try to force your browser to one site only. These are freewares that are easier for the more "point + click" orientated user over trying to spend hours going through each little thing manually.
 
i fixed the problem ;), just as i thought, the damn CPU adapter :rolleyes:, running great now, no pausy, nothing, thanks dude 4 all your help :).
 
Did you find an overheating problem with a reseat of the HSF? Keep in mind the other things for reference. It never hurts to add a little more protection on a system especially when new viruses/malwares are found to be floating around. I'm currently watching temps here after swapping out one Zalman model cpu cooler for another. The second one has a larger copper circular mesh with an opposed 92mm fan and heat tubes over the 80mm on the first.
 
well it was working, the power cord 4 my HD came loose, and didnt put it in in time, and it shutdown, turned it bac on, and it was all pausy again, i have also tryed another CPU with the adapter, and does the same thing? i know both CPU's arent shot, im positive neither of em are, im thinking either the adapter or HD, what you think?

EDIT: now raking my brain up, 4 about an hr, i get a BSOD, right in the middle of the XP screen, the main thing it says is "Unmountable_Boot_Volume", or something like that, any reason why im getting this?
 
Last edited:
For one never plug power in on a drive when the system is running! If you find a plug out shut it down first to avoid damage to the drive or device. A hard drive is not like a usb device. Hopefully the drive will still be good after this. The problem with the "Unmountable_Boot_Volume" suggests that you may have to perform an "install to repair" if the "Fixmbr" or "Fixboot" commands at the recovery console fail. If you have a 98 startup disk you can also try the "fdisk /mbr" command at the dos prompt when booting with that. If those methods fail then a repair of the current installation will be needed. http://www.michaelstevenstech.com/XPrepairinstall.htm
 
damnit, i think i blew the HD then, i never knew that, thanks 4 telling me, it did it twice, soo i think it's shot, is it possible 2 retrieve everything from the HD? i dont have a 98 CD, but i do have a 2000 CD, would that work?

and i get the BSOD with like 2 other HD's i put in?

EDIT: i found my XP CD, i went into the BIOS, and set the CD-ROM 1st, then the HD 2nd, the CD doesnt boot? i can do a repair with an upgrade CD, right?
 
Last edited:
You must log in or register to reply here.
Back
Top