busy hard drive?

  johnnyrocker 12:13 21 Nov 04
Locked

when i launch IE my home page (which happens to be hotmail)opens ok but it is at least 30 secs to a minute before i can use any of the links on it, it's as if the machine is busy doing something else and i also get periodicaly my mouse pointer stuttering as if it's catching up so to speak, ran adaware/spybot and have updated spyware blaster on board any ideas please?


johnny.

  Jeffers22 12:21 21 Nov 04

Post a hijackthis log and with a bit of luck nellie2 will give you the benefit of her expertise. Also, try Opera or Firefox and see if you get the same problems. Opera is my own choice - it is quicker, more customisable and more secure than IE.

  johnnyrocker 12:25 21 Nov 04

how do i get a log?

johnny.

  VoG II 12:43 21 Nov 04

Download from click here

How to post a log click here

You will probably have to post the log in "chunks" because of the 800 word limit here. Also, please double-space by adding a blank line every other line.

  johnnyrocker 13:02 21 Nov 04

not sure about the double space bit? here is the first chunk and if i am doing it wrong please advise.

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\PROGRA~1\PHILIP~1\VProperty.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\Program Files\DivX\DivX Player\DivX Player.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinRAR\WinRAR.exe

  johnnyrocker 13:04 21 Nov 04

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = click here
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = click here
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 c:\WINDOWS\system\cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [OneTouch Monitor] "C:\Program Files\Xerox One Touch\OneTouchMon.exe"
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [mwavscan] "C:\DOCUME~1\STEVEF~1\LOCALS~1\Temp\mwavscan.com" /s
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Startup: ITR Client.lnk = C:\Program Files\AnalogX\ITR\itrc.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE

  johnnyrocker 13:06 21 Nov 04

8E89E1D-83C4-4e3f-A7CB-A42F7EE5D53E} - (no file)
O9 - Extra 'Tools' menuitem: &Popup XP - Add to Web list - {A8E89E1D-83C4-4e3f-A7CB-A42F7EE5D53E} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: (no name) - {B72455AE-D3DE-492a-8FE0-0EA053B85277} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Omniquad MyPrivacy - {FB5F1910-F110-11d2-BB9E-00C04F795681} - C:\Program Files\Omniquad MyPrivacy\MyPrivacy.exe
O9 - Extra 'Tools' menuitem: Omniquad MyPrivacy - {FB5F1910-F110-11d2-BB9E-00C04F795681} - C:\Program Files\Omniquad MyPrivacy\MyPrivacy.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat - click here
O16 - DPF: Yahoo! Cribbage - click here
O16 - DPF: Yahoo! Dominoes - click here
O16 - DPF: Yahoo! Gin - click here
O16 - DPF: Yahoo! Literati - click here
O16 - DPF: Yahoo! Pool 2 - click here
O16 - DPF: Yahoo! Reversi - click here
O16 - DPF: Yahoo! Spades - click here
O16 - DPF: Yahoo! Word Racer - click here
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - click here
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - click here
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - click here
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - click here
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - click here
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - click here
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - click here
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - click here
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - click here
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - click here
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - click here
O16 - DPF: {B8F2846E-CE36-11D0-AC83-00C04FD97575} - click here
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - click here
O16 - DPF: {EF58E341-49C3-4156-A3C4-5FFCA7C1EAB7} (EURAS_Portal.Gateway) - click here
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - click here
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - click here

  Nellie2 13:38 21 Nov 04

I'm having a look at your log now, I do need to see the header though, that is the bit that tells me which version of hijackthis you are using and what your o/s is etc

Also, whilst you are waiting could you download the trial version of Trojan Hunter and scan your system with it click here let me know if it finds anything

  johnnyrocker 17:40 21 Nov 04

many thanks nellie2,
the link you kindly provided for trojan hunter does not seem to work too well, i d/load and install it but when it opens to scan a window is there telling me the evaluation has expired and it must be bought

apologies os is xp pro version of hijack is the one kindly supplied by vog.
interestingly when i booted up this evening machine hung saying a bad checksum, (selected f2 and carried on) fonts had changed etc so system restored to yesterday

johnny.

  VoG II 20:36 21 Nov 04

Can you please post the header at the top of the file. It should look something like:

Logfile of HijackThis v1.98.2

Scan saved at 17:17:14, on 9/11/2004

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Nellie2 20:41 21 Nov 04

you could try here for a trojan scan then click here

There is nothing in your hijack log that jumps out at me, which makes me think Trojan

This thread is now locked and can not be replied to.

New Google phones UK release date | Pixel XL price, new features, specifications: Pixel X and…

1995-2015: How technology has changed the world in 20 years

This is the future of TV, VR and holograms

iPhone 7 review: Enhanced cameras, a refreshed design and water resistance make the iPhone 7 an…