Super slow PC - Hijack This Log included

Discussion in 'A+ Certification' started by Tony, May 21, 2004.

  1. Tony

    Tony Guest

    I got a customer's 1 year old Dell and it would barely run. I ran Ad Aware and Spybot and CW
    Shredder. They found over 1000 problem files between them. I removed them all. I re-booted and the
    thing still runs slow as molasses. I checked the Task Manager and, while the CPU is runiing at 0%,
    the Page File is pinned at 400 MB.I checked all of the processes and I do not see anything running
    high. I checked the applications and there is nothing running. BUT, occassionally, something called
    Project1 is listed in the Applications tab. I ran AdAware again and it found 17 more files (even
    though this PC isnt even on the net.

    I ran HIJack THis and included the log below. Can anyone see if something in there is suspicious and
    causing the Pagefile to run so high? Thanks

    ---------------------------------------------------------------------------


    Logfile of HijackThis v1.97.7
    Scan saved at 1:07:07 AM, on 5/21/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\System32\installer.exe
    c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
    C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
    C:\WINDOWS\System32\Keyhost.exe
    C:\WINDOWS\System32\wintsvtr.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\cidaemon.exe
    D:\CWShredder! v1.57 04.25.04\CWShredder.exe
    C:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
    R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} -
    C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
    R3 - URLSearchHook: IncrediFindBHO Class - {4FC95EDD-4796-4966-9049-29649C80111D} -
    C:\PROGRA~1\INCRED~1\BHO\INCFIN~2.DLL (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search &
    Destroy\SDHelper.dll
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
    O4 - HKLM\..\Run: [sr1exe] "C:\Documents and Settings\All Users\Application
    Data\Dell\Alert\252\updtSup3.exe"
    O8 - Extra context menu item: Web Savings - file://C:\Program
    Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
    O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: MoneySide (HKLM)
    O10 - Hijacked Internet access by New.Net
    O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll
    O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} -
    http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
    http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
    http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    O16 - DPF: {3FC76754-41A5-11D2-9370-00A0C9B1E042} (ColoringCtl Class) -
    http://www.kiddonet.com/lapware/actmenu/coloring/Coloring.ocx
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
    http://a1540.g.akamai.net/7/1540/52...ple.com/drakken/us/win/QuickTimeInstaller.exe
    O16 - DPF: {41F31718-2B9D-4F76-85E2-DD11BBA99F8D} -
    http://install.spywarelabs.com/DistID/2501031120/BundleOuter2501031120.EXE
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) -
    http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} (SpeedCtrl Class) -
    http://www.atelys.com/src/Speedup.ocx
    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) -
    http://web1.shutterfly.com/downloads/Uploader.cab
    O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} -
    http://www2.flingstone.com/cab/2000XP/CDTInc/bridge.cab
    O16 - DPF: {A2A62F90-6106-11D3-96F3-00105A771372} (KaraokeComCtl Class) -
    http://www.kiddonet.com/lapware/actmenu/KaraokeAnim/karaokeCom.ocx
    O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) -
    http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
    http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
    http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {F55C25D3-D16A-11D3-81DF-00A0C91F5E7D} (Gtek Print Control) -
    http://www.kiddonet.com/kiddonet/GtekPrt.ocx
    Tony, May 21, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. fiddaman64

    Burning CD's (Long - error log included)

    fiddaman64, May 11, 2005, in forum: Computer Support
    Replies:
    11
    Views:
    1,364
    fiddaman64
    May 11, 2005
  2. No Spam
    Replies:
    24
    Views:
    10,369
  3. cowboyz
    Replies:
    4
    Views:
    602
    cowboyz
    Sep 24, 2003
  4. GOOD LUCK GROUP
    Replies:
    0
    Views:
    687
    GOOD LUCK GROUP
    Apr 28, 2008
  5. Lilaceve

    Desktop has vanished - Hijackthis log included

    Lilaceve, Jul 2, 2008, in forum: General Computer Support
    Replies:
    1
    Views:
    713
    BohemianGeek
    Jul 5, 2008
Loading...

Share This Page