Jump to content

Recommended Posts

Hi everyone. Just wanted to say first off, I love this forum. Every thread has responses and no one gets overlooked. This will be a permanent stop for me on my internet travels, regardless if I have computer problems or not. Anyway...down to business.

I have a decent computer that I got last Christmas. But, now lately, I've been having terrible game performance. Most notably is the MMO City of Heroes. I use to play the game on my last computer, which was far inferior. And this rig should eat through it no problem. But, it appears I have tons of processes running all at once, and it's killing my game. I have run a HiJackThis scan and will post below. What I need is to figure out how to eliminate these damn processes from eating up my computer so my game time can be more enjoyable. I hope there is a solution to this rather than just manually shutting everything down every time I want to play. But, even then, there are still tons of things running and most I have no idea what they are.

Anyway...I'm getting too wordy. Here is my HiJackThis log. Thanks ahead of time!

Edit: I realize that Avira and AIM are currently running. Obviously my anti-virus and a chat program I was running while typing this up. Anyway...back to our regularly scheduled program.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:30:26 AM, on 9/25/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\TUProgSt.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\AIM6\aim6.exe

C:\Program Files\AIM6\aolsoftware.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Casey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: SGETask.lnk = C:\Program Files\SIMU\SGE\SGETask.Exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: vzTCPConfig - http://www2.verizon.net/help/fios_settings...vzTCPConfig.CAB

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1232882236742

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Service (gupdate1c98e068f2b264c) (gupdate1c98e068f2b264c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--

End of file - 8347 bytes

Link to post
Share on other sites

  • Root Admin

Please run the following so that we can better tell what's going on with the system.

Download
DDS
and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
dds.scr
to run the tool.

When done, the
DDS.txt
will open.

Click Yes at the next prompt for Optional Scan.

    When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop

  • Please include the following logs in your next reply:
    DDS.txt
    and
    Attach.txt

Link to post
Share on other sites

Thank you for your speedy response! Here goes.

DDS (Ver_09-07-30.01) - NTFSx86

Run by Casey at 0:42:57.26 on Fri 09/25/2009

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1333 [GMT -7:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\TUProgSt.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\AIM6\aim6.exe

C:\Program Files\AIM6\aolsoftware.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Casey\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

uRun: [Google Update] "c:\documents and settings\casey\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [D-Link AirPlus G] c:\program files\d-link\airplus g\AirGCFG.exe

mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe

mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

StartupFolder: c:\docume~1\casey\startm~1\programs\startup\anapod~1.lnk - c:\program files\red chair software\anapod explorer\anamgr.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sgetask.lnk - c:\program files\simu\sge\SGETask.Exe

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll

DPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings/include/vzTCPConfig.CAB

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232882236742

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\casey\applic~1\mozilla\firefox\profiles\5vxw7c4q.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - component: c:\program files\mozilla firefox\components\FFComm.dll

FF - plugin: c:\documents and settings\casey\application data\move networks\plugins\npqmp071503000010.dll

FF - plugin: c:\documents and settings\casey\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\progra~1\sonyon~1\npsoe.dll

FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll

FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-9-15 206256]

R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009-9-15 51488]

R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009-9-15 39200]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-9-23 11608]

R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-9-15 159600]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-9-23 108289]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-9-23 185089]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-9-23 55656]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-8 55152]

R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-6-11 10384]

R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]

R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-7-8 604416]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-1-25 24652]

R3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2009-1-25 26272]

S2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2007-7-27 14336]

S2 gupdate1c98e068f2b264c;Google Update Service (gupdate1c98e068f2b264c);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]

S3 aaudstum;aaudstum;\??\c:\docume~1\casey\locals~1\temp\aaudstum.sys --> c:\docume~1\casey\locals~1\temp\aaudstum.sys [?]

S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]

S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-9-15 64392]

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-9-15 348752]

S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-9-15 1097096]

S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009-9-15 33056]

S3 ThreatFire;ThreatFire;c:\program files\spyware doctor\tfengine\tfservice.exe service --> c:\program files\spyware doctor\tfengine\TFService.exe service [?]

=============== Created Last 30 ================

2009-09-24 21:04 34,064 a------- c:\windows\system32\lhacm.acm

2009-09-24 21:04 <DIR> --d----- c:\program files\Teamspeak2_RC2

2009-09-24 16:01 56 a---h--- c:\windows\system32\ezsidmv.dat

2009-09-24 15:59 <DIR> --d--r-- c:\program files\Skype

2009-09-24 03:10 <DIR> --d----- C:\Mids' Hero Designer

2009-09-23 13:33 55,656 a------- c:\windows\system32\drivers\avgntflt.sys

2009-09-23 13:32 <DIR> --d----- c:\program files\Avira

2009-09-23 13:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira

2009-09-23 13:23 <DIR> --d----- c:\docume~1\casey\applic~1\Malwarebytes

2009-09-23 13:23 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-23 13:23 19,160 a------- c:\windows\system32\drivers\mbam.sys

2009-09-23 13:23 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware

2009-09-23 13:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

2009-09-22 16:04 <DIR> --d----- c:\program files\Trend Micro

2009-09-21 17:40 229,888 a------- c:\windows\PEV.exe

2009-09-21 17:40 161,792 a------- c:\windows\SWREG.exe

2009-09-21 17:40 98,816 a------- c:\windows\sed.exe

2009-09-19 23:06 <DIR> --d----- c:\program files\NVIDIA Corporation

2009-09-19 23:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation

2009-09-19 01:11 <DIR> --d----- C:\Downloads

2009-09-19 01:09 <DIR> --d----- c:\program files\vSoft

2009-09-17 02:46 <DIR> --d----- c:\program files\City of Heroes

2009-09-17 00:00 73,728 a------- c:\windows\system32\javacpl.cpl

2009-09-16 23:58 <DIR> --d----- c:\windows\system32\appmgmt

2009-09-16 00:27 0 a------- c:\windows\system32\

Link to post
Share on other sites

  • Root Admin

Well nothing obvious stands out for Malware, and I don't like how some vendors launch their stuff permanently out of the %temp% folder but seems to be legit.

You appear to have more than one Anti-Virus program running which can cause conflicts. Make sure you FULLY remove all but your chosen Anti-Virus software.

I'll leave you with this information which can help you to tighten up your system a little more to squeeze out some performance. If you're still having issues after reviewing all of this please let us know.

Computer and browser slowness are not always malware related

Poor performance and other problems can be the result of disk fragmentation, disk errors, corrupt system files, too many startup programs, unnecessary services running, not enough RAM, dirty hardware, etc. As your system gets older it becomes filled with more files/programs and has a natural tendency to slow down so cleaning and regular maintenance is essential.

Listed below are a few things you can do to improve speed and system performance. Many of the these suggestions will apply if you're using Windows Vista but may be done a bit differently. Near the bottom of this thread there is a section specifically devoted to Vista Users.

For browser problems, see:

If your having connectivity issues or errors such as Page cannot be displayed see

If you're using Vista or Internet Explorer 7, see

If you have a lot of toolbars and add-ons attached to Internet Explorer, you could try improving performance by disabling those which are unecessary. See:

Link to post
Share on other sites

Thanks for the response. From all you gave me, the SpyBot SD seems like it could be most helpful. Sort out everything on startup. All the other stuff I have done from the uninstalling old stuff and cache clearing and defragging. The only other thing was, I noticed in the first log you had me run, remnants of old programs I don't have anymore remain. The BitDefender and Spyware Doctor were uninstalled and I don't use them anymore. However, I don't see them in the control panel "Add/Remove" programs list. Any idea on how I might get rid of those for good? Thanks

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

Link to post
Share on other sites

  • Root Admin

You can try this and see.

Remove Security Software WMI Registration

  1. Click on the Start menu.

  2. Select Run...

  3. Type wbemtest and click OK

  4. Click Connect

  5. Type (or copy/paste) root/SecurityCenter in the NameSpace box

  6. Click Connect

  7. Click on Query

  8. Type in or copy / paste
    SELECT * FROM AntiVirusProduct
    and click on Apply

If there is more than one result, it means there is more than one Antivirus program installed.

Double click on each result to view the properties for that Antivirus product.

Identify the product(s) installed and DELETE any records for
Security Software
no longer installed.

Delete_AV_From_WMI.gif

Link to post
Share on other sites

Thank you for being so patient. I've done as you suggested and I came up with three results. One obviously being the Avira that I want to keep. There are two others. But, I can't identify which is which. They all look the same to me. Any ideas on how I can tell which from which? I promise this will be the last I bug you tonight. Thanks so much.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.