Slow Computer after cleanup [HijackThis Log]

Goodday everybody,

I have tried to install ad-aware and spybots but both will not install. I have Norton 2005 systemworks. When we are has started a program and it is up on the screen it is really quick, but it takes 5 minuts before a program is up. So i have posted the Hijack file in this.

Becuase hte size of the Hijack i have shrinked some directories.

Win = Windows
P F = Program Files
S32 = System32
IE = Internet Explorer
NO = Norton

Logfile of HijackThis v1.99.1
Scan saved at 18:09:02, on 9-6-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WIN\S32\smss.exe
C:\WIN\S32\winlogon.exe
C:\WIN\S32\services.exe
C:\WIN\S32\lsass.exe
C:\WIN\S32\svchost.exe
C:\WIN\S32\svchost.exe
C:\P F\Common Files\Symantec Shared\ccSetMgr.exe
C:\P F\Common Files\Symantec Shared\SNDSrvc.exe
C:\P F\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\P F\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WIN\S32\spoolsv.exe
C:\P F\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\P F\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\P F\NO SystemWorks\NO AntiVirus\navapsvc.exe
C:\P F\NO SystemWorks\NO Ghost\Agent\PQV2iSvc.exe
C:\P F\NO SystemWorks\NO AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NO~1\NO~1\NPROTECT.EXE
C:\WIN\S32\nvsvc32.exe
C:\PROGRA~1\NO~1\NO~1\SPEEDD~1\NOPDB.EXE
C:\WIN\Explorer.EXE
C:\WIN\S32\svchost.exe
C:\P F\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\P F\Funk Software\Proxy Host\ph32svc.exe
C:\WIN\BCMSMMSG.exe
C:\P F\Dell\AccessDirect\dadapp.exe
C:\P F\Synaptics\SynTP\SynTPLpr.exe
C:\P F\Synaptics\SynTP\SynTPEnh.exe
C:\WIN\S32\DSentry.exe
C:\P F\Dell\Media Experience\PCMService.exe
C:\P F\Funk Software\Proxy Host\phtray.exe
C:\P F\Common Files\Symantec Shared\ccApp.exe
C:\P F\NO SystemWorks\NO Ghost\Agent\GhostTray.exe
C:\P F\HP\hpcoretech\hpcmpmgr.exe
C:\P F\HP\HP Software Update\HPWuSchd2.exe
C:\WIN\S32\ctfmon.exe
C:\P F\HP\Digital Imaging\bin\hpqtra08.exe
C:\P F\IE\iexplore.exe
C:\P F\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\P F\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe
C:\WIN\S32\svchost.exe
F:\Hijack\HijackThis.exe
C:\WIN\S32\NOTEPAD.EXE
C:\P F\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\IE\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\IE\Main,Start Page = http://www.tiscali.nl/
R1 - HKLM\Software\Microsoft\IE\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKLM\Software\Microsoft\IE\Main,Start Page = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\IE\Main,Local Page =
R0 - HKCU\Software\Microsoft\IE\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\P F\NO SystemWorks\NO AntiVirus\NavShExt.dll
O3 - Toolbar: NO AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\P F\NO SystemWorks\NO AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WIN\S32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DadApp] C:\P F\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\P F\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\P F\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WIN\S32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\P F\Dell\Media Experience\PCMService.exe "
O4 - HKLM\..\Run: [ProxyHostTrayIcon] "C:\P F\Funk Software\Proxy Host\phtray.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\P F\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\P F\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [NO Ghost 9.0] C:\P F\NO SystemWorks\NO Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [iTunesHelper] "C:\P F\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [HP Component Manager] "C:\P F\HP\hpcoretech\hpcmpmgr.exe "
O4 - HKLM\..\Run: [HP Software Update] C:\P F\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN\S32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\P F\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NO SystemWorks] "C:\P F\NO SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\P F\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\P F\Linksys\Wireless-G Notebook Adapter\Startup.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WIN\S32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WIN\S32\shdocvw.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\P F\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Win Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\P F\Messenger\msmsgs.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\P F\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\P F\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\P F\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NO AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\P F\NO SystemWorks\NO AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\P F\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: NO Ghost - Symantec Corporation - C:\P F\NO SystemWorks\NO Ghost\Agent\PQV2iSvc.exe
O23 - Service: NO AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\P F\NO SystemWorks\NO AntiVirus\IWP\NPFMntor.exe
O23 - Service: NO Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NO~1\NO~1\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WIN\S32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WIN\S32\HPZipm12.exe
O23 - Service: Proxy Host Service (ProxyHostService) - Funk Software, Inc. - C:\P F\Funk Software\Proxy Host\ph32svc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\P F\NO SystemWorks\NO AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\P F\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\P F\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NO~1\NO~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\P F\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

 

Hello Menno,

I have tried to install ad-aware and spybots but both will not install.
Any messages?

To start:

You have two applications that take tremendous amounts of system resources - Norton and HP.

How much RAM do you have? To lessen the load, take a look at the processes that startup at bootup and stop the ones that can be on-demand.

Some examples:

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [QuickTime Task] "C:\P F\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\P F\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN\S32\ctfmon.exe

Use this post to access various startup data bases for info on them: http://www.windowsbbs.com/showthread.php?t=39425

I don't see anything "nasty ", but others may see something.

Regards - Charles

 

Welcome to WindowsBBS Menno!

Your log looks clean to me also.

You say slow it is slow after cleanup.........cleanup of what? Malware? Virus?Old programs? Registry?

To re-iterate Charles (good to see you again, Charles! ), do you receive any error messages when trying to install Ad-aware or Spybot? What exactly does happen?

BTW, no need to edit the HijackThis logs. It actually makes it harder for us to review.