PC getting slower everyday [HJT Log]

PC getting slower everyday

Hello folks. Over the past week or so, I have noticed that my PC has been getting slower by the day. My first thought was it was because I had suddenly download around 5GB and then had installed so there was roughly 9GB more of the PC. I like to keep usage to under 20GB, and was very surprised when it was at 29GB. So I decided to clean up. Got rid off all the installation files, got rid of some of the programs and re-booted. Still the same, not even slightly quicker. I then get rid off all the programs I had installed, deleted more files, cleared the cache, temp files, converted music files to lower bit rate to save space, got rid of old and unused programs, and ran spy bot. Re-booted but it's the exact same. Web pages take around one minute to fully load. I have noticed that my Internet speed is also slower, but I think this is because the PC is slow. What could be causing this to get worser? I am using Windows XP and have all the available updates.

 

Thanks for the reply PeteC. I have noticed that when ever I have several heavy programs running, my Internet connection suffers, that's why I thought it was the PC. I have McAfee and I'm currently doing a scan, hasn't found anything so far, but it's taking forever. If I'm honest with you, I haven't defragged my PC for probably three years now, I just never had the time to spend two hours so the PC can sort it's self out, and if I tried to do it now, it would take at least eight. I know I should defrag, and will do as soon as I have sorted out the problem. When I bring up the Task Manager, it says the CPU Usage is only around 5% which is what it normally would be. I haven't changed anything with msconfig so can't be that either. I'll see what McAfee comes up with, but that's like to take another hour. It wasn't Spybot I used, I got it wrong, it was Spyware Doctor, but it did find 50 entries. 48 were cookies, and two entries were in the registry. I deleted them and rebooted but it's the same.

 

Hello enrique,

If you're worried about time, bring up the defragger, do the analysis and not a defrag.

I'm not sure it would be that bad because if the Task Scheduler service is running, XP would have been defragging all this time anyway. True, not nearly as completely as a dedicated defragging would, but it may not be out of control.

Regards - Charles

 

When I used to run the defragger, it used to say 'Defragging not needed at this time', or something like that, but occasionally, I would still defrag. I know that if I do do it now, it will take for ever. Today is no exception from the last few, it's still slow. And, to add to problems, when I move my mouse to the right hand side, it only moves at half the speed. Every other direction is fine, just that way. Tried cleaning it, checked wires etc but still. It's a normal ball mouse, and worked fine last night. I feel like chucking this PC out the bloody window!

 

Do you have a firewall other than the windows one?
If so , rerun the program access wizard. This often happens when an entry becomes corrupt or a windows update changes a shared dll (or system file checker replaces one ) since the dll authorized does not match the one in use.

I have seen this slow a DSL connection to less than dialup speed and cause programs to take over a minute to open. Most of the time it is far less severe, but some times it gets really bad.

 

This is the results for hijackthis PeteC:

Logfile of HijackThis v1.99.1
Scan saved at 17:56:10, on 18/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Browser Mouse\2D Browser Mouse\1.0\lwbwheel.exe
C:\PROGRA~1\GENIUS~1\mouseElf.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\DAP\DAP.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\PANICW~1\POP-UP~4\PSFree.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Darryl\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.m-w.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - <default> - (no file)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\2D Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\mouseElf.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe "
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42 "
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~4\PSFree.exe "
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Voiced Keyboard Homepage - {1ff190e7-38ab-423e-b59c-4d166c2ea5f1} - http://www.yayahoohoo.com (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {AD08A333-609E-11D3-950C-008098601567} - http://wordreference.com/Install/English to Spanish.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = W20326.sbnt.com
O17 - HKLM\Software\..\Telephony: DomainName = W20326.sbnt.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = W20326.sbnt.com
O20 - Winlogon Notify: Disk Cleaner - Disk Cleaner.dll (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Quick Heal Online Protection - PCTEL, INC. - (no file)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

oshwyn5, I don't use any other firewall. going to get a McAfee one though. Also, McAfee didn't find any viruses last night so it's not that either.

 

I do not see any nasties but here are my observations.


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.m-w.com/
I presume that this is your chosen start page since you do not mention a home page hijack


R3 - URLSearchHook: (no name) - <default> - (no file)
This is a slightly abnormal appearance for this entry. Not bad, but I would still run hijackthis with all windows closed and choose scan only , check this and fix.
Then close and restart and go to IE and click on search
Click customize
Select a search engine for each.
Click on the autosearch settings and select a search engine.


O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
Unnecessary.
Go to control panel/ system / advanced/error reporting
Check disable error reporting but notify me of critical errors.
system / advanced/ startup and recovery/ settings/ write debugging information to none.
If you are not having crashes , no need to constantly monitor this .

You can also , while there go to system/advanced/ performance and either adjust for best performance or choose a custom one where you can choose which flashy features to enable and which to turn off.

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP]
In early days, this was a major spyware / adware installer but no longer installs anyone elses stuff.
Now considered safe, but I prefer others (Meta produces download express, star downloader )

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
I suspect this is what is slowing your system down. I have seen many people who use these fancy customization programs complain that windows is slow. They all swear it cannot be their style program; but in the end it is just one more fancy thing which was not part of windows which is altering the performance of explorer.exe, the gui which displays windows for you.

I also see things related to microsoft peer to peer, (Remote desktop? running. Are you doing anything like this?
C:\WINDOWS\system32\spnpinst.exe


I really prefer a router to running broadjump client on the PC.
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
In fact it is "troubleshooting software" which provides quality feedback to your ISP and is not needed at all for your connection to function. I would at a minimum, use
Codestuf starter startup manager and process viewer
To stop it from running automatically as a startup entry. You can always run it manually if you need to.

 

Hello enrique,

Look up your running processes including parts of McAfee here
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

I would also disable startups one at a time and run for a while, then try the next to narrow it.

Regards - Charles

 

Hello all.I would have posted much sooner but my mouse broken (because of me) so I had to get another one. oshwyn5, thank you for the reply.

Yes, this is my start page. I love dictionaries. Sad, I know!

Done this.

Fortunately, the PC doesn't crash. Just takes forever to load applications.

I have used DAP for many years, and recently upgraded to version 7.5, but unfortunately, I'm not impressed and may uninstall this until it improves.

Although this may seem like the likey suspect for the slow preformance, I do believe it isn't. The reason being, I have had this installed for over a month, and the PC has been running fine, the problems only started a week ago.

I don't even know what remote desktop is lol, so I don't thnik I'm using it although it's running?

I have used this for many many months and haven't had any problems with it. I think it's good.

So the only thing I'm not too sure on is the remote desktop. Charlesvar, that site could prove to be useful. Thank you to you all.

 

http://www.file.net/process/spnpinst.exe.html

I can't see anything bad about it, but would you go to start/ run and type services.msc and hit enter.
Check Remote Desktop and make sure it says disabled as status.

Also check Universal Plug
and Play Device Host (not related to plug and play components of your computer these are external networked devices) and let me know what it is set to.

 

The 'Remote Desktop Help Session Manager' hasn't got disabled or enabled, it's blank. Shall I change it to disabled? Also, the Universal Plug and Play Device Host isn't set to anything.

 

Yes, set both to disabled.