1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Computer is running sluggish,and internet explorer stops responding [HJT Log]

Discussion in 'Malware and Virus Removal Archive' started by Hester, 2006/10/10.

  1. 2006/10/10
    Hester

    Hester Inactive Thread Starter

    Joined:
    2006/10/10
    Messages:
    1
    Likes Received:
    0
    My problem is this, i have a windows ME that my son loaned to me. When i first got it, it would stay on for a few min then shut down and reboot. I ran many types of virus scans, adware scans, it works lot better now, but the problem is it is very sluggish, and internet explorer stops responding, sometimes it works ok until i open another page or click to close it then it freezes. I'm pasting a copy of my HJT that i ran just a minute ago, i hope someone can help as i don't know much about computers.
    thank you in advance
    hester


    Logfile of HijackThis v1.99.1
    Scan saved at 11:58:07 PM, on 10/10/2006
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\PROGRAM FILES\BELLSOUTHWCC\MCCITRAYAPP.EXE
    C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
    C:\PROGRAM FILES\MYSPACE\IM\MYSPACEIM.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\MAGICLAN\MAGICUTILITY\SWLU.EXE
    C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN2\YTBSDK.EXE
    C:\WINDOWS\WUAUCLT.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\TEMP\WZ1390\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = www.yahoo.com
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN2\YT.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN2\YT.DLL
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN2\YT.DLL
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\Run: [BellSouthWCC_McciTrayApp] C:\PROGRAM FILES\BELLSOUTHWCC\MCCITRAYAPP.EXE
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE" -quiet
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\RunServices: [Yahoo! Pager] "C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE" -quiet
    O4 - HKCU\..\RunServices: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
    O4 - HKCU\..\RunServices: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - Startup: WLAN Utility.lnk = C:\Program Files\MagicLAN\MagicUtility\SWLU.exe
    O4 - Startup: WinZip Quick Pick.lnk.disabled
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

    :confused:
     
    Hester,
    #1
  2. 2006/10/11
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Hello and welcome to WindowsBBS Forums.

    I'm not seeing anything in your log to indicate any malware present. Did you remove a lot of malware with previous scans?

    You can try disabling some unnecessary items so they don't start up.

    Here is an excellent site for that:
    AnswersThatWork
    Just go to the appropriate letter, and search for the process/exe, they will give good detailed info regarding it, we use it quite often. If you can't find it there, then use Google.

    I would also advise that the OS you're using, Win ME is no longer supported by Microsoft and thus you're running on the Net with known exploits and run the risk of infection at any time. I would strongly consider upgrading to Windows XP.
     
    TeMerc,
    #2


  3. to hide this advert.

  4. 2006/10/12
    mattman

    mattman Inactive Alumni

    Joined:
    2002/06/10
    Messages:
    8,198
    Likes Received:
    63
    If it seems to be tied to Internet Explorer it may be the antivirus (AVG) or antispyware (SpywareDoctor) checking things. If the file system is "clogged" that can mean it slows even further.

    Go to Start -> Accessories -> System Tools. Do a cleanup of the harddrive. Run Scandisk (file system error checking, see Help). Run Defragmentation.

    In Internet Explorer, go to Tools -> Internet Options. Delete the Cookies and Files. In Settings, reduce the size of the Temporary Files folder to about 5Mb.

    You can try "repairing" Internet Explorer by going to Control Panel -> Add/Remove Programs -> Microsoft IE and clicking Remove. It will have an option for Repair Internet Explorer.

    AVG is free, so you can download it from AVG, uninstall the current version and (re)install a new version.

    Consider uninstalling and reinstalling SpywareDoctor.

    Try another Browser like Mozilla Firefox or Opera. They won't interfere with IE. I have all three installed so that I can compare with the others.

    If the system does not have a reasonable amount of RAM (256 to 512MB) it could be running out of "physical" memory. Unfortunately, I am not very familar with Win ME and can't tell you how to monitor it.
    Do a search of these forums for msconfig. It will tell you about shutting down unnecessary startup programs.

    Matt
     
    Last edited: 2006/10/12
    mattman,
    #3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...