slow startup [lxddcoms.exe - HJT log]

When i turn my computer on everything works fine until i get to the desktop thats when things get slow the icons come up but down at the bottom by the clock the icons there take forever to load something is lagging but i don't know what.... here is my hijackthis log hopefully i can get some help... thank you for whom ever can help me.
wisconsin26



Logfile of HijackThis v1.99.1
Scan saved at 12:39:56 PM, on 6/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.eznsearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.eznsearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cheqnet.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.eznsearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.eznsearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.eznsearch.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [EZNXP] C:\PROGRA~1\EZN\EASYIN~1\eznorun.exe
O4 - HKCU\..\Run: [PrivacyControl] C:\Program Files\PrivacyControl\PrivacyControl.exe -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179266400265
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF58CC67-6A20-46EB-ADD8-364D80B74DEE}: NameServer = 64.33.128.10 209.143.0.10
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe

 

EDIT: This thread was moved to the Removing Spyware & Viruses forum. I expect this thread has been moved back to the Windows XP forum because this problem appears not to be a malware issue.

===========

Hi, wisconsin26. Welcome to Windows BBS!

I expect this thread will be moved to the appropriate forum (Removing Spyware & Viruses). DO NOT attempt any manual removal of files unless specifically instructed how to do so by a malware-removal expert.

I am not a malware-removal expert but I noticed a couple of your HJT log items that are interesting to investigate while you are waiting for expert assistance.

I Googled lxddcoms.exe and turned up nothing (which is very unusual when Googling file names).

Please submit that file to Jotti's Online Scan and copy/paste the results here in this thread. The results may be helpful for the malware-removal experts.

CAUTION: DO NOT have HijackThis "fix" anything without carefully following expert guidance. Otherwise, you might render your computer unstable or even unbootable.

 

OOPS! I made a mistake with my Jotti's Online Scan link in the post above. I fixed the link.

I'm sorry about any confusion I may have caused.


For the record: The incorrect "link" I made was to "http://lxddcoms.exe" which was not dangerous as far as I know. My Firefox browser simply popped up a "Server not found" message. (wisconsin26 is also apparently using Firefox.) I do not know what would have happened if wisconsin26 would have used Internet Explorer to go to my erroneous link.

 

ATTN Malware-Removal Experts:

I Googled LXDDCATS and got one result linking to this lxddcoms.exe-related TomCoyote forum thread which was started on May 18, 2007 and the problem was apparently resolved with help from "MrCharlie ".

The victim in that TomCoyote thread apparently submitted "lxddcoms.exe" to either Jotti or VirusTotal and stated,

Later the victim stated (after apparently checking the file's properties),

My Google search for LXDDtime.dll "did not match any documents ".

wisconsin26, DO NOT perform any removal described in that TomCoyote thread (unless, of course, a malware-removal expert here instructs you so). Your computer's malware (if such malware exists) might have to be removed in a different way depending on the uniqueness of your computer infection.

EDIT: In light of this information, if wisconsin26's computer is apparently clean, perhaps we should move this thread back to the Windows XP forum where it was originally posted and give it a 2nd title revision: "slow startup [lxddcoms.exe - HJT log - appears PC is NOT infected] ".

 

My pc is clean i have ran virus scans and nothing has come up that said i have any viruses... i do have a lexmark 3 in 1 printer i don't believe thats my problem though i had this start up problem before i installed my printer...

 

Hi again, wisconsin26.

Since it appears you do not have a malware issue, let's see if we can find out what is consuming your computer's CPU usage.

Perhaps you can run Process Explorer (Microsoft link) before the slowdown occurs and see what consumes a large percentage of your CPU usage at the time the slowdown occurs.

I think Process Explorer is a stand-alone application (does not require you to install). Download ProcessExplorer.zip, unzip the file to a location of your choice, and then run procexp.exe to open the application.

The "CPU" column displays a percentage of CPU use. Normally, the "System Idle Process" displays the largest percentage. When a program loads or performs certain tasks, its share of the CPU usage will will jump and the corresponding CPU percentage will be displayed in the "CPU" column for the process involved.

If you hover your mouse pointer over the spikes in the animated red/green "graph" display near the top of the Process Explorer window, the associated processes will be displayed. The wider spikes are probably the ones you are interested in.

There will also be a small animated red/green "graph" icon in your tool tray (near your computer's clock). If you hover your mouse pointer over that icon when your computer slows to a crawl, that will probably identify what proccess has the largest CPU usage.

===========

My first guess is your Avast! anti-virus software is causing your computer's slowdown during startup. Avast!-associated processes make up 18% of the total running processes shown in the first section of your HJT log. I have also seen significant startup slowdowns on another computer where I installed Avast!. There may be a way to disable Avast! scanning during startup via Avast!'s control panel. I don't have Avast! installed on my computer so I can't readily determine where such a setting may be.

The "(file missing)" items identified above might also be at the root of your issue.

If you cannot recify your problem by tweaking Avast! or addressing the "(file missing)" issues, then I suggest you try uninstalling Avast! (while disconnected from the Internet) and then restart your computer.

If your startup slowdown issue disappears after uninstalling Avast!, then I suggest you install/use a different reputable anti-virus application.

CAUTION: If you decide to uninstall Avast!, then obtain another reputable anti-virus application (that will provide real-time protection in memory) in advance so your computer is not connected to the Internet while unprotected.

=========

 

Sorry i haven't been back to answer you, i will try that... Also i have uninstalled Avast and installed AVG seems to be running a tad bit faster, i was told a normal start up is 1.30 mins to 2 mins mines still roughly around 3 mins... i guess it's not all that bad.

 

Hi, wisconsin26. No apology necessary. Definitely not a problem for me.

3 minutes for a boot-up isn't toooooo bad. Gives you enough time to heat up a coffee and get a snack.

Did you install AVG-Anti-Spyware or AVG-Anti-Virus? Both applications (free-versions) can currently be downloaded from this page. The AV is near the top. The AS is near the bottom.

If you installed AVG-Anti-Spyware, then I suggest you install an anti-virus application to run in tandem with AVG Anti-Spyware. I think anti-spyware programs generally are not intended to protect against viruses.

Another free anti-virus application that I think also has a pretty good reputation is Avira AntiVir® PersonalEdition Classic.

I haven't used AntiVir though. (Haven't used AVG Anti-Virus either.) Perhaps someone else will recommend another anti-virus application to try.

If I am incorrect with my beliefs/suggestions, I expect someone will correct me.

 

Couple of quick comments -

You can update your Java (j2re1.4.2_03) to a secure version - what you are currently running not only poses a security problem but its an antique as well - I mean this one is really old.

Lose the eznsearch program. It has several running components and in some circles is considered malware.

I'd also lose the Lexmark toolbar and the Yahoo toolbar, yahoo helper, yahoo this, that and everything else. Your HP updater is another problematic piece of software - lose it.

You'd be smart to install two programs to help you through this mess. First one is StartupCPL written by Mike Lin. It runs in the control panel and will permit one to terminate several unnecessary startup items without removing the actual software. Second one is RegSeeker. Use this to search for AVAST and then ALWIL registry entries. Remove them all.

The above list is by no means complete. I just focused on a couple of items for starters. Clean this stuff up and then post back with results and comments. I'd say there is a lot of worthless stuff running on your machine contributing to it's overall sluggishness. Once the above has been accomplished, we can do a few more things to speed things up - lets save those for round two.

I've probably got a little more horsepower than you but I'd start ripping things apart if it took me a full minute to load up.



mailman - my guess is that the AVG reference is Anti-Virus

 

EDIT: Rockster snuck in a post (with good suggestions, of course) while I was composing this message. I'll leave mine as-is anyway.

wisconsin26, if you want to experiment with disabling unnecessary startups to try to speed up your boot time, here are some links.

Choose one of the following handy stand-alone utilities for controlling your startups. (You do not need to install the application.) I suggest you use one of these utilities instead of MSCONFIG to control your startups.

• Microsoft/Sysinternals Autoruns
• Mike Lin's Startup Control Panel

CAUTION: Be certain you do not disable any necessary startups. See the references below for details that will help you decide what is reportedly safe to disable.

To help you decide what startups you might want to disable, check out the following links.

• Pacman's Startups - Contents: (I suggest you read this "Contents" page for background information.)
  

Another resource that may be helpful is

• AnswersThatWork: TASK LIST PROGRAMS (including WinNT4/2000/XP/2003/Vista Services)
  Keep in mind this database includes descriptions of memory-resident processes that are not necessarily automatically started when you boot your computer.

 

Following Rockster's lead on updating your Java (which I also strongly recommend), here's a link.

Java Downloads for All Operating Sytems

• Uninstall your current Java version via Control Panel > Add/Remove Programs.
• Restart your computer.
• Then install the new version.
• Restart your computer.

 

wisconsin26, any luck discovering the cause of your slow start-up?

Need any help with using any software?