BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Sluggish startup and poor performance
   
BullGuard Antivirus Forum > General Security > Computer and Mobile Security > Sluggish startup and poor performance  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : Sluggish startup and poor performance
[ << Previous Thread | Next Thread >> ]

sj
New Member


Date Joined Aug 2008
Total Posts : 20
 
   Posted 10/9/2008 9:04 AM (GMT +3)    Quote: Sluggish startup and poor performanceAlert an admin about: Sluggish startup and poor performance
Hi
I am having WinXP SP2 and 256 RAM. after start up and entering my username and id, it takes abnormal amount of time to reach to the desktop and for starting any other application or program.i have gone thru msconfig and removed unnecessary files from start up but the problem still persists. i am posting here hjt log for reference.any help would be appriciated.
thanx in advance.
 
Logfile of HijackThis v1.99.1
Scan saved at 8:52:22 AM, on 10/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Netbooster Client\Client\ventc.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\Netbooster Client\squid\ventcsquid.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcdnsserver.exe
C:\Program Files\Netbooster Client\squid\ventcunlinkd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\wgp.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ipmsg.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\HPLiteSaver.exe
C:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\TEMP\UVBA68.EXE
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\HJT\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://jgsrvra01/HSEFlash/FlashHTML/HSEF_Flash.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.4.188.179:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.*;*.ril.com;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [WinGuard Pro] C:\WINDOWS\system32\wgp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [BOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: ipmsg.exe
O4 - Global Startup: HPLiteSaver.lnk = C:\WINDOWS\HPLiteSaver.exe
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5} (Cnsweb3d Control) - http://www.partserver.de/partserver/viewer/cnsweb3d/cnsweb3d.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pdc_rpl2.jg.ril.com
O17 - HKLM\Software\..\Telephony: DomainName = pdc_rpl2.jg.ril.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pdc_rpl2.jg.ril.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pdc_rpl2.jg.ril.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = pdc_rpl2.jg.ril.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Oracle%ORACLE_HOME_SERVICE%ClientCache80 - Unknown owner - D:\ORANT\BIN\ONRSD80.EXE
O23 - Service: SAAZSecAnalyzer - Zenith InfoTech Ltd. - C:\WINDOWS\System32\PatchScan\DataCollector.exe
O23 - Service: SaazTool - Unknown owner - C:\WINDOWS\System32\AdminProData\DataCollector.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Netbooster Client\Client\ventc.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe" -service (file missing)
 
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 10/9/2008 9:21 AM (GMT +3)    Quote: Sluggish startup and poor performanceAlert an admin about: Sluggish startup and poor performance
Hello scool
 
 
This is why you have a slow computer - 256 RAM !!!  1024 mb ram is recommended


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

sj
New Member


Date Joined Aug 2008
Total Posts : 20
 
   Posted 10/9/2008 9:26 AM (GMT +3)    Quote: Sluggish startup and poor performanceAlert an admin about: Sluggish startup and poor performance
but it was working nicely before a week...right now it has started creating the problems.
changing ram may not be the best solution i suppose...pl suggest wht to do?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 10/9/2008 10:06 AM (GMT +3)    Quote: Sluggish startup and poor performanceAlert an admin about: Sluggish startup and poor performance
I still recommend you get more ram. However, we can check for possible infections -
 
Download: CCleaner
http://www.majorgeeks.com/download4191.html

http://www.ccleaner.com/

Once installed, run CCleaner click the Windows tab

Once installed, run CCleaner click the Windows tab

Select the following:
Internet Explorer:
Temp Internet
History
Recently Typed URLs
Delete Index.dat files

System:
Empty Recycle Bin
Temporary Files
Memory Dumps
Chkdsk File Fragments
Old Prefetch Data


Next: click Options click the Settings tab
Uncheck: "Only delete files older than 48 hrs.", click Ok

 
Then click Run Cleaner (bottom right) then Exit
(reboot)
Please download Malwarebytes' Anti-Malware:
 
Or here:
 
 to your desktop.
 
Double-click mbam-setup.exe and follow the prompts to install the program.
                     
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch


Malwarebytes' Anti-Malware, then click Finish.
                     
If an update is found, it will download and install the latest version.
                     
Once the program has loaded, select Perform full scan, then click Scan.
                     
When the scan is complete, click OK, then Show Results to view the results.
 
Be sure that everything is checked, and click Remove Selected.
 
When completed, a log will open in Notepad. Please save it to a convenient location.
 
Copy and Paste that log into your next reply.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

sj
New Member


Date Joined Aug 2008
Total Posts : 20
 
   Posted 10/10/2008 6:24 AM (GMT +3)    Quote: Sluggish startup and poor performanceAlert an admin about: Sluggish startup and poor performance
new hjt log is here:

Malwarebytes' Anti-Malware 1.24
Database version: 1012
Windows 5.1.2600 Service Pack 2

4:22:12 PM 10/9/2008
mbam-log-10-9-2008 (16-22-12).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 178439
Time elapsed: 32 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



does the RAM really affect startup also?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 10/10/2008 6:34 AM (GMT +3)    Quote: Sluggish startup and poor performanceAlert an admin about: Sluggish startup and poor performance
It does ;-)
 
Few more things to try ->
 
Download and run Pagedefrag on next boot:
 
Optimize XP:
http://www.microsoft.com/windowsxp/using/setup/expert/northrup_restoreperf.mspx


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 
New Topic Locked Topic Printable version of : Sluggish startup and poor performance
 
Forum Information
Currently it is Saturday, September 20, 2014 5:04 PM (GMT +3)
There are a total of 60,607 posts in 13,318 threads.
In the last 3 days there were 1 new threads and 1 reply posts. View Active Threads
Who's Online
This forum has 36377 registered members. Please welcome our newest member, Emma S.
2 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
I definitely have Malware, I've tried everything I know how to do (1)9/19/2014 6:47:25 PM (Robert Mateescu)