boot and shutdown probs

  • Thread starter Thread starter Billericay Pete
  • Start date Start date
B

Billericay Pete

My PC used to take a few mins to boot and 30 secs to shutdown but now it
takes around 4.5mins to boot to the sidebar appearing amidst incredible disk
activity (which has always been the case) - if I then click on IE it takes
around 80 secs to load as the disk is going bananas for several minutes and
the PC isn't really useable for 5 minutes until the disk settles down (which
has been getting worse over the last 6 months)
Quite often (40%) boot freeze on MESH splash screen and needs reboot
PC - quad Core Mesh PC 2.4GHz - 4GB RAM - VISTA all up to date - 1 x 500GB 1
x 1TB - external - USB ipod/printer/1.5tb backup
I've tried disabling obvious candidates in startup/services but to no
avail - not a gaming PC - general light use

Any thoughts??

Many thanks
Pete


Critical 03/06/2010 11:20:11 Diagnostics-Performance 400 System Performance
Monitoring
Error 03/06/2010 11:19:33 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 03/06/2010 11:19:25 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Warning 03/06/2010 11:19:25 Diagnostics-Performance 203 Shutdown Performance
Monitoring
Warning 03/06/2010 10:23:41 Diagnostics-Performance 108 Boot Performance
Monitoring
Error 03/06/2010 10:23:41 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 03/06/2010 10:23:31 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Critical 03/06/2010 09:21:03 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 03/06/2010 09:21:03 Diagnostics-Performance 101 Boot Performance
Monitoring
Warning 03/06/2010 09:20:55 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Warning 02/06/2010 22:33:50 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 02/06/2010 22:33:38 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Critical 02/06/2010 22:11:16 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 02/06/2010 22:11:16 Diagnostics-Performance 101 Boot Performance
Monitoring
Warning 02/06/2010 22:11:13 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Error 02/06/2010 21:11:49 Diagnostics-Performance 400 System Performance
Monitoring
Warning 02/06/2010 21:11:17 Diagnostics-Performance 109 Boot Performance
Monitoring
Critical 02/06/2010 21:11:17 Diagnostics-Performance 100 Boot Performance
Monitoring
Critical 02/06/2010 20:20:38 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 02/06/2010 20:20:36 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Error 02/06/2010 18:37:41 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 02/06/2010 18:37:41 Diagnostics-Performance 101 Boot Performance
Monitoring
Warning 02/06/2010 18:37:38 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Warning 02/06/2010 18:37:38 Diagnostics-Performance 201 Shutdown Performance
Monitoring
Critical 02/06/2010 07:45:04 Diagnostics-Performance 100 Boot Performance
Monitoring
Critical 01/06/2010 23:33:36 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 01/06/2010 23:33:36 Diagnostics-Performance 101 Boot Performance
Monitoring
Warning 01/06/2010 23:33:30 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Warning 01/06/2010 23:20:26 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 01/06/2010 23:20:19 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Warning 01/06/2010 23:08:26 Diagnostics-Performance 200 Shutdown Performance
Monitoring
Warning 01/06/2010 23:08:26 Diagnostics-Performance 101 Boot Performance
Monitoring
Critical 01/06/2010 23:08:26 Diagnostics-Performance 100 Boot Performance
Monitoring
Warning 01/06/2010 23:08:26 Diagnostics-Performance 102 Boot Performance
Monitoring
Warning 01/06/2010 23:08:26 Diagnostics-Performance 101 Boot Performance
Monitoring
 
My PC used to take a few mins to boot and 30 secs to shutdown but now it
takes around 4.5mins to boot to the sidebar appearing amidst incredible disk
activity (which has always been the case) - if I then click on IE it takes
around 80 secs to load as the disk is going bananas for several minutes and
the PC isn't really useable for 5 minutes until the disk settles down (which
has been getting worse over the last 6 months)
Quite often (40%) boot freeze on MESH splash screen and needs reboot
PC - quad Core Mesh PC 2.4GHz - 4GB RAM - VISTA all up to date - 1 x 500GB 1
x 1TB - external - USB ipod/printer/1.5tb backup
I've tried disabling obvious candidates in startup/services but to no
avail - not a gaming PC - general light use

Any thoughts??
Click to expand...


Yes, I have a thought. There's a good chance that you are infected
with malware. What anti-virus and anti-spyware programs do you run?
Are they kept up to date?
 
Ken Blake said:
Yes, I have a thought. There's a good chance that you are infected
with malware. What anti-virus and anti-spyware programs do you run?
Are they kept up to date?
Click to expand...

Thanks Ken

I use AVG 9.0 Free and Vista firewall - all kept up to date

Thanks & regards
Pete
 
Thanks Ken

I use AVG 9.0 Free and Vista firewall - all kept up to date
Click to expand...



So you run no anti-spyware software? I recommend that you download,
install, and run both of the following freeware programs: MalwareBytes
AntiMalware and SuperAntiSpyware
 
Ken Blake said:
So you run no anti-spyware software? I recommend that you download,
install, and run both of the following freeware programs: MalwareBytes
AntiMalware and SuperAntiSpyware
Click to expand...

Cheers Ken
I came across MalwareBytes this morning and ran it on my pc at work.
Will try on this one and report back.

Many thanks
Pete
 
Billericay Pete said:
Cheers Ken
I came across MalwareBytes this morning and ran it on my pc at work.
Will try on this one and report back.

Many thanks
Pete
Click to expand...
Hi Ken
I have run full scans with both utilities you suggested, and you were
right! but..
SuperAntiSpyware found 240 cookies - I deleted them anyway
AntiMalware found 5 infected files - log below
So I'm pleased to get shot of them - thanks

Regretably, it's made no difference to the time taken to boot
It's just taken a full 10 minutes from hitting restart to Live Mail being
loaded

My gut feeling is some sort of internal conflict that eventually times-out,
or some index/database that is being re-built
for the whole 10 minute boot process the C: drive is working frantically - I
ran a disk check yesterday - all ok
After the 10 minute wait the PC is fine
I don't know if this is relevant, but sometimes on a hard-boot, the PC
freezes on the MESH splash-screen - about 15% of the time, and requires a
further hard-boot

Your help is much appreciated - Many thanks
Pete
Log -
www.malwarebytes.org

Database version: 4169

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

04/06/2010 21:47:35
mbam-log-2010-06-04 (21-47-35).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 376751
Time elapsed: 1 hour(s), 19 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{b1e22eb8-2ae8-4e8e-96ae-74f2a1764533}
(Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1}
(Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa}
(Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) ->
Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\DLP.dll (Trojan.BHO) -> Quarantined and deleted
successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
Billericay Pete said:
Hi Ken
I have run full scans with both utilities you suggested, and you were
right! but..
SuperAntiSpyware found 240 cookies - I deleted them anyway
AntiMalware found 5 infected files - log below
So I'm pleased to get shot of them - thanks

Regretably, it's made no difference to the time taken to boot
It's just taken a full 10 minutes from hitting restart to Live Mail being
loaded

My gut feeling is some sort of internal conflict that eventually
times-out, or some index/database that is being re-built
for the whole 10 minute boot process the C: drive is working frantically -
I ran a disk check yesterday - all ok
After the 10 minute wait the PC is fine
I don't know if this is relevant, but sometimes on a hard-boot, the PC
freezes on the MESH splash-screen - about 15% of the time, and requires a
further hard-boot

Your help is much appreciated - Many thanks
Pete
Log -
www.malwarebytes.org

Database version: 4169

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

04/06/2010 21:47:35
mbam-log-2010-06-04 (21-47-35).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 376751
Time elapsed: 1 hour(s), 19 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{b1e22eb8-2ae8-4e8e-96ae-74f2a1764533}
(Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1}
(Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa}
(Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) ->
Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\DLP.dll (Trojan.BHO) -> Quarantined and deleted
successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Just out of interest, I restarted in Diagnostic Mode - 1 min 57s to Love
Mail being loaded...... if only !
Click to expand...
 
Then I suspect that you are still infected, and MalwareBytes
AntiMalware didn't catch everything. I'm not sure what your next step
should be. Perhaps someone else here will suggest something.
 
Ooopps - but Love Mail does sound more interesting....

Thanks for your suggestion Dave - I've run HiJackThis and got the
following -


Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Windows\System32\CTXFIHLP.EXE
C:\Windows\System32\CtHelper.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\logitech\SetPoint\SetPoint.exe
C:\Program Files\PURE Flow Server\twonkymediaserverconfig.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Users\Pete\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program
Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows
Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program
Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick
Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common
Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media
Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
/autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative
SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative
SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft
Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program
Files\logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: PURE Flow Server Tray Control.lnk = C:\Program
Files\PURE Flow Server\twonkymediaserverconfig.exe
O8 - Extra context menu item: Free YouTube to Mp3 Converter -
C:\Users\Pete\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program
Files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner -
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis -
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ,
s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. -
C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative
Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -
C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program
Files\Kontiki\KService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. -
C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation -
C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. -
C:\Windows\system32\IoctlSvc.exe
O23 - Service: PURE Flow Server - PacketVideo - C:\Program Files\PURE Flow
Server\twonkymediaserverwatchdog.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME
2\TomTomHOMEService.exe
 
Ken Blake said:
Then I suspect that you are still infected, and MalwareBytes
AntiMalware didn't catch everything. I'm not sure what your next step
should be. Perhaps someone else here will suggest something.
Click to expand...

Thanks for your help Ken - I'm sure I'll get there in the end!

Best wishes
Pete
 
Hi Dave - I pasted the file into the HiJackThis analyzer - it reported all
it checked as being Safe or Very Safe
There are a couple of entries that were unknown, but I know them to be
related to my PURE wireless music streaming thing

Just have to keep on tryin!!

Many thanks again

Pete
 
Dave-UK said:
Billericay Pete said:
Hi Dave - I pasted the file into the HiJackThis analyzer - it reported
all it checked as being Safe or Very Safe
There are a couple of entries that were unknown, but I know them to be
related to my PURE wireless music streaming thing

Just have to keep on tryin!!

Many thanks again

Pete
Click to expand...

I see you have AVG and SUPERantispyware running at the same time, that may
cause problems.
Also, as it freezes on the splash screen that may indicate a hardware
problem. :-(
These are the things I would disable to see if there is any improvement in
your speed.
If there is any improvement add them back one at a time to find the
culprit.

O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE ( Creative
registration nag )
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
http://forums.logitech.com/t5/Mice-Trackballs/KHALMNPR-EXE-is-using-98-of-CPU/m-p/86636
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick
Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKCU\..\Run: [swg] "C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program
Files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -
C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe

Do you use Works calendar?
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft
Shared\Works Shared\WkCalRem.exe
(Microsoft Works Calendar reminders)
Do you print labels directly on to CDs?
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService)
Do you have any Bluetooth stuff ?
O23 - Service: Logitech Bluetooth Service (LBTServ)

Good luck!
Click to expand...
Cheers Dave
I think a hardware problem is a likely candidate.
I tried AntiSpyware at the suggestion of Ken in a previous mail
I'll remove it as it only found cookies anyway
I'll then try disabling as you suggest above and report back when I've
tried.

Thanks for your help!!
Pete
 
Billericay Pete said:
Dave-UK said:
Billericay Pete said:
Hi Dave - I pasted the file into the HiJackThis analyzer - it reported
all it checked as being Safe or Very Safe
There are a couple of entries that were unknown, but I know them to be
related to my PURE wireless music streaming thing

Just have to keep on tryin!!

Many thanks again

Pete
Click to expand...

I see you have AVG and SUPERantispyware running at the same time, that
may cause problems.
Also, as it freezes on the splash screen that may indicate a hardware
problem. :-(
These are the things I would disable to see if there is any improvement
in your speed.
If there is any improvement add them back one at a time to find the
culprit.

O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE ( Creative
registration nag )
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
http://forums.logitech.com/t5/Mice-Trackballs/KHALMNPR-EXE-is-using-98-of-CPU/m-p/86636
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program
Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKCU\..\Run: [swg] "C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program
Files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -
C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe

Do you use Works calendar?
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft
Shared\Works Shared\WkCalRem.exe
(Microsoft Works Calendar reminders)
Do you print labels directly on to CDs?
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService)
Do you have any Bluetooth stuff ?
O23 - Service: Logitech Bluetooth Service (LBTServ)

Good luck!
Click to expand...
Cheers Dave
I think a hardware problem is a likely candidate.
I tried AntiSpyware at the suggestion of Ken in a previous mail
I'll remove it as it only found cookies anyway
I'll then try disabling as you suggest above and report back when I've
tried.

Thanks for your help!!
Pete
Click to expand...

Dave
A further thought that i'm sure will do the trick -
A new C: drive and a copy of Win7 :)

It's a good excuse for an upgrade!

Thanks for all your help!
I'm sure I'll be back at some point
Cheers
Pete
 
Back
Top