vista slowing down...

[Daniel Royer]

Hi!

I've been running Vista Home premium for a couple of years. Over the
past months it has started to slow down, with warning about low memory
(2 gig RAM). I defragment quite often.
What else can I do?

TIA

Daniel

 

[Ömer Coşkun]

first you must do disk cleanup. you can do it by properties of local disk.
and then you must defrag. disk. you must delete folders that you don't use,
you must uninstall programs. do these things and than write here results.

 

[Jim]

Hi!

I've been running Vista Home premium for a couple of years. Over the
past months it has started to slow down, with warning about low memory
(2 gig RAM). I defragment quite often.
What else can I do?

TIA

Daniel

Tell us more : size of hd , free space etc .

 

[Questor]

Every once and a while I have this problem too.

1. I right click on the task bar.
2. Select task manager.
3. Click on resource monitor.
4. Click on the memory bar.

Write down the task names that are using a lot of memory and Google them and
see what they are and delete the offending program thru the control panel.

 

[Questor]

Oops, resource monitor is under the performance tab.

Every once and a while I have this problem too.

1. I right click on the task bar.
2. Select task manager.
3. Click on resource monitor.
4. Click on the memory bar.

Write down the task names that are using a lot of memory and Google them
and see what they are and delete the offending program thru the control
panel.

 

[Daniel Royer]

Tell us more : size of hd , free space etc .

HD: 500 Mb. 362 free. Ram: 2 gig. HD defragmented.

Daniel

 

[Daniel Royer]

Oops, resource monitor is under the performance tab.

Every once and a while I have this problem too.

1. I right click on the task bar.
2. Select task manager.
3. Click on resource monitor.
4. Click on the memory bar.

Write down the task names that are using a lot of memory and Google
them and see what they are and delete the offending program thru the
control panel.

I've done it. I don't see any app that uses a lot of memory. I'll give
it another try.

 

[Daniel Royer]

Have you had a look in the Event Viewer ?
Also have a look at the reliability history:
Control Panel
System Maintenance
Performance Information and tools
On the left - Advanced tools
Open Reliability and Performance Monitor
Reliability Monitor

I did. Nothing seems wrong.

Daniel

 

[Shenan Stanley]

I've been running Vista Home premium for a couple of years. Over
the past months it has started to slow down, with warning about low
memory (2 gig RAM). I defragment quite often.
What else can I do?

What, if anything, changed?

Did you install any new applications (Internet Explorer 8, Microsoft Office
from 2003 to 2007 or 2007 to 2010, iTunes now installed, RealPlayer, Adober
Acrobat (reader or professional), etc and so on...) or change antivirus
applications (or even update your subscription/change versions on the same
one?)

As a matter of fact - what AntiVirus application (be specific - manufacturer
name and exact version of the product you have installed) do you utilize?
Is it actually a *suite* and not just antivirus? Does it include
(supposedly) a firewall and antispyware as well?

I double-checked - I cannot see (may have missed it) where you have said if
this is 32-bit or 64-bit Vista or what service pack you are currently at.

What we know:
- Windows Vista Home Premium (what service pack level and what
architecture?)
- 500GB HDD (all devoted to C:\?) with over 350GB free.
- 2GB of system memory (is it shared memory - so some goes to your video
card?)

Other information that would be useful (and not already asked for):
- Video card information (manufacturer, model and amount of memory)
- Network card information (manufacturer and model)
- How you connect to the Internet (Cable modem, DSL, Satellite, dial-up,
not at all and whether or not - if high speed - you are behind a NAT router
and get an IP like 129.168.x.x or 10.x.x.x)
- What antispyware application(s) you have ran in the past and if you have
updated and done a full scan with them lately?

 

[Daniel Royer]

Daniel Royer wrote:

What, if anything, changed?

Did you install any new applications (Internet Explorer 8, Microsoft Office
from 2003 to 2007 or 2007 to 2010, iTunes now installed, RealPlayer, Adober
Acrobat (reader or professional), etc and so on...) or change antivirus
applications (or even update your subscription/change versions on the same
one?)






As a matter of fact - what AntiVirus application (be specific - manufacturer
name and exact version of the product you have installed) do you utilize?
Is it actually a *suite* and not just antivirus? Does it include
(supposedly) a firewall and antispyware as well?






I double-checked - I cannot see (may have missed it) where you have said if
this is 32-bit or 64-bit Vista or what service pack you are currently at.

What we know:
- Windows Vista Home Premium (what service pack level and what
architecture?)
- 500GB HDD (all devoted to C:\?) with over 350GB free.
- 2GB of system memory (is it shared memory - so some goes to your video
card?)



Other information that would be useful (and not already asked for):
- Video card information (manufacturer, model and amount of memory)
- Network card information (manufacturer and model)
- How you connect to the Internet (Cable modem, DSL, Satellite, dial-up,
not at all and whether or not - if high speed - you are behind a NAT router
and get an IP like 129.168.x.x or 10.x.x.x)
- What antispyware application(s) you have ran in the past and if you have
updated and done a full scan with them lately?

changes: NO
Vista home premium 32 bit, SP1.
MSE, from the beginning. Updated.
I guess my RAM is shared.
Intel(R) PRO/100 VE Network Connection
NVIDIA GeForce 8500 GT
T1 connection to the Internet.
I've run full scan with MSE.

Thanks for your concern

Daniel

 

[Daniel Royer]

Well what makes you say it's slowing down ? What is slow - boot-up?
running programs? the internet? shutting down?
What is the exact error message about low memory?
Does it run slow in Safe Mode ?
Have you tried disabling any antivirus?

I used to be able to double click on a program and it would start almost
immediately. No, when I click on let's say, Word, it takes (let's not
say "ages") but a long time to load.

Every other day I get a message about low memory. "Explorer (not IE)
must shut down."
Safe mode is no better.

I'm using MSE. Disabled it (while praying!) but nothing seemed to improve.

Daniel

 

[Shenan Stanley]

changes: NO
Vista home premium 32 bit, SP1.
MSE, from the beginning. Updated.
I guess my RAM is shared.
Intel(R) PRO/100 VE Network Connection
NVIDIA GeForce 8500 GT
T1 connection to the Internet.
I've run full scan with MSE.

Thanks for your concern

Windows Vista with SP1? That indicates an issue as it is. If you do not
have SP2 installed - something is not quite right and has not been for a
while (or you declined it - which was not such a great idea as SP2 vastly
improved performance for many systems out there.)

My suggestions:

For safety (because anything can and go wrong anytime) - perform an extra
backup on your system (using whatever method you already have in place.) If
you have never performed a backup - I suggest that you have done yourself a
disservice and you should correct this immediately. Don't want a learning
curve? Get a Seagate Replica 500GB drive - it'll do everything for you.

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the following
(freeware version):

SuperAntiSpyware
http://www.superantispyware.com/

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the following
(freeware version):

MalwareBytes
http://www.malwarebytes.com/

Reboot and logon as administrative user.

Download and run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

Reboot and logon as administrative user.

Visit this web page:

How do I reset Windows Update components?
http://support.microsoft.com/kb/971058

.... and click on the "Microsoft Fix it" icon. When asked,
select "RUN", both times. Check the "I agree" box and
click on "Next". Check the box for "Run aggressive
options (not recommended)" and click "Next". Let it
finish up and follow the prompts until it is done.
Close/exit.

Reboot and logon as administrative user.

Suggest checking that you have the latest:
- Video Device driver
- Audio Device driver
- Network Device driver

.... for your computer/operating system *from the manufacturer for each
device* - not Microsoft.

Reboot (as needed) and logon as administrative user.

Run a CHKDSK on your system drive (C)...
http://www.windows-help-central.com/windows-vista-chkdsk.html

Check for updates - has SP2 been offered to you yet? If it has - install
it, if it has not, please go through the following article:
http://support.microsoft.com/kb/948343

Now - I would suggest getting rid of MSE and installing something like Avira
AntiVir - but it comes down to personal experience on the performance and
abilities of the products. If it was *my* system - MSE would not be on it
(eSet NOD32 or Avira would be) and the Windows Firewall would be enabled
with no exceptions.

Anyway - come back after doing all that and let us know what happened/what
you found.

 

[Daniel Royer]

* Shenan Stanley wrote, On 14.06.2010 17:56:

Windows Vista with SP1? That indicates an issue as it is. If you do not
have SP2 installed - something is not quite right and has not been for a
while (or you declined it - which was not such a great idea as SP2 vastly
improved performance for many systems out there.)

My suggestions:

For safety (because anything can and go wrong anytime) - perform an extra
backup on your system (using whatever method you already have in place.) If
you have never performed a backup - I suggest that you have done yourself a
disservice and you should correct this immediately. Don't want a learning
curve? Get a Seagate Replica 500GB drive - it'll do everything for you.

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the following
(freeware version):

SuperAntiSpyware
http://www.superantispyware.com/

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the following
(freeware version):

MalwareBytes
http://www.malwarebytes.com/

Reboot and logon as administrative user.

Download and run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

Reboot and logon as administrative user.

Visit this web page:

How do I reset Windows Update components?
http://support.microsoft.com/kb/971058

... and click on the "Microsoft Fix it" icon. When asked,
select "RUN", both times. Check the "I agree" box and
click on "Next". Check the box for "Run aggressive
options (not recommended)" and click "Next". Let it
finish up and follow the prompts until it is done.
Close/exit.

Reboot and logon as administrative user.

Suggest checking that you have the latest:
- Video Device driver
- Audio Device driver
- Network Device driver

... for your computer/operating system *from the manufacturer for each
device* - not Microsoft.

Reboot (as needed) and logon as administrative user.

Run a CHKDSK on your system drive (C)...
http://www.windows-help-central.com/windows-vista-chkdsk.html

Check for updates - has SP2 been offered to you yet? If it has - install
it, if it has not, please go through the following article:
http://support.microsoft.com/kb/948343

Now - I would suggest getting rid of MSE and installing something like Avira
AntiVir - but it comes down to personal experience on the performance and
abilities of the products. If it was *my* system - MSE would not be on it
(eSet NOD32 or Avira would be) and the Windows Firewall would be enabled
with no exceptions.

Anyway - come back after doing all that and let us know what happened/what
you found.

Sorry. I meant SP2.

Daniel

 

[Shenan Stanley]

changes: NO
Vista home premium 32 bit, SP1.
MSE, from the beginning. Updated.
I guess my RAM is shared.
Intel(R) PRO/100 VE Network Connection
NVIDIA GeForce 8500 GT
T1 connection to the Internet.
I've run full scan with MSE.

Thanks for your concern

<snipped - you 'discovered' you had SP2

My suggestions:

For safety (because anything can and go wrong anytime) - perform an
extra backup on your system (using whatever method you already have
in place.) If you have never performed a backup - I suggest that
you have done yourself a disservice and you should correct this
immediately. Don't want a learning curve? Get a Seagate Replica
500GB drive - it'll do everything for you.
Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the
following (freeware version):

SuperAntiSpyware
http://www.superantispyware.com/

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the
following (freeware version):

MalwareBytes
http://www.malwarebytes.com/

Reboot and logon as administrative user.

Download and run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

Reboot and logon as administrative user.

Visit this web page:

How do I reset Windows Update components?
http://support.microsoft.com/kb/971058

... and click on the "Microsoft Fix it" icon. When asked,
select "RUN", both times. Check the "I agree" box and
click on "Next". Check the box for "Run aggressive
options (not recommended)" and click "Next". Let it
finish up and follow the prompts until it is done.
Close/exit.

Reboot and logon as administrative user.

Suggest checking that you have the latest:
- Video Device driver
- Audio Device driver
- Network Device driver

... for your computer/operating system *from the manufacturer for
each device* - not Microsoft.

Reboot (as needed) and logon as administrative user.

Run a CHKDSK on your system drive (C)...
http://www.windows-help-central.com/windows-vista-chkdsk.html

<snipped - you 'discovered' you had SP2

Now - I would suggest getting rid of MSE and installing something
like Avira AntiVir - but it comes down to personal experience on
the performance and abilities of the products. If it was *my*
system - MSE would not be on it (eSet NOD32 or Avira would be) and
the Windows Firewall would be enabled with no exceptions.

Anyway - come back after doing all that and let us know what
happened/what you found.

Sorry. I meant SP2.

I'd still do the steps, excluding the installation of Service Pack 2 if you
have it.

Start button --> RUN --> type in:
winver
--> Click OK.

That tells you what you have.

Steps left above.

 

[Mr. Arnold]

Hi!

I've been running Vista Home premium for a couple of years. Over the
past months it has started to slow down, with warning about low memory
(2 gig RAM). I defragment quite often.
What else can I do?

It sounds like the O/S's virtual memory is too small for the real memory
being used. If it's not set to let the O/S "auto control the size", then
set it to that setting and let the O/S control the size of virtual
memory as needed.

<http://windows.microsoft.com/en-US/windows-vista/Change-the-size-of-virtual-memory>

 

[Daniel Royer]

Try scanning with Hijackthis:
http://free.antivirus.com/hijackthis/
Choose the Installer option.
Run the install file, agree to the default install folder and you will
then see several options.
Choose 'Do a system scan and save a log file'.
The log file will be saved here:
C:\Program Files\Trend Micro\HijackThis
Copy and paste the log file into a post and post it here.
You can also paste the log file into this website for additional
information:
http://hijackthis.de/index.php?langselect=english

OK Dave. Here it goes:

_______________________________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:42, on 15.06.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Avanquest\PowerDesk\PDHookServer.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Cobian Backup 9\cbService.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\hp\kbd\kbd.exe
C:\Program Files\JGsoft\EditPadLite\EditPadLite.exe
C:\Program Files\Avanquest\PowerDesk\PDExploNXP.exe
C:\Windows\explorer.exe
C:\Program Files\Avanquest\PowerDesk\PDExploNXP.exe
C:\My Games\Mahjong Tales - Ancient Wisdom\mahjongtalesancientwisdom_r1a.exe
C:\My Games\Mahjong Tales - Ancient Wisdom\MahjongTalesAncientWisdom.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird 3.0\thunderbird.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.unige.ch/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_CH&c=73&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_CH&c=73&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} -
C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
- C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer -
{3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program
files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7}
- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
{AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch -
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google
Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: PC Tools Browser Guard -
{472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware
Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows
Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program
Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix
Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program
Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program
Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security
Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager]
"C:\Windows\system32\rundll32.exe" "C:\Program
Files\NOS\bin\getPlus_Helper.dll",Uninstall
/IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
/autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_1_0 -reboot 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe"
/nosplash /minimized
O4 - HKCU\..\Run: [PDHookServer] C:\Program
Files\Avanquest\PowerDesk\PDHookServer.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe
oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program
Files\Frontpage\Office10\OSA.EXE
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program
Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier
PDF existant - res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF
existant - res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en
fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un
fichier PDF existant - res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video - res://C:\Program
Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 -
res://C:\Program Files\Common
Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://utilities.pcpitstop.com/Nirvana/controls/PCPitStop.CAB
O16 - DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} (JInitiator 1.3.1.28) -
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -
http://utilities.pcpitstop.com/Nirvana/controls/pcpitstop2.dll
O17 -
HKLM\System\CCS\Services\Tcpip\..\{B8F263D9-5964-48C5-963E-DE43C9A0E23A}: Domain
= unige.ch
O17 -
HKLM\System\CCS\Services\Tcpip\..\{B8F263D9-5964-48C5-963E-DE43C9A0E23A}: NameServer
= 129.194.4.6,129.194.8.7,129.194.4.32
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\FileMonitor32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R)
Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program
Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner -
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis
Cobian - C:\Program Files\Cobian Backup 9\cbService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common
Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) -
FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Service Google Update (gupdate1c990dbcbd289a0)
(gupdate1c990dbcbd289a0) - Google Inc. - C:\Program
Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel
Corporation - C:\Program Files\Intel\Intel Matrix Storage
Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - c:\Program Files\Common
Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation
- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R)
Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media
Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown
owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media
Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R)
Corporation - C:\Program Files\Intel\IntelDH\Intel Media
Server\Shells\MCLServiceATL.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program
Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA
Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R)
Corporation - C:\Program Files\Intel\IntelDH\Intel Media
Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common
Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program
Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware
Doctor\TFEngine\TFService.exe

 

[Mr. Arnold]

Daniel Royer wrote:

<snipped>

<http://www.windowsecurity.com/artic...d_Rootkit_Tools_in_a_Windows_Environment.html>

Maybe, you picked a rootkit, and you can use tools in the link above
and go look for yourself, as to what is running.

You can use Curr Ports instead of Active Ports on Vista.

 

[Daniel Royer]

* Mr. Arnold wrote, On 15.06.2010 12:33:

Daniel Royer wrote:

<snipped>

<http://www.windowsecurity.com/artic...d_Rootkit_Tools_in_a_Windows_Environment.html>


Maybe, you picked a rootkit, and you can use tools in the link above
and go look for yourself, as to what is running.

You can use Curr Ports instead of Active Ports on Vista.

What's a "rootkit"?

 

[Shenan Stanley]

What's a "rootkit"?

http://tinyurl.com/2b83zmk

 

[Mr. Arnold]

* Mr. Arnold wrote, On 15.06.2010 12:33:
What's a "rootkit"?

It's explained in the link above, along with the tools to help you
discover various exploits of the computer.