We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Hijack this log - Can anyone help quicken up very slow laptop?

Lady_K
Lady_K Posts: 4,429 Forumite
Part of the Furniture Combo Breaker
This is an old laptop and was not very fast but it has slowed significantly over the last few days, is there anything in this hijack this scan that I could change to help make it less slow please?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:31:25, on 20/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/da/PCPitStop.CAB
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168518119035
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://drm1.reelsurvey.com/ePlayer/V3_2_0_0/ACNePlayer.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader_uni.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8007 bytes
Thanx

Lady_K
«134

Comments

  • m5rcc
    m5rcc Posts: 1,544 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    Don't see another browser other than IE8 so thats one option to use to gain faster browsing.

    What's all this Facebook rubbish installed?
  • Lady_K
    Lady_K Posts: 4,429 Forumite
    Part of the Furniture Combo Breaker
    There is firefox latest edition on here too and thats still slow too

    The facebook stuff I don't know, I don't use facebook myself so don't know how it works. Its an old laptop that my daughter saves in case she has problems as a back up. I'm using it while looking for a new pc

    If this is any use I have checked the commit charge levels

    total 375924 (changes)
    limit 1192784
    peak 671076

    physical memory

    total 982000
    available 48624 (changing)
    system cache 519740
    Thanx

    Lady_K
  • m5rcc
    m5rcc Posts: 1,544 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    i would download and install CCleaner. Run it, analyse the stuff and delete.

    Then go to Tools > Startup and disable those items that do not need to be run.

    Then go to Uninstall and sort by oldest first and uninstall the programs you no longer use.
  • Lady_K
    Lady_K Posts: 4,429 Forumite
    Part of the Furniture Combo Breaker
    m5rcc wrote: »
    i would download and install CCleaner. Run it, analyse the stuff and delete.

    Then go to Tools > Startup and disable those items that do not need to be run.

    Then go to Uninstall and sort by oldest first and uninstall the programs you no longer use.

    Thanks but I have already got ccleaner and have run that and done all of the above with start up and uninstalled programs no longer used. I just wondered if anyone might pick something up from the hijack this log or have any other ideas
    Thanx

    Lady_K
  • m5rcc
    m5rcc Posts: 1,544 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    The rest appears OK to me. How much free space do you have. How many hard drives are you running?
  • Lady_K
    Lady_K Posts: 4,429 Forumite
    Part of the Furniture Combo Breaker
    12.4gb free space 24.7 used space and just the one hardrive, its a laptop
    Thanx

    Lady_K
  • RussJK
    RussJK Posts: 2,359 Forumite
    edited 20 August 2011 at 12:20PM
    I'd uninstall Zonealarm personally, but that's your decision.

    Don't need Quicktime starting with Windows:
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    Or CTFMON: http://www.howtogeek.com/howto/windows-vista/what-is-ctfmonexe-and-why-is-it-running/
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe


    Services

    You've got a bunch of services that you might not need to be running. We can't tell from the HJT log whether or not they are actually set to run automatically. I'll explain them, then you can decide the best thing to do with them.

    Generally the safest way to change the way services run is to use: Start > Run > services.msc (enter). From there, find the services and double click on it, then set the startup type to Manual (unless you absolutely never want to run it, in which case you can set it to Disabled or uninstall the program). I'd suggest that you don't change any Microsoft services unless someone has suggested it, just services installed by third parties.

    SuperAntiSpyware has this service running the whole time, regardless of whether it's the free version (on demand) or the paid resident scanner. They claim it's required, but the program runs with it disable or on manual. Personally I would uninstall SAS and at most just use the portable version (http://www.superantispyware.com/sasportable.php). Malwarebytes is a better program in my opinion:
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE


    You only need Bonjour running if you use Apple TV, or share your iTunes over the network for 'broadcasting'. I would set this service to Manual in services.msc:
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    These are the other iTunes services. It shouldn't break anything to set them both to Manual, unless you want/desire these aspects of iTunes to be running in the background.
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe


    This is so the computer can printer to a Brother printer. If you no longer do that with this particular computer (and your daughter never will), then you could uninstall it. Otherwise leave it alone:
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe


    getPlus is unnecessary and can be uninstalled completely:
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

    Java is a security risk. I would uninstall all instances of JRE and Java/Sun Java from the computer. If it later turns out you need it for a particular program, you can just install it again at worst, and then set this JavaQuickStarterService to Manual:
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    Hope this all makes sense!
  • RussJK
    RussJK Posts: 2,359 Forumite
    I neglected the most important part, there's a proxy override on the computer. Do you recognise inetcam.com? If this doesn't mean anything to you, it might be an idea to Tick and Fix this entry in Hijackthis:
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local

    Have you done a Malwarebytes scan?
  • Lady_K
    Lady_K Posts: 4,429 Forumite
    Part of the Furniture Combo Breaker
    Thanks I will have a go at some of those.

    I timed after the windows welcome page goes away, from when the desktop wallpaper comes up how long it takes for the desktop icons to actually appear and it was just short of 5 minutes... thats a long time and its every time

    The brother printer we no longer have and I didnt know that was for that so shall remove

    I disabled quicktime and cftmon

    The itunes stuff so don't know about the bonjour, I will check it on that but again I personally don't use itunes or ipod. If she doesnt rally need it ad can still us itunes etc its better removed then.

    The superantispware, I have used it for a long time so am surprised about that but I will look into the portable one, will that be the same for pc use? I do not have malwarebytes or superantispyware on constant protection, I just run them both when needed.
    Thanx

    Lady_K
  • Lady_K
    Lady_K Posts: 4,429 Forumite
    Part of the Furniture Combo Breaker
    RussJK wrote: »
    I neglected the most important part, there's a proxy override on the computer. Do you recognise inetcam.com? If this doesn't mean anything to you, it might be an idea to Tick and Fix this entry in Hijackthis:
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local

    Have you done a Malwarebytes scan?

    I did a quick one for starters as a full one takes at least 1.5 hours and might be more now with it this slow

    I do not know what inetcam.com, I dont know if its related to her sony camera though

    I might uninstal the facebook photo uploaders and facebook banner I found when searching files or facebook. I did find a facebook plug in that was installed on 9/8/2011 but she hasnt used this laptop for a long time and I don't use facebook so I untilled that via ccleaner tools
    Thanx

    Lady_K
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 347.7K Banking & Borrowing
  • 251.8K Reduce Debt & Boost Income
  • 452.1K Spending & Discounts
  • 240K Work, Benefits & Business
  • 616.1K Mortgages, Homes & Bills
  • 175.3K Life & Family
  • 253.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.