📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Hijack this log Dell inspiron 1300 Win XP

Options
Hi there,
I have a 7.5 years old laptop which has become very very slow I am using it as a secondary comp as I have since bout a laptop couple of years back. I think it has 750 MB RAM and 40 GB hard disk I have removed all the stuff from it. I could not find the original XP cd and I do not have a restore cd as well but I do have the XP code which was printed at the back of laptop.

I am following the steps on the thread by closed. I have done the malwarebytes scan and adaware as well and the virus before I started the process.

Here is my readings:
Commit Charge Total 559512
Commit charge peak: 696352
Peak memory: 777596

Hijack this log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:21:34, on 03/09/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP2 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files\O2\bin\sprtcmd.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Abexo\update4.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\amitshalini\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\amitshalini\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\amitshalini\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\amitshalini\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/m/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R3 - URLSearchHook: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll (file missing)
O4 - HKLM\..\Run: [O2] "C:\Program Files\O2\bin\sprtcmd.exe" /P O2
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\amitshalini\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [qupdate] C:/Program Files/Abexo/update4.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Travelaxe - {32A32D38-B8ED-4b3f-AFD0-EF23B697B5C1} - C:\Program Files\Travelaxe\Travelaxe.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Playboy Casino GBP - {C8B54920-5DFB-11DB-B0DE-0800200C9A66} - http://www.playboycasino.com (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Playboy Casino GBP - {C8B54920-5DFB-11DB-B0DE-0800200C9A66} - http://www.playboycasino.com (file missing) (HKCU)
O15 - Trusted Zone: http://*.broadband.o2.co.uk
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.tvucricket.com/player/vjocx-en-black.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: Google Update Service (gupdate1c9a00cad3d0e62) (gupdate1c9a00cad3d0e62) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10007 bytes
Thank you so much for looking. I will now follow the steps of the thread "How to speed up yor PC"

Thanks again
I wanted to thankyou a million times but its a shame that I can press the button just once :T
«1

Comments

  • NiftyDigits
    NiftyDigits Posts: 10,459 Forumite
    Service Tag at the bottom of the laptop if you please. :)
  • macgyver
    macgyver Posts: 1,291 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker Name Dropper
    edited 3 September 2013 at 8:22PM
    Service tag:

    Sorry the service tag is: 668L52J
    Thank you
    I wanted to thankyou a million times but its a shame that I can press the button just once :T
  • closed
    closed Posts: 10,886 Forumite
    edited 3 September 2013 at 8:03PM
    Dell - Factory restore, XP era - hold Control and F11 at boot - will probably cure all in 10 minutes, but will wipe all your data

    or you can go through and uninstall /disable adaware, rapport, spybot, skype update, java quick starter, flash update, chrome, google update, picase, nokia, ctfmon, tppoll, travelaxe, playboxcasino, O16's, sprtcmd, activesync, abexo, yahoo and other bho's etc etc etc.
    !!
    > . !!!! ----> .
  • motorguy
    motorguy Posts: 22,611 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    macgyver wrote: »
    Hi there,
    I have a 7.5 years old laptop which has become very very slow I am using it as a secondary comp as I have since bout a laptop couple of years back. I think it has 750 MB RAM and 40 GB hard disk I have removed all the stuff from it. I could not find the original XP cd and I do not have a restore cd as well but I do have the XP code which was printed at the back of laptop.

    Buy yourself this Dell XP disc

    http://www.ebay.co.uk/itm/Dell-Windows-XP-Pro-SP3-32-BIT-CD-for-Dell-Laptop-Desktop-/251330930080?pt=UK_Computing_Manuals_Resources&hash=item3a847da5a0

    Download the drivers from Dells website and away you go.

    Once thats done upgrade the RAM to 2GB.

    Job done.
  • closed
    closed Posts: 10,886 Forumite
    shouldn't need to buy a disc, because it will probably have a factory restore partition, and niftydigits will most likely be providing the op a free one if required.
    !!
    > . !!!! ----> .
  • macgyver
    macgyver Posts: 1,291 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker Name Dropper
    Thank you all.
    I will try the contol + F11 at boot option as I do not have any important data on the laptop AND report back

    Sorry the service tag is: 668L52J
    I wanted to thankyou a million times but its a shame that I can press the button just once :T
  • motorguy
    motorguy Posts: 22,611 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    macgyver wrote: »
    Thank you all.
    I will try the contol + F11 at boot option as I do not have any important data on the laptop AND report back

    Sorry the service tag is: 668L52J

    Should you ever need drivers or info on your machine, you can look it up on Dells site, using your service tag

    http://www.dell.com/support/troubleshooting/uk/en/ukdhs1/ProductSelector/Select/Progress?DownloadClient=False&rquery=na
  • macgyver
    macgyver Posts: 1,291 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker Name Dropper
    motorguy wrote: »
    Should you ever need drivers or info on your machine, you can look it up on Dells site, using your service tag

    http://www.dell.com/support/troubleshooting/uk/en/ukdhs1/ProductSelector/Select/Progress?DownloadClient=False&rquery=na
    Thank you. I tried that but the dell system detect crashed and could not detect the service number.
    So I found out by pressing the F2 at boot up.

    Update: I have been unable to do the restore but am still trying and watching a youtube tutorial how to do it.

    Thank you again
    I wanted to thankyou a million times but its a shame that I can press the button just once :T
  • NiftyDigits
    NiftyDigits Posts: 10,459 Forumite
    macgyver wrote: »
    Thank you. I tried that but the dell system detect crashed and could not detect the service number.
    So I found out by pressing the F2 at boot up.

    Update: I have been unable to do the restore but am still trying and watching a youtube tutorial how to do it.

    Thank you again

    Worse case scenario, you can use your Windows XP Home with SP3 recovery disc for DELL.

    You'll need to install from boot in order to delete/format the main partition so as overwrite the old install.
    No need for a key as it's made for DELL.
  • macgyver
    macgyver Posts: 1,291 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker Name Dropper
    Worse case scenario, you can use your Windows XP Home with SP3 recovery disc for DELL.

    You'll need to install from boot in order to delete/format the main partition so as overwrite the old install.
    No need for a key as it's made for DELL.

    Thank you but I do not have a recovery disc.
    Can I create one from my laptop.

    Thanks again
    I wanted to thankyou a million times but its a shame that I can press the button just once :T
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351.1K Banking & Borrowing
  • 253.2K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244.1K Work, Benefits & Business
  • 599.1K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.5K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.