Slow startup & other various problems

[Peter]

Lately (maybe in the past week) after startup, my computer seems to have a period (10 minutes or so) where it doesn't do a thing. When it finally opens a window, Firefox for example, it can't load the site. MSN can't log in either. Everything is running really slow, then all of a sudden everything works and it doesn't happen again. I'm stumped on this one.

 

 

 

 

 

 

 

Next problems, and I suspect these are related to cache/cookies or similar. When going to forums, such as these, the first time I load them in a day and I get all of the new posts since my last visit with the flags indicating so. But I go to a couple of posts and go back and refresh, and all of those new flags are now marked as read. It seems to do this every time I refresh, but not on the first visit.

 

 

 

 

 

 

 

Next, and I think this is related to the first problem. On DeviantArt, I'll be browsing and it will just randomly log me out. I'll log back in and a little while later it will log me out again. Sometimes I'm logged in when I go there for the first time in a day, and other times I'm logged out. Don't know if anyone here has experience with DA here, but I've got other problems with that site as well if anyone wishes to hear them.

 

 

 

 

 

 

 

As for the first problem being a virus, it's highly unlikely. I do updated AdAware/Norton scans frequently, and hardly anything is ever picked up. My system is fully updated.

 

 

 

 

 

 

 

Thanks for the help.

[Phil]

Can you post a HijackThis log for us please :)

 

 

 

http://www.spywareinfo.com/~merijn/downloads.html

[Peter]

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 1:40:27 PM, on 10/13/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Executive Software\Diskeeper\DkService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Google\Web Accelerator\googlewebaccclient[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\devldr32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\DOCUME~1\Peter\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

 

 

 

O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll

 

 

 

O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll

 

 

 

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll

 

 

 

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop[Caution: ExecutableFile]" /startup

 

 

 

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig[Caution: ExecutableFile] /auto

 

 

 

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

 

 

 

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

 

 

 

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 1197346631

 

 

 

O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/w ... uncher.cab

 

 

 

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

 

 

 

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag[Caution: ExecutableFile]

 

 

 

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService[Caution: ExecutableFile]

 

 

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

 

 

 

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT[Caution: ExecutableFile]

 

 

 

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb[Caution: ExecutableFile]

 

 

 

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

 

 

 

 

 

 

 

 

 

 

At this point I could deal with the forum problems, but the start-up issue is what is bugging me. It's not like I can just turn it on and leave it for ten minutes then come back, but I have to actually start stuff and keep it going, almost like warming it up, then all of a sudden everything will work.

[Jaswarbrick_2]

Welcome :)

 

 

 

 

 

 

 

You are running Hijackthis from a temporary directory. Hijackthis creates backups of fixes it makes and if your temporary files are deleted then backups will be lost:

 

 

 

 

 

 

 

Please open My computer then C drive and click File > New > Folder and name it "Hijackthis" or similar. Then download Hijackthis again, and "Save As" into that new folder. Then post a new log please.

[Phil]

Once you have done the above ^

 

 

 

 

 

 

 

Fix:

 

 

 

 

 

 

O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll

 

 

 

 

 

 

 

 

 

 

 

Then boot into safe mode and use Windows Explorer to delete (if found):

 

 

 

 

 

 

 

 

 

 

C:\WINDOWS\pxwma.dll

[Peter]

Thanks for the help. Deleted the item, couldn't find it in my Windows directory. It made it a little bit better, but there still seems to be a short period where it's not working well, not to mention the cookie problems still. Any possible solution for that?