Overall Imrpovements of PC with WinXP

Status
Not open for further replies.
lahratla

lahratla

Journeyman
I have a two-years-old 667 MHz Cyrix III PC running with 40 GH HD, 256 MB SD RAM

running in WindowsXP and I've the following problems with it:

1. When I run Winamp 2.9, CPU usage is always 100%.
2. Simple games like Hangaroo has beome sticky.
3. Video played in a very small window are now has been pixelized noticeably.
4. What is the proper way to uninstall programs that do not have unwise.exe or

whose name not appearing in Add/Remove Programs?
5. All the items except the dog in the left pane of SEARCH has disappeared. I can't

search anything!
6. When I tried to install some programs, a pop-up instruction that says

"C:pROGRA^1\Symantec\S32EVNT1.DLL. An installable Virtual Device Driver failed Dll

initialization. Choose 'Close' to terminate the application" always appeared.
7. There are quite a large number of items running in PROCESSES of Windows Task

Manager that took a lot of memories, which I don't recognize.
7. My system is infected with Trojan horse Dialer 11 AN. I'm using AG Snti-Virus Free

Edition 7.0.298 with virus base 265.6.5 dated 26/12/2004. But the progam could not

remove nor quarantined it.
8. I've run WinXP Setup the other day but quit it later before completion and now

there is always an option to choose WinXP Professional and the incompleted set up.
9. My PC takes a lot of time to shutdown. I've tried some registry tweaks of some

sites but it did not help. I even choose to clear page files. What is pagefiles!?
10. I've used Kazaa Lite for P2P, but recenlty was always connecting but not

connected. Because of this is I unistalled it and used LimeWire 4.2.6 instead but it

took a lot of time to open. I've also downloaded Kazaa Media Desktop, Download

Manager and Pal. Can these three be used for P2P without KazaaLite?

The log of HijackThis are as folows:
Logfile of HijackThis v1.99.0
Scan saved at 23:58:44, on 29/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\Fast.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\Winampa.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\program files\180searchassistant\saap.exe
C:\Program Files\GogoTools\Gogoware\GogoLaunch.exe
C:\PROGRA~1\GOGOTO~1\Gogoware\GOGOTO~1.EXE
c:\syz_dat\systray.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

*www.google.co.in/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =

*www.google.co.in/
O2 - BHO: TwaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} -

C:\WINDOWS\twaintec.dll
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} -

C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program

Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Internet Explorer Tracker - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F}

- C:\PROGRA~1\GOGOTO~1\Gogoware\HTMLEdit.dll
O2 - BHO: (no name) - {3C4E691E-50E0-4163-8E94-37F72E994272} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program

Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program

Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -

C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program

Files\DAP\DAPIEBar.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -

C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} -

C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar1.dll
O3 - Toolbar: GoGoTools - {76532682-A5C9-11d8-AE07-00D0591AB78A} -

C:\PROGRA~1\GOGOTO~1\SEARCH~1\SEARCH~1.DLL
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Microsoft Update] msconfg.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [saap] c:\program files\180searchassistant\saap.exe
O4 - HKLM\..\Run: [RUNGogoTools] C:\Program

Files\GogoTools\Gogoware\GogoLaunch.exe
O4 - HKLM\..\RunServices: [Microsoft Update] msconfg.exe
O4 - HKCU\..\Run: [Microsoft Update] msconfg.exe
O4 - HKCU\..\Run: [KazaaMate] C:\Program Files\Kazaa-Pal\Kazaa-Pal.exe
O8 - Extra context menu item: &Download with &DAP -

C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program

files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &WordWeb... -

res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program

files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program

files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download &all with DAP -

C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: RoboForm &2 - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Similar Pages - res://c:\program

files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program

files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} -

C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -

file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm &2 -

{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: GoGoTools - {76532683-A5C9-11d8-AE07-00D0591AB78A} -

C:\PROGRA~1\GOGOTO~1\SEARCH~1\SEARCH~1.DLL
O9 - Extra 'Tools' menuitem: GoGoTools -

{76532683-A5C9-11d8-AE07-00D0591AB78A} -

C:\PROGRA~1\GOGOTO~1\SEARCH~1\SEARCH~1.DLL
O16 - DPF: Win32 Classes -
O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} (Installer Class) -

*www.xxxtoolbar.com/ist/softwares/v4.0/0006_cracks.cab
O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} -
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -

*dload.ipbill.com/del/loader.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) -

*www.xxxtoolbar.com/ist/softwares/v3.0/0006_cracks.cab
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -

C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Unknown - C:\Program

Files\Norton AntiVirus\navapsvc.exe (file missing)

Please advise me on overall improvement of my PC's performance.
 
hafees

hafees

In the zone
the systray.exe seems like a virus. you should disable & delete it. the windows' systray will not be shown as a process and the location will be :\windows\system32\ .

you may run the WinPatrol software to check for more information on the running application. if it is not from a respectable company or the company is unknown try disabling it. ( *www.winpatrol.com )





[/b]
 
it_waaznt_me

it_waaznt_me

Coming back to life ..
lahratla said:
Platform: Windows XP (WinNT 5.01.2600)
Click to expand...
<--Install SP2 for XP


lahratla said:
5. All the items except the dog in the left pane of SEARCH has disappeared. I can't search anything!
Click to expand...
That is a documented bug, Your problem can be solved by installing Service Pack 2 for WinXP ...

First of all, Do this thing :
Start > Run > Appwiz.cpl <Press Enter>
Now uninstall 180 Search Assistant , GogoWare (or GogoTools) , MyBar , Norton Antivirus (If it is listed there, cauz most of the files of NAV have been deleted from your system).
Now Reboot in Safe mode .. (Press F8 while booting your system and Select Safe Mode )

lahratla said:
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\Fast.exe
C:\WINDOWS\system32\fxssvc.exe
C:\program files\180searchassistant\saap.exe
C:\Program Files\GogoTools\Gogoware\GogoLaunch.exe
C:\PROGRA~1\GOGOTO~1\Gogoware\GOGOTO~1.EXE
c:\syz_dat\systray.exe
Click to expand...
See if these process are still running in Safe mode or not. If yes then first Kill these process from TaskManager ... Press Ctrl Shift Esc to open Task Manager and then Highlight these process in the Process Tab and Rightclick and Select Kill Process ..

Now Run HijackThis again and put a CheckMark next to these entries and Click on Fix Checked.
Please make sure that all Internet Explorer and Windows Explorer windows are closed.

lahratla said:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =*www.google.co.in/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = *www.google.co.in/
O2 - BHO: TwaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} -C:\WINDOWS\twaintec.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O2 - BHO: Internet Explorer Tracker - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F}- C:\PROGRA~1\GOGOTO~1\Gogoware\HTMLEdit.dll
O2 - BHO: (no name) - {3C4E691E-50E0-4163-8E94-37F72E994272} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: GoGoTools - {76532682-A5C9-11d8-AE07-00D0591AB78A} - C:\PROGRA~1\GOGOTO~1\SEARCH~1\SEARCH~1.DLL
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Microsoft Update] msconfg.exe <-- Possible Virus. find and delete this file. Notice its MsConfg.exe and not MsConfIg.exe which is a legitimate Windows file. Notice the 'I'in the file name.
O4 - HKLM\..\Run: [saap] c:\program files\180searchassistant\saap.exe
O4 - HKLM\..\Run: [RUNGogoTools] C:\Program Files\GogoTools\Gogoware\GogoLaunch.exe
O4 - HKLM\..\RunServices: [Microsoft Update] msconfg.exe <-- Possible Virus
O4 - HKCU\..\Run: [Microsoft Update] msconfg.exe <-- Possible Virus
O4 - HKCU\..\Run: [KazaaMate] C:\Program Files\Kazaa-Pal\Kazaa-Pal.exe
O9 - Extra button: GoGoTools - {76532683-A5C9-11d8-AE07-00D0591AB78A} -C:\PROGRA~1\GOGOTO~1\SEARCH~1\SEARCH~1.DLL
O9 - Extra 'Tools' menuitem: GoGoTools -{76532683-A5C9-11d8-AE07-00D0591AB78A}- C:\PROGRA~1\GOGOTO~1\SEARCH~1\SEARCH~1.DLL
O16 - DPF: Win32 Classes -
O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} (Installer Class) - *www.xxxtoolbar.com/ist/softwares/v4.0/0006_cracks.cab
O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} -
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - *dload.ipbill.com/del/loader.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - *www.xxxtoolbar.com/ist/softwares/v3.0/0006_cracks.cab
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service - Unknown - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
Click to expand...
 
KHUBBU

KHUBBU

Journeyman
also plz install Adware and scan , fix the problems.

spybot is not good at detecting 180 search assistant . and also install zonealarm firewall.
 
Status
Not open for further replies.
Top Bottom