View Full Version : Computer Freezes or Very Slow - Windows Explorer
Hitesh Jain
August 1st 07, 11:38 AM
Hi,
I have Toshiba Laptop - Dual Core with 512MB Ram - 2 Partition - C: 20Gb
with 9Gb Free & D: 60 GB with 25GB Free. XP SP2 with all the latest updates
till date. AVG & Spybot.
My computer freezes every 10-15 minutes on clicking on any startup item or
task bar item. Even Alt-Ctrl-Del comes after 90sec.
Had Page file of 700Mb increased to 1.2GB but no change.
Below is my HJT Log.
Logfile of HijackThis v1.99.1
Scan saved at 3:30:32 PM, on 01/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\procexp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CmjBrowserHelperObject Object -
{AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager
6\Mm6InternetExplorer.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
{AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba
Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program
Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program
Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) -
http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1182174386716
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182174191182
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = witsinteractive.com
O17 - HKLM\Software\..\Telephony: DomainName = witsinteractive.com
O17 -
HKLM\System\CCS\Services\Tcpip\..\{6478403B-42FC-4259-9B35-A09898B0AB9E}:
NameServer = 10.100.0.1
O17 -
HKLM\System\CCS\Services\Tcpip\..\{E626D6B6-2E6D-4451-8F85-34CFE7BB256F}:
NameServer = 10.100.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = witsinteractive.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = witsinteractive.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: DVD-RAM_Service - Matsu****a Electric Industrial Co., Ltd. -
C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel
32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity
Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. -
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
Please help...
Leonard Grey
August 1st 07, 02:14 PM
HiJack This logs are not analyzed in this newsgroup. Look here for an
expert web site that analyzes HJT logs:
http://www.google.com/search?hl=en&q=hijack+this+analysis&btnG=Google+Search
---
Leonard Grey
Errare humanum est
Hitesh Jain wrote:
> Hi,
>
> I have Toshiba Laptop - Dual Core with 512MB Ram - 2 Partition - C: 20Gb
> with 9Gb Free & D: 60 GB with 25GB Free. XP SP2 with all the latest updates
> till date. AVG & Spybot.
>
> My computer freezes every 10-15 minutes on clicking on any startup item or
> task bar item. Even Alt-Ctrl-Del comes after 90sec.
>
> Had Page file of 700Mb increased to 1.2GB but no change.
>
> Below is my HJT Log.
>
> Logfile of HijackThis v1.99.1
> Scan saved at 3:30:32 PM, on 01/08/2007
> Platform: Windows XP SP2 (WinNT 5.01.2600)
> MSIE: Internet Explorer v7.00 (7.00.6000.16473)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
> C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
> C:\WINDOWS\system32\DVDRAMSV.exe
> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
> C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
> C:\WINDOWS\Explorer.EXE
> C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
> C:\WINDOWS\system32\TPSMain.exe
> C:\WINDOWS\RTHDCPL.EXE
> C:\WINDOWS\AGRSMMSG.exe
> C:\WINDOWS\system32\hkcmd.exe
> C:\WINDOWS\system32\TPSBattM.exe
> C:\WINDOWS\system32\igfxpers.exe
> C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
> C:\WINDOWS\system32\TDispVol.exe
> C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
> C:\Program Files\Toshiba\Tvs\TvsTray.exe
> C:\WINDOWS\system32\ctfmon.exe
> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
> C:\WINDOWS\system32\RAMASST.exe
> C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
> C:\Program Files\procexp.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Program Files\Skype\Phone\Skype.exe
> C:\Program Files\MSN Messenger\msnmsgr.exe
> C:\Program Files\Skype\Plugin Manager\skypePM.exe
> C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe
> C:\Program Files\Hijackthis\HijackThis.exe
>
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://go.microsoft.com/fwlink/?LinkId=69157
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://go.microsoft.com/fwlink/?LinkId=69157
> O2 - BHO: Adobe PDF Reader Link Helper -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
> 7.0\ActiveX\AcroIEHelper.dll
> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
> C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> O2 - BHO: CmjBrowserHelperObject Object -
> {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager
> 6\Mm6InternetExplorer.dll
> O2 - BHO: Adobe PDF Conversion Toolbar Helper -
> {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll
> O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
> C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
> O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba
> Applet\thotkey.exe
> O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
> O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
> O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
> O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
> O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
> O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
> O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
> O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
> O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
> O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
> O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
> Destroy\TeaTimer.exe
> O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
> O8 - Extra context menu item: Convert link target to Adobe PDF -
> res://C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
> O8 - Extra context menu item: Convert link target to existing PDF -
> res://C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
> O8 - Extra context menu item: Convert selected links to Adobe PDF -
> res://C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
> O8 - Extra context menu item: Convert selected links to existing PDF -
> res://C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
> O8 - Extra context menu item: Convert selection to Adobe PDF -
> res://C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
> O8 - Extra context menu item: Convert selection to existing PDF -
> res://C:\Program Files\Adobe\Acrobat
> 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
> O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program
> Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
> O8 - Extra context menu item: Convert to existing PDF - res://C:\Program
> Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
> O11 - Options group: [INTERNATIONAL] International*
> O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage
> Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
> O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) -
> http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
> O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
> Center Base Module) -
> http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
> O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1182174386716
> O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182174191182
> O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = witsinteractive.com
> O17 - HKLM\Software\..\Telephony: DomainName = witsinteractive.com
> O17 -
> HKLM\System\CCS\Services\Tcpip\..\{6478403B-42FC-4259-9B35-A09898B0AB9E}:
> NameServer = 10.100.0.1
> O17 -
> HKLM\System\CCS\Services\Tcpip\..\{E626D6B6-2E6D-4451-8F85-34CFE7BB256F}:
> NameServer = 10.100.0.1
> O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = witsinteractive.com
> O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = witsinteractive.com
> O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
> C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
> O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
> C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
> O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
> C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
> O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
> O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
> O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
> Files\Adobe Systems Shared\Service\Adobelmsvc.exe
> O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
> C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
> O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
> C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
> O23 - Service: DVD-RAM_Service - Matsu****a Electric Industrial Co., Ltd. -
> C:\WINDOWS\system32\DVDRAMSV.exe
> O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
> Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel
> 32\IDriverT.exe
> O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity
> Solution\ServiceLayer.exe
> O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. -
> C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
>
>
> Please help...
>
>
Hitesh Jain[_2_]
August 3rd 07, 08:20 AM
Hi,
Thanks .. Will od.. I had read some post where HJT log was posted and hence
posted it.
In any case how do I get across this problem.
Hitesh
"Leonard Grey" wrote:
> HiJack This logs are not analyzed in this newsgroup. Look here for an
> expert web site that analyzes HJT logs:
> http://www.google.com/search?hl=en&q=hijack+this+analysis&btnG=Google+Search
>
> ---
> Leonard Grey
> Errare humanum est
>
> Hitesh Jain wrote:
> > Hi,
> >
> > I have Toshiba Laptop - Dual Core with 512MB Ram - 2 Partition - C: 20Gb
> > with 9Gb Free & D: 60 GB with 25GB Free. XP SP2 with all the latest updates
> > till date. AVG & Spybot.
> >
> > My computer freezes every 10-15 minutes on clicking on any startup item or
> > task bar item. Even Alt-Ctrl-Del comes after 90sec.
> >
> > Had Page file of 700Mb increased to 1.2GB but no change.
> >
> > Below is my HJT Log.
> >
> > Logfile of HijackThis v1.99.1
> > Scan saved at 3:30:32 PM, on 01/08/2007
> > Platform: Windows XP SP2 (WinNT 5.01.2600)
> > MSIE: Internet Explorer v7.00 (7.00.6000.16473)
> >
> > Running processes:
> > C:\WINDOWS\System32\smss.exe
> > C:\WINDOWS\system32\winlogon.exe
> > C:\WINDOWS\system32\services.exe
> > C:\WINDOWS\system32\lsass.exe
> > C:\WINDOWS\system32\svchost.exe
> > C:\WINDOWS\System32\svchost.exe
> > C:\WINDOWS\system32\spoolsv.exe
> > C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
> > C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
> > C:\WINDOWS\system32\DVDRAMSV.exe
> > C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
> > C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
> > C:\WINDOWS\Explorer.EXE
> > C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
> > C:\WINDOWS\system32\TPSMain.exe
> > C:\WINDOWS\RTHDCPL.EXE
> > C:\WINDOWS\AGRSMMSG.exe
> > C:\WINDOWS\system32\hkcmd.exe
> > C:\WINDOWS\system32\TPSBattM.exe
> > C:\WINDOWS\system32\igfxpers.exe
> > C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
> > C:\WINDOWS\system32\TDispVol.exe
> > C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
> > C:\Program Files\Toshiba\Tvs\TvsTray.exe
> > C:\WINDOWS\system32\ctfmon.exe
> > C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
> > C:\WINDOWS\system32\RAMASST.exe
> > C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
> > C:\Program Files\procexp.exe
> > C:\Program Files\Internet Explorer\iexplore.exe
> > C:\Program Files\Skype\Phone\Skype.exe
> > C:\Program Files\MSN Messenger\msnmsgr.exe
> > C:\Program Files\Skype\Plugin Manager\skypePM.exe
> > C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe
> > C:\Program Files\Hijackthis\HijackThis.exe
> >
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> > http://go.microsoft.com/fwlink/?LinkId=69157
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> > http://go.microsoft.com/fwlink/?LinkId=54896
> > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> > http://go.microsoft.com/fwlink/?LinkId=54896
> > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> > http://go.microsoft.com/fwlink/?LinkId=69157
> > O2 - BHO: Adobe PDF Reader Link Helper -
> > {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
> > 7.0\ActiveX\AcroIEHelper.dll
> > O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
> > C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> > O2 - BHO: CmjBrowserHelperObject Object -
> > {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager
> > 6\Mm6InternetExplorer.dll
> > O2 - BHO: Adobe PDF Conversion Toolbar Helper -
> > {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll
> > O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
> > C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
> > O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba
> > Applet\thotkey.exe
> > O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
> > O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
> > O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
> > O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
> > O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
> > O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
> > O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
> > O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
> > O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
> > O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
> > O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> > O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
> > Destroy\TeaTimer.exe
> > O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
> > O8 - Extra context menu item: Convert link target to Adobe PDF -
> > res://C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
> > O8 - Extra context menu item: Convert link target to existing PDF -
> > res://C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
> > O8 - Extra context menu item: Convert selected links to Adobe PDF -
> > res://C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
> > O8 - Extra context menu item: Convert selected links to existing PDF -
> > res://C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
> > O8 - Extra context menu item: Convert selection to Adobe PDF -
> > res://C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
> > O8 - Extra context menu item: Convert selection to existing PDF -
> > res://C:\Program Files\Adobe\Acrobat
> > 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
> > O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program
> > Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
> > O8 - Extra context menu item: Convert to existing PDF - res://C:\Program
> > Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
> > O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> > C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
> > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> > C:\Program Files\Messenger\msmsgs.exe
> > O9 - Extra 'Tools' menuitem: Windows Messenger -
> > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
> > O11 - Options group: [INTERNATIONAL] International*
> > O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage
> > Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
> > O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) -
> > http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
> > O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
> > Center Base Module) -
> > http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
> > O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
> > http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1182174386716
> > O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
> > http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182174191182
> > O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = witsinteractive.com
> > O17 - HKLM\Software\..\Telephony: DomainName = witsinteractive.com
> > O17 -
> > HKLM\System\CCS\Services\Tcpip\..\{6478403B-42FC-4259-9B35-A09898B0AB9E}:
> > NameServer = 10.100.0.1
> > O17 -
> > HKLM\System\CCS\Services\Tcpip\..\{E626D6B6-2E6D-4451-8F85-34CFE7BB256F}:
> > NameServer = 10.100.0.1
> > O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = witsinteractive.com
> > O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = witsinteractive.com
> > O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
> > C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
> > O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
> > C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
> > O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
> > C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
> > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
> > O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
> > O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
> > Files\Adobe Systems Shared\Service\Adobelmsvc.exe
> > O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
> > C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
> > O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
> > C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
> > O23 - Service: DVD-RAM_Service - Matsu****a Electric Industrial Co., Ltd. -
> > C:\WINDOWS\system32\DVDRAMSV.exe
> > O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
> > Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel
> > 32\IDriverT.exe
> > O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity
> > Solution\ServiceLayer.exe
> > O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. -
> > C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
> >
> >
> > Please help...
> >
> >
>
cquirke (MVP Windows shell/user)
August 5th 07, 09:59 AM
On Fri, 3 Aug 2007 00:20:03 -0700, Hitesh Jain
>Thanks .. Will od.. I had read some post where HJT log was posted and hence
>posted it. In any case how do I get across this problem.
Maybe I'm "out of line", but I'll have a go at that log...
>> > I have Toshiba Laptop - Dual Core with 512MB Ram
OK
>> > 2 Partition -
Partitioning can speed things up - or slow things down.
>> > C: 20Gb with 9Gb Free &
>> > D: 60 GB with 25GB Free.
What is on D:?
If no significant installed code, then disable System Restore on D:
(and while there, shrink C:'s System Restore allocation to 1G).
That will reduce the slow head travel between C: and D:, as will not
installing always-in-use progs or "things" (Temp, pagefile etc.) on D:
>> > XP SP2 with all the latest updates
>> > till date. AVG & Spybot.
OK; nice to see only one resident av, and AVG doesn't cause as much
system slowdown as many - with one exception. By duuuhfault, it will
do a "full system scan" every morning, at the start of your working
day; this scan runs low-priority, so the performance impact is not
massive, but it may take all day to run. As this involves scratching
around in both partitions, you can expect significant impact.
So, go to AVG's Test Center or Control Panel (beats my why these av
always duplicate the UI) and disable the scheduled scan.
>> > My computer freezes every 10-15 minutes on clicking on any startup item or
>> > task bar item. Even Alt-Ctrl-Del comes after 90sec.
Hmm... OK.
>> > Had Page file of 700Mb increased to 1.2GB but no change.
700M is enough. Is it on C:?
>> > Logfile of HijackThis v1.99.1
I don't stare at HJT logs all day, so the other guy's advice to post
the log to sites that have such ppl is a good one. By the time I get
to HJT, other scanning processes have left not much to see.
I'll snip what is OK, to de-bulk the post...
>> > Running processes:
>> > C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Harmless, but an oxygen thief that can pollute Windows subtree with
large numbers of FFFF... files. The files are zero-length, but the
extra entries will slow down directory access, especially on FATxx
Kill this service in Computer, Manage, Services, and also disable
debugging in IE's Tools, Options, Advanced. You may have to do both,
if you have MS Office and/or software dev tools on the PC.
>> > C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
I usually disable that.
>> > C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
Make sure Outlook's journalling is switched off - it was on by default
in MS Office 2000, and that setting may be inherited if you upgraded
your way to "MS Office 11".
>> > C:\Program Files\procexp.exe
http://www.file.net/process/procexp.exe.html
"5% dangerous" - OK if you know about it, IOW.
>> > C:\Program Files\Skype\Plugin Manager\skypePM.exe
If you have a permanent IP address, Skype may use you as a
"supernode". Suspect this if your Internet traffic goes up in both
directions. The Skype service runs on a peer basis (no such thing as
a "Skype Server") so this is the cost of the "free lunch".
>> > O2 - BHO: CmjBrowserHelperObject Object -
>> > {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager
>> > 6\Mm6InternetExplorer.dll
http://www.file.net/process/mm6internetexplorer.dll.html
Looks crappy, unless you know what it is. I'd disable all BHOs via
IE's Tools, Options, Advanced, "[_] Enable 3rd-party..." or, if you
found a BHO that doesn't suck, kill 'em selectively via IE's Tools,
Options, Programs, Add-Ins.
>> > O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
>> > Destroy\TeaTimer.exe
I'd disable that, and use Spyware Blaster's passive protection instead
(one less underfootware process)
>> > Please help...
Hope I did. Nothing in the HJT looks ghastly, but then again, HJT
only shows you the bulk of explicitly-integrated sware. It can tell
you nothing about implicitly-integrated sware (intra-file code
infectors, internal surface exploiters, file replacers) and misses
several integration points (file associations, codecs, "drivers",
screen savers, Safe Cmd Only alternate shell, etc.)
How big are your browser caches? Keep 'em 50M or less, and check in
each user account as it's a per-account setting.
Multiple user accounts and fast user switching? That's a great way to
bloat your memory footprint and increase disk paging. I suspect this
is a factor when folks say "you need 1G RAM for XP" blah blah.
The pattern of slowdown you describe suggests possible shell
integration issues, or "namespace bloat".
Make sure you eject all removable drives and try to avoid network
drive letter mappings that may bloat the namespace refresh time.
Then carefully use Nirsoft's Shell Extensions Viewer...
http://www.nirsoft.net/utils/shexview.html
....to reversibly disable non-MS shell integrations that would be
active when Explorer refreshes namespace and/or folder views.
>--------------- ----- ---- --- -- - - -
To one who only has a hammer,
everything looks like a nail
>--------------- ----- ---- --- -- - - -
Hitesh Jain[_2_]
August 6th 07, 09:16 AM
Hi,
Thanks for the detailed analysis...
System Restore is off fior both drives..
I have OS and Programs installed on C: and data on D:.
Pagefile on C:
Deafult system scan by AVG is disabled.. Only Resident AVG is enable.. Also
Spybot Teatimer is enabled for Spyware.. Both have latest updates.
MDM disabled.
Outlook journaling is already disabled.
Mind Manager is an application that I use.. But will disable BHO
So basically I am at what you are saying with only diff being that 1GB RAM..
Still my machine is dead slow..
Also I check the event log and found the following:
DnsApi - Error
The system failed to register host (A) resource records (RRs) for network
adapter
with settings:
Hitesh
..
"cquirke (MVP Windows shell/user)" wrote:
> On Fri, 3 Aug 2007 00:20:03 -0700, Hitesh Jain
>
> >Thanks .. Will od.. I had read some post where HJT log was posted and hence
> >posted it. In any case how do I get across this problem.
>
> Maybe I'm "out of line", but I'll have a go at that log...
>
> >> > I have Toshiba Laptop - Dual Core with 512MB Ram
>
> OK
>
> >> > 2 Partition -
>
> Partitioning can speed things up - or slow things down.
>
> >> > C: 20Gb with 9Gb Free &
> >> > D: 60 GB with 25GB Free.
>
> What is on D:?
>
> If no significant installed code, then disable System Restore on D:
> (and while there, shrink C:'s System Restore allocation to 1G).
>
> That will reduce the slow head travel between C: and D:, as will not
> installing always-in-use progs or "things" (Temp, pagefile etc.) on D:
>
> >> > XP SP2 with all the latest updates
> >> > till date. AVG & Spybot.
>
> OK; nice to see only one resident av, and AVG doesn't cause as much
> system slowdown as many - with one exception. By duuuhfault, it will
> do a "full system scan" every morning, at the start of your working
> day; this scan runs low-priority, so the performance impact is not
> massive, but it may take all day to run. As this involves scratching
> around in both partitions, you can expect significant impact.
>
> So, go to AVG's Test Center or Control Panel (beats my why these av
> always duplicate the UI) and disable the scheduled scan.
>
> >> > My computer freezes every 10-15 minutes on clicking on any startup item or
> >> > task bar item. Even Alt-Ctrl-Del comes after 90sec.
>
> Hmm... OK.
>
> >> > Had Page file of 700Mb increased to 1.2GB but no change.
>
> 700M is enough. Is it on C:?
>
> >> > Logfile of HijackThis v1.99.1
>
> I don't stare at HJT logs all day, so the other guy's advice to post
> the log to sites that have such ppl is a good one. By the time I get
> to HJT, other scanning processes have left not much to see.
>
> I'll snip what is OK, to de-bulk the post...
>
> >> > Running processes:
> >> > C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
>
> Harmless, but an oxygen thief that can pollute Windows subtree with
> large numbers of FFFF... files. The files are zero-length, but the
> extra entries will slow down directory access, especially on FATxx
>
> Kill this service in Computer, Manage, Services, and also disable
> debugging in IE's Tools, Options, Advanced. You may have to do both,
> if you have MS Office and/or software dev tools on the PC.
>
> >> > C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
>
> I usually disable that.
>
> >> > C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
>
> Make sure Outlook's journalling is switched off - it was on by default
> in MS Office 2000, and that setting may be inherited if you upgraded
> your way to "MS Office 11".
>
> >> > C:\Program Files\procexp.exe
>
> http://www.file.net/process/procexp.exe.html
>
> "5% dangerous" - OK if you know about it, IOW.
>
> >> > C:\Program Files\Skype\Plugin Manager\skypePM.exe
>
> If you have a permanent IP address, Skype may use you as a
> "supernode". Suspect this if your Internet traffic goes up in both
> directions. The Skype service runs on a peer basis (no such thing as
> a "Skype Server") so this is the cost of the "free lunch".
>
> >> > O2 - BHO: CmjBrowserHelperObject Object -
> >> > {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager
> >> > 6\Mm6InternetExplorer.dll
>
> http://www.file.net/process/mm6internetexplorer.dll.html
>
> Looks crappy, unless you know what it is. I'd disable all BHOs via
> IE's Tools, Options, Advanced, "[_] Enable 3rd-party..." or, if you
> found a BHO that doesn't suck, kill 'em selectively via IE's Tools,
> Options, Programs, Add-Ins.
>
> >> > O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
> >> > Destroy\TeaTimer.exe
>
> I'd disable that, and use Spyware Blaster's passive protection instead
> (one less underfootware process)
>
> >> > Please help...
>
> Hope I did. Nothing in the HJT looks ghastly, but then again, HJT
> only shows you the bulk of explicitly-integrated sware. It can tell
> you nothing about implicitly-integrated sware (intra-file code
> infectors, internal surface exploiters, file replacers) and misses
> several integration points (file associations, codecs, "drivers",
> screen savers, Safe Cmd Only alternate shell, etc.)
>
> How big are your browser caches? Keep 'em 50M or less, and check in
> each user account as it's a per-account setting.
>
> Multiple user accounts and fast user switching? That's a great way to
> bloat your memory footprint and increase disk paging. I suspect this
> is a factor when folks say "you need 1G RAM for XP" blah blah.
>
>
> The pattern of slowdown you describe suggests possible shell
> integration issues, or "namespace bloat".
>
> Make sure you eject all removable drives and try to avoid network
> drive letter mappings that may bloat the namespace refresh time.
>
> Then carefully use Nirsoft's Shell Extensions Viewer...
>
> http://www.nirsoft.net/utils/shexview.html
>
> ....to reversibly disable non-MS shell integrations that would be
> active when Explorer refreshes namespace and/or folder views.
>
>
>
> >--------------- ----- ---- --- -- - - -
> To one who only has a hammer,
> everything looks like a nail
> >--------------- ----- ---- --- -- - - -
>
cquirke (MVP Windows shell/user)
August 12th 07, 12:18 PM
On Mon, 6 Aug 2007 01:16:01 -0700, Hitesh Jain
>System Restore is off fior both drives..
I'd keep if on for just the OS drive, but scale down the allocation,
as SR is the only automatic full registry backup XP has. Else I'd add
ERUNT and automate that as a set of weekday Tasks, each saving to a
different location to maintain a 5-day FIFO.
>I have OS and Programs installed on C: and data on D:.
>Pagefile on C:
Cool... how big is the pagefile? How large and full is C:?
>Deafult system scan by AVG is disabled.. Only Resident AVG is enable.. Also
>Spybot Teatimer is enabled for Spyware.. Both have latest updates.
OK; I'd disable TeaTimer, I guess.
>MDM disabled.
Guuud...
>Outlook journaling is already disabled.
Good, too
>Mind Manager is an application that I use.. But will disable BHO
>So basically I am at what you are saying with only diff being that 1GB RAM..
>Still my machine is dead slow..
>Also I check the event log and found the following:
>DnsApi - Error
>The system failed to register host (A) resource records (RRs) for network
>adapter with settings:
Dunno what that means?
>> >> > Had Page file of 700Mb increased to 1.2GB but no change.
>> 700M is enough. Is it on C:?
OK on that pagefile Q, then.
>> How big are your browser caches? Keep 'em 50M or less, and check in
>> each user account as it's a per-account setting.
>> Multiple user accounts and fast user switching? That's a great way to
>> bloat your memory footprint and increase disk paging.
>>
>> The pattern of slowdown you describe suggests possible shell
>> integration issues, or "namespace bloat".
>>
>> Make sure you eject all removable drives and try to avoid network
>> drive letter mappings that may bloat the namespace refresh time.
>>
>> Then carefully use Nirsoft's Shell Extensions Viewer...
>>
>> http://www.nirsoft.net/utils/shexview.html
>>
>> ....to reversibly disable non-MS shell integrations that would be
>> active when Explorer refreshes namespace and/or folder views.
Also, general profound and "lumpy" slowdown can happen if your HD's
IDE controller is in PIO mode (it's "lumpy" because the
processor-hogging effect interrupts media playback etc.).
To check UDMA status, do this:
- Control Panel, System icon, Hardware tab, Device Manager
- IDE (ATAPI) controllers; each Primary and Secondary
- Advanced tab; "current" should be UDMA if device present
- if the drop-down shows only PIO, read on...
This situation arises as a safety fallback after "too many" errors in
UDMA mode. Whereas UDMA releases the CPU during transfers, PIO
requires intensive involvement.
So the first thing to do would be to use HD Tune's SMART page to
check out the UDMA and other (more significant) error rates.
Then, if those are OK, carefully apply the registry fix, which resets
the error counters so that you can re-engage UDMA.
Google( XP PIO mode regedit )
http://support.microsoft.com/kb/817472
I would skip the "hotfix", as well as the "workaround", and use the
registry fix at the end of that article. Read the details carefully,
as it is easy to chop the wrong stuff (such as the parent devices; no
need to touch those, bad things can happen if you do).
If the fix does not appear to "take", look again after shutting down
and restarting Windows. It's "one of those".
>--------------- ----- ---- --- -- - - -
Never turn your back on an installer program
>--------------- ----- ---- --- -- - - -
vBulletin® v3.6.4, Copyright ©2000-2024, Jelsoft Enterprises Ltd.