My computer seems to be dragging. Here is my HIJACKTHIS file and STARTUP file for your review. Any help you can give would be appreciated. Also, on another note, every time I try to burn movies to a DVD using Windows Movie Maker or Windows DVD Maker, the program freezes and aborts.

Thanks,

Bill

 HJT_Log.txt ( 9.49K ) Number of downloads: 3


StartupList report, 7/2/2009, 7:02:30 AM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows Vista SP2 (WinNT 6.00.1906)
Detected: Internet Explorer v8.00 (8.00.6001.18702)
* Using default options
==================================================

Running processes:

C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Movie Maker\DVDMaker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ECenter = C:\Dell\E-Center\EULALauncher.exe
RtHDVCpl = RtHDVCpl.exe
ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
(Default) =
dscactivate = "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
Google Desktop Search = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
ISUSPM Startup = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
Adobe Photo Downloader = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
ISUSPM = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
DellSupportCenter = "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
hpqSRMon = C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
Ad-Watch = C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

DellSupport = "C:\Program Files\DellSupport\DSAgnt.exe" /startup
DellSupportCenter = "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
ehTray.exe = C:\Windows\ehome\ehTray.exe
ISUSPM = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\Bubbles.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
WormRadar.com IESiteBlocker.NavFilter - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
(no name) - c:\Program Files\Java\jre1.6.0\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing) - {A057A204-BACC-4D26-9990-79A187E2698E}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
Browser Address Error Redirector - C:\Program Files\Dell\BAE\BAE.dll - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Ad-Aware Update (Weekly).job
EasyShare Registration Task.job
User_Feed_Synchronization-{0512AC7F-8535-4913-9323-89510BC97A79}.job

--------------------------------------------------

Enumerating Download Program Files:

[{74C861A1-D548-4916-BC8A-FDE92EDFF62C}]
CODEBASE = http://mediaplayer.walmart.com/installer/install.cab

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #5: C:\Program Files\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\System32\webcheck.dll

--------------------------------------------------
End of report, 9,196 bytes
Report generated in 0.140 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

This post has been edited by appleoddity: Jul 2 2009, 08:14 AM

Hi krbybng

Could you elaborate a little on "dragging"?

With such a vague description, it could be nearly everything that we had to look upon.

But for starters, to get a overall view of the immediate visible state of your computer,

Please Run the PCPitstop Full Tests, here:
http://www.pcpitstop.com
Note: Vista users with UAC must first Right-click IE - Select "Run as Administrator"
Register and create a password
Accept the ActiveX component to allow your machine to run the Full Tests
Registering and accepting the ActiveX are both SAFE and FREE.
Full Tests is the first item in the left hand column of that page.

The Full Tests take less than 5 minutes for most machines.
Once you have your Results, please post the entire URL link information back here into this Forum thread.
Note: Vista users, please close your instance of IE "Running as Administrator" after you are finished reviewing your Results.

Caution: During the testing of Video Adapter, a variety of patterns, shapes, colors and text are “flashed” onto the users monitor screen. In the many thousands of daily uses of the PCPitstop Full Tests over several years, two individuals who suffer epilepsy experienced discomfort and temporary dizziness when viewing the flashing patterns.
If you know that you are susceptible to photo driven seizure, please look away from your screen during the Video Adapter testing sequence.
Note: The PCPitstop Full Tests Results is a free service, but is supported by various paid product advertisements for utilities that "could" remedy the OP's problem.
Since WTT is a "free-help" forum, we do not recommend or endorse purchase of automated utilities, and will assist you in manually correcting any problems and settings necessary to optimize your machine's performance. Ask your questions here. We'll help you walk through any necessary steps.


Another thing, I would like you to check immediately, is DMA / PIO for your PCI IDE controllers. If Vista have changed into PIO mode, all actions will be slow, from the tiniest thing and up. If in PIO mode, you need to change it back to DMA mode.

Follow this guide on how to check for it in Vista: http://club.cdfreaks.com/f61/troubleshooti...16/#post1712831

Keep us posted


regards

Thanks for the fast reply.

The computer is slowed than when first purchased and sometimes has IE windows lock up.

I ran the PCPitstop and here is the link to the results:

http://www.pcpitstop.com/betapit/sec.asp?conid=22333221

I also checked the DMA / PIO but found nothing like what I was asked to check in the device manager, so I guess all is well.

Again, thanks, and let me know if anything is serious.

Bill

Only thing in that test, that indicates anything, is your memory score. So for good measure, you
should run a memory test.

You can use Vista's own build-in memtester

Vista Memory diagnostic tool

or use memtest86+ (just scroll down to the guide)


I also have to ask, where is your anti-virus program? You need a AV. having surfed the web without one, I can't guarantee
that malware doesn't have a finger in this....

It does list ad-aware as a AV, but isn't that program only for spyware?


Regards

Thanks for the help. I do not have AV software as I am between programs.

Finally, I can not get Windows DVD or Movie Makers to work as when I try to burn to a DVD, the program crashes. Any thoughts?

Thanks again,

Bill

Download one of the free ones from my signatur (Preventing Malware)
It can be uninstalled once you get another.



I reread that section. Do you mean to say that you found the machine running in DMA or did not find DMA or PIO anywhere?



We will deal with that. Right now it is imparitive that you get the safety going. And I would strongly suggest that you open a thread in our malware removal forum. If infected, any work we do here might be wasted.


Regards

Under DMA / PIO for your PCI IDE controllers, I did what was asked by the link given, but I did not find anything stating DMA or PIO. Under device manager, I had 2 IDE channels to look into, and neither of them stated DMA or PIO.

All channels in the IDE ATA/ATAPI section should run in either PIO or DMA, where DMA is the quickest.
PIO is sort of a safemode windows reverts to if something on those channels are unstable one way or
the other. There is no option for not being there, it is one or the other.

So it should be there....

Rightclick all with the name "channel"
Properties
Advanced settings

In the box, it will state DMA or PIO mode for the transfer rate.

You might have to log in with a administrator account to change anything, not sure tho.


Regards

I've always heard that a picture is worth a thousand words, so ...
 DMA_PIO.png ( 60.03K ) Number of downloads: 4

Rich, it looks somewhat different in Vista. Have a look in the link above, screenshots available there as well.

Edit: Heres the link

http://club.cdfreaks.com/f61/troubleshooti...16/#post1712831

This post has been edited by Abydos: Jul 3 2009, 01:25 PM

Thanks. Maybe when I get my next incentive from President Obama I'll be able to buy a Vista or Windows 7 computer

I also need to pay more attention to what is in a thread before I reply.

I have attached a few screen shots of the device manager. It is different that what is shown in the link given, but I beilieve that the info is being shown.

Hi krbybng

Hmm, I am not entirely sure about those pictures. So I have asked in a non-public area about it. And
currently awaiting answer on it (People are busy with 4th july)
I do notice, however, that on the third and fourth screenshot, there is a checkmark in let BIOS select
transfer mode. So it would be adviceable to check the current transfer rate in BIOS.

To get to your BIOS, you need to tap the DEL key almost immediately you get a picture on the screen when
booting. If you have never been in your BIOS, don't worry, as long as you don't save anything, you can't mess up
anything

I don't know what kind of BIOS you have, so you have to look around in the various menues to find where it says
"IDE Channel"

We are not going to alter anything yet, we just want to check that the transfer rate is set correctly to DMA.


Regards

This post has been edited by Abydos: Jul 4 2009, 12:13 PM

Anything feedback yet?