Slow computer, harddrive running like crazy

[JayWong]

Hi
My computer is running very slow,not only when I connect to the internet, but when I try access eg: My computer , it could take up to 5 minutes for My computer to show,

I scan and updates the SuperAntiSpyware / Malwarebytes / PC Tools Spyware Doctor , Spybot Search & Destroy ,every day Maybe it is because of all these Security Programs that are doing the computer Slow ?!

I ran Spybot Search & Destroy And it detected NoAdware as bad , but Spyware Doctor Says my computer is clean ( just cookies to remove. )

I also ran with another program that couldn't remove a virus/trojan beacuse the Virus/trojan (named "Win32Backdoor" something) changed its name!!!

Anyway here is my Hijack this Log:

¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:52 PM, on 4/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program\Telia\Connect\ATService.exe
C:\Program\Telia\Connect\Connect.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE
C:\Program\Delade filer\GtFlashSwitch\GtFlashSwitch.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE
C:\Program\Telia\Telias sakerhetstjanster\Common\FSMB32.EXE
C:\Program\Telia\Telias sakerhetstjanster\Common\FCH32.EXE
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FAMEH32.EXE
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsqh.exe
C:\Program\Spyware Doctor\pctsAuxs.exe
C:\Program\Telia\Telias sakerhetstjanster\FSPC\fspc.exe
C:\Program\Spyware Doctor\pctsSvc.exe
C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
C:\Program\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Program\Telia\Telias sakerhetstjanster\FSAUA\program\fsaua.exe
C:\Program\Telia\Telias sakerhetstjanster\ORSP Client\fsorsp.exe
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe
C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program\Telia\Telias sakerhetstjanster\FSAUA\program\fsus.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program\TiFiC\TiFiC Client G1\ConnecteSupport.exe
C:\Program\Telia\Supportassistent\bin\sprtcmd.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\Spyware Doctor\pctsTray.exe
C:\Program\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe
C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE
C:\Program\ekort\ekort.exe
C:\Program\Multimedia Keyboard & Mouse Driver\V5\KMConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\OBroker.exe
C:\Program\ProxyWay\proxyway.exe
C:\Program\Spybot - Search & Destroy\TeaTimer.exe
C:\Program\Telia\Telias sakerhetstjanster\FSGUI\fsguidll.exe
C:\Program\Multimedia Keyboard & Mouse Driver\V5\KMProcess.exe
C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program\Telia\Connect\WVPNMonitor.exe
C:\Program\Metacafe\MetacafeAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\internet explorer\iexplore.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Telia\Telias sakerhetstjanster\FSGUI\scanwizard.exe
C:\Program\FlashGet\flashget.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Metacafe - New Videos Every Day
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: free-downloads.net Toolbar - {d3e23b4b-f153-4687-82c2-816319dd3c5a} - C:\Program\free-downloads\tbfre0.dll
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program\Freecorder\tbFre0.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program\Freecorder\tbFre0.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: e-kort Helper Class - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program\ekort\EKortHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: free-downloads.net Toolbar - {d3e23b4b-f153-4687-82c2-816319dd3c5a} - C:\Program\free-downloads\tbfre0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: free-downloads.net Toolbar - {d3e23b4b-f153-4687-82c2-816319dd3c5a} - C:\Program\free-downloads\tbfre0.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program\Freecorder\tbFre0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ConnecteSupport] "C:\Program\TiFiC\TiFiC Client G1\ConnecteSupport.exe" /HIDE /ONLINECHECK /WAIT 5 /DEFLANG "English" /SERVER teliabg.connect.teliasonera.com
O4 - HKLM\..\Run: [Telia] "C:\Program\Telia\Supportassistent\bin\sprtcmd.exe" /P Telia
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISTray] "C:\Program\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KMConfig] "C:\Program\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe" KMConfig.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias sakerhetstjanster\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [e-kort] C:\Program\ekort\ekort.exe /dontopenmycards /Autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ProxyWay] C:\Program\ProxyWay\proxyway.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Metacafe.lnk = C:\Program\Metacafe\MetacafeAgent.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Connect Monitor.lnk = C:\Program\Telia\Connect\WVPNMonitor.exe
O4 - Global Startup: Metacafe.lnk = C:\Program\Metacafe\MetacafeAgent.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program\FlashGet\jc_link.htm
O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias sakerhetstjanster\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program\Telia\Telias sakerhetstjanster\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program\Telia\Telias sakerhetstjanster\FSPC\fspcmsie.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.3stepit.se
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com...reqlab_srl.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1194400343634
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Telia Connect AT Service (CTATSvc) - Telia - C:\Program\Telia\Connect\ATService.exe
O23 - Service: Telia Connect Monitor (CTConnect) - Telia - C:\Program\Telia\Connect\Connect.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program\Telia\Telias sakerhetstjanster\ORSP Client\fsorsp.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program\Delade filer\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\pctsSvc.exe
O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

--
End of file - 14044 bytes

Thanks for your time! :-/

[Canuck]

I recommend you copy > paste your HJT log into the Help2Go Detective > Submit. Follow the instructions as given. While there, you should consider reducing your startup programs (04 entries). These are using up your memory (RAM) which may be causing some of your problems. Do the following:

Trim down the number of startup processes on your machine, designated 04. You have 31, when under normal conditions, between 4 and 6 is all that's necessary. The more you have, the longer the machine takes to complete its startup and you are also using RAM unnecessarily.

First, download StartupLite by MalwareBytes to your Desktop.

• Doubleclick StartupLite.exe to launch the program.
• Ensure the Disable box is checked.
• Click Continue.
• A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
• Re-start your computer.

Second, download and install The PC Decrapifier follow directions and select the ones that you don't want. This program identifies the crap trials and links that PC manufactures throw in, that for the most part are just a waste of space and memory.

Now run HiJackThis again and see how many 04 entries are left.

Next, go here SystemLookup - Startup List >, highlight the .exe file on each 04 entry and Copy (one by one) & Paste into the white box and click the search button (magnifying glass). The next window will tell you what the .exe does. If there is a Y, leave the entry, if U you must decide if you need that utility at your finger tips 'right now' or instead, check the box off and shut the .exe down .. this does not delete the program, instead, all you have to do if you want to access it is either go to Start > All Programs or click on a shortcut on your desktop (not in the tray at the bottom right next to the time) Entries for Printers, Graphic/photo programs and programs like MS Office do not need to be running. There is also an N for not needed, check the box on these. If noted as an X or ? leave alone and an expert will tell you how to handle them. In HJT, after you've checked the box next to the ones you want stopped, click the Fix Checked button and reboot the machine.

Download CCleaner and run it with its default settings (do not use the included Registry Cleaner as most reg cleaners cause more problems than they fix).

Note: When looking up these entries, you may encounter multiple definitions. Look at the beginning of the 04 line and you'll note the name, usually in brackets [ ], you need to match this up with the definition under the Name column.

NOTE: Do not delete antivirus or firewall programs (you should only have one antivirus program running). Leave mouse pad entries if using a laptop.

After completing the above, create a new HJT log and paste it to this thread. Our experts are fairly busy these days, your patience is appreciated.