• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
  • Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

Slow computer

Sparx

FPCH Member
Joined
Feb 23, 2008
Messages
29
PC Experience
Some Experience
Operating System
Windows XP - Home Edition
#1
I'm just posting to see if anyone has an suggestions, lately I have had a problem with my comp where it goes really slow, I play online games such as CS:Source and my comp struggles to run it at a normal frame rate. If i roll the computer back using system restore to a few days ago the computer is fine. But then when i turn the computer off and come back later the computer goes back to struggling.

I've done that a couple of times to try and diagnose the problem myself and nothing seems to be working and after the restore I'm making sure nothing is getting downloaded or installed so that can't be the problem.

Any suggestions.

Thanks in advance,

Sparxy

Oh and I'm using windows XP home edition.
 

RandyL

Administrator
Joined
Jan 22, 2003
Messages
4,878
Location
USA, Nebraska
PC Experience
Very Experienced
#2
Hi Sparx;
The usual causes are infections and startup items. Have you checked your system for malware? If so what programs did you use?
 

Sparx

FPCH Member
Joined
Feb 23, 2008
Messages
29
PC Experience
Some Experience
Operating System
Windows XP - Home Edition
#3
I have yeah, I used my usual Bullguard v8.0 which scans for viruses and spyware and is also my firewall. Its usually pretty good an lets nothing through which can be a pain sometimes but better be safe than sorry :p.
 

RandyL

Administrator
Joined
Jan 22, 2003
Messages
4,878
Location
USA, Nebraska
PC Experience
Very Experienced
#4
Hi Sparx;
If you think it might be an online gaming issue uninstall the games and see how it runs. That might point you in the right direction.

Maybe it's just me but I'm not familiar with Bullguard. So to me it's suspect as to it's worth. Or maybe it's just a British program or one bundled with a broadband service. Either way I would perform some additional steps to check for malware.

Malware is the term used to describe computer infections such as Adware, Spyware, Viruses, and Trojan Horses.
You will need to run two malware scanners that are listed in the following instructions.
The time it takes will vary depending on your system and your internet connection, but typically the SuperAntiSpyware scan will take between 30 and 90 minutes, and the Eset online scan will take between 1 and 3 hours.
In most cases, those scans will suffice to disinfect your computer.

For best results print the following instructions.
To keep this guide printer-friendly, use your cursor to highlight the contents of below.
From your browser select the "print selection" option to print out these instructions for removal of malware. Follow these instructions carefully.

1: Download ATF Cleaner from http://www.snapfiles.com/download/dlatfcleaner.html to remove "junk" files from your computer that contain malware.
When you run ATF Cleaner, uncheck "Cookies" and "Recycle Bin", then click "Empty Selected". For FireFox, be sure to click on the FireFox tab and uncheck "Cookies" and "Recycle Bin" before clicking on "Empty Selected".


2: Install and run the free version (not the Professional version) of SuperAntiSpyware from www.superantispyware.com
Accept any prompts to allow SuperAntiSpyware to install the latest infection definition files.
DO NOT allow SuperAntiSpyware to protect your Home Page settings.
Double click the yellow "bug"icon in the system tray.
Click on "Scan Your Computer".
Make sure there is a dot on C:\Fixed Drive.
Click "Perform a Complete Scan". Click "Next" and reboot the computer when prompted to do so.


3: Disable your internet security by right clicking on its icon (usually located in the system tray next to the time display) and choosing "Exit", "Disable", or "Shut Down".

4: Run an online scan with Eset from http://www.eset.com/onlinescan/
You must use Internet Explorer for this online scan.
Accept the terms and click "Start".
Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications".
Click "Start" to begin the scan.

5: Restart your computer, make sure your internet security is enabled, and then please return to Free PC Help and tell us how the computer seems to be operating.
At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list.
 

Sparx

FPCH Member
Joined
Feb 23, 2008
Messages
29
PC Experience
Some Experience
Operating System
Windows XP - Home Edition
#5
Right, I did the spyware thing and that found some trojans and other malware which my bullguard didn't and then restarted. Then i did the eset scan and restarted again and I'm still suffering from major slowdown. Its not just the games as even scrolling through the "Programs" list in windows is lagging.

Any other suggestions?

Sparx
 

Sparx

FPCH Member
Joined
Feb 23, 2008
Messages
29
PC Experience
Some Experience
Operating System
Windows XP - Home Edition
#7
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34:31, on 24/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\SEC\MagicTune3.5_Client\GammaTray.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/broadband
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: (no name) - {3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9c691a33-7dda-4c2f-be4c-c176083f35cf} - (no file)
O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file)
O2 - BHO: (no name) - {ffd2825e-0785-40c5-9a41-518f53a8261f} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe" -boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: MagicTune3.5.lnk = ?
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131112010610
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.telewest.co.uk/motive/files/MotivePreQual.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bookwormadventures/sis/popcaploader_v10_en.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F2B7E66-5004-46D1-B9FA-D5886934ED02}: NameServer = 212.74.112.66,212.74.112.67
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: BGRaSvc - BullGuard - C:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--

Thats the log that came from the scan!
 

Seth

FPCH Long Term Member
Joined
Dec 17, 2007
Messages
2,268
Location
Canada
Operating System
Windows Vista - Home Premium
#8
Way too many needless startup items there Sparx.

Goto Start>Run, type in msconfig and press ok. Put a dot on Selective Startup and click on the startup tab. Scroll through the list and uncheck everything except for your internet security and jusched. Click apply then ok. At restart put a check in "Don't show me this again" when a message appears telling you used the startup utility.
 

Sparx

FPCH Member
Joined
Feb 23, 2008
Messages
29
PC Experience
Some Experience
Operating System
Windows XP - Home Edition
#9
Just thought i'd give you an update, I didnt get round to doing the startup thing and my computer got faster and solved itself :eek:). So I don't know why it was acting random but its good to have got the malware off of my computer anyways. Thanks for the help all.
 

Bluesplayer.

FPCH Long Term Member
Joined
Jan 10, 2008
Messages
160
Location
London England
Operating System
Windows XP - Professional
#10
Hi Im not a Hjt log expert..but your log shows unused and an infected BHO.
O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file)
Check. http://www.spywareinfo.com/articles/bho/
If you d/load BHO Demon it will show you what BHOs are installed.
Any that you think are infected can be remove with your Hjt log.
A backup will be made in your Hjt program.

Edit.
Definitive Solutions link at Spywareinfo no longer active.
Check.
http://www.spywareinfo.com/downloads/bhod/
 

RandyL

Administrator
Joined
Jan 22, 2003
Messages
4,878
Location
USA, Nebraska
PC Experience
Very Experienced
#11
The site that Bluesplayer linked to is trustworthy. "SpywareInfo"
I also have concerns about the BHO items your log shows.

Even so called "clean" startup items or BHO's can cause issues such as slowdowns.
A reinfection can also occur if the original programs are not removed prior to a cleaning.

I would ask; Did you run both scans and remove EVERYTHING they found?

This might be a good time to examine your installed programs and remove any that were free and fun that you didn't research first. Malware can reinstall from such.

Depending on what malware the scans found additional steps may be needed.

Thanks for posting bluesplayer. You made a good point that should be considered.
Reinfections can happen if the original bundled programs are not removed first.
BHO's can be a prime example.

RandyL
 

Seth

FPCH Long Term Member
Joined
Dec 17, 2007
Messages
2,268
Location
Canada
Operating System
Windows Vista - Home Premium
#13
The BHO is a "no file" meaning that the registry entry doesn't have a target.

This is normally due to the malware already being removed, but the scanner(s) leave behind the benign registry entry.

Typically, those won't cause any issue, but you can remove them if you want.
 

AdvancedSetup

FPCH Long Term Member
Joined
Jan 9, 2008
Messages
819
Location
34° 12' 35" N, 118° 29' 21" W
#14
For the BHO the "no file" removal is okay but be careful with drivers and other entries as the scanners often can not properly detect and say there is no file but if you physically browse to the file it is there and removing a device driver can have adverse affects on your computer to the point of even preventing it from starting up.
 

RandyL

Administrator
Joined
Jan 22, 2003
Messages
4,878
Location
USA, Nebraska
PC Experience
Very Experienced
#15
Thanks AS and seth for explaining.
What do you think of SweetIM? This is part of their EULA.

"In order to receive the benefits provided by the SweetIM Software, you hereby grant permission for the SweetIM Software to (i) utilize the processor and bandwidth of your computer (ii) use certain personal information that you have submitted to your instant messenger provider. You understand that the SweetIM Software will protect the privacy and integrity of your computer resources and communication and ensure the unobtrusive utilization of your computer resources to the greatest extent possible. The Software is exposed to various security issues, and should be regarded as unsecure. By accepting this Agreement, you acknowledge and accept that the Software, and any information you download or offer to share by means of the Software, may be exposed to unauthorized access, interception, corruption, damage or misuse, and should be regarded as insecure. You accept all responsibility for such security risks and any damage resulting therefrom. "
 

AdvancedSetup

FPCH Long Term Member
Joined
Jan 9, 2008
Messages
819
Location
34° 12' 35" N, 118° 29' 21" W
#16
Well for me I have no interest or desire to use such software. Not my exact words but similar thoughts are posted here.

Those damn "smileys" are so EVIL

There is also a PDF file on their site about these type of software packages.
Suckerware_-_Cost_of_a_Free_Smiley_v3.pdf

Clicking the above link should open Acrobat Reader with the document
Suckerware_-_Cost_of_a_Free_Smiley_v3.pdf

If link does not function then you can look in the Reading Room on their home page at
ishackingyou Website
Then under "IsHackingYou_Publications"
 

Seth

FPCH Long Term Member
Joined
Dec 17, 2007
Messages
2,268
Location
Canada
Operating System
Windows Vista - Home Premium
#17
AdvancedSetup said:
For the BHO the "no file" removal is okay but be careful with drivers and other entries as the scanners often can not properly detect and say there is no file but if you physically browse to the file it is there and removing a device driver can have adverse affects on your computer to the point of even preventing it from starting up.
Good point AS.

Yet another reason I don't bother with no file BHO's.
 

Seth

FPCH Long Term Member
Joined
Dec 17, 2007
Messages
2,268
Location
Canada
Operating System
Windows Vista - Home Premium
#18
Have a look at this Randy. The scanners mentioned are outdated, but the info on HT is still relevant:

http://www.populartechnology.net/2005/02/overuse-of-hijackthis.html

From the link:

HijackThis is tool glorified by wannabe sutto-intellectuals who want to make themselves feel important. People can get 99% of the way there in almost all case running simple scans in safe mode. I do this for a living and yes occasionally I do use Hijackthis. Almost every time, the system is already clean and the tool is useless.




I agree. I only use the tool to see what's running and not for any malware issues.
 

AdvancedSetup

FPCH Long Term Member
Joined
Jan 9, 2008
Messages
819
Location
34° 12' 35" N, 118° 29' 21" W
#19
There is also this product for scanning systems.

RunScanner is a freeware windows system utility which scans your system for all running programs, autostart locations, drivers, services and hijack points.
You can use Runscanner to detect changes and misconfigurations in your system caused by spyware, virusses or human errors.
click here for the Runscanner Home Page
 

RandyL

Administrator
Joined
Jan 22, 2003
Messages
4,878
Location
USA, Nebraska
PC Experience
Very Experienced
#20
RandyL said:
This might be a good time to examine your installed programs and remove any that were free and fun that you didn't research first. Malware can reinstall from such.
RandyL
When I see programs like IMSweet in the log I get suspicious. I have seen adware and spyware reinstall with some programs like bearshare if the original program wasn't removed first.

I understand the dead entries and agree that good cleaners should remove the crap. I still think that programs should be carefully looked at. Probably not an issue in this case.

Thanks for the insight and taking the time. I appreciate it. When you write I read.