tatum Posted January 1, 2009 CID Share Posted January 1, 2009 Hello everyone, I am new to this forum. My daughter has a computer that is running very badly, speeds vary from 14 mbps to 1.5 while I have only the speed test running, and no additional programs. I ran quite a few malware removal programs, and looked through all of her files a bit, but I did not find any obvious virus, however I know very little about what it is I am looking for. Is there a place here where someone can take a look at a hijack this logfile and help me figure out what is going on? I do not know a ton about computers, but I am able to follow directions, and have worked through a couple of viruses with some of the online sites before. The holiays is making it quite hard for me to find anyone online to help with the issue There are three computers on this wireless network, and the others are working well, I did change the router settings just in case, but it did not resolve the error. Any suggestions as to where I might find some help would be genuinely appreciated. Thanks everyone, Tatum Quote Link to comment Share on other sites More sharing options...
zalternate Posted January 1, 2009 CID Share Posted January 1, 2009 I was going to recommend this automated HiJack log analyzer, but it seems to be experiencing high use... http://www.hijackthis.de/ So You won't be able to get in right now. But post your log and maybe some here can see whats wrong.. A lot of sites are experiencing heavy log postings. Latest HiJackThis version 2.0.2 http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis And do you mean 14'Kbps' instead of 14'Mbps'? Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 This one - this test is run on my computer, have to really work to take the daughter's away from her, but hers goes from around the same speed as mine, then back down to 1.2 and all I am doing is running the download test, waiting a few minutes and running it again. The strange thing is that the cpu seems to be stable - I am not sure what is going on with it, but it has been having this problem for a long time, it seems to be getting worse. Do you all want me to post the hijack log here? 14350 Kbps or 14.4 Mbps (1752 kB/s) Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 Oh yeah, should mention, we have FIOS Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 Hijack This logfile here: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:46:04 AM, on 12/31/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16764) Boot mode: Normal Running processes: C:Windowssystem32taskeng.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesCreativeSBAudigyVolume PanelVolPanlu.exe C:WindowsSystem32WLTRAY.EXE C:Windowssttray.exe C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe C:Program FilesDellMediaDirectPCMService.exe C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.EXE C:WindowsSystem32ATWTUSB.EXE C:Program FilesAVGAVG8avgtray.exe C:Program FilesiTunesiTunesHelper.exe C:Program FilesDellSupportDSAgnt.exe C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe C:Windowsehomeehtray.exe C:Program FilesDigital Line DetectDLG.exe C:WindowsSystem32WTMKM.exe C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe C:Program FilesCommon FilesMicrosoft SharedInkInputPersonalization.exe C:Windowssystem32wuauclt.exe C:Program FilesInternet Explorerieuser.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesWindows Defendermsascui.exe C:Windowssystem32taskeng.exe C:Program FilesInternet Exploreriexplore.exe C:Windowssystem32SearchFilterHost.exe C:Program FilesTrend MicroHijackThisHijackThis.exe C:Windowssystem32DllHost.exe R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:Program FilesJavajre1.6.0binssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier4.1.805.4472swg.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:Program FilesVeoh NetworksVeohPluginsregVeohToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe O4 - HKLM..Run: [VolPanel] "C:Program FilesCreativeSBAudigyVolume PanelVolPanlu.exe" /r O4 - HKLM..Run: [updReg] C:WindowsUpdReg.EXE O4 - HKLM..Run: [broadcom Wireless Manager UI] C:Windowssystem32WLTRAY.exe O4 - HKLM..Run: [startCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe O4 - HKLM..Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe -startup O4 - HKLM..Run: [iSUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start O4 - HKLM..Run: [PCMService] "C:Program FilesDellMediaDirectPCMService.exe" O4 - HKLM..Run: [ECenter] c:dellE-CenterEULALauncher.exe O4 - HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe O4 - HKLM..Run: [atwtusb] atwtusb.exe O4 - HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe" O4 - HKCU..Run: [DellSupport] "C:Program FilesDellSupportDSAgnt.exe" /startup O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Digital Line Detect.lnk = C:Program FilesDigital Line DetectDLG.exe O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL,avgrsstx.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Aware 2007aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:Program FilesCommon FilesCreative Labs SharedServiceCreativeLicensing.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:Windowssystem32CTsvcCDA.exe O23 - Service: DSBrokerService - Unknown owner - C:Program FilesDellSupportbrkrsvc.exe O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:Program FilesSpyware DoctorpctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:Program FilesSpyware DoctorpctsSvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:Windowssystem32STacSV.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:WindowsSystem32WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 7975 bytes Quote Link to comment Share on other sites More sharing options...
zalternate Posted January 1, 2009 CID Share Posted January 1, 2009 Initially.... EULALauncher.exe There is something waiting for you to authorize a end user agreement. Preinstalled Dell Maybe? You have a Vista machine. Update AdAware to 2008 version. 2007 sucked.... Is this the only Vista machine? There are settings you can do for FIOS and optimization for Vista. Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 Yes, this is the only one that runs on Vista (all others are XP) I try to keep all of our machines optimized through speedguide (LOVE THAT SITE) but that particular machine is just a pain - she complains about the speed, but never wants to give the thing to me to work on it! Couple of issues that I know I am having there, but not sure why are - when I use the hijack this on her machine, it keeps telling me that there are parts that I cannot edit. I am the administrator on that computer, so not sure what is happening there. Then the same thing happens with the speedguide on that one, gives me the error that I cannot edit because I am not the administrator - but again, I am, and have a separate log in that I do all the clean up on as an administrator setting. Can you help me with what you mean about the end user agreement? Thanks for helping - I genuinely appreciate it. Quote Link to comment Share on other sites More sharing options...
zalternate Posted January 1, 2009 CID Share Posted January 1, 2009 C:WindowsSystem32WTMKM.exe ...Macro key manager? (EDIT: Vistablet ) Check out this line to be sure it is good or bad.. Google is not definitive on it.. Download this one for another Malware scan. It is a good one. Just to be sure nothing is residing on there. http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol&cdlPid=10896905 Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 One more thing I should probably mention. The computer with the issues is a factory refurbished Dell. It was given to my daughter for her 14th birthday, so we were not yet ready to make a huge investment. I will never buy a Dell factory refurbished product again, I have not been happy with this one since we purchased it. It cost the same as a new one, but it came with a few extras - better screen for watching movies, dvd burner etc. but it has not live up to expectations. When we first got the unit, we had issues with the thing being registred to the last owner - even though we bought it directly from dell.com. It has been nothing but a pain. Anyway, I wonder if this is why I am having the problem with being not listed as the administratior, strange though that it only happens with a very few programs. Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 Hello, Thanks again - I do have malwarebytes on that system, and we run that to check stuff very frequently. It says there is nothing on the machine. Do you know what program it is that is asking for a end user agreement? Or can you tell me the code that it is under on the hijack this log? Thanks Quote Link to comment Share on other sites More sharing options...
zalternate Posted January 1, 2009 CID Share Posted January 1, 2009 http://www.vistax64.com/vista-general/112316-eulalauncher-exe.html#post538685 O4 - HKLM..Run: [ECenter] c:dellE-CenterEULALauncher.exe Go in to the Dell E Center I suppose Dell does not wipe the systems and reinstall the operating systems? Leaving old junk can screw up things. Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 Thanks - that will help me to get rid of that little problem. The link is awesome. Still working on trying to figure this one. C:WindowsSystem32WTMKM.exe ...Macro key manager? (EDIT: Vistablet) Quote Link to comment Share on other sites More sharing options...
zalternate Posted January 1, 2009 CID Share Posted January 1, 2009 C:Program FilesCommon FilesMicrosoft SharedInkInputPersonalization.exe This is also part of Vista Tablet. Are you a desktop or a Tablet? Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 It is a Dell Inspion tablet. Quote Link to comment Share on other sites More sharing options...
zalternate Posted January 1, 2009 CID Share Posted January 1, 2009 Maybe this borrowed post will help you resolve the speed issues via a wireless connection, with a Tablet PC.... Otherwise maybe someone with FIOS can chime in..After the late night parties.... 1) Download the newest drivers and use Windows to manage the cards. Don't use Intel Pro set. 2) Uncheck the defaults in the driver settings and manually set what you need. If the default setting is what you want, uncheck the default box, change the setting then change the setting back to what you want. 3) Make sure you set transmit power to high !! 4) set the roaming aggressiveness to be appropriate to your environment. If you have only 1 AP and/or the client does not move much set it to low. If your device is mobile and you have many APs set it to high. 5) Make sure the network settings are set so that you do not scan for better networks and connect to them. Having this enabled causes 2 problems, the card wastes too many resource scanning other networks for no reason and the card may try to connect to these networks even though you do not want it to. 6) If you have a mixed mode environment B/G manually set everything to B or G. Contrary to popular belief in a network with both B and G clients, clients will perform better if they are all hard set to B than if you have a mix of B and G clients associated to the AP. This is a problem with almost every AP. The AP switching back and forth between B and G modes slows everything down dramatically. Even if you connection says 54Mbps. Quote Link to comment Share on other sites More sharing options...
tatum Posted January 1, 2009 Author CID Share Posted January 1, 2009 Thanks again! I will do what I can with the machine using the posted information, and then tomorrow I will post a new hijack this logfile if none of this works. I appreciate your help in trying to slove the problem, I will post the status of the machine when I have finshed. Tatum Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.