# Computer running slow no virus found??? Help



## maddaug (Sep 7, 2003)

I would really appreciate some help with this log. Do you see anything that could cause my computer to slow way down? This seemed to start when I renewed my Trend Micro. I have considered deleting and reinstalling to see if this helps. You have always been of great assistance. Thanks 

BTW sorry this is my 2nd post. Posted 2 nights ago with no response.

Logfile of HijackThis v1.99.1
Scan saved at 4:40:31 AM, on 3/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
C:\WINDOWS\system32\RioMSC.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mtco.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mtco.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtco.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1295b413a78c3d190206/netzip/RdxIE601.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://beta.entimg.msn.com/client/msnmusax.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


----------



## dvk01 (Dec 14, 2002)

The only obvious thinmg I can see that might be causing it is Kazaa

however try this and see what it shows

Please download *WebRoot SpySweeper* from *HERE* (It's a 2 week trial):
Click the *Free Trial* link under "Downloads/SpySweeper" to download the program.
Install it. Once the program is installed, it will open.
It will prompt you to update to the latest definitions, click *Yes*.
Once the definitions are installed, click *Options* on the left side.
Click the *Sweep Options* tab.
Under *What to Sweep* please put a check next to the following:
Sweep Memory
Sweep Registry
Sweep Cookies
Sweep All User Accounts
Enable Direct Disk Sweeping
Sweep Contents of Compressed Files
Sweep for Rootkits
Please *UNCHECK* Do not Sweep System Restore Folder.

Click *Sweep Now* on the left side.
Click the *Start* button.
When it's done scanning, click the *Next* button.
Make sure everything has a check next to it, then click the *Next* button.
It will remove all of the items found.
Click *Session Log* in the upper right corner, copy everything in that window.
Click the *Summary* tab and click *Finish*.
Paste the contents of the session log you copied into your next reply.
Also post a new Hijack This log.


----------



## maddaug (Sep 7, 2003)

Well I'm off to work. I will try this later. I haven't used Kazaa in years. I actually thought it was completely deleted. Obviously not. Hey thanks for responding.


----------



## maddaug (Sep 7, 2003)

Here's the log you wanted me to post and then another hijack log:

********
5:07 PM: | Start of Session, Wednesday, March 29, 2006 |
5:07 PM: Spy Sweeper started
5:07 PM: Sweep initiated using definitions version 644
5:07 PM: Starting Memory Sweep
5:10 PM: Memory Sweep Complete, Elapsed Time: 00:03:01
5:10 PM: Starting Registry Sweep
5:11 PM: Found Adware: delfin
5:11 PM: HKLM\software\delfin\ (5 subtraces) (ID = 124849)
5:11 PM: HKLM\software\delfin\promulgate\ (4 subtraces) (ID = 124850)
5:11 PM: HKLM\software\microsoft\windows\currentversion\app management\arpcache\delfin media viewer\ (2 subtraces) (ID = 124859)
5:11 PM: HKLM\software\microsoft\windows\currentversion\uninstall\delfin media viewer\ (2 subtraces) (ID = 124878)
5:11 PM: Found Adware: great net downloadware
5:11 PM: HKLM\software\microsoft\windows\currentversion\uninstall\medialoads enhanced\ (2 subtraces) (ID = 125363)
5:11 PM: Found Adware: opensite
5:11 PM: HKCR\interface\{29f8d74f-6e5d-41c2-8f9d-8a5af2a7de97}\ (8 subtraces) (ID = 136402)
5:11 PM: HKCR\interface\{3491107c-01f4-484d-8863-ad0f745ffafe}\ (8 subtraces) (ID = 136403)
5:11 PM: HKCR\interface\{442090eb-96cb-472e-961d-b6a2c9ecfe96}\ (7 subtraces) (ID = 136405)
5:11 PM: HKCR\interface\{cc8bd378-782b-427b-bf5e-66b0144524df}\ (7 subtraces) (ID = 136411)
5:11 PM: HKLM\software\classes\interface\{29f8d74f-6e5d-41c2-8f9d-8a5af2a7de97}\ (8 subtraces) (ID = 136429)
5:11 PM: HKLM\software\classes\interface\{3491107c-01f4-484d-8863-ad0f745ffafe}\ (8 subtraces) (ID = 136430)
5:11 PM: HKLM\software\classes\interface\{442090eb-96cb-472e-961d-b6a2c9ecfe96}\ (7 subtraces) (ID = 136433)
5:11 PM: HKLM\software\classes\interface\{cc8bd378-782b-427b-bf5e-66b0144524df}\ (7 subtraces) (ID = 136439)
5:11 PM: HKLM\software\classes\typelib\{d7582785-e325-4e79-a6be-94fe09a3dd20}\ (9 subtraces) (ID = 136445)
5:11 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/ucsearch.ocx\ (2 subtraces) (ID = 136452)
5:11 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\ucsearch.ocx (ID = 136455)
5:11 PM: HKCR\typelib\{d7582785-e325-4e79-a6be-94fe09a3dd20}\ (9 subtraces) (ID = 136461)
5:11 PM: Found Adware: whenu
5:11 PM: HKLM\software\microsoft\shared tools\msconfig\startupreg\whenusave\ (5 subtraces) (ID = 140437)
5:11 PM: HKU\S-1-5-21-2347685470-994712677-550220413-1006\software\delfin\ (5 subtraces) (ID = 124848)
5:11 PM: HKU\S-1-5-21-2347685470-994712677-550220413-1006\software\medialoads\ (17 subtraces) (ID = 125355)
5:11 PM: Registry Sweep Complete, Elapsed Time:00:00:17
5:11 PM: Starting Cookie Sweep
5:11 PM: Found Spy Cookie: adknowledge cookie
5:11 PM: [email protected][2].txt (ID = 2072)
5:11 PM: Found Spy Cookie: atwola cookie
5:11 PM: [email protected][1].txt (ID = 2255)
5:11 PM: Found Spy Cookie: nextag cookie
5:11 PM: [email protected][2].txt (ID = 5014)
5:11 PM: Found Spy Cookie: realmedia cookie
5:11 PM: [email protected][1].txt (ID = 3235)
5:11 PM: Found Spy Cookie: statcounter cookie
5:11 PM: [email protected][2].txt (ID = 3447)
5:11 PM: Found Spy Cookie: tacoda cookie
5:11 PM: [email protected][2].txt (ID = 6444)
5:11 PM: Found Spy Cookie: web-stat cookie
5:11 PM: [email protected][2].txt (ID = 3648)
5:11 PM: Found Spy Cookie: burstbeacon cookie
5:11 PM: [email protected][1].txt (ID = 2335)
5:11 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
5:11 PM: Starting File Sweep
5:11 PM: Found Adware: bullguard popup ad
5:11 PM: c:\windows\temp\bullguard (1 subtraces) (ID = -2147476409)
5:11 PM: c:\documents and settings\all users\start menu\programs\delfin media viewer (3 subtraces) (ID = -2147481130)
5:11 PM: c:\program files\delfin (ID = -2147481128)
5:11 PM: c:\program files\medialoads (247 subtraces) (ID = -2147481081)
5:11 PM: c:\program files\open site (2 subtraces) (ID = -2147480518)
5:11 PM: c:\documents and settings\all users\application data\delfin (19 subtraces) (ID = -2147481138)
5:15 PM: Found Adware: clipgenie
5:15 PM: main.html (ID = 53069)
5:20 PM: f1_2b_categories.html (ID = 53045)
5:23 PM: bulldownload.exe (ID = 52017)
5:24 PM: playerslices.htm (ID = 53080)
5:24 PM: player.html (ID = 53078)
5:29 PM: Found Adware: directrevenue-abetterinternet
5:29 PM: bi9.inf (ID = 83186)
5:29 PM: scroller.swf (ID = 53090)
5:30 PM: bikpreview.wmv (ID = 53028)
5:30 PM: casinopreview.wmv (ID = 53029)
5:40 PM: celebpreview.wmv (ID = 53030)
5:40 PM: grvpreview.wmv (ID = 53061)
5:41 PM: extpreview.wmv (ID = 53042)
5:41 PM: wrdpreview.wmv (ID = 53093)
5:55 PM: medialoads.lnk (ID = 59302)
5:57 PM: delfinld.edx (ID = 57680)
5:57 PM: biini.inf (ID = 83199)
5:57 PM: content.js (ID = 53041)
5:57 PM: channelstyles.css (ID = 53034)
5:57 PM: channels.js (ID = 53036)
5:57 PM: guistyles.css (ID = 53034)
5:57 PM: launch.html (ID = 53068)
5:57 PM: f1_1.html (ID = 53043)
5:57 PM: f1_2a.html (ID = 53044)
5:57 PM: f1_3.html (ID = 53046)
5:57 PM: f2.html (ID = 53047)
5:57 PM: f3_1.html (ID = 53048)
5:57 PM: f3_2a_player.html (ID = 53085)
5:57 PM: f3_2b.html (ID = 53050)
5:57 PM: f3_3.html (ID = 53051)
5:57 PM: f3_4a_files.html (ID = 53052)
5:57 PM: f3_4b.html (ID = 53053)
5:57 PM: f3_5.html (ID = 53054)
5:57 PM: playerstyles.css (ID = 53034)
5:57 PM: delfinco.edx (ID = 57680)
5:57 PM: belt.inf (ID = 83154)
5:57 PM: Warning: Invalid Stream
5:57 PM: File Sweep Complete, Elapsed Time: 00:46:28
5:57 PM: Full Sweep has completed. Elapsed time 00:49:50
5:57 PM: Traces Found: 463
5:59 PM: Removal process initiated
5:59 PM: Quarantining All Traces: directrevenue-abetterinternet
5:59 PM: Quarantining All Traces: delfin
5:59 PM: Quarantining All Traces: bullguard popup ad
5:59 PM: Quarantining All Traces: clipgenie
6:00 PM: Quarantining All Traces: great net downloadware
6:00 PM: Quarantining All Traces: opensite
6:00 PM: Quarantining All Traces: adknowledge cookie
6:00 PM: Quarantining All Traces: atwola cookie
6:00 PM: Quarantining All Traces: burstbeacon cookie
6:00 PM: Quarantining All Traces: nextag cookie
6:00 PM: Quarantining All Traces: realmedia cookie
6:00 PM: Quarantining All Traces: statcounter cookie
6:00 PM: Quarantining All Traces: tacoda cookie
6:00 PM: Quarantining All Traces: web-stat cookie
6:00 PM: Quarantining All Traces: whenu
6:00 PM: Removal process completed. Elapsed time 00:00:16
********
5:04 PM: | Start of Session, Wednesday, March 29, 2006 |
5:04 PM: Spy Sweeper started
5:04 PM: Your spyware definitions have been updated.
5:07 PM: | End of Session, Wednesday, March 29, 2006 |

Logfile of HijackThis v1.99.1
Scan saved at 6:21:45 PM, on 3/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
C:\WINDOWS\system32\RioMSC.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mtco.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mtco.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtco.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1295b413a78c3d190206/netzip/RdxIE601.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://beta.entimg.msn.com/client/msnmusax.cab
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Thanks


----------



## dvk01 (Dec 14, 2002)

Spyusweeper found afew things but nothing taht should really slow the computer down

how is it 

are there any other symptoms at all like pop ups or diverts etc


----------



## maddaug (Sep 7, 2003)

My computer is still just as slow. Pages just take so long to load. I have noticed that anything else I use on the computer other than the internet is ok. All this seemed to develop after I renewed Trend Micro. 
Could I delete it and re-install and try that? I wasn't sure how that would have any effect on my subscription for Trend Micro. I have 2 other computers that are just fine after the install so I know it's not my internet service. 
I tried shutting off so of the options thinking scans were going on and that was the cause of the slowdown. Didn't work.


----------



## maddaug (Sep 7, 2003)

My computer is still just as slow. Pages just take so long to load. I have noticed that anything else I use on the computer other than the internet is ok. All this seemed to develop after I renewed Trend Micro. 
Could I delete it and re-install and try that? I wasn't sure how that would have any effect on my subscription for Trend Micro. I have 2 other computers that are just fine after the install so I know it's not my internet service. 
I tried shutting off so of the options thinking scans were going on and that was the cause of the slowdown. Didn't work. I wonder if I have something else going on with this computer unrelated to viruses, etc.


----------



## dvk01 (Dec 14, 2002)

It sounds like you might have windows firewall & trend firewall both enabled then

go to control panel & select windpows firewal & set it to disabled or off


----------



## maddaug (Sep 7, 2003)

Nope that wasn't it. Maybe I'll post over on another section. I still am suspect of Trend Micro. Thanks for your help. You can't realize how much you are appreciated. :up:


----------



## dvk01 (Dec 14, 2002)

If it started whwen you updated trend then it sounds very possible that is the culprit 

All I can suggest is contact Trend and see what they advise about uninstall & reinstalling it 

The only way we are going to know if it is the culprit is uninstall it and see if the problems still exist


----------

