Avast WEBforum
Other => General Topics => Topic started by: beefpuppy334 on May 31, 2009, 05:09:43 AM
-
Help. Since I installed Avast I have trouble with lag whle playing TrackManiaNations. The game lags (stops and starts).
I opened Task Manager and find that SERVICES.exe is working when ever the lag happens.
I ran Trend Micro's HighJackThis and posted at bottom.
How can I fix this? Any ideas?
I am up to date with all Windows/Microsoft software.
Win 2kpro
1.8Ghz
512 Mb
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:50 PM, on 5/30/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Icons\Seticon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Seticon] C:\Program Files\Icons\Seticon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Policies\Explorer\Run: [wininet.dll]
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137468697662
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147477087438
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} (Monopoly Control) - http://www.worldwinner.com/games/v46/monopoly/monopoly.cab
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} (MysteryPI Control) - http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinner.com/games/v44/golfsol/golfsol.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: SBHookSvc - Motive Communications, Inc. - C:\PROGRA~1\SBCSEL~1\SMARTB~1\SBHookSvc.exe
--
End of file - 5786 bytes
-
Just a quick reply, without thorough investigation,
- Your Java is seriously out of date.
-It's a Windows2000 system, so I'm guessing that maybe it's an older computer, with probably 512Mb of Ram?
- You have a lot of processes running at startup, some of which probably don't need to run. If your system is fairly low-spec, this will be using some of its capacity, which could cause the pausing.
-Double check that your Avast processes are set to "standard" rather than "thorough".
This is without checking any of your files for malware, cursory glance nothing leaps out.
-
***
In addition to what Tarq posted above :
O4 - HKLM\..\Policies\Explorer\Run: [wininet.dll]
HJT rates this as a BAD entry. While wininet.dll is a legitimate MS file, this entry is possibly related to a malware infection. Please do not fix this entry without input from another such as Polonus, Oldman, etc.
Overview of running tasks:
smss.exe
System task
Session Manager Subsystem
winlogon.exe
System task
Microsoft Windows Logon Process
services.exe
System task
Windows Service Controller
lsass.exe
System task
Local Security Authority Service
Ati2evxx.exe
Driver
ATI Display Adapter Assistant
svchost.exe
System task
Microsoft Service Host Process
spoolsv.exe
System task
Microsoft Printer Spooler Service
aswUpdSv.exe
Virusscan
Avast Anti-Virus Component
ashServ.exe
Virusscan
Avast
cmdagent.exe
Firewall
Comodo Agent Service
svchost.exe
System task
Microsoft Service Host Process
regsvc.exe
System task
Remote Registry Service
MSTask.exe
Backgroundtask
Windows Task Scheduler
stisvc.exe
System task
Microsoft Still Image Service
WinMgmt.exe
Backgroundtask
Windows Management Service
svchost.exe
System task
Microsoft Service Host Process
Ati2evxx.exe
Driver
ATI Display Adapter Assistant
CPF.exe
Firewall
Comodo Firewall
Seticon.exe
Driver
6-in-1 Media Card Module
ashDisp.exe
Virusscan
Avast AntiVirus
explorer.exe
System task
Microsoft Windows Explorer
ashMaiSv.exe
Virusscan
Avast Anti-Virus Component
ashWebSv.exe
Virusscan
avast! Web Scanner
iexplore.exe
Application
Microsoft Internet Explorer
msimn.exe
Application
Microsoft Outlook Express
HijackThis.exe
Application
Merijn Hijackthis
***
-
WOW
Thanks for all the info on the programs. Good Stuff!
-I realize that this system is old, but until I installed Avast, I never had trouble with this game. Avast only slows down this one game. Other games, websites and such work fine. I have zero complaints about the program so far and if we can get past this issue I plan on purchasing after the free trial. (AVG is another story).
I will update the JAVA then will try shutting down a bunch of the programs at startup and see if it helps. Maybe one of them is not playing nice with the others and is demanding more attention:-)
Thanks
Beef
-
Lots of stuff can be prevented from running at start using its own program settings. That's the preferable way to do it. If such settings are not available, the remaining (unwanted) stuff can be disabled from starting using msconfig. (I think that's an option in Windows2000).
Last but not least, if you're in the somewhat risky mood to tweak, it is sometimes safe to disable or set to "manual" some of the services.
Have a look at http://www.blackviper.com/ (http://www.blackviper.com/) and the Windows 2000 SP4 configurations. Be warned, though, make yourself aware of what you are doing before disabling services, and don't overdo it.(Blackviper has good advice in this regard.) This is entering experimental territory.
You're welcome for the help.
-
Hi beefpuppy334,
Wait until CharleyO comes back online, he will assist you with a tool to see whether this wininet.dll file on your machine is infected or not. He will give you all the instructions,
polonus
-
***
Hi Beefpuppy,
As polonus suggested above, I am back with some instructions to test & fix your version of wininet.dll should it be infected which is suggested by the 04 entry I listed above.
Download to your desktop SmitfraudFix.exe (by S!Ri), from here: http://siri.urz.free.fr/Fix/SmitfraudFix.exe so that it easy to find.
If this fails, download it from this page here: http://72.232.135.12/siri/SmitfraudFix.php
Start your PC in SafeMode.
If you do not know how to start in safe mode, here is how to do that:
http://users.pandora.be/marcvn/spyware/1378056.htm
Doubleclick smitfraudfix.exe
Choose option #2 - then press "Enter" to remove infected files.
A prompt will appear with this question: ""Registry cleaning - Do you want to clean the registry ?"
Answer "yes" by typing in y then press "Enter".
When your PC does not re-start, manually restart in normal mode.
The tool will now determine whether wininet.dll has been infested. You may expect a question like you want to replace the infected file. Answer "yes" by typing in y and press "Enter".
It could be the tool will re-start your PC, let it do so, if not re-start manually in normal mode.
A textfile will open with the results of the fix. Post the contents of this as an attached txt.file to your next posting, you could also find this report in c:\report.txt)
Also post a fresh HijackThis log.
***
-
Hi beefpuppy334,
Well apparently the download links won't work there, so use this for SmitFraudfix: http://siri.geekstogo.com/SmitfraudFix.php
For the rest follow CharleyO's instructions,
Extra How to go to SafeMode for Win 2000: http://www.computerhope.com/issues/chsafe.htm#02
polonus
-
***
Thanks for the updated link, Polonus. :)
***