Vista Running Slow

so according to your last screenshot what is in the taskbar on the left hand side is actually running so a couple of hundred mb taken make sense

i feared win7 alone had taken most of it *g*

thanx for the additional info!

@ Chewy ... here you go

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:44:42 PM, on 12/30/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\PC Tools AntiVirus\PCTAV.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Users\Me\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Windows\system32\taskeng.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\sw g.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [googletalk] C:\Users\Patty\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O13 - Gopher Prefix:
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 6343 bytes

That's way too bloated for graphics or video work

Didn't it seem like there's more than one anti-virus running too? Or maybe it's
just a task tray launcher. But yeah, no wonder memory was running low. I only had one Out Of Memory error dialog since I quit using a page file(must be at least 4 or 5 months now I think.) I kept running VLC media player trying to view a bad video file. Turns out the GUI wasn't visible but there were 1/2 dozen vlc.exe files hung from choking on the file. Killed 'em and all was well.

Another thing helpful if you want to run with no swap is this article how to limit Superfetch to only caching boot files. You still get quick boots but it quits gathering statistics on all your programs.

@ chewy I got you now. Thought it meant more security instead of better.

@ uncas and chewy I get updates almost everyday from avira. Is that server issue a overseas thing in UK, or is Avira falling off? I have no problems at all. As a matter of fact, it rang up a loud siren the other day preventing something from gaining access. Asked me to remove or prevent. I think maybe some of you guys are really across the web in many sites for long time, and that's why maybe all the scrutiny w/security and what's working or not?

I never updated ie to 6 or 7, and now it's at 8. I really don't use it, but is there something to look out for as it's part of xp home? Figured they tightened up ie 6, and even 7 for the security leaks/issues it had.

@ Miles you ditched sandboxie, or just didn't upgrade to recent version? Also, isn't it wise to keep the antivirus running whether you're doing something or not? Isn't that the reason for having a av proggie? To prevent viruses from the get go? I asked this a while back, and now I'm confused. sandboxie is a antivirus no? How long can you go w/a virus until the next scan before it can't be removed and you'd have to reinstall? Thnx.

here's an example of a seldom used program running at bootup

@dr_ml422 I haven't ditched Sandboxie. Some versions run better than others. After a few updates then I'll try a newer version again. If it doesn't work as well or better I reinstall the optimal one. Sandboxie is not an anti-virus like those other programs. It traps disk access. There's no point in running all the apps on a machine sandboxed. Might as well just use Virtualbox. If I'm going to a web site I'm not familiar with.. like if I get a link from a board I don't know that much about, I'll fire up the sandboxed browser.

You can leave the Sandboxie service running all the time if you want. Just takes up CPU cycles if you're not running any sandboxed programs.

I have an alias called 'boxoff' that does
C:\Windows\system32\sc.exe stop SbieSvc

that's all it takes to stop the service so why run it when not using it?
In any case if you look at the web site there's a description of how it works
with diagrams. I suspect one reason MS changed the security of Vista 64 is because you can't sell a virus database subscription for a Service that doesn't need it. If it traps the disk write before it happens that's way better than looking up a file to see if it's bad.

What do you think now? I got things pared back pretty well, but I know I can do better. Just don't know what can go or not.

Here's a page that describes most of the Vista services. Depending on what you do with your PC you can disable many of them or set them to Manual.

Vista Service Explained

I don't understand this right now. Are you referring to this particular program you provided the link to? Or is this what could happen when programs are running simultaneously at startup, but not used at the moment or rarely used?

Now I think I'm not properly using a antivirus program the way it's suppose to. In other words, if I'm just doing computer work, but not on the web via a browser, but still connected online, there's no need to have the av program on until I actually open up ie/or ff or w/e to browse?


I'm also going to study those definitions for registry keys and how hijackthis works as I never used this program, but via your link, and the link it provided it broke down what that 04 category of apps./keys were. Which is great info.

This went over my head for the moment. I'm trying to figure out what you're trying to teach me.

It's complicated dr ml, her problem is(or was) not having vista optimized(too many services) then using a lot of crapware or unnecessary programs loading at bootup, then an AV suite running protection then doing some very heavy duty graphics work.

Each extra program takes resources but more importantly may have conflicts

Lean and mean eliminates these potential problems

nice images

Nice images btw. That stuff floors me. When I was messing around with POVRay for Windows a guy let me have one of his works for a wallpaper.
A hand holding a sphere with people and trees inside. Amazing stuff.

I don't know what fractal software is out there for Linux these days but you can choose the Window Manager. When doing heavy work you can load in a very small and light window manager program(the Linux equivalent of Explorer.exe) to maximize resources. But Linux can be a pita too.

I know what you mean by conflicts as I had to change the preferences in VLC because it was conflicting w/1 of my burning apps. Lucky I thought quickly and went to VLC and did that or else I'd still be wondering why I couldn't burn a simple audio file.

I'm staying lean and mean w/XP Home until there's no more support I think. By that time either Windows 7 or even 8 will prolly be out. Just for today anyway.

I'm going to hang out w/our friend Google and find out how and when to run AV programs. Any ?'s I'll either start a new thread or hit the AV thread and post there. There seems to be differing takes on how one uses their AV proggie as there's w/a lot of other stuff. I know there has to be a best safe way though suggested and that's the ticket. Way better than doing a clean reinstall that's for sure.

You all are great, thank you! I will get to the Comodo and the Vista services in the morning. I am so tired. Made a traditional Japanese New Year dish, Mochi Soup ... yum!

Anyway, I have two other questions ...

1. why won't Firefox save any of my bookmarks?
2. when I turn on the computer, it wants me to hit the F1 key to continue. I have to go into BIOS but I don't know what to change in the boot settings

multiple reasons for that, see for what its showing F1 prompt... usually its posted befre the F1 prompt...

example cant find floopy drive press F1 to continue......