Hi

When I first switch on my computer and log on to Pipex Broadband for about the first ten minutes my harddrive clicks as if somethings being downloaded.

This slows everything down,for instance if I try to open an e mail in outlook express during this time it takes an age to open.

Like I said after about 10 minutes the clicking stops and everything is absolutely fine for the rest of the day.

I'm running Windows XP,SP2 and have Norton 2007 and Zone Alarm.I regularly scan with Norton and run Spybot and Windows Defender once a week.

I have 2 hard discs installed,the original one and the one from a previous computer.

Any help would be appreciated

Thanks

Check your Task Manager to see if you can see what Process is using the CPU.

You are running two of the most "heavy handed" and "troublesome" programs available today i.e. Norton and Zone Alarm.

As a test I suggest temporarily stopping each from starting just to test the difference.

This can be done vis start Run... msconfig > Startup as well as Services

Here you can uncheck these programs to stop them from starting as well as go back later and re-check them to re-set your current setup.

There are probably many entries involved. Many Norton applications begin with cc e.g. ccapp.exe

Zone Alarm may appear as processes with zl as a prefix e.g. zlclient.exe

Hi

In Start up I have 34 items in in services I have over 80 items.

Should I disable some and if so which ones

Thanks

well, services, hide all microsoft services first, then choose those which you deem you don't use much. and like Jephree already said, turn off those that are related to Norton and Zone Alarm.

usually in Start Up and/or Services, if you have adwares or viruses, you might see some weird or suspicious names, you can do a search online to find out what is it, or post it here and ask around.

Also you can share your list with us for review. You have a lot of stuff going on there.

Here is a good way to get a log:

Download HijackThis: http://www.merijn.org/files/hijackthis_sfx.exe

Open it then choose: "None of the above, just start the program"


Then under "Other stuff" choose: "Config..."


Then Misc Tools

Then "Generate StartupList log"

Say "Yes" to the prompt.

You now have a text document that you can Copy/Paste back here.

When I downloaded the file I was asked to unzip and then it says unzip complete,what do I do then ??

Sorry

OK sorted it

here is the log for you to review

Thanks

StartupList report, 01/02/2007, 19:22:35
StartupList version: 1.52.2
Started from : C:\Program Files\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.5730.0011)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Cobian Backup 8\cbInterface.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\ pchbutton.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Norton AntiVirus\NAVW32.exe
C:\Program Files\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
hp psc 1000 series.lnk = ?
hpoddt01.exe.lnk = ?

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

VTTimer = VTTimer.exe
UserFaultCheck = %systemroot%\system32\dumprep 0 -u
SunJavaUpdateSched = C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
SpeedTouch USB Diagnostics = "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
SoundMan = SOUNDMAN.EXE
Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE
PS2 = C:\WINDOWS\system32\ps2.exe
KBD = C:\HP\KBD\KBD.EXE
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
hpsysdrv = c:\windows\system\hpsysdrv.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
AlcWzrd = ALCWZRD.EXE
Alcmtr = ALCMTR.EXE
AGRSMMSG = AGRSMMSG.exe
RemoteControl = "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
Mercora = "C:\Program Files\Tiscali Jukebox\MercoraClient.exe" -startup
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
osCheck = "C:\Program Files\Norton AntiVirus\osCheck.exe"
Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide
Cobian Backup 8 interface = "C:\Program Files\Cobian Backup 8\cbInterface.exe" -service
Zone Labs Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
MSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
Acme.PCHButton = C:\PROGRA~1\HELPAN~1\Presario\XPHWWRF4\plugin\bin\ pchbutton.exe
NBJ = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - F:\CASSET~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar3.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Disk Cleanup.job
FRU Task #Hewlett-Packard#hp psc 1200 series#1170257613.job
McAfee.com Update Check (YOUR-83BD725DA3-Compaq_Owner).job
MP Scheduled Scan.job
Norton AntiVirus - Run Full System Scan - Compaq_Owner.job
Symantec NetDetect.job
Zone Labs Security.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE = http://fpdownload.macromedia.com/get...irector/sw.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://download.microsoft.com/downlo...eckControl.cab

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeup...tent/opuc2.cab

[EPUImageControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.dll
CODEBASE = http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-18.cab

[MSN Photo Upload Tool]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
CODEBASE = http://by15fd.bay15.hotmail.msn.com/...s/MsnPUpld.cab

[MUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\muweb.dll
CODEBASE = http://update.microsoft.com/microsof...?1124037995406

[ICSScanner Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ICSScanner.dll
CODEBASE = http://download.zonelabs.com/bin/pro...ICSScanner.cab

[XML DOM Document 4.0]
InProcServer32 = c:\WINDOWS\system32\msxml4.dll
CODEBASE = http://rcmdemo.perfora.net/app/stati...vex/msxml4.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx
CODEBASE = http://fpdownload.macromedia.com/get...nt/swflash.cab

[IWinAmpActiveX Class]
InProcServer32 = C:\PROGRA~1\COMMON~1\Nullsoft\ActiveX\2.4\AmpX.dll
CODEBASE = http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\symlcsv1.exe||C :\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\SyKnAppS\b7c d9a26-0d58-4982-871d-33e3cd7e1f14_cohcol.wlt


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
End of report, 9,071 bytes
Report generated in 2.718 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

In one case you have both Norton and McAfee scheduled to search for updates. I don't see McAfee listed elsewhere. You should not run two AV's so if you have McAfee installed you should stop it from starting.

Also it appears that Norton is set to run a virus check on startup. This could be a major drain. Check your Norton options and stop Run scan on boot (or some such entry).

You have a lot of programs starting update services which are totally unnecessary.

I only let my AV and firewall start on boot.

Again you can experiment with all these options via start Run... msconfig

Startup as well as Services. Under services click Hide Microsoft Services then the rest will be safe to turn off for this diagnostic approach.

If indeed Norton is set to scan on boot this could be your main issue.

Enumerating Task Scheduler jobs:

Disk Cleanup.job
FRU Task #Hewlett-Packard#hp psc 1200 series#1170257613.job
McAfee.com Update Check (YOUR-83BD725DA3-Compaq_Owner).job
MP Scheduled Scan.job
Norton AntiVirus - Run Full System Scan - Compaq_Owner.job
Symantec NetDetect.job
Zone Labs Security.job

Thanks again

there appears to be no option on Norton to turn off scan on start up,is it set by Norton as a default setting?Also McAfee was only installed on my computer for a couple of hours before I removed it through Add/Remove programmes so Idon't know why it still appears.



I'll have play around and get back to you in a few days to let you know how things go.

Steve

This article show how to set the startup scan so I assume you can reverse the process:

How to Schedule a Startup Scan

Use Startup Scans when you want to scan for viruses each time you start your computer. You can choose to scan your entire computer or only certain files, folders, and drives.

To schedule a Startup Scan:

1. Open Symantec AntiVirus by right-clicking the yellow Shield icon that's located in the Windows' system tray which is on the far right end of your task bar. Then, click Open Symantec AntiVirus... .
2. In the left window, click the plus sign (+) next to Startup Scans to expand the menu, then click New Startup Scan.
3. In the right window, type a name for the scan in the Name field and a description of the scan in the Description field; click Next. The name of the new startup scan appears at the top of the window.
4. In the Scan window, select the areas you want scanned during startup, then click Save. For example, to scan a specific file within a folder, navigate to the location of the file by clicking the plus (+) next to each menu until you reach the file. Select the file by clicking the blank box next to it. A plus scan (+) and a checkmark will appear beside your selection.
5. Click Save to save your settings. The name of the new startup scan you created appears in the left panel of the Symantec AntiVirus main window.

When you start Windows the next time, the scan will begin.

Click Exit to quit Symantec AntiVirus.