Ask Experts Questions for FREE Help !
Ask
    Dano4193's Avatar
    Dano4193 Posts: 6, Reputation: 1
    New Member
     
    #1

    May 20, 2008, 07:56 AM
    Computer slowing down dramatically, Anti-Virus Software doesn't appear to be working
    Hi all,
    I have AVG anti virus software and Super Anti Spyware (both free) loaded on my Win XP machine. When I run them they seem to constantly pick up spyware etc. But after I clean up what they find it is still running very slow. Even to open a browser is slow.
    Can anyone help me out as to what would be the next step to do? I am a Software tester so I'm kind of medium techy and don't mind doing stuff myself any help is greatly appreciated... dano
    invisibleman_productions's Avatar
    invisibleman_productions Posts: 207, Reputation: 12
    Full Member
     
    #2

    May 20, 2008, 12:52 PM
    Hello Dano

    Please run all the 5 steps listed here

    And please post a hijackthis log if you still have any problems after running all the steps.
    Dano4193's Avatar
    Dano4193 Posts: 6, Reputation: 1
    New Member
     
    #3

    May 20, 2008, 08:40 PM
    Thanks for the help. When I tried to download/run Adblock plus and noscript I got a message, "Illegal operation strongly advised to restart Netscape" and then Netscape would open.

    Here is my HJT log...
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:36, on 2008-05-20
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\AceBIT\WISE-FTP\WF_Scheduler.exe
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\HP\KBD\KBD.EXE
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\HP_Administrator\Desktop\HiJackThis(2).ex e

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com - Welcome to AOL
    R3 - URLSearchHook: Harmony Hollow Software Toolbar - {3806b089-6759-411d-b2c3-b7995a9f34d7} - C:\Program Files\Harmony_Hollow_Software\tbHar1.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Harmony Hollow Software Toolbar - {3806b089-6759-411d-b2c3-b7995a9f34d7} - C:\Program Files\Harmony_Hollow_Software\tbHar1.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Harmony Hollow Software Toolbar - {3806b089-6759-411d-b2c3-b7995a9f34d7} - C:\Program Files\Harmony_Hollow_Software\tbHar1.dll
    O4 - HKLM\.. \Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\.. \Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\.. \Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\.. \Run: [nwiz] nwiz.exe /install
    O4 - HKLM\.. \Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\.. \Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\.. \Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
    O4 - HKLM\.. \Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\.. \Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\.. \Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\.. \Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\.. \Run: [Ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\.. \Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\.. \Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\.. \Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.1\masqform.exe /RegServer -UpdateCurrentUser
    O4 - HKLM\.. \Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\.. \Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\.. \Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\.. \Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\.. \Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
    O4 - HKCU\.. \Run: [Wise-FTP Scheduler] C:\Program Files\AceBIT\WISE-FTP\WF_Scheduler.exe
    O4 - HKCU\.. \Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\.. \Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: QNEORG.lnk = C:\Program Files\Stay Organized Quick and Easy\QNEORG.exe
    O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
    O8 - Extra context menu item: &Search - ?p=ZUxdm080YYUS
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
    O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://usbportal.usbank.com/iNotes6...s.com,CT=java+
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    --
    End of file - 8753 bytes
    invisibleman_productions's Avatar
    invisibleman_productions Posts: 207, Reputation: 12
    Full Member
     
    #4

    May 21, 2008, 07:52 PM
    Even to open a browser is slow.
    After checking you logs I see the reason your browser starts slow is because you have too many BHO(02) and tool bars (03)

    The below ones are bad ,check and click fix
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O8 - Extra context menu item: &Search - ?p=ZUxdm080YYUS

    Also you have a lot of programs start up when your computer starts (O4) which takes up a lot of memory.
    paste you log in the HiJackThis! Log auto analyzer and it will highlight the programs which are un-necessary

    1 Check and remove all R0,R1,R3,02,03,08,09,012

    2 Click start>click run type in msconfig and then press enter. Go to the start up tab and uncheck everything except your anti virus.click OK and reboot. When you come back to the desktop check the box 'do not show this message again" and click OK .

    3 Run a complete scan with Dr.Web CureIt! Ô€ô download free anti-virus! Cure viruses, Best free anti-virus scanner!

    Other recommendations replace your anti virus symantec with another anti virus programs like avg.
    Dano4193's Avatar
    Dano4193 Posts: 6, Reputation: 1
    New Member
     
    #5

    May 21, 2008, 08:19 PM
    Wow... thanks a lot for the help, it is running much better. Can you explain again how to do this part? I couldn't find where the hjt auto analyzer is located?
    Paste you log in the HiJackThis! Log auto analyzer and it will highlight the programs which are un-necessary
    Dano4193's Avatar
    Dano4193 Posts: 6, Reputation: 1
    New Member
     
    #6

    May 23, 2008, 08:18 AM
    Help... now I have some real trouble. It was running good last night. This morning, I noticed it was rebooted and the screen for Safe mode, restart in Win xp or restore system was up. I tried the one choice to continue to open in Win xp but it kept rebooting back to the same screen. I finally selected restore system. Now all documents, all our personal stuff is now gone...
    What do I do now? How can I get back all our files, pictures etc? Thanks..
    invisibleman_productions's Avatar
    invisibleman_productions Posts: 207, Reputation: 12
    Full Member
     
    #7

    May 23, 2008, 11:44 AM
    You will have to do a system restore back to today "if " today's date is highlighted.

    Never do a system restore when you have a virus issue. The virus gets stored in the system restore folder and if you restore to that date it will come back.
    Dano4193's Avatar
    Dano4193 Posts: 6, Reputation: 1
    New Member
     
    #8

    May 23, 2008, 01:40 PM
    Does it matter at all if it is a HP machine? I saw an article on the internet that said it depends on whether a person chose Recovery or Restore. I think I chose Recovery...
    Dano4193's Avatar
    Dano4193 Posts: 6, Reputation: 1
    New Member
     
    #9

    May 23, 2008, 05:17 PM
    How do I do a system restore back to today "if " today's date is highlighted. I don't see any date when I go into system restore all is shows is a checkbox for turning off system restore on all drives and the available drives which are c and d

Not your question? Ask your question View similar questions

 

Question Tools Search this Question
Search this Question:

Advanced Search

Add your answer here.


Check out some similar questions!

Is It BEST to purchase an Anti-Virus Software than Downloading from the Net [ 2 Answers ]

Ok here is the problem. I just got a new laptop more than a week ago and I'm currently running it on Windows Vista, basically I really want to protect my computer from viruses. My question is, what's better? Purchasing an Anti-Virus software OR Downloading from the Net?. Right now I'm not...

My computer is slowing down. [ 4 Answers ]

Hello, When I make any action "like changing a web page" my computer slows down and in my Windows task manager it shows that my CPU usage history spike all the way to the top. I haven't added anything new to my computer lately and in fact I have gotten rid of a few things to try to speed it up. I...

What's the best Anti Spyware and the best Anti Virus? [ 4 Answers ]

Just curious as to what works best for you? Take care, Happy Holidays to you and yours

What is slowing down my computer? [ 4 Answers ]

I'm running a 3.0GHz EMT64 CPU, 1GIG of dual-channel memory, Windows 2000Pro (hyperthreading turned off) and a 64-bit capable motherboard of course. When I close or a window such as IE, I can't reopen it from the taskbar although I can still see it open down there. After about 15 seconds, it goes...

Anti virus disable, is is a virus? [ 1 Answers ]

I was running AVG atni-virus, and it just stopped working... it would start to scan then completely close out, so I deleted it off my computer and re installed it I had the same problem so I got norton and I had the same problem. áso I'm guessing I have something on my computer that's turning them...


View more questions Search