Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 2 3 [4]  All   Go Down

Author Topic: PC running slow, malware scans show nothing  (Read 18127 times)

0 Members and 1 Guest are viewing this topic.

dl65

  • R.I.P.


    • Prodigy

    Thanked: 18
    Re: PC running slow, malware scans show nothing
    « Reply #45 on: July 27, 2006, 05:06:13 PM »
    squirrel......  I just got back , how about posting a new hijackthis logfile .........as the old one has now changed .......


    dl65  ::)
    Logged
    If you don't know the answer, it isn't a dumb question.

    Neil



      Expert
    • Fear me Track. Noone can escape my wrath.
      • Thanked: 3
      Re: PC running slow, malware scans show nothing
      « Reply #46 on: July 28, 2006, 10:02:59 AM »
      svchost.exe is normal to appear several times. My largest one takes up 21,640kb. Unless it is more than that, not a problem.

      It sounds like the best thing to do is to format the harddrive. This will lose all data on the harddrive, so make sure you back it up on CD or other computer. You'll need a legal Windows XP disk (or whatever OS you are using) and the drivers disk which you should have been given with your computer, but you might be able to download these. Formatting can be hard because you'll lose the data, but it will have 95% chance of fixing this problem. Because everything goes, including the bad stuff. We can then help you install Windows the "proper" way to minimize the risk of this happening again. (But if this is your only Interent computer, let us give you the instructions first of course!)

      But if you want to keep on trying for the moment to fix it, on the task manager processes list list for us all the processes which use lots of memory, or anything you think looks suspicious (or the whole list if you have time). We can then see if it has anything suspect in it.

      Have you ran checkdisk and defragmented the drive? I haven't read all of this thread.
      Logged

      panboy



        Adviser

      • Its all just a twisted game of cat and mouse
        • Thanked: 4
        Re: PC running slow, malware scans show nothing
        « Reply #47 on: July 28, 2006, 10:27:40 AM »
        Quote
        Have you ran checkdisk and defragmented the drive? I haven't read all of this thread.

        You really Should Read the Entire Tread First, if you had you'd know Squirrel does not want to Format and Has Run scan Disk and Defrag.

        And the computer is not So craped out that a Format is Necessary, its only got a Few bug's they just seem to big of the Big slow Verity
        Logged
        Wields The Mighty Hammer of Computer Justice

        squirrel

        • Guest
        Re: PC running slow, malware scans show nothing
        « Reply #48 on: July 28, 2006, 11:26:56 AM »
        running much better since i deleted viewpoint. going to run hijack this, be right back.
        Logged

        squirrel

        • Guest
        Re: PC running slow, malware scans show nothing
        « Reply #49 on: July 28, 2006, 11:29:49 AM »
        here it is. . .if there's anything else i need to delete?  BTW, managed to erase norton's completely ;D

        Logfile of HijackThis v1.99.1
        Scan saved at 1:27:47 PM, on 7/28/2006
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
        C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
        C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
        C:\WINDOWS\system32\cisvc.exe
        C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
        C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
        C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
        C:\WINDOWS\system32\cidaemon.exe
        C:\Program Files\AIM\aim.exe
        C:\WINDOWS\explorer.exe
        C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
        C:\WINDOWS\system32\WISPTIS.EXE
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        C:\Program Files\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mcps.k12.md.us/
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)
        O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
        O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
        O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
        O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
        O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        Logged

        squirrel

        • Guest
        Re: PC running slow, malware scans show nothing
        « Reply #50 on: July 28, 2006, 11:30:14 AM »
        O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
        O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
        O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
        O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
        O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
        O17 - HKLM\System\CCS\Services\Tcpip\..\{E822D072-1DF4-4EB3-8498-8756684C7E46}: NameServer = 205.222.5.22,205.222.5.23
        O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
        O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
        O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
        O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
        O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
        O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

        Logged

        dl65

        • R.I.P.


          • Prodigy

          Thanked: 18
          Re: PC running slow, malware scans show nothing
          « Reply #51 on: July 28, 2006, 01:19:24 PM »
          Hi Squirel.......  Ok , heres what I see.........
          You arent running any firewall , which is ok ........ and not causing any issue ......   but , I'm seeing referance to 2 differant AV scanners running ...AVG  and some active virus scanner from McAfee ........ Really you only be running one ...... Anti virus application ........... it's ok to have a second one installed , but it shouldnt be active .......

          Now on to the log file .........

          I would mark for removal , the following :
            
          O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)

          now then please check these items and only leave them if you know what they are and trust them ..........

          O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -   [highlight]appears to be a active X item ...... if you dont know and trust it remove it .[/highlight]

          O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -       [highlight]Same comment as above [/highlight]

          O17 - HKLM\System\CCS\Services\Tcpip\..\{E822D072-1DF4-4EB3-8498-8756684C7E46}: NameServer = 205.222.5.22,205.222.5.23      [highlight]Is this address part of your ISP or do you know it to be safe ?[/highlight]

          that IP address appears to be ........ part of ...... Montgomery County Public Schools     [highlight]Does that sound right to you ? [/highlight]

          let us know about those questionable entries ..........

          dl65  ::)
          « Last Edit: July 28, 2006, 01:20:38 PM by dl65 »
          Logged
          If you don't know the answer, it isn't a dumb question.

          squirrel

          • Guest
          Re: PC running slow, malware scans show nothing
          « Reply #52 on: July 28, 2006, 01:34:56 PM »
          Quote
          Hi Squirel.......  Ok , heres what I see.........
          You arent running any firewall , which is ok ........ and not causing any issue ......   but , I'm seeing referance to 2 differant AV scanners running ...AVG  and some active virus scanner from McAfee ........ Really you only be running one ...... Anti virus application ........... it's ok to have a second one installed , but it shouldnt be active .......

          Now on to the log file .........

          I would mark for removal , the following :
            
          O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)

          okay. . .

          Quote
          now then please check these items and only leave them if you know what they are and trust them ..........

          O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -   [highlight]appears to be a active X item ...... if you dont know and trust it remove it .[/highlight]

          O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -       [highlight]Same comment as above [/highlight]

          is active x bad? how do i know company doesn't need it there?

          Quote
          O17 - HKLM\System\CCS\Services\Tcpip\..\{E822D072-1DF4-4EB3-8498-8756684C7E46}: NameServer = 205.222.5.22,205.222.5.23      [highlight]Is this address part of your ISP or do you know it to be safe ?[/highlight]

          that IP address appears to be ........ part of ...... Montgomery County Public Schools     [highlight]Does that sound right to you ? [/highlight]
          Yes. that's the company.--HEY!!! HOW DID YOU FIND THAT OUT? DOES IT SAY THAT, TOO????? :-?
          « Last Edit: July 28, 2006, 01:41:25 PM by squirrel »
          Logged

          dl65

          • R.I.P.


            • Prodigy

            Thanked: 18
            Re: PC running slow, malware scans show nothing
            « Reply #53 on: July 28, 2006, 01:54:27 PM »
             squirrel.......  I just did a little research on that ip address nd there is a whack of info available , but thats all I showed ........
            so this is a work machine then ...and not your personel home machine then ?

            Active X can be a problem , but in your case it may be ok .

            dl65  ::)
            « Last Edit: July 28, 2006, 01:55:38 PM by dl65 »
            Logged
            If you don't know the answer, it isn't a dumb question.

            squirrel

            • Guest
            Re: PC running slow, malware scans show nothing
            « Reply #54 on: July 28, 2006, 01:55:27 PM »
            yeah. earlier in the thread i think i mentioned that.  ::) 8-)
            Logged

            squirrel

            • Guest
            Re: PC running slow, malware scans show nothing
            « Reply #55 on: July 28, 2006, 02:09:56 PM »
            here is yet another hijackthis log file. . .if ya need it. :)

            Logfile of HijackThis v1.99.1
            Scan saved at 4:07:52 PM, on 7/28/2006
            Platform: Windows XP SP2 (WinNT 5.01.2600)
            MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

            Running processes:
            C:\WINDOWS\System32\smss.exe
            C:\WINDOWS\system32\winlogon.exe
            C:\WINDOWS\system32\services.exe
            C:\WINDOWS\system32\lsass.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\System32\svchost.exe
            C:\WINDOWS\system32\spoolsv.exe
            C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
            C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
            C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
            C:\WINDOWS\system32\ctfmon.exe
            C:\Program Files\Messenger\msmsgs.exe
            C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
            C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
            C:\WINDOWS\system32\cisvc.exe
            C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
            C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
            C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
            C:\WINDOWS\system32\cidaemon.exe
            C:\Program Files\AIM\aim.exe
            C:\WINDOWS\explorer.exe
            C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
            C:\WINDOWS\system32\WISPTIS.EXE
            C:\Program Files\Internet Explorer\IEXPLORE.EXE
            C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
            C:\Program Files\Internet Explorer\IEXPLORE.EXE
            C:\Program Files\HijackThis.exe

            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mcps.k12.md.us/
            O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
            O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
            O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
            O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
            O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
            O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
            O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
            O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
            O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
            O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
            O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
            Logged

            squirrel

            • Guest
            Re: PC running slow, malware scans show nothing
            « Reply #56 on: July 28, 2006, 02:10:15 PM »
            O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
            O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
            O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
            O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
            O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
            O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
            O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
            O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
            O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
            O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
            O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
            O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
            O17 - HKLM\System\CCS\Services\Tcpip\..\{E822D072-1DF4-4EB3-8498-8756684C7E46}: NameServer = 205.222.5.22,205.222.5.23
            O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
            O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
            O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
            O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
            O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
            O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

            Logged

            dl65

            • R.I.P.


              • Prodigy

              Thanked: 18
              Re: PC running slow, malware scans show nothing
              « Reply #57 on: July 28, 2006, 02:47:04 PM »
               squirrel........ Your hijackthis logfile looks ok ........ except , I still referances to more than 1 av ........

              How is the machine running now ?     The lack of co-operation between the differant AV scanners may be causing some lag ....... ( but only you would know that)    
              The only other thing I can suggest would be a clean install , which you dont want to do .

              dl65  ::)
              Logged
              If you don't know the answer, it isn't a dumb question.

              squirrel

              • Guest
              Re: PC running slow, malware scans show nothing
              « Reply #58 on: July 28, 2006, 02:48:06 PM »
              running much much much much much much mucxh much much better!!!!!!  :) :) :) :) :) ;D ;D ;D 8-) ;D ;D ;D 8-) 8-) 8-) 8-) 8-) 8-) ;D ;D ;D ;D

              [highlight]THANX[/highlight]
              « Last Edit: July 28, 2006, 02:49:15 PM by squirrel »
              Logged

              dl65

              • R.I.P.


                • Prodigy

                Thanked: 18
                Re: PC running slow, malware scans show nothing
                « Reply #59 on: July 28, 2006, 04:14:15 PM »
                The issue appears to have been resolved  
                [size=16] this topic is closed [/size]


                dl65  ::)
                « Last Edit: July 28, 2006, 04:14:48 PM by dl65 »
                Logged
                If you don't know the answer, it isn't a dumb question.
                Pages: 1 2 3 [4]  All   Go Up
                « previous next »