|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
03-17-2005, 08:35 PM
|
#1 (permalink) |
|
Registered User
Join Date: Mar 2005
Posts: 430
OS: windows XP home edition
|
new puter,slower'n the old one
upgraded my puter a coupla days ago- from p 3 550 to p4 2.4 Ghz with 256 mb memory and agp card.now after the puter runs fo a while-like about 45 mins- an hour, it is becoming sluggish in response- a simple right click of the mouse cab take about 4-5 mins to register and bring up the right click menu.i have put my old hard disk as primary slave- it's 17.5 gb and master is 40 gb. could that be why i am going slow after some time?if i restart the puter it works fine for a while and starts playing up again after a while.i am appending a hijackthis log hoping it helps someone to troubleshoot this problem. i am updating my magic:the gathering game, so it is going to show in the log
==================================================================== Log was analyzed using KRC HijackThis Analyzer - Updated on 3/2/05 Get updates at http://www.greyknight17.com/download.htm#programs ***Security Programs Detected*** C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of HijackThis v1.99.1 Scan saved at 1:05:25 PM, on 3/18/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE C:\WINDOWS\TEMP\SETUP.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.zdnetindia.com O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRAM FILES\DAP\DAPIEBAR.DLL O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe O4 - HKCU\..\Run: [RamBooster] C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE O4 - HKCU\..\Run: [Magic Spellbook] "C:\WINDOWS\DESKTOP\EXXX\SPELLBOOK.EXE" /auto O4 - HKCU\..\RunServices: [RamBooster] C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE O4 - HKCU\..\RunServices: [Magic Spellbook] "C:\WINDOWS\DESKTOP\EXXX\SPELLBOOK.EXE" /auto O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.zdnetindia.com End of KRC HijackThis Analyzer Log. ================== |
|
     |
| Sponsored Links |
|
03-18-2005, 06:29 AM
|
#2 (permalink) |
|
Analyst, Security Team
|
Is that program updating also why I see a setup file in the temp folder at:
C:\WINDOWS\TEMP\SETUP.EXE Nothing looks wrong here. If you want, try taking out the other hard drive and see if it still slows down after 45 minutes. If it still does, then give us a new HijackThis log, but don't use the analyzer this time. Just post the original hijackthis.log file here. We'll help you get rid of any unnecessary startup programs.
__________________
Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. |
|
|
|
|
03-18-2005, 07:55 AM
|
#3 (permalink) |
|
Registered User
Join Date: Mar 2005
Posts: 430
OS: windows XP home edition
|
waaa!!
yikes my puter is as slow as a snail.takes about 5-6 minutes for a mouse click to register.
 i clicked on a txt file and hit del and had to wait 2-3 mins before the 'wanna delete?' msg came up.sigh!am trying to get rid of the old hijackthis log and it's taking ages to accomplish.duh my window is now froze i think.taking ages to open up the log in notepad (i cant attach the log file as *.log right?)------------------------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 12:23:45 AM, on 3/19/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\NETDDE.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\HJT\HIJACKTHIS.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.zdnet.com O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRAM FILES\DAP\DAPBHO.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRAM FILES\DAP\DAPIEBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE O4 - HKCU\..\Run: [RamBooster] C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE O4 - HKCU\..\Run: [Magic Spellbook] "C:\WINDOWS\DESKTOP\EXXX\SPELLBOOK.EXE" /auto O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.zdnet.com --------------------------------------------------------------------------- hope this helps |
|
|
|
|
03-18-2005, 08:53 AM
|
#4 (permalink) |
|
Analyst, Security Team
|
I can't find anything wrong in this log. My guess is that it could be Norton. Boot into Safe Mode and see if you have this problem also. If not, it must be one of the Norton programs.
See if you can do the following virus scan online (if it's not too slow for this also): If you have a fast internet connection (broadband), run an online virus scan at TrendMicro. Just follow the instructions on the site to run the online scan. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.
__________________
Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. |
|
|
|
|
03-19-2005, 12:16 AM
|
#5 (permalink) |
|
Registered User
Join Date: Mar 2005
Posts: 430
OS: windows XP home edition
|
ack!!
ok ir i tried booting in safe mode a coupla times and everything works fine.but boot normal and right clicks and ie window takes a long time.also looked into msconfig and took out a few entries but i left th antivirus entry on- yet my antivirus is not starting up with windows.even if i ty to manually start antivirus, it just freezes- nothing shows up and after a while it says explorer not responding.couldnt run trend mico housecall- keeps getting error for 'update'
 also i noticed that my hard disk's SMART capability is disabled- should i enable it?*dun have a clue what SMART capability does*btw just noticed that i can right click on 'my computer' and it bings up the menu but clicking on any other icon and it takes a lotta time.
Last edited by corsair; 03-19-2005 at 12:22 AM. |
|
|
|
|
03-20-2005, 12:49 PM
|
#6 (permalink) |
|
Analyst, Security Team
|
Uninstall Norton and restart. Reinstall it and see if the antivirus works now. If you can, switch to Grisoft AVG instead of using Norton. It uses less resources and does a good job at catching viruses/trojans.
The SMART feature should be for your hard drive. I think it detects and tells you if you have problems with the hard drive or if it's failing. Enable it.
__________________
Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. |
|
|
|
| Thread Tools | |
|
|
ty tyvm
