Solve : Computer Running Slow/Infected?? – InterviewSolution

1.	Solve : Computer Running Slow/Infected??
Answer» Hi, My computer once again is acting like it has a big problem. I have noticed when I start windows, and run just about any programt anytime, the system is slower. Online browsing is delayed, and often has crashes. I have tried to resolve this problem by using the standard methods of running: CCleaner Symnatec Anti-Virus Ad-Aware Spybot Search and Destroy eWido I have cleaned and quarinteined when possible and yet the system shows minimal improvement. For some one reason, one virus in Ad-Aware has been moved to ignore. Further Symnatec shows the same viruses nightly. I have listed below the latest results from running HiJack This and As-Adware HiJack This: Logfile of HijackThis v1.99.1 Scan saved at 10:24:27 AM, on 11/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running PROCESSES: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\AOL\1154149194\ee\AOLSoftware.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Trent Berger\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dell.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154149194\ee\AOLSoftware.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe Ad-Aware: Scan Results Ad-Aware 2007 FREE Edition Log File Created on: 2007-11-0810:03:53 Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef Computer name: TRENT-31A63E0D1 Name of user performing scan: SYSTEM Name of user ordering scan: Trent Berger Scan completed successfully •System Information •File Version Information •Ad-Aware 2007 Settings •Extended Ad-Aware 2007 Settings •Database Information •Scan Statistics •Scan Detailed Statistics •Infections Found •Listing of running processes System Information Number of processors: 1 Processor type: Mobile Intel(R) Pentium(R) 4 CPU 3.06GHz Memory Available: 32% Total Physical Memory: 536195072 Bytes Available Physical Memory: 167235584 Bytes Total Page File Size: 1306722304 Bytes Available On Page File: 732647424 Bytes Total Virtual Memory: 2147352576 Bytes Available Virtual Memory: 2002599936 Bytes OS: Microsoft Windows XP 5.1 (Build 2600) [to top] File Verion Information FileVersion CEAPI.dll7, 0, 2, 3 aawservice.exe7, 0, 2, 3 Ad-Aware2007.exe7.0.2.3 [to top] Ad-Aware 2007 Settings Skipping files larger than: 1048576 Bytes Ignoring infections with lower TAI than: 3 Safe Mode: False [to top] Extended Ad-Aware 2007 Settings •Unload malicious processes and modules •Unload Modules •Let Windows remove files at Start-Up •Deactivate Ad-Watch •Re-analyze Scan Result •Update Definitions on startup •Delete Restored Items •Permanent Archive CACHING •Write Protect System Files •Create Log file •Include basic settings •Include advanced settings •Include user and computer name •Environment information •Running processes •Running processes and modules •Include info about ignored objects in log file •Consider definitions File Outdated after x days •Proxy URL •Proxy Port [to top] Database Info Version number: 32 Build Number: 0 Build Date and Time: 2007/11/0703:48:36 [to top] Scan Statistics Method: Smart Items Scanned: 106460 Infections Detected: 0 Infections Removed: 0 Infections Quarantined: 0 Infections Ignored: 1 [to top] Scan Detailed Statistics TypeCriticalTotal Process Scan00 Registry Scan00 Registry PE Scan00 Hosts Scan00 File Scan00 Folder Scan00 LSP Scan00 ADS Scan00 Cookie Scan00 File Hash Scan00 [to top] Infections Found Family IdNameCategoryTAI Quarantined Objects Family IdNameCategoryTAI Removed Objects Family IdNameCategoryTAI [to top] Does anybody know 1)Why my CPU is running slow? 2)What I can do to fix? 3)Why Ad-Aware has ignore and what this means/I should do? 4)Why Symnatec shows and what this means/I should do? Thanks. I'll take a look at your HJT...Your HJT log is fairly clean. Couple of entries, you want to "fix": - O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) - O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) - O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) However those shouldn't affect speed of your computer. You can start with two things: 1. I've noticed, you have few items, which are not needed as startups. You may uncheck them in msconfig: - O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot - O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" - O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (only needed at startup, if you overclock your card) - O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" - O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime - O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" - O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (if...CTFMon is involved with the language/alternative input services in Office XP) - O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 - O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Disabling those startups, should give your computer some new life. 2. I've also noticed, that you have quiet few services running. Some of them may be unnecessary. Go Start&GT;Run, type in: services.msc and compare your list with BlackViper list: http://www.blackviper.com/WinXP/servicecfg.htm

Discussion

No Comment Found

Related InterviewSolutions