Extremely Sluggish + Internet is screwy

[SacredCultivator]

Dear Readers,

Sorry to link elsewhere but I don't know how long it takes the people at 'piriform' to reply back.

So I thought perhaps there are some users on this forum that know what they are doing when it comes to HiJackThis, cause sorta need to get this PC fixed for Sis given I am always on my PC and she is the same with hers, but she needs it for School purposes so thought I could attempt to get it fixed asap.

So here is the Link, thanks in advance for any help.

[Pacca]

for the log of hijackthis use this

[SacredCultivator]

@Pacca: Yeah I am aware of that site, but never really trusted my own instinct even when using that site, so I prefer if someone just helped me out, like you could paste that for me and let me know what to do =X, thanks.

[Lite]

Have you defragged your hard drive since the upgrade?

Restart the computer several times also and let it idle for about 5 minutes then process idle tasks: Click Start -> Run, Type: rundll32.exe advapi32.dll,ProcessIdleTasks.

Try these two and if they don't work PM me a HJT log and i'll have a look over it....

[Pacca]

@Pacca: Yeah I am aware of that site, but never really trusted my own instinct even when using that site, so I prefer if someone just helped me out, like you could paste that for me and let me know what to do =X, thanks.

i'm not really very, but i can try. if u want u can pm me the hijackthis log

[shought]

You say the problem might be due to malware? Try using Spybot S&D, i love that program. Others say AVG Antispyware is good as well, so you could try that too. And try scanning with Trojan Remover. You should of course first update them both and then do a scan. I'd recommend booting into safe mode and then run the scans. Also try running another antivirus(so not your default antivirus, but another one. If you use Eset's try scanning with Kasperky and the other way around) scan in safe mode. Tell me if that solved some things ;)

Spybot S&D: http://fileforum.betanews.com/detail/Spybo...oy/1043809773/1

Trojan Remover: http://www.simplysup.com/tremover/download.html

Edit: Could you post every log file you get in here too? And i just saw you already used AVG so only Spybot S&D will do. Another thing you can do with Spybot S&D is checking what programs run at startup, a list of that would be nice too. To do this go here: Spybot S&D, Tools, System startup, Export, save the .txt file to your desktop and post it here :) If you see any 'Red' entries then please tell me which on the list were red, because you can't see in the .txt file.

[SacredCultivator]

All rights I actually ran SpyBot and it came up with nothing...

Tried Adware and came up with nothing.

@Lite: Yes I have defragged it... Shall try your other suggestion right now.

EDIT:

Nope that didn't work.

After I finish scanning with a few more apps, shall post a new HiJackThis Log

-----

Updated:

Added both logs...

No 'red' items in the StartUp one.

[shought]

All rights I actually ran SpyBot and it came up with nothing...

Tried Adware and came up with nothing.

@Lite: Yes I have defragged it... Shall try your other suggestion right now.

EDIT:

Nope that didn't work.

After I finish scanning with a few more apps, shall post a new HiJackThis Log

No more idea's from my side, except for one no one ever wants to hear: Reinstall Windows...

[SacredCultivator]

Updated previous post and couldn't attach HiJackThis log so her eit is:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 8:33:02 AM, on 5/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.17184)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\WINDOWS\system32\Rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\AIM6\aim6.exe

C:\Program Files\WallMaster\wallmast.exe

C:\Program Files\ESET\ESET Smart Security\ekrn.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\AIM6\aolsoftware.exe

C:\Program Files\Minefield\firefox.exe

C:\Documents and Settings\Stacey La\Desktop\HiJackThis.exe

C:\WINDOWS\system32\wuauclt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: (no name) - {21C63899-6532-40D7-8379-7ED788B98D28} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [bM7b25ea3a] Rundll32.exe "C:\WINDOWS\system32\jengvhew.dll",s

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - Startup: WallMaster Pro.lnk = C:\Program Files\WallMaster\wallmast.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209325072906

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1188341691249

O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--

End of file - 5190 bytes

[shought]

Cultivator... That log looks perfectly normal. Nothing wrong in my eyes, those problems aren't caused by >>running<< malware. That's something i'm sure about now.

[SacredCultivator]

Hmms actually after runniong soooooooo many anti stuff.. I think it is fixed.. as things seem to be working normally now...

Gee weird...

But anyhow thanks :)

[Samurai]

Have you looked in your startup items to see manually if there's anything there that looks "out of place"?

You could try disabling one by one to see what the cause is, but from what I've read on other forums... AVG did cause some of the issues. Try disabling that one first upon startup. You can always enable it again at a later date.

Easiest way to get to startup, would be to click Start > Run > "msconfig" and I'm sure you'll see what tab to click on :)

[SacredCultivator]

@Samurai: Yeah the first thing I did was chek my StartUp items actually.. and I forgot that instlaling multiple Anti-Virus can cause conflicts, but i had it installed due to piriform's site suggesting it to run for Tests. But failed ot uninstall it after checking.. But after I thought things were 'okay' I uninstalled all the programs that were needed for those tests and well seems things are a-o-k now.

[shought]

@Samurai: Yeah the first thing I did was chek my StartUp items actually.. and I forgot that instlaling multiple Anti-Virus can cause conflicts, but i had it installed due to piriform's site suggesting it to run for Tests. But failed ot uninstall it after checking.. But after I thought things were 'okay' I uninstalled all the programs that were needed for those tests and well seems things are a-o-k now.

Hehe, well i'm glad it worked out somehow. :)

[SacredCultivator]

Now I have another random lame question...

Switche dover to my Laptop to perform a 'repair' so I can instlal SP3 as somehow I can't install it via standalone program... And the way I did it for sis's computer was to just perform a 'repair' of the OS and that allowed me to Upgrade to SP3..

For my Laptop though when I repair (Not via Recovery Console), it loads through all the files and just when it 'completes' (Please wait while Windows XP completes blah blha blah), I get the stupid Blue Screen of Death and I have to turn off the laptop and reboot.

Bahs... Me and always 'experimenting ><'

---

Recovery Console isn't the same right? As I don't want ot format, given I didn't back-up the information ><

[shought]

Now I have another random lame question...

Switche dover to my Laptop to perform a 'repair' so I can instlal SP3 as somehow I can't install it via standalone program... And the way I did it for sis's computer was to just perform a 'repair' of the OS and that allowed me to Upgrade to SP3..

For my Laptop though when I repair (Not via Recovery Console), it loads through all the files and just when it 'completes' (Please wait while Windows XP completes blah blha blah), I get the stupid Blue Screen of Death and I have to turn off the laptop and reboot.

Bahs... Me and always 'experimenting ><'

---

Recovery Console isn't the same right? As I don't want ot format, given I didn't back-up the information ><

;) Safe mode? ;)

And in safe mode try to fix the mess you made :), if you can't: backup your files and do a clean install... Lol, second time i said this today, to the same person ;)

And don't tell me you can't get into safe mode!

[SacredCultivator]

Hehe's I am bleh when it comes to Laptops.. as the commands are slightly different... Not sure how to get ot Safe Mode... More or less when I do... not sure what I would do... given the 'repair' doesn't finish so yeah... it completes copying the files to the Windows Installation Folders but that's about it...

---

EDIT:

Hmm fix the mess? Not too sure what mess I have given that all I did was attempt to 'repair'. Didn't realyl alter any other files.

---

2nd EDIT:

No joke... can't boot in Safe-Mode... F8 does nothing.. and F12 doesn't lead me to Boot-Options, just the order of what devices to boot...

---

3rd EDIT:

I was wrong, going back to Sis's computer... Another StartUp thingy that I don't recognize is 'jengvhew.dll'

Command: Rundll32.exe "C\WindOWS\System32\jengvhew.dll",s

[shought]

Argh... I was joking about 'the mess' but it sucks you can't boot into safe mode, you can't boot at all right? Or can you? Get yourself a Windows XP SP3 integrated boot disk and do a repair from that maybe? Or if you didn't try to install SP3 before get a SP2 integrated disk.

[SacredCultivator]

Bahs screwed to the point where friend helped but it 'erased' the c:/windows so all my files are intact so gonna back them uup and just format and use LastXP (1.6), as already have on cd...

I can easily just 'upgrade' to 1.7 right?

(Possible for alink to it as I checked their site and couldn't find the link =X)

---

EDIT:

Actually nvm I am dl'ing 1.7.2.2

But just curious when 'installing', which 'instlal' do I do?

There is that RAID/SATA and 'safe'