Jump to content


Photo

Computer Painfully Slow


  • Please log in to reply
8 replies to this topic

#1 SW76

SW76

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 06 June 2004 - 10:45 PM

About 1 week ago, my computer slowed right down. Anytime an application is opening, my task manager says my CPU usage is 100%. I've got a 1.5 GHz Intel Pentium 4 with 256 MB of RAM. I'm running Windows XP.

Once this problem became apparent, I removed all unnecessary files (music, mpegs, games), deleted temporary internet files and cookies, defragged, scanned with Ad-Aware, Spybot S&D, and Norton Antivirus. I also run Spyware Blaster & Spyware Guard, so I don't think spyware is the cause. Memory shouldn't be an issue either as I still have over 20 GB available (54% of drive).

Here's my Hijack This Log:

Logfile of HijackThis v1.97.7
Scan saved at 6:26:18 PM, on 6/6/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\System32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS.0\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\WINDOWS.0\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS.0\System32\cidaemon.exe
C:\Documents and Settings\Dick.YOUR-7M1V6BAMZG\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.411mania.com/wrestling/411wrestlingindex.php
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.0\System32\msdxm.ocx
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS.0\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BearShare] C:\Program Files\BearShare\BearShare.exe /m
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS.0\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Startup: Check For Dope Wars Updates.lnk = C:\Program Files\Dopewars\WiseUpdt.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Bridge - http://download.games.yahoo.com/games/clients/y/bt0_x.cab
O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/games/clients/y/yt1_x.cab
O16 - DPF: Yahoo! Cribbage - http://download.games.yahoo.com/games/clients/y/it1_x.cab
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/games/clients/y/et1_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab
O16 - DPF: Yahoo! Spelldown - http://download.games.yahoo.com/games/clients/y/sdt1_x.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone-dev.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - http://207.82.221.103/0202948ee801c1b69919/netzip/RdxIE.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/28bed2b959c0f90f2a00/netzip/RdxIE601.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {7CF052DE-C74F-421B-B04A-3B3037EF5887} (CCMPGui Class) - http://64.124.45.181/chaincast/proxy/CCMP.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37422.735787037
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/hitthepros03/foxsports/wtinst.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw8fd.law8.hotmail.msn.com/activex/HMAtchmt.ocx

Any help is much appreciated.

#2 SW76

SW76

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 07 June 2004 - 10:45 AM

Bump

Anyone see anything odd?

#3 no2spyware

no2spyware

    Member

  • New Member
  • Pip
  • 1 posts

Posted 07 June 2004 - 01:46 PM

You sure have enough stuff running to make a machine dizzy....
Anyway, Do you have an HP Printer?
If so, did you update the drivers or possibly just install it?
Check this out if so....

Click Here

....Other than that, I would clean up your startup and run a virus scan....

#4 SW76

SW76

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 07 June 2004 - 04:56 PM

No HP printer, Canon BJC.

Explain "clean your startup"? Not sure I know how or what you mean.

#5 SW76

SW76

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 07 June 2004 - 10:59 PM

Update:

The process using most of the CPU is: symproxysvc.exe

Nearest I can tell it's related to Symantec/Norton. When I disconnect my firewall, everything goes back to normal speed. I'm gonna reinstall Norton and see if that helps.

#6 Roland of Gilead

Roland of Gilead

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 07 June 2004 - 11:29 PM

Update:

The process using most of the CPU is: symproxysvc.exe

Nearest I can tell it's related to Symantec/Norton.  When I disconnect my firewall, everything goes back to normal speed.  I'm gonna reinstall Norton and see if that helps.

Yup, you guessed right.

See HERE for info.

First, try updating your Norton products, the firewall in particular.

If updating does not resolve your problem, then I suggest uninstalling Norton firewall and downloading and using a different firewall until Symantec has a fix for this well documented problem.

Zonealarm - http://www.zonelabs.com [FREE]

Sygate Personal Firewall http://smb.sygate.co...pf_standard.htm [FREE]

Hooah!

*EDIT*
Further, IMHO the following may be chewing up valuble system resources, perhaps consider not having all or some of these starting at boot.

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

O4 - HKLM\..\Run: [BearShare] C:\Program Files\BearShare\BearShare.exe /m

O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS.0\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

O4 - Startup: Check For Dope Wars Updates.lnk = C:\Program Files\Dopewars\WiseUpdt.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE


Just my $0.02, I am not a certified expert (although I may be certifiable... however I digress...)..


;D

Edited by Roland of Gilead, 07 June 2004 - 11:42 PM.


#7 SW76

SW76

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 07 June 2004 - 11:47 PM

Thanks alot for your help.

Reinstalling Norton Internet Security fixed all my problems.

How do I go about stopping those from running at boot?

#8 Roland of Gilead

Roland of Gilead

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 08 June 2004 - 12:03 AM

How do I go about stopping those from running at boot?


Click Start, click Run, type in:
msconfig
press Enter.

In the window that opens, click the Start Up tab, here you can disable start up items.

You can often times also disable "auto-update" and auto-start "helper" features from within the Settings or Options of programs that you see in your start up group.

You can download a free small program called StartUpList HERE
"A simple tool that lists all and every auto starting program on your system. You might be surprised what it finds, this is way better than Msconfig. Commonly used to troubleshoot malfunctioning systems, trojan/viral infections, new spyware/malware breed and the likes."

I'm quite anal about system resources and startup... I have the bare minimum starting when Window$ starts.

Best of luck to you.

Edited by Roland of Gilead, 08 June 2004 - 12:04 AM.


#9 SW76

SW76

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 08 June 2004 - 09:38 AM

Thanks alot for all your help, Roland. :D




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button