pc running very slow. Help

Discussion in 'Windows - Virus and spyware problems' started by dymx, Mar 9, 2010.

  1. dymx

    dymx Guest

    Recently I got a virus on my computer and it caused my computer to run slow and stopped me from accessing the internet. I have scanned my pc with Malwarebytes Adaware se, superantispware, avast, Mcafee and Registry Clean Expert. These programs took a good amount of viruses off my pc. I can access files faster than before but it is still pretty slow. Also, I can only access the internet through mozilla (safe mode). Is there anything I can do to access the internet normally and make my pc faster? Thanks

    I don't know if this is of any use, but here's my hijackthis log
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:34:15 PM, on 3/9/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\RegCure\RegCure.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Registry Clean Expert\RCHelper.exe
    C:\Program Files\Orbitdownloader\orbitdm.exe
    C:\Documents and Settings\Administrator\Application Data\dll\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\Internet Security\Component\Engine\0x24080000\ncfg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\msiexec.exe
    E:\HijackThis\HijackThis.exe

    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
    O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files\ATLAS V14\ATLIECP.DLL
    O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files\ATLAS V14\ATLIECP.DLL
    O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe
    O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
    O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup
    O4 - HKUS\S-1-5-18\..\Run: [OSDBM] C:\WINDOWS\WindowsUpdate\WindowsUpdate.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [OSDBM] C:\WINDOWS\WindowsUpdate\WindowsUpdate.exe (User 'Default user')
    O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: &Translate with ATLAS - C:\Program Files\ATLAS V14\Atlscript.html
    O8 - Extra context menu item: ATLAS Translation &Editor - C:\Program Files\ATLAS V14\AtlscriptEdit.html
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files\ATLAS V14\Atlscript.html
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: DU Meter Service (DUMeterSvc) - Unknown owner - C:\Program Files\DU Meter\DUMeterSvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8868 bytes
     
    dymx, Mar 9, 2010
    #1
  2. madman35

    madman35 Guest

    sounds like you still have a virus on your computer as i read somewhere a few days ago that there was another virus that slows down your pc and wont let you install ANYTHING or search the internet but if it did let you every time you search something with the word VIRUS it shutsdown your pc so all i can say is do another scan of you pc with avast and maybe uninstall NORTON or i think it is now called macafee as they are a huge hod of rescources.

    Hope i helped
     
    madman35, Mar 9, 2010
    #2
  3. jony218

    jony218 Guest

    If all the viruses are gone, your next step is to streamline your security setup. Too much security on your computer will slow you down.

    This is my security setup on my xp sp3 computer
    1. zone alarm firewall (not the suite)
    2. avira free antivirus
    3. firefox browser (not as vulnerable as other browsers)
    4. sandboxie or returnil (Whenever I am in areas of the internet that might be unsafe I surf with my browser in a sandbox).

    Nothing has ever been able to defeat my simple setup. You might also consider using "returnil" instead of forcefield, very powerful software that can defeat all known/unknown viruses.
     
    jony218, Mar 9, 2010
    #3
  4. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    moved to correct forum as not a pc hardware issue. have you tried a system restore thru safemode administrator?
     
    ddp, Mar 9, 2010
    #4
  5. dymx

    dymx Guest

    Thanks to everyone who replied. Every time I try to access the internet through mozilla Firefox I get the message "svchost has encountered a problem and needs to close. We are sorry for the inconvenience" Most of the time I can't access the internet but I can download normally through programs like flashget and orbit. Is there a reason why this is happening.
     
    dymx, Mar 10, 2010
    #5
  6. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    You have a running malware process that is your problem:

    C:\Documents and Settings\Administrator\Application Data\dll\svchost.exe

    This is a “bad guy” the real process runs normally in c:\windows\system32

    “Dealio Toolbar” is also Not Good….

    Attempt to un-install Dealio Toolbar using the add/remove programs in your control panel.

    Then use HJT to fix these lines in your Log (if they still remain)

    R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)

    O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll

    O2 - BHO: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)

    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe

    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)



    Next, use Windows Explorer to navigate to and delete this folder (in Red)

    C:\Documents and Settings\Administrator\Application Data\dll\svchost.exe


    That should clear up your problems….

    2oG
     
    2oldGeek, Mar 11, 2010
    #6

Share This Page