Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Serious Windows Slow-down issue


  • Please log in to reply

#1
Phlegmbot

Phlegmbot

    Member

  • Member
  • PipPipPip
  • 365 posts
I posted a Hijack This and other info in the Malware section, but I'm thinkin' it may not be a Malware issue (although no one has yet confirmed this by looking at the log....sigh)....Anyway, here's where it stands, perhaps someone here has some insight:

I've run Spybot, Symantec, TrueFire, Trojan Remover and a couple of others. Symantec found something called IE404Fix (or something like that) and quarantined it. I've since deleted those quarantined files. I seem to be otherwise clean.

I also used a program called The Ultimate Troubleshooter (great program) and suspended a couple of processes and even deleted a couple of unnecessary startup processes I've been meaning to get to...and I'm STILL running slowly...

Even shutting down and restarting is CRAZY-SLOW. That blue rectangle that moves back and forth beneath the Windows logo as Windows opens? It moves at about 1/3 normal speed.

I've opened up several gigs of space in case it was a space issue. I am considering running defrag but am afraid to do that until I know everything else is clean or that I've done everything I SHOULD do.

Task Manager shows System Idle is using most of the memory space, so that seems fine, and yet I'm almost constantly at 100% CPU usage.


Is this a malware issue? Is there a diagnostics program I should try? ADVICE PLEASE!


Thank you!!

Phlegmbot
  • 0

Advertisements


#2
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
You need to check with malware people, first. If your computer is clean, we'll go from there.
  • 0

#3
Phlegmbot

Phlegmbot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 365 posts
OK!...Thx!...it seems my Symantec finally caught the problem...now I just have to know what to do about it. I'm sure I'll be back! ;]
  • 0

#4
Phlegmbot

Phlegmbot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 365 posts
Hey, Broni!

It looks like I'm clean from the virus...but Windows still runs sluggishly.

Here's the other topic where the convo about the malware is:
http://www.geekstogo...gs-t223293.html

Also, I've noticed that when Windows is ramping-up to get back in from Hibernation, the info that appears (the white writing on the black background) is of a higher resolution than usual (that is, the type is smaller and cleaner). What's that about? COuld that somehow be connected to all this?
  • 0

#5
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
As mentioned in malware section, you were running three AV programs. Right now, you're down to two.
It's a bad idea, simply asking for conflicts.
It doesn't matter, you turned Avast real time scanner off, because you still have Avast services running in real time:

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

If you insist on keeping Norton (which is really poor program), you must uninstall Avast completely, to start with.

You also have a lot of startups. Some of them are unnecessary, but before we go there, I need some more info...
Please, post some computer info:
- processor type, amount of RAM (hold Windows key, hit Pause/Break key)
- hard drive size/free space (open "My Computer", right click on hard drive letter, click "Properties")
  • 0

#6
Phlegmbot

Phlegmbot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 365 posts
Heya!

Thx for the reply...

I turned off Avast's Real-time whatchamathingy...didn't figure out it was on until after I posted that log.

I initially only had Symantec and Spybot, then when I got the virus, the slow-down happened. I DL'd about 5 more in total, running each one manually. I've done a full scan and seem to be clean now (although I should probably do ANOTHER full scan).

Over all, I prefer to have 2 programs, with one running, if you recommend Avast over Symantec, where would you put AVG? It was Avast and Symantec that caught and cleaned the virus...if that means anything.

Intel Celeron M
1.7Ghz
960 MB Ram
80 gig HDD, with 12 Gigs open.

Anyway, thanks again and let me know next steps when you can.

PBot

Edited by Phlegmbot, 09 January 2009 - 05:23 PM.

  • 0

#7
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
1. I'm not allowed to ask you to post HJT, so run it yourself, and see, if those three Avast services are gone (I hope G2G staff won't kill me for this advice :))
Check also, if this is gone:
- O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
2. There is simply no reason to have two AV programs installed. There are on-line scans, there are some other programs, like Superantispyware, and Malwarebytes, which don't run in real time, and are excellent for checking your computer safety.
In my books, as of now, there are two very good, free AV programs: Avast, and Avira.
AVG ver. 8.0 - I've been using AVG on all my computers for many years, but ver. 8.0 is simply bad news; too many problems to list
Norton - huge resource hog, low detection rate, build into the system like a cancer, hard to remove; if you run anti-rootkit program, you'll find Norton's entries there; not dangerous, but that deep built into your system.
3. You're running low on your hard drive free space. Windows needs 15-20% of a free space to run correctly. You're barely at the lower number.
4. You can safely disable following startups:
- ALCMTR.EXE (this file should be also removed from C:\Windows folder)
- TvsTray.exe (if you don't change sound settings 5 times a day)
- TPSMain.exe (leave it alone, if you change Power Saver settings often)
- PadExe.exe (leave it alone, if you use TouchPad to launch/navigate programs)
- SmoothView.exe (leave it alone, if you use zooming options)
- pinger.exe
- CFSServ.exe (leave it alone, if you change computer settings often)
- ctfmon.exe

Edited by Broni, 12 January 2009 - 09:54 PM.

  • 0

#8
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Just to add to what Broni said, which is great advice

When you install security programs, like multiple anti-virus/firewalls, they load a driver each time they boot up. Even if you try disable the program from running on startup, that driver will more than likely be running.

If you have installed five anti-virus programs, even if you have disabled/removed some of them, their drivers are going to be running. Your problem is because of this, I am 100% sure of that.


You honestly need to completely remove all anti-virus programs, and that includes the ones that aren't running
  • 0

#9
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
Thank goodness, I didn't get busted :)
  • 0

#10
Phlegmbot

Phlegmbot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 365 posts
Hiya, Broni!

1. I'm not allowed to post HJT, so run it yourself, and see, if those three Avast services are gone (I hope G2G staff won't kill me for this advice :))
Check also, if this is gone:
- O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

All 4 are still there. If I remove Sytmantec, I shouldn't worry about it, right? That is, if I remove Symantec/Norton, I should just turn Avast! onto it's normal state, yes?

2. There is simply no reason to have two AV programs installed. There are on-line scans, there are some other programs, like Superantispyware, and Malwarebytes, which don't run in real time, and are excellent for checking your computer safety.
In my books, as of now, there are two very good, free AV programs: Avast, and Avira.
AVG ver. 8.0 - I've been using AVG on all my computers for many years, but ver. 8.0 is simply bad news; too many problems to list
Norton - huge resource hog, low detection rate, build into the system like a cancer, hard to remove; if you run anti-rootkit program, you'll find Norton's entries there; not dangerous, but that deep built into your system.


OK, I'll remove Symantec...how do I COMPLETELY wipe it off the HDD? Sounds like it's almost as bad as the Yahoo! toolbar and messenger. :)

3. You're running low on your hard drive free space. Windows needs 15-20% of a free space to run correctly. You're barely at the lower number.

For the last 6 mos., before the IEDefender virus, I was running w/3-6 gigs without any issues. I can assure you these problems I'm having now are NOT related to that. More below.


4. You can safely disable following startups:
- ALCMTR.EXE (this file should be also removed from C:\Windows folder)
- TvsTray.exe (if you don't change sound settings 5 times a day)
- TPSMain.exe (leave it alone, if you change Power Saver settings often)
- PadExe.exe (leave it alone, if you use TouchPad to launch/navigate programs)
- SmoothView.exe (leave it alone, if you use zooming options)
- pinger.exe
- CFSServ.exe (leave it alone, if you change computer settings often)
- ctfmon.exe


I do utilize most of these things frequently enough to keep them running.
What sort of computer settings does CFS control?
I know what Pinger is, but what is ctfmon? (I stopped Pinger...I'm baffled that it's there again.)

Again, please note that ALL of the above were running prior to the virus (but only ONE anti-virus program [Symantec]) for the last 2 years without any slowdown issues whatsoever. ALL of these slowdown problems are a result of something the Spyhunter and IEDefender viruses did (mainly the latter). I got the IEDefender virus when I opened IE "without add-ons" and was doing some random surfing (no, not porn...heck, I'd just say "and I was cruising some hot porn") :) And it was soon after that that the computer slowed down, and not long after that that Spybot first found the IEDefender virus. As said, it was after the slow-down, and the fact that Symantec/Norton missed the IEDefender virus, that I began DL'ing other A-V programs in a panic.

So whatever the problem is at this point, this advice and these tips, while VERY much appreciated are NOT getting to the root of the issue. I need other ideas pretty, pretty please!
  • 0

Advertisements


#11
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
Well, we have to take it, one step at a time. First, we'll eliminated existing issues, and then we'll go from there.
1. Yes.
2. Use Norton Removal Tool: http://service1.syma...005033108162039. If the computer could talk, he'd say: Thank you :)
3.

I was running w/3-6 gigs without any issues

Little things add up, and at some point "the bucket is full".
4. cfsserv.exe is a process belonging to Toshiba's ConfigFree utility and searches for Wireless Devices
ctfmon.exe is part of M$ Office, and it's only needed, if you use more than one language in Office
I'm not sure why pinger.exe is back. How did you disable it?
  • 0

#12
Phlegmbot

Phlegmbot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 365 posts
RE: disabling pinger: I used a program called The Ultimate Troubleshoot. I'm wondering if I accidentally chose "suspend" rather than "Terminate" task in this thing. It's a neat, little program that -- if you buy the full version -- explains what each task is. An image of the program is below. Do you agree with the startup programs it marked as NOT OK (meaning, I should disable them).

BTW, I also need ConfigFree -- I use it quite a bit when I'm out and about w/the computer.

UPDATE:
In MSCONFIG I'm seeing Acrotray -- I can disable that too, yes?

Under it, however, is something with no name at all. It's just blank. Nothing under command and location is:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

And, while all of this helpful, none of these changes have affected how the computer runs even 1 iota, so I gotta tell ya, this slowdown still MUST be related to the virus. It's when it started and it's the same kind of issue as when I was infected last weekend. So perhaps I need more Malware help. I'm still open to suggestions.

Thx once more!

CropImage.jpg

Edited by Phlegmbot, 10 January 2009 - 01:53 AM.

  • 0

#13
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
I'm not familiar with either program, but simply make sure, pinger is disabled in msconfig.
An excellent, free program to do those tasks, Autoruns: http://technet.micro...s/bb963902.aspx
  • 0

#14
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
I can see all startups from your HJT log, so whatever is safe to disable is listed in my reply #7.
  • 0

#15
Phlegmbot

Phlegmbot

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 365 posts
Hey, Broni!

I'm waiting to find out if I'm clean of viruses from the Malware forum. I THOUGHT I was, but then Avast! found win32.

I've since done a full scan, but there's been no other warnings from the a-v software.

So please let me know if you've other suggestions. Thx! And I'll let you know if I hear anything from the Malware folks.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP