[myrti]

Have you updated avast since this happened? It sounds as if Avast took a hit and is working in overdrive when you boot into normal mode.

reagrds myrti

[Advertisements]

No, I haven't updated Avast. I can't do anything unless I'm in safe mode. I've got to run the FSS scan you asked for in safe mode. When I restarted regularly, the computer just won't respond.

[Bulldog04]

No, I haven't updated Avast. I can't do anything unless I'm in safe mode. I've got to run the FSS scan you asked for in safe mode. When I restarted regularly, the computer just won't respond.

[Bulldog04]

Here is the FSS Log: (I did have to run it in Safe Mode)

Farbar Service Scanner Version: 01-03-2012
Ran by Dana (administrator) on 06-03-2012 at 12:44:43
Running from "C:\Documents and Settings\Dana\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A00000004000000010000000200000003000000090000005600000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

[myrti]

Can you please perform a clean boot and see if you can boot into windows normal mode then: http://support.microsoft.com/kb/310353

[Bulldog04]

Clean boot done. Here is the new FSS log:

Farbar Service Scanner Version: 01-03-2012
Ran by Dana (administrator) on 06-03-2012 at 13:21:10
Running from "C:\Documents and Settings\Dana\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A00000004000000010000000200000003000000090000005600000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

[myrti]

Hi,

I'm going to assume your PC is running better now? Could you try to uninstall and reinstall avast?

regards myrti

[Bulldog04]

Yes, it is running better now. I will try to uninstall and re-install avast. It still sounds like it's running constantly and still quite slow, but at least I could open the browser this time.

[Bulldog04]

Better did not mean fixed. Still got the whirring noise. There IS something running that I can't control.

[myrti]

Hi,

did you reinstall Avast? Have you checked in Taskmanager if something is running at 100% cpu usage?

regards myrti

[Bulldog04]

Something is running at 100%. Yes I did uninstall and re-install Avast.

[myrti]

Hi,

are you seeing what that soemthing is in taskmanager? Can you give me the name of it?

[Bulldog04]

No, I tried to look at the screen just says CPU Usage and CPU usage history. I can't get back to the process and other tabs.

[myrti]

Hi,

what happens when you try to go back to the CPU usage page? Is it empty? Can you try to use Process Explorer isntead of the task manager: http://technet.micro...ernals/bb896653
Just unzip the file and double-click to launch it.

regards myrti

[Bulldog04]

Now what?

[myrti]

Check which process uses the most CPU and give me the name of it.

regards myrti