# My computer is running EXTREMELY slow. Please help me bring it back to the way it was



## hewwo2u2 (Jan 10, 2009)

My computer is running EXTREMELY slow. I absolutely dread restarting it, and just opening a program like Word leaves me with an hourglass for several minutes before I can even begin to type anything. There are currently 74 processes running on my computer according to Windows Task Manager. Some of these processes I recognize as things I have attempted to remove from my computer but always seem to reappear out of the blue (ie. Aol software). Ive run Spybot and have attempted to close startup programs that I dont want, but there are MANY things that I have no idea what they mean. I cant help but feel that there is a load of unwanted programs that I dont even know exist running but I dont know what to do to remove them. There are also many services that are running and I would really like for someone to help me decide which of these processes and services I need to keep and which should be removed or stopped. I have been told to consider reformatting and reinstalling windows, but I thought Id give this site a shot first to see if the problem can be fixed instead since I do not have a windows cd right now (it came on the computer). I went to the Gateway Support website and scanned my system for its current configuration which is supposed to provide detailed information about my system as it is currently configured. It listed a summary of data as well as the hardware and software (running and installed) on my computer. If any of this information is helpful in deciding whats wrong with my computer, please let me know what you want to know as there are a lot of things listed. Ive already run spybot and both of my anti virus programs are 

I also have a question about something I noticed. When looking at the summary of the information the Gateway website provided I saw that under Memory it said: 
1024MB physical 
90% free resources
2 memory slots, 0 free (512+512)

HOWEVER, under the performance tab of my windows task manager where it says Physical Memory (MB) it says:
Total: 893
Cached: 289
Free: 1


Now Im not sure what any of this means but I do know that my computer says it came with 1 GB of RAM. I also know that this is not enough and is a big reason why my computer runs so slow. Still, my computer used to be much faster despite the low amount of RAM, so something has to be slowing it down. I plan on buying more as soon as I have the money (Im a poor college student) but in the meantime, I would like to fix the original problem. I dont know much about computers but Im pretty sure that physical memory is RAM. If this is the case, then shouldnt I expect to see total: 1024 rather than 893? I know that this amount probably doesnt make much of a difference, but I cant help but wonder how I can just lose over 100 MB of RAM like that?? It cant just grow legs and walk awaycan someone shed some light on this?


----------



## Rich-M (May 3, 2006)

Onboard video card is holding back the missing ram. You need to start by installing hijack this and then scanning with it and posting a log here:
http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html


----------



## new tech guy (Mar 27, 2006)

Dont forget the fact that superfetch is sucking that ram down. People tell me it will suck down everything up to 4 gb, when you go over that number you will finally start to see freed up ram. All superfetch is is a new version of the prefetch used in xp where it loads parts of programs into memory for quicker launching later.


----------



## Hughv (Jul 22, 2006)

The "missing" RAM is being used by the video subsystem. That's standard for onboard video.
Is this Vista?
If so, you can control startup programs by using "Software Explorer" in Windows Defender/Tools.
More help is here:
http://www.beingmanan.com/wp/2008/11/control-startup-programs-in-vista-with-windows-defender/
http://apcmag.com/how_to_take_control_of_vista_startup.htm


----------



## fairnooks (Oct 1, 2007)

Unfortunately you're using a 1.6 Turdion laptop with onboard video trying to run Vista. That's a pretty lethal combination even starting out fresh. By all means check out the startup and runtime components, you should get some improvement but there should be a factory image partition and/or the opportunity to make restore DVDs so that you could start out fresh (all my desktop Gateways have it, or in one case I got a full install disk). 

Even installing fairly benign and resource-"light" security on such a system is going to significantly slow it down again so in this case you will have to run the bare essentials to keep the response time tolerable.


----------



## flavallee (May 12, 2002)

74 running processes in Windows Task Manager is too many. Your computer obviously has too many unnecessary programs running in the background. Post a HijackThis log here so we can assist you in trimming down the startup load.

You're also running Vista Home Premium with only 1024 MB of RAM and probably have the aero glass and other visual effects enabled, so that's slowing down your computer even more. It's my guess that the on-board display adapter has 128 MB of RAM dedicated to its use, so that leaves only 896 MB of RAM to run Vista and all the other programs.

According to the CRUCIAL site, your computer supports a maximum of 2048 MB of DDR2 PC2-5300 RAM. A 2048 MB kit(2 - 1024 MB modules) can be purchased from the site for only $26.00 plus shipping. I strongly suggest you do it.

-----------------------------------------------------------------


----------



## karbo (Sep 3, 2003)

flavallee said:


> 74 running processes in Windows Task Manager is too many. Your computer obviously has too many unnecessary programs running in the background.


74!!!  What's on that computer! It's way too many.


----------



## flavallee (May 12, 2002)

karbo:

I have no doubt at all that the lack of RAM and the bloated startup load is what's making that computer run like a snail. 

-----------------------------------------------------------------

hewwo2u2:

Get a HijackThis log posted here. We're at a standstill until then.

------------------------------------------------------------------


----------



## Rich-M (May 3, 2006)

flavallee said:


> karbo:
> 
> I have no doubt at all that the lack of RAM and the bloated startup load is what's making that computer run like a snail.
> 
> ...


I think there has to be more than that, but no one is rushing to show us a hijackthis log, so until then we are guessing and need to move on to where we get some better response?


----------



## flavallee (May 12, 2002)

Rich:

I agree with you. There may be additional problems(an infestation of spyware/malware/viruses, a large buildup of temp/junk files, etc.) that we're not aware of yet.

Let's see what the log shows - if one gets posted.

----------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

wow! thanks everyone for such a quick response! Sorry for the delay- I posted last night right before leaving the house and when I returned I went straight to bed. I promise I will be on this thing all day today as to not make anyone wait anymore. I really appreciate everyone's help! I am downloading HiJackThis right now and will post a log ASAP.


----------



## hewwo2u2 (Jan 10, 2009)

fairnooks said:


> Unfortunately you're using a 1.6 Turdion laptop with onboard video trying to run Vista. That's a pretty lethal combination even starting out fresh. By all means check out the startup and runtime components, you should get some improvement but there should be a factory image partition and/or the opportunity to make restore DVDs so that you could start out fresh (all my desktop Gateways have it, or in one case I got a full install disk).
> 
> Even installing fairly benign and resource-"light" security on such a system is going to significantly slow it down again so in this case you will have to run the bare essentials to keep the response time tolerable.


when I saw that it only came with one Gig of RAM I was wondering why it would come with Vista. And this onboard video that is using RAM...I find this a little unfair. Like false advertisement or cheating, no? If they are going to say there is X amount of RAM, someone like me would expect to get that much available. I guess that's sales...


----------



## hewwo2u2 (Jan 10, 2009)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:11:35 PM, on 1/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Users\Jessica\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6456
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jessica\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8036 bytes


----------



## hewwo2u2 (Jan 10, 2009)

fairnooks said:


> there should be a factory image partition and/or the opportunity to make restore DVDs so that you could start out fresh (all my desktop Gateways have it, or in one case I got a full install disk).


I do remember seeing an option to restore the computer back to its factory condition, but someone told me that even new computers with factory default have extra "junk" that is included that I would never use. He recommended I reinstall Windows instead. What's your opinion on this? The problem is I don't have a Windows disk that I know of.


----------



## hewwo2u2 (Jan 10, 2009)

Hughv said:


> The "missing" RAM is being used by the video subsystem. That's standard for onboard video.
> Is this Vista?
> If so, you can control startup programs by using "Software Explorer" in Windows Defender/Tools.


Yes, this is Vista. One of the first things I did was remove programs via Software Explorer; however, I did not remove very many due to not knowing whether or I not I needed some of the things that were there. :/


----------



## new tech guy (Mar 27, 2006)

Oh whoops, sorry i misunderstood the OP, I had a similar machine in my home like that with one of those vista upgrades, it ran fine under windows xp but once i loaded vista it was such a dog that i took it back off and reinstalled the pc with xp. If it is one of these upgrade computers your best bet for performance is to probably just downgrade it to windows xp. But yes if you gut the machine to bare bones pretty much you will get OK performance, although as long as it only has a gig of ram i wouldnt run vista on it.


----------



## hewwo2u2 (Jan 10, 2009)

what is BigFix? It is one of the many things that came on my computer but I only remember using it once when it said it found a problem. Is it another thing to take up room on my computer or is it a good thing to have? I'm always hesitant to remove programs that are designed to fix things so this is why I still have it...


----------



## new tech guy (Mar 27, 2006)

I think that gateway i owned had it and i removed it, if software needs to update, it usually has its own updater that will do it. I would toss it honestly.


----------



## hewwo2u2 (Jan 10, 2009)

good to know- thank you new tech guy


----------



## Rich-M (May 3, 2006)

Well the first thing I see is Avg and MacAfee antivirus installed and that is a no no.
Pick one and uninstall the other. That could be the whole issue actually.


----------



## hewwo2u2 (Jan 10, 2009)

Rich-M said:


> Well the first thing I see is Avg and MacAfee antivirus installed and that is a no no.
> Pick one and uninstall the other. That could be the whole issue actually.


 The only reason I decided to keep them both was because sometimes one of them finds a problem that the other one does not. At one time I had 3 trojans; 2 of them were found with one program and 1 with the other. This was very disturbing to me as I don't want to miss anything. If I must remove one of them, could you please inform me as to which of the 2 is the better one? I am using the free edition of AVG. The McAfee is a licensed copy the I got from school.

I have to disagree with the idea of this being the _whole _issue though. I've had both programs for a while and my computer has not been this slow for that long. This also does not solve the issue I have with the 74 processes running. Thank you for the catch though. It makes sense that this would also slow me down.


----------



## new tech guy (Mar 27, 2006)

Well if one came with the computer (its safe to assume mcafee) it is probably an out of date trial. Also has a large footprint, where avg has a small one so due to your system spec i would say ditch mcafee.


----------



## hewwo2u2 (Jan 10, 2009)

new tech guy said:


> Well if one came with the computer (its safe to assume mcafee) it is probably an out of date trial. Also has a large footprint, where avg has a small one so due to your system spec i would say ditch mcafee.


I checked and I was wrong. neither came with the computer. I have the real version of Mcafee and the free version of AVG. sorry about that
and this "foot print" that you speak of...if I remove the program can I be sure that everything has been removed?

does this mean that the free version of AVG is just as good as a purchased program? What is the difference?


----------



## new tech guy (Mar 27, 2006)

Ok regardless of this i know mcafee has a large system footprint where avg is much smaller, is your mcafee subscription still active? If so you could keep it if you wish but you must get rid of avg, however, bear in mind mcafee could be a large cause of slowdown due to how big it is where avg is very small and simple and therefore has less bloat.


----------



## hewwo2u2 (Jan 10, 2009)

I just know that I currently have the full updated version of McAfee VirusScan Enterprise 8.5.0i. (I got it from school)
I have the free version of AVG. 
Both programs are still working.

I definitely want what will make my computer run faster but at the same time I do not want to be exposing my computer to things that the free version of AVG may not protect it from. This is why I'm asking other than size, what is the difference between the two? I do not have the money right now to purchase the full version of AVG so I want to make sure that if I delete the McAfee, that whatever it is that was paid for is not something I need. I hope that made sense. :/


----------



## new tech guy (Mar 27, 2006)

Avg is a good virus scanner as well, it has been running on my main pc for some time now and hasnt let any infections in, and many users of this forum use it as well. I know how much of a pig McAfee is from personal use experience of having it on a slower computer which slowed it to a crawl. Avg really does not affect the performance of the pc at all/marginal difference but still provides great protection. If you paid for Mcafee i would personally try to cancel the subscription and get a refund, then keep avg free.


----------



## fairnooks (Oct 1, 2007)

> I do remember seeing an option to restore the computer back to its factory condition, but someone told me that even new computers with factory default have extra "junk" that is included that I would never use.


Sure is extra junk but if you use a program like PCDecrapifier and uninstall anything else you won't be useing after restoring you can get a pretty clean system.



> Like false advertisement or cheating, no? If they are going to say there is X amount of RAM, someone like me would expect to get that much available. I guess that's sales...


You were indeed bamboozled, there was something called VistaReady and VistaCapable or somesuch and the wording made all the difference as far as performance goes. I heard there was a class action suit against Microsoft because of it but I never followed up on its progress or validity.


----------



## Rich-M (May 3, 2006)

hewwo2u2 said:


> The only reason I decided to keep them both was because sometimes one of them finds a problem that the other one does not. At one time I had 3 trojans; 2 of them were found with one program and 1 with the other. This was very disturbing to me as I don't want to miss anything. If I must remove one of them, could you please inform me as to which of the 2 is the better one? I am using the free edition of AVG. The McAfee is a licensed copy the I got from school.
> 
> I have to disagree with the idea of this being the _whole _issue though. I've had both programs for a while and my computer has not been this slow for that long. This also does not solve the issue I have with the 74 processes running. Thank you for the catch though. It makes sense that this would also slow me down.


Neither one is much good so take your choice. Avg has less system drag is all I can suggest.
As to you don't think that can make the whole difference, trust me I am a working professional in the industry and it can be the entire problem, regardless of whether it was an instant slowdown. If you want to be sure nothing gets in, buy a good antivirus like Nod32, Bit Defender or Kaspersky. Using 2 mediocre ones is not the answer.


----------



## new tech guy (Mar 27, 2006)

Ive been using avg free for years and it has yet to do me any harm, i do know some of the malware remover workers here use it and say it works well for their machines.


----------



## Rich-M (May 3, 2006)

new tech guy said:


> Ive been using avg free for years and it has yet to do me any harm, i do know some of the malware remover workers here use it and say it works well for their machines.


I didn't say it would harm you, just that it is adequate and there are many a lot better. The user is afraid of missing things and rightly so so I merely suggested you get what you pay for and free is free!

The three I suggested incidentally will repel viruis and spyware, not simply let it in and remove it as the ones mentioned and most others do.


----------



## hewwo2u2 (Jan 10, 2009)

Thanks for the info, Rich-M. I will look into these other programs. And I didn't mean to sound like I was questioning your knowledge on the subject earlier. What I was trying to say was that even if it is slowing my computer significantly it still didn't explain the 70+ processes that are running that I need help sorting through. Sorry for the misunderstanding there. I really do appreciate the help that you guys are offering.


----------



## new tech guy (Mar 27, 2006)

Well if the user wants to remain free and have slightly stronger performance, they could use avast! By what i see, the resident sheild in that is much more agressive than AVG. Although i find both very good. Different strokes for different folks.


----------



## hewwo2u2 (Jan 10, 2009)

Rich-M said:


> so I merely suggested you get what you pay for and free is free!


Rich-M, I am very sorry if I'm starting to sound like a broken record, but can you please confirm for me that AVG _free _is as good or better than a _paid for_ full version of McAfee Enterprise? I'm asking this because of all the other things that the McAfee provides on top of the virus protection that I can get from AVG only if I pay the $55 to buy the full version. AVG free only protects from viruses. And I've even heard that AVG has been known to fail when it comes to atually removing viruses. I guess I just want to be sure that I don't need all the extra "perks" on my McAfee that AVG free does not offer.

I think I'm going to get Kaspersky since this is one I've heard others says good things about as well. I just want to make sure I have the best protection I can have right now until I can afford to buy another program.

Also, can someone tell me where I need to go to see how much longer my subsciption is good for?


----------



## new tech guy (Mar 27, 2006)

If the mcafee subscription is from your college, then they manage it. But we are saying due to its bloat, again that it is probably a large reason your computer is slow. In terms of firewall, a known free one is comodo. http://www.personalfirewall.comodo.com/ About three times on my school network it stopped an unsolicited NETBIOS session coming from the school's DNS server.


----------



## hewwo2u2 (Jan 10, 2009)

Okay I guess that's enough reason for me to dump it then. What can I do to make sure everything gets uninstalled? If it leaves such a big foot print I don't want anything left behind. I've read that people are having to use McAfee uninstaller programs in order to completely remove it. Am I going to have to buy one of these to be sure that I've removed it? I hate the idea of having to download and even possibly pay for another program just to remove the one I have! sheesh


----------



## new tech guy (Mar 27, 2006)

Just removing it through add/remove programs should get rid of it, not like you have norton!


----------



## Rich-M (May 3, 2006)

hewwo2u2 said:


> Rich-M, I am very sorry if I'm starting to sound like a broken record, but can you please confirm for me that AVG _free _is as good or better than a _paid for_ full version of McAfee Enterprise? I'm asking this because of all the other things that the McAfee provides on top of the virus protection that I can get from AVG only if I pay the $55 to buy the full version. AVG free only protects from viruses. And I've even heard that AVG has been known to fail when it comes to atually removing viruses. I guess I just want to be sure that I don't need all the extra "perks" on my McAfee that AVG free does not offer.
> 
> I think I'm going to get Kaspersky since this is one I've heard others says good things about as well. I just want to make sure I have the best protection I can have right now until I can afford to buy another program.
> 
> Also, can someone tell me where I need to go to see how much longer my subsciption is good for?


AVG has some spyware protection as well as virus protection but it is at least equal to MacAfee and either is at best "adequate". Good move with Kaspersky, you will be much better protected.


----------



## new tech guy (Mar 27, 2006)

Rich-M said:


> AVG has some spyware protection as well as virus protection but it is at least equal to MacAfee and either is at best "adequate". Good move with Kaspersky, you will be much better protected.


Side question, kapersky has a small footprint correct?


----------



## hewwo2u2 (Jan 10, 2009)

I have unistalled McAfee via Windows Control panel. Can someone please tell me where to go in my computer just to make sure that everything has been removed and nothing sneaky has been left behind?

Also I still have over 70 processes running.


----------



## hewwo2u2 (Jan 10, 2009)

new tech guy said:


> Side question, kapersky has a small footprint correct?


according to a guy that recommended it to me, it is apparently very small.

When reading about it on another forum (www.techspot.com) one guy that uses it said that he "found that its actually lighter on system resources than AVG, using only 13MB of RAM."

BitDefender on the otherhand, has been voted #1 when it comes to virus protection on multiple sites and is even more appealing to me because it costs significantly less. ($25)

When it comes to system resources, according to what I've read, kapersky and Nod32 have the smaller foot prints with Nod32 using even less resources. I have my eye on Kaspersky though because it seems to be a happy medium between the other two...? http://anti-virus-software-review.toptenreviews.com/


----------



## Rich-M (May 3, 2006)

Yes small footprint like Nod32.


----------



## hewwo2u2 (Jan 10, 2009)

so now that I've removed the AV program, do you have any more advice? Should I post a new HiJackThis log? Should I take a screen shot of the processes listed in task manager? I've been sitting at the computer all day today so as not to make anyone wait for any more info needed from me but I have to go to bed soon since I have an 8am class. :/


----------



## new tech guy (Mar 27, 2006)

OH ok, i wasnt doubting its protection, ive heard of the name before and knew it was good. Just wanted to make apparant that there are free alternatives that many users have been content with.


----------



## hewwo2u2 (Jan 10, 2009)

ok well i am going to bed now..hopefully someone will respond tomorrow when I get back from school.


----------



## new tech guy (Mar 27, 2006)

How is the machine running after the mcafee removal?


----------



## flavallee (May 12, 2002)

Now that you've uninstalled McAfee, you want to make sure that all the remnants of it are gone. Go here so you can download and run the McAfee removal tool. Restart your computer afterwards.

Two pages of replies has been posted since your last HijackThis log, so please post a new log - after you run the McAfee removal tool and restart.

-------------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

new tech guy said:


> How is the machine running after the mcafee removal?


it is still slow :/


----------



## hewwo2u2 (Jan 10, 2009)

flavallee said:


> Now that you've uninstalled McAfee, you want to make sure that all the remnants of it are gone. Go here so you can download and run the McAfee removal tool. Restart your computer afterwards.
> 
> Two pages of replies has been posted since your last HijackThis log, so please post a new log - after you run the McAfee removal tool and restart.
> 
> -------------------------------------------------------------------


I will download and re post right now. Thank you!


----------



## hewwo2u2 (Jan 10, 2009)

I have now downloaded and run this removal tool..is there anything I need to do now to remove whatever it is I just downloaded or did it remove itself?


----------



## hewwo2u2 (Jan 10, 2009)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:39 PM, on 1/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Jessica\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6456
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jessica\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7013 bytes


----------



## hewwo2u2 (Jan 10, 2009)

question: why does HiJackThis continue to run in the background after I've exited it? Is this something I need to remove once the problem is fixed?

I will be back tomorrow afternoon to read any responses. Thank you in advance!


----------



## flavallee (May 12, 2002)

Did you just download and save the McAfee removal tool, or did you actually run it and let it remove the remnants of McAfee? If you actually ran it, it would've advised you when the process was completed and then to restart your computer.

----------------------------------------------------------------

HijackThis does not run in the background. The only time it runs is when you open its main window and then run a scan with it. After you're done with it and close it, it doesn't do anything until you open it again.

----------------------------------------------------------------

Other than:

*Windows Defender

AVG7

SynTPEnh*

no other programs in the O4 list need to run in the background.

-----------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

flavallee said:


> Did you just download and save the McAfee removal tool, or did you actually run it and let it remove the remnants of McAfee? If you actually ran it, it would've advised you when the process was completed and then to restart your computer.


yes, it said to restart to computer in order to remove all the components



flavallee said:


> HijackThis does not run in the background. The only time it runs is when you open its main window and then run a scan with it. After you're done with it and close it, it doesn't do anything until you open it again.


After I restarted the computer I proceeded to run a new log to post on here, but an error occurred when I attempted to run HiJackThis telling me to try to run it again by right clicking and selecting "run as administrator". After I clicked OK, it continued to scan anyway. I then exited the program and the log and attempted to run HiJackThis again as administrator but the program would not open because it said it was already in use (even though I had exited it). I found it in Windows Task Manager listed as one of the many processes I have running on my coputer and clicked "end process". I was then able to open and run HiJackThis and produce the log posted above. This is the reason I asked why it runs in the background...I was curious as to why it didn't close when I exited the program.


----------



## hewwo2u2 (Jan 10, 2009)

Do you think the processes are part of what is causing my computer to run so slowly? Would it be helpful if I took a screen shot of the processes I have running right now? Windows Task Manager currently says I have 69 processes running.


----------



## flavallee (May 12, 2002)

69 processes is way too many.  :down:

I have 25 - 26 processes right after startup, but I keep a very lean startup load.

Other than AVG8, Windows Defender, and ctfmon.exe, I have nothing else running in Start - Run - MSCONFIG - OK - "Startup" tab.

Most of my Services list(Start - Run - SERVICES.MSC - OK) is also set to "Manual".

You should make use of these 2 sites:

http://www.sysinfo.org/startuplist.php?type=&filter=&count=100&offset=0

http://www.blackviper.com/WinXP/servicecfg.htm

-----------------------------------------------------------------


----------



## new tech guy (Mar 27, 2006)

I should add to what flavallee said about black viper. If your unsure what you are doing, just use his "safe" option as it is least likely to cause problems. Also, if msconfig is misused it can cause trouble booting, so unless you know what it is, leave it alone. furthermore, we are dealing with vista, not xp folks. vista is a much bigger operating system than xp and it is typical to see steep process lists in vista. I know my machine is running with 71 processes at the moment, although it is vista home premium on 3 gb of ram. the 71 include the task manager, firefox, and aim 5.9, which is only one process. If you want to lighten the machine, i would honestly just look into an xp downgrade.


----------



## flavallee (May 12, 2002)

Oops! I forgot the log was Vista and not XP. 

New Tech Guy is correct in that Vista will have more running processes than XP. My Vista desktop has 39 running processes right after startup and before opening any browser windows or programs.

And to add to what he said about the Black Viper site, the "Safe" column is the best place to start out, if you want to research and edit the Services list.

-----------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

sorry I took so long to reply. School has been pretty busy lately. Okay, so I should still try and reduce some of the processes but now by using misconfig since I do not know what I'm doing, correct?

I would like to keep vista if I can, and I plan on buying more RAM as soon as I have the money, so hopefully that will help.

So does this mean you don't see anything in the HighJackThis Log? If not, should I delete the program?

Also if you don't see anything wrong, then what do you think is the main reason my computer is such a snail? Is it just that I have too much stuff on it? The thing is, I've been using the same amount of programs for a long time now and it hasn't been this slow for that long. I just wanted to remove whatever it is that happened between then and now. This gets so frustrating.  

I am going to go check out these sights now. I appreciate all your patience.


----------



## new tech guy (Mar 27, 2006)

Another thing you could do in vista is turn off the aero effects, to do that, right click the desktop>personalize. then click window color and appearance. Then click to open the classic properties pane and select either vista basic or windows classic and hit apply. Should lighten up vista a bit if it doesnt have to load the bloated aero effect. (linux did similar layouts that use a fraction of the recources, microsoft should take a page from their book).


----------



## hewwo2u2 (Jan 10, 2009)

I just realized the black viper one is only for xp. is there a link you can give me for vista? What about the other site? If I use the other site, what do you suggest I do in order for my changes to basically equal those of the "safe" column on the other site? Also it says something on black viper about backing up before I make changes. This sounds complicated as I'm not sure I would even know how to use the backup files if I needed them. Is "system restore" not sufficient enough if I realize I've done something wrong?


----------



## hewwo2u2 (Jan 10, 2009)

new tech guy said:


> Another thing you could do in vista is turn off the aero effects, to do that, right click the desktop>personalize. then click window color and appearance. Then click to open the classic properties pane and select either vista basic or windows classic and hit apply. Should lighten up vista a bit if it doesnt have to load the bloated aero effect. (linux did similar layouts that use a fraction of the recources, microsoft should take a page from their book).


what is the difference between aero and basic? from the preview they look the same....


----------



## hewwo2u2 (Jan 10, 2009)

another question:
when ending processes, services, and startup programs what are the differences between doing it via msconfig, windows task manager, and windows defender? Which one should I use to make changes?


----------



## hewwo2u2 (Jan 10, 2009)

*Help please- I just found something very disturbing!!!!!*

I'm looking in my Windows Defender and I have something running called

"Microsoft Userinit Logon Application" File name: userinit.exe
it says in the info section beside it that its publisher is Microsoft corporation and that it is digitally signed by Microsoft Windows Verification PCA. It even says that it ships with the operating system.

Then while searching the first site you listed I found this:

name: userinit.exe 
status command: userinit.exe
description: Added by the HAXDOOR-DP TROJAN!

is this the same thing????? if so what do I do? how do I remove it!!!! and how come AVG never detected it??? help!


----------



## flavallee (May 12, 2002)

Black Viper Services Guide For Vista:

http://www.blackviper.com/WinVista/servicecfg.htm

Use the "Safe" column as a starting point.

----------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

I have gone through and disabled the services the safe column listed. Is there any more advice that can be given or do I just need to accept that my computer will never be like it was when I bought it?


----------



## Rich-M (May 3, 2006)

hewwo2u2 said:


> I have gone through and disabled the services the safe column listed. Is there any more advice that can be given or do I just need to accept that my computer will never be like it was when I bought it?


The way to return it to the state you bought it in, is to reformat and reinstall Windows.


----------



## hewwo2u2 (Jan 10, 2009)

This is what I was considering doing from the very beginning but my computer did not come with a cd with windows on it. I guess the next best thing to do is to use the option on my computer to restore to its factory state.

but from the logs... is there anything else that could be causing my problem?


----------



## new tech guy (Mar 27, 2006)

May not be and if it is a known trojan, our malware removal forum should be cleaning up your computer. If you want a mod to check the logs for spyware just put a report in for it.


----------



## hewwo2u2 (Jan 10, 2009)

new tech guy said:


> May not be and if it is a known trojan, our malware removal forum should be cleaning up your computer. If you want a mod to check the logs for spyware just put a report in for it.


is this a separate forum? do I just run a log and post it there?


----------



## new tech guy (Mar 27, 2006)

I will drop a report for you.


----------



## hewwo2u2 (Jan 10, 2009)

thanks!


----------



## new tech guy (Mar 27, 2006)

No problem, hopefully a moderator appears shortly to take a look.


----------



## Cookiegal (Aug 27, 2003)

I haven't read back through over 70 posts but I looked at the log and don't see anything malicious. There is one item of foistware that should be removed via the Control Panel - Add/Remove programs and that is anything with the following names:

*Viewpoint
Viewpoint Manager
Viewpoint Media Player*

As for the userinit.exe file, the valid file should be in System32 whereas a Haxdoor file would likely be in C:\Windows

Keep in mind even the userinit.exe in the valid location can be infected but I don't see any signs of infection in your HijackThis log, although not everything would show in a HijackThis log.

I also noted two anti-virus programs but I'm sure that would have been mentioned that you should uninstall one of them.

I will ask for a couple of simple scans which will tell us more but I won't move the thread just yet.

Download GMER from: http://gmer.net/index.php

Save it on your desktop and unzip it.

Double click the gmer.exe to run it and select the rootkit tab and press scan. When the scan is done, click *Copy*. This will copy the report to the clipboard. Paste it into Notepad and save it and also paste the log report back here please.

Please download Malwarebytes Anti-Malware form *Here* or *Here*

Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to *Update Malwarebytes' Anti-Malware* and *Launch Malwarebytes' Anti-Malware*, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "*Perform Quick Scan*", then click *Scan*.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that *everything is checked*, and click *Remove Selected*.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply along with a new HijackThis log please.

Extra Note:
*If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. 
Also, if you receive an (Error Loading) error on reboot please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it returns on future reboots. *


----------



## new tech guy (Mar 27, 2006)

Thanks cookie, wanted to rule malware out of the equation .


----------



## hewwo2u2 (Jan 10, 2009)

i believe i disabled this viewpoint manager thing when going through my services from that website


----------



## Cookiegal (Aug 27, 2003)

You need to uninstall it though and please perform the other tasks.


----------



## fairnooks (Oct 1, 2007)

Here's a somewhat radical solution, at least until Aug. 1st, that will at least have your Turdion processor thanking you. Put the Windows 7 beta on it. It seems to be as fast and nimble as a fresh XP install and you won't have any crapware from a factory reset install.


----------



## hewwo2u2 (Jan 10, 2009)

I attempted to download this GMER but I could not save it to my desk top (it did not give me the option). I opened it from my downloads where it automatically saves to and I don't think I had to unzip anything...maybe it did this automatically? Did I download the right thing?


----------



## hewwo2u2 (Jan 10, 2009)

and the onlt thing I could find in the control panel that I could "add/remove" was view point media player. I removed this, but I also saw an icon in my control panel called "view point manager" that when clicking on it will not open, but there is no option to delete it either....
should I worry about this?
I also thought I read somewhere that it was needed for using AIM and that it would automatically reappear if I tried to use AIM. Is this true? What else is this used for? I'm sorry to question but I just like to know what I'm doing so if any future errors occur I can hopefully undo whatever I did to cause them as.


----------



## hewwo2u2 (Jan 10, 2009)

I have just installed MBAM and will have the log from GMER shortly (even though I did not unzip the program from my desktop-please let meknow if this was a needed step).

I hate having extra things on my computer and since I got on here for help, I've now downloaded 4 things. Can you please tell me what I can remove and what I need to keep? Does "Hi Jack This" need to stay on my computer? I don't see myself ever using it unless I need help from here again as I know nothing about what it does. What about this GMER? Can I remove it once I have posted the log for you? And what am I supposed to do with the log you had me save? 
Also, is this MBAM thing I just downloaded similar to spybot or Adaware? If so, and you prefer this one, can I remove either of these? I use spybot but I haven't used Adaware in a while. Is this a good thing to keep or is it taking up a lot of room like my antivirus software was doing? A new update is available for it which I downloaded but have not installed yet. Before I did, I wantd to ask you if I should start to use this [Adaware] more often or get rid of it all together?


----------



## hewwo2u2 (Jan 10, 2009)

ok I have the log report but I cannot paste it as it is way too long. I get an error on the forums that says the text I entered is 316326 characters and the most I cat post is 30,000. Does this mean I am going to have to break thing up in several parts? What do you want me to do?


----------



## hewwo2u2 (Jan 10, 2009)

MBAM quick scan just finished. it said "no malicious items detected"

Should I ever perform a "full scan"?


----------



## Rich-M (May 3, 2006)

hewwo2u2 said:


> ok I have the log report but I cannot paste it as it is way too long. I get an error on the forums that says the text I entered is 316326 characters and the most I cat post is 30,000. Does this mean I am going to have to break thing up in several parts? What do you want me to do?


If you have to put that in more than one thread is all....copy and paste 1/2 at a time.


----------



## Cookiegal (Aug 27, 2003)

Viewpoint is foistware meaning it gets installed without your knowledge or consent along with other programs, such as AIM but it's not needed for AIM to work.

That's good that MBAM didn't find anything.

Were you able to run the GMER scan? This will show us if there are any rootkits.

As for HijackThis, we're not finished yet so it's premature to be asking what should keep. Obviously you will need it until we're done. Then you can ask again.


----------



## WebMast3r (Dec 4, 2008)

iv had the same problem with my old systemax PC. there are many ways to increase performance speed on a computer. here are just a few i recommend to you that should work:

1 defrag your hardrive (C)
2 delete any unecessary files/apps that you never use
3 download freeware to clean your computer (ex-CCleaner, ATF Cleaner, etc.) these basic programs remove temporary internet files/cookies and clean your registry. these usually take up anywhere from 500-1,000 MB of memory on my laptop. 
4 OR, if all else fails, you could perform a *system restore* to an earlier date when your computer wasnt as slow. and i think it gives you an option to restore your PC to its original factory settings for a fresh start. but if you run a system restore, remember to save all your useful files/images/music/etc. to a data-sufficient flashdrive *BEFORE* restoring.

hope this helps and good luck!


----------



## Cookiegal (Aug 27, 2003)

Please do not recommend using the registry cleaner function of those tools as this can do more harm than good. Many system have been rendered unbootable because of removing the wrong keys and/or values in the registry.

Also, an ordinary system restore (not referring to a restore to factory settings) does not affect images, documents or music on the computer, although it is always a good idea to back up in case something goes wrong.


----------



## hewwo2u2 (Jan 10, 2009)

hey again sorry it has taken so long to respond. I'm actually having internet problems as well and haven't been able to connect for the past few days! I'm actually trying to get help with this issue as well.

Cookie, I am going to post the GMER scan log now. It will most definitely take me some time though as it is verrrrrrrry long!

Now that I ran MBAM, do I need to keep it? Is it comparable to spybot spybot or Adaware (I have them both)? If so, could you please advise me to which one(s) I should keep?


----------



## hewwo2u2 (Jan 10, 2009)

please bare with me....every time I attempt to post a portion of it is says it is too long This is going to be at least 10 posts


....is there not a way to uplode the file and post it this way?


----------



## hewwo2u2 (Jan 10, 2009)

omg I'm not going to be able to do this. I've lost my spot and there is just too much it is almost 400,000 characters long. there has to be a better way


----------



## new tech guy (Mar 27, 2006)

You could just save the text file and upload that.


----------



## hewwo2u2 (Jan 10, 2009)

yes i saved the text file how do i upload it?


----------



## DerekC (Jan 10, 2005)

Click the Reply button (not to be confused with the "quick reply"). Then click the paperclip icon, then choose the browse option, find the file and choose upload.


----------



## Cpl. Chronic (Feb 15, 2008)

As I haven't had the displeasure of downgrading from XP to Vista (lol), I don't know much about it. But, I can say that XP (bare) can run on about 20 processes. I'm running about 27 processes myself and that includes a vista skin. And I only have 768MB of RAM.

I have a book by: Steve Sinchak, called "Hacking Windows XP"
Wiley.com is listed on the back cover and they may have books for Vista.
The book describes the "system services" and which ones you can usually
turn off as well as a whole host of other tidbits that allow you to customize
your Windows software.

Also, Antivirus software can be highly resource intensive. Having 2 just doubles that.
in addition they don't usually play well together. Your best bet on that is to just pick
one and keep it updated.

And of course with windows I consider a fresh install as routine maintiance. So if it's
been a while since you've done it, try that. I've done it on an HP using the one supplied on the second hard drive partition. It's a lot easier to get rid of useless bloat-ware when you know it's a fresh install. 

hope this helps.


----------



## fairnooks (Oct 1, 2007)

XP (original) bare will run on 6, but that was just a normal install. Tweaked it might even be less.

Finally I'm getting more and more support for the fresh install option of some sort. Even though the intentions are good, half the posters here have the poor OP running in circles throwing chairs off the main deck.


----------



## Cookiegal (Aug 27, 2003)

Are you sure you only checked the rootkit scan?


----------



## hewwo2u2 (Jan 10, 2009)

ahhh yes the reply button! I've been clicking quick reply every time!


----------



## hewwo2u2 (Jan 10, 2009)

Cookiegal said:


> Are you sure you only checked the rootkit scan?


I selected the tab at the top that says "rootkit/Malware" and left all the boxes on the right side checked

I will post the file now

do you ever want me to do a full scan with the other program or is quck scan the only one should be using?


----------



## hewwo2u2 (Jan 10, 2009)

GMER rootkit scan


----------



## Cookiegal (Aug 27, 2003)

I'm not seeing anything to indicate malware.


----------



## hewwo2u2 (Jan 10, 2009)

Thank you for checking! Is there anything else/ anymore advice anyone has for me to speed up this computer? Did anyone see any "junk" that I can remove? Otherwise, is this the time that I should mark this thread "solved"?


----------



## hewwo2u2 (Jan 10, 2009)

flavallee said:


> According to the CRUCIAL site, your computer supports a maximum of 2048 MB of DDR2 PC2-5300 RAM. A 2048 MB kit(2 - 1024 MB modules) can be purchased from the site for only $26.00 plus shipping. I strongly suggest you do it.
> 
> -----------------------------------------------------------------


this may be a silly question (again) but can you tell me if there are any other places that I can buy RAM for my computer for? If I do buy it elsewhere, how can I tell if it is in fact compatible? More specifically, do you know if any place sells a 1.5GB stick or do these not even exist?

thanks in advance!


----------



## Rich-M (May 3, 2006)

You can get model numbers from www.kingston.com and www.corsair.com, but no guaranties they will work ( though I have used both sites and they always have worked), however imho, Crucial is Micron ram and amongst the best and at that price I am not sure why you would want to go elsewhere?


----------



## hewwo2u2 (Jan 10, 2009)

Well I was hoping I could buy a 1.5 GB stick and keep one of the sticks I have, but someone told me that you can't have 2 sticks of different sizes, so it looks like I'll be getting them from Crucial after all.

why is it that you can't use 2 different sized sticks of RAM in a computer? It seemed like a good idea to me! :/


----------



## Rich-M (May 3, 2006)

To be safest with new ram, it should be the exact same model and size...


----------



## flavallee (May 12, 2002)

If you buy the 2048 MB(2 GB) set, which is 2 sticks of 1048 MB(1 GB) each, you'll have 2 identical sticks and won't have to worry about incompatibility issues between sticks.

I just checked the site and it's a measly $23.99 plus shipping. That's almost a steal for that price.

-----------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

ok then this is what I'll get thanks


----------



## hewwo2u2 (Jan 10, 2009)

flavallee said:


> According to the CRUCIAL site, your computer supports a maximum of 2048 MB of DDR2 PC2-5300 RAM. A 2048 MB kit(2 - 1024 MB modules) can be purchased from the site for only $26.00 plus shipping. I strongly suggest you do it.
> 
> -----------------------------------------------------------------


flavallee, is this the exact same one as the one you showed me for $26?

http://www.newegg.com/Product/Product.aspx?Item=N82E16820148086

If so, then I'm gonna go ahead and get it since the one from the CRUCIAL website will cost me $30 with shipping. This one is almost half the price! Please let me know if there is anything different about them?


----------



## flavallee (May 12, 2002)

Yep, they're both DDR2 PC2-5300 modules. :up:

I've never bought from NewEgg, so I don't know how reliable they are. They do have a good rating though for having among the cheapest prices. :up:

-----------------------------------------------------------------


----------



## hewwo2u2 (Jan 10, 2009)

flavallee said:


> Yep, they're both DDR2 PC2-5300 modules. :up:
> 
> I've never bought from NewEgg, so I don't know how reliable they are. They do have a good rating though for having among the cheapest prices. :up:
> 
> -----------------------------------------------------------------


hmm reliable as far as what? not ever getting the product? or possibly unreliable in that they don't send a genuine Crucial brand? I am going to purchase it, so if it's the former, I'll be able to let you know if I ever get it. I just hope that they are reliable enough to actually send to me what I am buying.


----------



## flavallee (May 12, 2002)

Like I said, I've never purchased from NewEgg. I have from Crucial though for several years.

----------------------------------------------------------------


----------



## DerekC (Jan 10, 2005)

Don't mean to jump into this tread....I've purchased things off newegg for years. My last 3 computers were built entirely from things purchased through them. Through it all, i've only had 1 DOA part, and never received anything other then what I was buying.

I've heard great things from Crucial, but never used them. But hey, It's your choice


----------



## hewwo2u2 (Jan 10, 2009)

I bought the crucial RAM off of Newegg. I guess we'll see when it gets here!


----------



## hewwo2u2 (Jan 10, 2009)

flavallee said:


> Like I said, I've never purchased from NewEgg. I have from Crucial though for several years.
> 
> ----------------------------------------------------------------


I received my order from Newegg and its the exact same Crucial kit that you recommended I get.


----------



## Rich-M (May 3, 2006)

hewwo2u2 said:


> I received my order from Newegg and its the exact same Crucial kit that you recommended I get.


Right you need to know Crucial is a manufacturer and it's actually MIcron brand and many retailers carry it. It is amongst the best ram available.


----------

