Solved

Slow operation

Posted on 2004-08-10
19
1,216 Views
Last Modified: 2013-12-29
The last few day I have noticed a remarkable slowing down of my Hp 6535 . It is very hard to bring up Netscape. I was told to SCAN & DeFrag my C drive. But every time I try I get a message saying it has tried 10 times and some other program or W98 is using disk. When I do a ctl, Alt Del it shows Explorer, systray & rundll running besindes the Scan Disk.
I think this has happened before, but I cannot remember how to fix. Even the dbl clicking of MY Computer takes quite a while for the screen to appear.
Any help would be appreciated.
Gary

My e-mail is *** email address removed by LeeTutor, Page Editor ***, I will try to find my profille before I get kicked off, but wanted to get question posted first...
0
Comment
Question by:Gary27
  • 9
  • 8
19 Comments
 
LVL 65

Assisted Solution

by:SheharyaarSaahil
SheharyaarSaahil earned 500 total points
ID: 11768306
Hello Gary27 =)

First thing,,,, Run Scandisk and Defrag in SAFEMODE !!!!

Second thing,,,, Disable unwanted Startup itmes >> http://netsquirrel.com/msconfig/

Third thing,,,,, Check for Possible Viruses\Spywares

CHECK FOR SPYWARES:
----------------------------
AdAware ==> http://www.spychecker.com/program/adaware.html
SpyBot  ==> http://www.spychecker.com/program/spybot.html
CoolWebShredder ==> http://www.spychecker.com/program/coolwebshredder.html 
OR Use the Tools given here >> http:Q_20975384.html

CHECK FOR ONLINE VIRUS SCAN:
--------------------------------------
1. http://us.mcafee.com/root/mfs/default.asp?cid=9059 
2. http://security.symantec.com/
3. http://housecall.trendmicro.com/ 
4. http://www.pandasoftware.com/activescan/com/activescan_principal.htm
5. http://www.pcpitstop.com/antivirus/default.asp
Stinger >> http://vil.nai.com/vil/stinger

After these steps if u still feel that system is slow then it MUST be a hardware problem,,,, like bad RAM or failing hard drive !!!!

!! GOOD LUCK !!
0
 
LVL 3

Expert Comment

by:4ceReconSniper
ID: 11769442
post the specs of your pc and programs running
0
 

Author Comment

by:Gary27
ID: 11775673
Got some good new and some bad.
1. Got Disk scan & Disk Defrag to run (Took all night) Kept restarting because something else was writing to disk, but no errors and deFrag was sucessful. Computer runs faster.

2. Ran AdAware found 139 files and quarentined them.

3. Bad news - ran McAfee Free scan - found at least 25 files with
something called W32NETSKy.p@MM but when I clicked on the file name as instructed to see how to remove McAfee say it can not find this name, DO NOT UNDERSTAND. Tried to e-mail Mcafee but don't hold out much hope on them getting back to a free-be.

Maybe I will try another site to see if they find the same virus.

Any suggestions?
0
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
ID: 11775713
1. Congrats

2. Why didn't u delete them ??

3. try running Stinger in Safemode >> http://vil.nai.com/vil/stinger
0
 

Author Comment

by:Gary27
ID: 11778081
2. I did delete them, it was part of the standard quarentee & remove

Will try stinger in safemode .. Have you heard of W32Netsky or Kazaa?
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11778144
>> Have you heard of W32Netsky or Kazaa?

lolz... yes i HAVE heard of them,,,, and even faced them :D

Stinger will get u rid of W32Netsky and Kazaa shud be first uninstalled manually from Add Remove Programs and then run the spyware removal tools to delete its remainents !!!!!
0
 

Author Comment

by:Gary27
ID: 11778342
When you said run stinger in "safemode" - I am not sure what you mean -- I cannot access web under safemode. Modem or data com will not use Port. or do you mean down load "Stinger" and then run under Safemode? Sorry not to bright :-)
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11778366
:)

yes i meant u can download Stinger in Normal Mode
but Run it in Safemode,,,,,, coz it will be not interrupted by the background processes there =)
0
 

Author Comment

by:Gary27
ID: 11779738
Sorry to bother you again before I give you the points.

Ran stinger sucessfully. Alot of files deleted because of W32NETSKY. I think my grandson downloaded some bad items :-) There are 3 files zip1.temp, zip2.tmp and zip3.tmp in Windows that stinger "could not repair" do you thing I can delete them?

The other thing is that things are running better, but items such as control panel seem to take a long time to come up on the desktop. Could something have happen that would cause rhings like My Computer to react slowly?

Thank you,
Gary
0
Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11779793
>> There are 3 files zip1.temp, zip2.tmp and zip3.tmp in Windows that stinger "could not repair" do you thing I can delete them?

these are basically temp files,,,,, and temp files are NOT necessary files.... they can be deleted easily :)

for second problem,,,, i still suspect some background applications,,,, do they open slowly in safemode also ??
if NO then do one thing, Download HijackThis v1.98.2, run it, Save the LOG file and Post it here:
http://tools.radiosplace.com/HijackThis.exe
0
 

Author Comment

by:Gary27
ID: 11784886
This is log file froLogfile of HijackThis v1.98.2
Scan saved at 11:38:46 AM, on 8/12/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\PROGRAM FILES\NETZERO\QSACC\X1EXEC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\MY DOWNLOAD FILES\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ext/hp/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*windowsupdate.microsoft.com;*windowsupdate.com;*wustat.windows.com;*profiles.yahoo.com;*.pogo.com;*test-speed.com;<local>
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\PROGRAM FILES\NZSEARCH\SEARCHENH1.DLL
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.yahoo.com/"); (C:\Program Files\Netscape\Users\user1\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\PROGRAM FILES\NETZERO\QSACC\X1IEBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\PROGRAM FILES\NETZERO\TOOLBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [VsEcomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\vsecomr.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] c:\Program Files\Network Associates\VirusScan\AVSYNMGR.EXE
O4 - HKLM\..\RunOnce: [untd_recovery] C:\PROGRAM FILES\NETZERO\QSACC\X1EXEC.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\PROGRAM FILES\NETZERO\QSACC\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\PROGRAM FILES\NETZERO\QSACC\appres.dll/227
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} (MSN Chat Control 4.0) - http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://us.creative.com/support/downloads/su/ocx/12119/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://us.creative.com/support/downloads/su/ocx/12119/CTPID.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://us.creative.com/support/register/OCXs/CtORWebClientWin98SENoMFC.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4384/mcfscan.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = midohio.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 209.190.102.2,209.190.102.9

m                                                                  
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11785542
hmmmmmmmmm i have to admit that the LOG is pretty much clean...... :)
but i just want to aks two things,,,,,

running PowerToys ??
Safemode results ??
0
 

Author Comment

by:Gary27
ID: 11789284
Never heard of Power tools
Safemode about the same speed maybe quicker
However, sometimes when the yellow disk light is lighting and I am
not doing anything I can do a cntl, Alt, Del and and some programs
called Iexplorer - Rnaapp - hcm (NZSeaarch) will be running

Don't know if this means anything

The computer is better - I have tried to search and read about W32Netsky.P@mm
but can only find out alot about how to get rid of the virus, but not much as to what it does to the users PC !!!

Thanks again for you time - Gary Lee
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11789307
Rnaapp is a system process,,,, and hcm is running coz u have its startup entry, so it will start running at every startup :)

but what is this Iexplorer ?? I cannot see it running in ur LOG file :-?
Iexplore.exe is IE !!
0
 

Author Comment

by:Gary27
ID: 11801517
Maybe IE was running at the time... Things are much better at least for now.
I don't know what the virus Netsky.P@mm was doing, but I think the DeFrag helped a lot.

Thank you for your help! It is gratly appreciated.

Gary Lee
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11801955
my pleasure ^_^
0
 

Author Comment

by:Gary27
ID: 11807079
Back again to tell you I found another Virus Sunday night. Had some time
so I ran Free Scan again and it found W32/Alphax.worm.gen

Do not know why stinger did not remove.

Gary Lee
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11808682
Stinger has not this virus included in its list >> http://vil.nai.com/vil/stinger/
may be that's why it didn't pick up that one !!!!!
0

Featured Post

Do email signature updates give you a headache?

Are you constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Recently Microsoft released a brand new function called CONCAT. It's supposed to replace its predecessor CONCATENATE. But how does it work? And what's new? In this article, we take a closer look at all of this - we even included an exercise file for…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now