Solved

Slow operation

Posted on 2004-08-10
19
1,215 Views
Last Modified: 2013-12-29
The last few day I have noticed a remarkable slowing down of my Hp 6535 . It is very hard to bring up Netscape. I was told to SCAN & DeFrag my C drive. But every time I try I get a message saying it has tried 10 times and some other program or W98 is using disk. When I do a ctl, Alt Del it shows Explorer, systray & rundll running besindes the Scan Disk.
I think this has happened before, but I cannot remember how to fix. Even the dbl clicking of MY Computer takes quite a while for the screen to appear.
Any help would be appreciated.
Gary

My e-mail is *** email address removed by LeeTutor, Page Editor ***, I will try to find my profille before I get kicked off, but wanted to get question posted first...
0
Comment
Question by:Gary27
  • 9
  • 8
19 Comments
 
LVL 65

Assisted Solution

by:SheharyaarSaahil
SheharyaarSaahil earned 500 total points
ID: 11768306
Hello Gary27 =)

First thing,,,, Run Scandisk and Defrag in SAFEMODE !!!!

Second thing,,,, Disable unwanted Startup itmes >> http://netsquirrel.com/msconfig/

Third thing,,,,, Check for Possible Viruses\Spywares

CHECK FOR SPYWARES:
----------------------------
AdAware ==> http://www.spychecker.com/program/adaware.html
SpyBot  ==> http://www.spychecker.com/program/spybot.html
CoolWebShredder ==> http://www.spychecker.com/program/coolwebshredder.html
OR Use the Tools given here >> http:Q_20975384.html

CHECK FOR ONLINE VIRUS SCAN:
--------------------------------------
1. http://us.mcafee.com/root/mfs/default.asp?cid=9059
2. http://security.symantec.com/
3. http://housecall.trendmicro.com/
4. http://www.pandasoftware.com/activescan/com/activescan_principal.htm
5. http://www.pcpitstop.com/antivirus/default.asp
Stinger >> http://vil.nai.com/vil/stinger

After these steps if u still feel that system is slow then it MUST be a hardware problem,,,, like bad RAM or failing hard drive !!!!

!! GOOD LUCK !!
0
 
LVL 3

Expert Comment

by:4ceReconSniper
ID: 11769442
post the specs of your pc and programs running
0
 

Author Comment

by:Gary27
ID: 11775673
Got some good new and some bad.
1. Got Disk scan & Disk Defrag to run (Took all night) Kept restarting because something else was writing to disk, but no errors and deFrag was sucessful. Computer runs faster.

2. Ran AdAware found 139 files and quarentined them.

3. Bad news - ran McAfee Free scan - found at least 25 files with
something called W32NETSKy.p@MM but when I clicked on the file name as instructed to see how to remove McAfee say it can not find this name, DO NOT UNDERSTAND. Tried to e-mail Mcafee but don't hold out much hope on them getting back to a free-be.

Maybe I will try another site to see if they find the same virus.

Any suggestions?
0
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
ID: 11775713
1. Congrats

2. Why didn't u delete them ??

3. try running Stinger in Safemode >> http://vil.nai.com/vil/stinger
0
 

Author Comment

by:Gary27
ID: 11778081
2. I did delete them, it was part of the standard quarentee & remove

Will try stinger in safemode .. Have you heard of W32Netsky or Kazaa?
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11778144
>> Have you heard of W32Netsky or Kazaa?

lolz... yes i HAVE heard of them,,,, and even faced them :D

Stinger will get u rid of W32Netsky and Kazaa shud be first uninstalled manually from Add Remove Programs and then run the spyware removal tools to delete its remainents !!!!!
0
 

Author Comment

by:Gary27
ID: 11778342
When you said run stinger in "safemode" - I am not sure what you mean -- I cannot access web under safemode. Modem or data com will not use Port. or do you mean down load "Stinger" and then run under Safemode? Sorry not to bright :-)
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11778366
:)

yes i meant u can download Stinger in Normal Mode
but Run it in Safemode,,,,,, coz it will be not interrupted by the background processes there =)
0
 

Author Comment

by:Gary27
ID: 11779738
Sorry to bother you again before I give you the points.

Ran stinger sucessfully. Alot of files deleted because of W32NETSKY. I think my grandson downloaded some bad items :-) There are 3 files zip1.temp, zip2.tmp and zip3.tmp in Windows that stinger "could not repair" do you thing I can delete them?

The other thing is that things are running better, but items such as control panel seem to take a long time to come up on the desktop. Could something have happen that would cause rhings like My Computer to react slowly?

Thank you,
Gary
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11779793
>> There are 3 files zip1.temp, zip2.tmp and zip3.tmp in Windows that stinger "could not repair" do you thing I can delete them?

these are basically temp files,,,,, and temp files are NOT necessary files.... they can be deleted easily :)

for second problem,,,, i still suspect some background applications,,,, do they open slowly in safemode also ??
if NO then do one thing, Download HijackThis v1.98.2, run it, Save the LOG file and Post it here:
http://tools.radiosplace.com/HijackThis.exe
0
 

Author Comment

by:Gary27
ID: 11784886
This is log file froLogfile of HijackThis v1.98.2
Scan saved at 11:38:46 AM, on 8/12/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\PROGRAM FILES\NETZERO\QSACC\X1EXEC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\MY DOWNLOAD FILES\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ext/hp/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*windowsupdate.microsoft.com;*windowsupdate.com;*wustat.windows.com;*profiles.yahoo.com;*.pogo.com;*test-speed.com;<local>
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\PROGRAM FILES\NZSEARCH\SEARCHENH1.DLL
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.yahoo.com/"); (C:\Program Files\Netscape\Users\user1\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\PROGRAM FILES\NETZERO\QSACC\X1IEBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\PROGRAM FILES\NETZERO\TOOLBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [VsEcomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\vsecomr.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] c:\Program Files\Network Associates\VirusScan\AVSYNMGR.EXE
O4 - HKLM\..\RunOnce: [untd_recovery] C:\PROGRAM FILES\NETZERO\QSACC\X1EXEC.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\PROGRAM FILES\NETZERO\QSACC\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\PROGRAM FILES\NETZERO\QSACC\appres.dll/227
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} (MSN Chat Control 4.0) - http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://us.creative.com/support/downloads/su/ocx/12119/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://us.creative.com/support/downloads/su/ocx/12119/CTPID.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://us.creative.com/support/register/OCXs/CtORWebClientWin98SENoMFC.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4384/mcfscan.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = midohio.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 209.190.102.2,209.190.102.9

m                                                                  
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11785542
hmmmmmmmmm i have to admit that the LOG is pretty much clean...... :)
but i just want to aks two things,,,,,

running PowerToys ??
Safemode results ??
0
 

Author Comment

by:Gary27
ID: 11789284
Never heard of Power tools
Safemode about the same speed maybe quicker
However, sometimes when the yellow disk light is lighting and I am
not doing anything I can do a cntl, Alt, Del and and some programs
called Iexplorer - Rnaapp - hcm (NZSeaarch) will be running

Don't know if this means anything

The computer is better - I have tried to search and read about W32Netsky.P@mm
but can only find out alot about how to get rid of the virus, but not much as to what it does to the users PC !!!

Thanks again for you time - Gary Lee
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11789307
Rnaapp is a system process,,,, and hcm is running coz u have its startup entry, so it will start running at every startup :)

but what is this Iexplorer ?? I cannot see it running in ur LOG file :-?
Iexplore.exe is IE !!
0
 

Author Comment

by:Gary27
ID: 11801517
Maybe IE was running at the time... Things are much better at least for now.
I don't know what the virus Netsky.P@mm was doing, but I think the DeFrag helped a lot.

Thank you for your help! It is gratly appreciated.

Gary Lee
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11801955
my pleasure ^_^
0
 

Author Comment

by:Gary27
ID: 11807079
Back again to tell you I found another Virus Sunday night. Had some time
so I ran Free Scan again and it found W32/Alphax.worm.gen

Do not know why stinger did not remove.

Gary Lee
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11808682
Stinger has not this virus included in its list >> http://vil.nai.com/vil/stinger/
may be that's why it didn't pick up that one !!!!!
0

Featured Post

Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

Join & Write a Comment

A few months ago I had an issue with LaserJet 1020 printer which was installed to XP and Windows 7.  It was installed to XP and working, but when I tried to connect from a Windows 7 PC, it would attempt connection and then fail.  Sometimes the Spool…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now