problem with windows xp?

Discussion in 'Windows Desktop Systems' started by a dreams forever, Jun 4, 2005.

  1. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    I have windows xp pro. I never had a problem until yesterday. now my computer is starting to go slow. alot slower than what it used to. when I move my mouse it will skip on the screen. when I listen to music it keeps slowing down, speeding back up and slowing down again. programs take a long time to load up. so does windows itself. I did windows scans, defragged, virus scans with AVG free *dont have money to pay for a virus protection program* and everything is fine. no problems. I have no clue wtf it can be. can someone help me? is it just my harddrive dying on me? or even my whole computer dying on me? is there any programs out there that will let me test my computer to see if thats it or something? anything?
     
  2. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    Press CTRL-ALT-DEL go to task manager, sort processes by CPU usage and see if anything is being a hog.
     
  3. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    yah system idle process is stuck in the 90's. but thats normal right?
     
  4. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    yeah, that isn't the problem.
    close as many applications are you can in your taskbar, I would be suspicious if idle process was still as low as 90% -- perhaps throw up a hijackthis log, just for the sake of it :

    http://www.spywareinfo.com/~merijn/downloads.html
     
  5. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    Logfile of HijackThis v1.99.1
    Scan saved at 9:51:06 AM, on 6/4/2005
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\refreshlock\RefreshLock.exe
    C:\Program Files\CoolMon\CoolMon.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\devldr32.exe
    C:\Documents and Settings\jal4e\My Documents\hijack this\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.blingo.com/?view=sidebar
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.blingo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.blingo.com/?view=sidebar
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [RefreshLock] C:\refreshlock\RefreshLock.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
    O4 - Startup: CoolMon.lnk = C:\Program Files\CoolMon\CoolMon.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4506/mcfscan.cab
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    thats all I have.
     
  6. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    I don't know what is wrong. I might just reformat.
     
  7. Perris Calderon

    Perris Calderon Moderator Staff Member Political User

    Messages:
    12,332
    Location:
    new york
    what's using ten percent of the cpu?

    what's the process besides explorer using the most memory?

    reformat is for whimps
     
  8. ray_gillespie

    ray_gillespie Moderator Staff Member Political User

    Messages:
    1,692
    Location:
    Birmingham, UK
    Nothing strikes me as out of the ordinary there. Have you tried restoring to an earlier date that you knew was ok? That way you'll be able to see if it's because of something that has been installed recently. That is, assuming you have system restore on. I can never be arsed with it personally!

    What specs does your computer have?
     
  9. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    do these steps one at a time to isolate the source of the problem. file at www.majorgeeks.com

    first - Download spybot search and destoy and adaware, run them both. get rid of the crap they find.

    second - What is that blingo thing in hijack this? ditch it if you can.

    third - did you download the new windows security stuff this week including the malware remover? if yes something in the install could be causing a problem. system restore to before them. if you have the malware remover go ahead and run it before rolling back.

    4th - now that you've purged watch your network traffic lights while doing nothing. they should almost never flash. if they're blinking like a xmas tree on speed something has infested itself in your comp that we haven't found yet.

    PS avg free is fine, many people here use it. run a full system scan. check for updates (twice there were several this week). then test center - scan computer (may take an hour).

    PPS YOU SEEM TO HAVE A LOT OF JUNK RUNNING IN BACKGROUND. fom the hijack this log. turn those off in tasdk manager and see if it helps.
     
    Last edited: Jun 4, 2005
  10. Johnny

    Johnny .. Commodore .. Political User

    Messages:
    5,015
    Location:
    Happy Valley
    What is blingo ?? sounds like a spyware trojan to me .. Other than that it looks good ..
     
  11. dreamliner77

    dreamliner77 The Analog Kid

    Messages:
    4,702
    Location:
    Red Sox Nation
    Do you have a wireless card in your computer?
     
  12. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    blingo is supposed to be there. I put it there myself. everything I have running in the background I wanted it to be there. but I did reformat the computer but something really weird is happening. after a while these pop ups will come up and say something like theres problems in my registry and to save the computer I have to go to www.ms-repair.com to fix it. I didnt install ANYTHING BUT THE NVIDIA DRIVERS ! thats all. and theres nothing in msconfig or nothing in hijack this. what can I do. these keep coming up like every 5 minutes. I went to the site for the hell of it and it isnt even a microsoft site. how can this be in my computer? I repartitioned and reformatted and this is on. help! :(
     
  13. emeritus

    emeritus Beware the Monkeys!!!

    Messages:
    326
    Location:
    Oakdale, CT
  14. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    thank you for the help. but. how would I have this? I JUST reformatted and did nothing else. it happened before I even went online with the new installation. oh well. anyways Im going to do all these scans to see if I can find something. hopefully I can.
     
  15. Hipster Doofus

    Hipster Doofus Good grief Charlie Brown

    Messages:
    5,920
    Location:
    Melbourne Australia
    It's quite possibly a program that is being installed, if you installed any before going online. When this has happened to me the only way to find it was to format, load trusted programs, then load the others one at a time, run the system for a while, then load another till you find it.
     
  16. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    the ONLY thing I installed was nvidia drivers. the ONLY website I went to was nvidia.com. no extra programs installed and this is a fresh format. a fresh install of windows xp
     
  17. a dreams forever

    a dreams forever OSNN Addict

    Messages:
    166
    adaware found 18 things. 8 files and the rest in the registry. files named alexa. hmm ok. hah. but anyways. one of the websites the cookie was from was called nvidia.hotbox. or something like that. o_O
     
  18. Petros

    Petros Thief IV

    Messages:
    3,038
    Location:
    Pacific Northwest
  19. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    The trojan could be hiding in:
    -your HD boot sector. A reformat does not delete the boot sector.
    -media you store your backups to.
    -another computer on your LAN.
    -Reinfecting over the internet if you connect before you have a firewall and antivirus up.
    -are you sure those nvidia drivers are clean. If they are "optimized" or from a disreputable downlaod site they could be infected. Get new ones from the card CD or direct from the Nvidia site. My virus scan today turned up a trojan hiding in an ATI file on my computer.

    Steps:
    -Disconnect any other drives you have on your PC.
    -Reformat the boot drive again including the Boot Sector. The western digital utilites disk can do this, not sure what brand HD you have.
    -Reinstall using only original CD's. Install antivirus and a firewall next.
    -Scan the boot partition and any data partitions you have on the boot drive for viruses and malware using the tools mentioned above.
    -Now reconnect any data drives and scan them before executing anything on them!
    -If everything is ok connect to the internet and update Windows to the latest version including the new malware removal tool.
    -Run the tool to make sure all is well.
    -Now go to nvidia for the latest drivers.
     
  20. Johnny

    Johnny .. Commodore .. Political User

    Messages:
    5,015
    Location:
    Happy Valley
    A trojan is more than likely the reason you were having probs befor the reformat. When you do a reformat you don't erase things, you just over right them. Which is why if you are going to do a reformat. Do a reformat by deleting the partition, recreate it and then install the OS ..