TechSpot

Crawling: no download/streaming

By bballman53187
Jun 9, 2009
  1. So, a few weeks ago i installed an update from windows and the computer just started crawling. My power settings on the laptop reset to normal, (i usually have it on always on so nothing turns off after X mins) and everytime i reboot, it goes back to default. I can't download anything through explorer or stream any music/videos. Works through FireFox but everything is extremely slow. Did all of the above steps and still same performance. Logfiles attached!

    Thanks in advance.

    I can't find my superantispyware log for some reason.
     

    Attached Files:

  2. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    Can anyone take a look at the logs and lend some advice?
     
  3. mflynn

    mflynn TS Rookie Posts: 2,655

    Update then run MBAM again but this time select and remove the found items which this log says "No action taken"!

    Then...

    Do the TechSpot 8 steps: http://www.techspot.com/vb/topic58138.html

    and get us the rest of the logs. New HJT last after all above, not before!

    Mike
     
  4. Daproblemis

    Daproblemis TS Rookie Posts: 46

    It appears as you are running 2 antivirus programs, Norton and AVG. That does not work as each see other as a Virus. Uninstall one or the other, restart, and see what happens/
     
  5. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    I'm trying to update MBAM it took 7 minutes just to connect to update. The laptop is consistently using 95-100% cpu.

    I uninstalled norton when i installed AVG. I don't see Norton in the add/remove list
     
  6. mflynn

    mflynn TS Rookie Posts: 2,655

    We will get to that!

    If you have this much trouble in Normal Mode the boot to SafeMode Networking and see if it is ant faster!

    Mike
     
  7. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    I'm running malware now, and will run the others in the morning and post back tomorrow evening
     
  8. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    New logfiles attached. Still same symptoms fyi.
     
  9. mflynn

    mflynn TS Rookie Posts: 2,655

  10. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    Thanks for the help so far, I can't stand this!
     
  11. mflynn

    mflynn TS Rookie Posts: 2,655

    Well we are almost finished, if you decide to quit let me know don't just dissapear!

    In Control Panel Add/Remove programs uninstall Logitech Desktop Messenger

    then

    Go here D/L install and run Viewpoint remover: http://www.softpedia.com/get/Security/Security-Related/ViewpointKiller.shtml

    Reboot! Before below!

    Finally rename ComboFix to 1cfix and run 1cfix and post its log!

    This should finish us up.

    Mike
     
  12. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    I still have all of the same symptoms! Please tell me there's more?
     
  13. mflynn

    mflynn TS Rookie Posts: 2,655

    OK you are now clean of Malware so lets move on to boosting general and internet performance

    Do the below

    Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
    Then paste to the black screen of an open command prompt. All may not apply so ignore errors.

    Code:
    @echo off
    sc config Alerter start= disabled
    sc stop Alerter
    
    sc config AeLookupSvc start= disabled
    sc stop AeLookupSvc
    
    sc config ClipBook start= disabled
    sc stop ClipBook
    
    sc config Dfs start= disabled
    sc stop Dfs
    
    sc config FastUserSwitchingCompatability start= disabled
    sc stop FastUserSwitchingCompatability
    
    sc config TrkWks start= disabled
    sc stop TrkWks
    
    sc config TrkSvr start= disabled
    sc stop TrkSvr
    
    sc config DNSCache start= disabled
    sc stop DNSCache
    
    sc config ERSvc start= disabled
    sc stop ERSvc
    
    sc config HidServ start= disabled
    sc stop HidServ
    
    sc config PolicyAgent start= disabled
    sc stop PolicyAgent
    
    sc config CiSvc start= disabled
    sc stop CiSvc
    
    sc config IsmServe start= disabled
    sc stop IsmServ
    
    sc config kdc start= disabled
    sc stop kdc
    
    sc config LicenseService start= disabled
    sc stop LicenseService
    
    sc config Messenger start= disabled
    sc stop Messenger
    
    sc config Netlogon start= disabled
    sc stop Netlogon
    
    sc config NetTcpPortSharing start= disabled
    sc stop NetTcpPortSharing
    
    sc config mnmsrvc start= disabled
    sc stop mnmsrvc
    
    sc config NetDDE start= disabled
    sc stop NetDDE
    
    sc config NetDDEdsdm start= disabled
    sc stop NetDDEdsdm
    
    sc config NtLmSsp start= disabled
    sc stop NtLmSsp
    
    sc config SysmonLog start= disabled
    sc stop SysmonLog
    
    sc config RSVP start= disabled
    sc stop RSVP
    
    sc config SSDPSRV start= disabled
    sc stop SSDPSRV
    
    sc config upnphost start= disabled
    sc stop upnphost
    
    sc config WMPNetworkSvc start= disabled
    sc stop WMPNetworkSvc
    
    sc config WmiApSrv start= disabled
    sc stop WmiApSrv
    
    sc config WmdmPmSN start= disabled
    sc stop WmdmPmSN
    
    sc config RemoteRegistry start= disabled
    sc stop RemoteRegistry
    
    sc config RemoteAccess start= disabled
    sc stop RemoteAccess
    
    sc config SCardSvr start= disabled
    sc stop SCardSvr
    
    sc config TlnSvr start= disabled
    sc stop TlnSvr
    
    sc config UPS start= disabled
    sc stop UPS
    
    sc config WebClient start= disabled
    sc stop WebClient
    
    sc config DNSCache start= disabled
    sc stop DNSCache
    
    sc config JavaQuickStarterService start= disabled
    sc stop JavaQuickStarterService
    sc delete JavaQuickStarterService
    attrib -h -s -r /s c:\jqs.*
    del /f /q /s c:\jqs.*
    
    sc config RpcSs start= Automatic
    sc start RpcSs
    
    sc config RpLocator start= Automatic
    sc start RpcLocator
    
    sc config MSIServer start= Automatic
    sc start MSIServer
    
    netsh dump >"%USERPROFILE%"\Desktop\savenetwork.txt
    netsh interface ip delete arpcache
    ipconfig /flushdns
    ipconfig /release *
    ipconfig /renew *
    ipconfig /registerdns
    nbtstat -RR
    netsh int ip reset
    
    exit
    exit
    Run CCleaner http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
    Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean. You may have this from the 8 Steps.

    Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.

    KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
    Fantastic cleaner. (When installing uncheck Relevant Knowledge do not install)
    -------------------------------------------------------------------------------------
    Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "Cleanup at TechSpot".

    Then Start-Programs-Accessories-System Tools-Disk Cleanup
    Click OK to accept C:
    Select all Boxes
    Then click More Options
    Here click System Restore and OK to "Are you sure" and the OK to Run.

    As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.

    It clears what is known as Shadow copies which are used by specialized back up programs.

    This is if you have the Volume Shadow Copy running which is the default.

    Reboot to see if anything changed!

    Mike
     
  14. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    Unfortunately nothing has changed. Programs still take minutes and minutes to load. Explorer still will not stream video/music, so i'm assuming i cannot download anything either.

    Side note-

    If i ctrl+alt+del and end the processes named "Cpqset" "Hp Wireless Assistant" and "SuperAntiSpyware" things speed up a bit, but no streaming.

    Explorer took a total of 12 minutes to fully open and load to yahoo, without me touching the laptop.

    Please help! Thank you so far!
     
  15. mflynn

    mflynn TS Rookie Posts: 2,655

    Is the slowdown just online or is the speed fairly normal when running non web items like MS office etc?

    OK so do the below

    Run SAS click Preferences-Repairs then one at a time do the below
    Home page reset
    Internet Zone Security reset
    Local Page reset
    Remove Policy Restrictions
    Remove Internet Explorer Policy Restrictions
    Remove WinOldApp Policy Restrictions
    Repair broken Network Connection (WinSock LSP Chain)
    Reset URL Prefixes
    Reset Web Setings
    Reset Winlogon shell
    ResetZoneMap Settings
    User Agent Post Platform Reset
    User Agent Reset

    Reboot
    Test
    Report results

    Mike
     
  16. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    Speed is just when it comes to explorer and anything that connects to internet, the program seems to freeze and then after leaving it alone for a little it works.

    I've tried those during the 8 steps. Do you need me to re-do them?
     
  17. mflynn

    mflynn TS Rookie Posts: 2,655

    Enema for TCP/IP, WinSock and general network

    Left Drag mouse and Copy for Pasting all text in the box below.
    Make sure the slider bar goes to bottom from the @ to the end of the second exit.
    Then paste to the black screen of an open command prompt.
    ----------------------------------------------------------------------
    Code:
    @echo off
    ::Back up entire current network settings
    netsh -c interface dump > "%USERPROFILE%"\Desktop\netbak.txt
    
    ::Saves ip settings
    ipconfig /all >"%USERPROFILE%"\Desktop\ipconfig.txt
    
    ::Clear Arp
    netsh interface ip delete arpcache
    
    ipconfig /flushdns
    
    ipconfig /release *
    
    ipconfig /renew *
    
    ipconfig /registerdns
    
    nbtstat -RR
    
    ::saves log of current settings
    netsh winsock show catalog >"%USERPROFILE%"\Desktop\lsp.txt
    
    ::resets Winsock
    netsh winsock reset catalog
    
    ::winsock after rest
    netsh winsock show catalog >>"%USERPROFILE%"\Desktop\lspnew.txt
    
    ::reset TCP stack
    netsh int ip reset >"%USERPROFILE%"\Desktop\tcpreset.txt
    exit
    exit

    Reboot see new icons on desktop, paste contents of ipconfig.txt back to thread. Report status now!

    Mike
     
  18. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    Windows IP Configuration



    Host Name . . . . . . . . . . . . : laptop

    Primary Dns Suffix . . . . . . . :

    Node Type . . . . . . . . . . . . : Hybrid

    IP Routing Enabled. . . . . . . . : No

    WINS Proxy Enabled. . . . . . . . : No



    Ethernet adapter Local Area Connection 3:



    Media State . . . . . . . . . . . : Media disconnected

    Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

    Physical Address. . . . . . . . . : 00-16-D4-2E-36-3E



    Ethernet adapter Wireless Network Connection:



    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN

    Physical Address. . . . . . . . . : 00-14-A5-AC-EA-6A

    Dhcp Enabled. . . . . . . . . . . : Yes

    Autoconfiguration Enabled . . . . : Yes

    IP Address. . . . . . . . . . . . : 192.168.1.101

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    IP Address. . . . . . . . . . . . : ?

    Default Gateway . . . . . . . . . : 192.168.1.1

    DHCP Server . . . . . . . . . . . : 192.168.1.1

    DNS Servers . . . . . . . . . . . : 192.168.1.1

    ?

    ?

    ?

    Lease Obtained. . . . . . . . . . : Tuesday, June 23, 2009 10:10:47 PM

    Lease Expires . . . . . . . . . . : Wednesday, June 24, 2009 10:10:47 PM



    Tunnel adapter Teredo Tunneling Pseudo-Interface:



    Connection-specific DNS Suffix . :

    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

    Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

    Dhcp Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : ?

    Default Gateway . . . . . . . . . :

    NetBIOS over Tcpip. . . . . . . . : Disabled



    Same results =[ you can see how long it takes for me to finally open explorer, i ran the test at 10:10 and finally able to post this at 10:30
     
  19. bballman53187

    bballman53187 TS Rookie Topic Starter Posts: 21

    I went on vacation so i haven't been around...no response?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...