any help, or a torch for my comp, would be appreciated

Welcome to Major Geeks!

Your problems are not due to malware. Most are due to what you are running and the fact that you do not have an adequate amount of RAM installed. You have only have 256.00 MB installed. I recommend 4 times that be installed at a minimum for truly proper operation of Windows XP with todays type applications.

Let's do a few things that should help (but you do need to add more RAM).

• Why do you need O23 - Service: Tango Service (TangoService) - Unknown owner - C:\Program Files\Efficient Networks\Tango Manager\app\TangoService.exe running? Is this for an ADSL Modem. Why does it need this service?
• Uninstall SUPERAntispyware now since we are finished with it.
• Uninstall Ad-Aware 2007 which is a waste of resources for what it detects. It also keeps a service running full time. SUPERAntispyware or Malwarebytes are many times more useful/effective to have as scan only tools.
• Also uninstall Ewido which was discontinued long ago (since it may not show in add/remove programs, I have steps below to remove its servic) and you have Spyware Doctor installed now (which can be quite resource greedy itself).
• You appear to have a broken uninstall of McAfee wasting resource. Run this McAfee Consumer Product Removal Tool and then reboot. You have no antivirus program installed!!

Now Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.

• On the page that opens, scroll down to DSBrokerService
• then right click the entry, select Properties and press Stop Service.
• When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
• Now repeat the above to Stop and Disable the below Service (if you do not find them or get any errors, just continue):
  • ewido security suite control
• Click OK until you get back to Windows.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab

Optinally have HijackThis fix the below which are not required to always run
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

After clicking Fix, exit HJT.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


Delete the below folders if found:
C:\Program Files\ewido\security suite

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it.




Then attach the below log:

• C:\MGlogs.zip

Make sure you tell me how things are working now! You do still need to install an antivirus which will cause a performance hit.
It also looks like you may need to reinstall Spyware Doctor based on the error message snapshot you posted.

 

Use the below steps.

• Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
• On the page that opens, scroll down to Ad-Aware 2007 Service
• then right click the entry, select Properties and press Stop Service.
• When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
• Click OK until you get back to Windows.

• Next, run C:\MGtools\analyse.exe which is really HijackThis, but instead of scanning, click on the None of the above, just start the program button at the bottom of the choices.
• At the lower right, click on the Config button
• Then click the Misc tools button
• Select Delete an NT Service
• Copy/pasteaawservice into the box that opens, and press OK
• If you receive any error messages just ignore them and continue.
• Now exit HJT and reboot when it tells you it needs to.

After reboot, delete the below folder if it exists:
C:\Program Files\Lavasoft

Now copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

 

Yes I know what it is for. My question is why do you need to have it running all the time. Things like this are a waste of system resources and you were complaining of a slow PC which is a result of running unnecessary software. If your DSL line is broken all the time and needs this software everyday then find a new ISP otherwise, uninstall it (or at least disable this service so that it is not always running) and only run things like this when they are need which should be rarely. Again if it is not rarely, you need a new ISP.


SpywareDoctor with AV is fine but I see you installed it around May 21st. When did your PC get slow?


How are things running now? As I said earlier 256 MB of RAM is not adequate these days.

 

Let's try uninstalling all of Spyware Doctor just to see if there is any noticeable effect.

One other item I see running is C:\WINDOWS\System32\wbem\wmiprvse.exe which is a valid Windows process however there have been issues where this has been the cause of noted slow downs on a PC. I'm not sure what the fix is though. Do you have all of your Windows Updates? Dp you see wmiprvse.exe using lots of your CPU in Task Manager?



Performance issues can sometimes occur due to physical problems too. For example:

• hard disk could be starting to go.
• memory failure issues (not just inadequate amount of RAM, actual bad RAM)
• issues within the Windows files system
• hardware or driver issues that are affecting the PCs performance
• overheating

Normally when there is no evidence of malware and issues like this are occurring the above are more likely the issues. Some of the above could be cured by doing a total reinstall. Real physical hardware issues obviously would not be cured by a reinstall.

After uninstalling Spyware Doctor, reboot and then do the below.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it.



Then attach the below log:

• C:\MGlogs.zip

Is there any visible improvement?