computer suddenly slower than before

This is one of your largest problems along with the fact that you are running a pile of stuff from Norton. Did you ever take a look at all the stuff you are loading

You should consider using something far less intrusive.

NO!!! Quite the opposite. We recommend NEVER using them.

 

Avast or Avira and one of the free firewalls mentioned in the below

How to Protect yourself from malware!

 

Every update to Windows and other programs ( including Norton ) have an additive effect on your computer's performance. It is possible that you just hit "the straw that broke the camel's back".

Always possible, but I would not know this from the logs we collect for malware removal. You would have to check out your hardware in the Hardware forum. But usually there would be more signs that just "my PC is slow".

Your logs were clean. I will give you some NON-malware things to do below but I doubt these would have a very large effect. The largest would probably come from removing Norton and adding at least another GB of memory.


First a couple questions:

1. Do you really need this Vade Retro Outlook Express with all the stuff Norton already installed?
2. Why do I see the below AOL service running but no AOL software installed?

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
​

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCMService] "c:\APPS\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm

After clicking Fix, exit HJT.

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.
Now reboot your PC to see if any of that helped at all.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Antispam tool that you or someone else must have installed at some point. See: http://www.pcmag.com/article2/0,2817,2405327,00.asp

Perhaps it never uninstall properly. I see the below in your logs too

It is not malware. I'm just saying you probably don't need it with Norton' stuff installed.

Do you have anything from AOL installed that would explain why this is there?

Okay. Did you do what was in my last message yet?

 

Okay. You did not address my question about AOL being installed and also Vade Retro Outlook Express

 

Sounds like you installed the full security suite. If not, what are you using for antivirus now.

Uninstall them.

 

Wait longer to see what happens.

Yes SP3 can have an effect at slowing things down more. As I stated earlier, "every update to every program has an effect".

 

As long as you only installed the Comodo Firewall it should be okay. Problem is the you have to make sure that is all Comodo installs these days since it is all part of a security suite.

Are you 100% sure everything from Symantec uninstalled? Quite often, it does not uninstall properly. Let's check:

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).



Then attach the below logs:

• C:\MGlogs.zip

Not too many things would slow you down as much as Norton.

Not really but possibly Avira with PC Tools FIrewall. You have to realize that current day malware protection had to become much more complex because malware itself has become much more complex and is changing daily. The amount of horsepower required to run modern day protection programs has increase to the point where you really need current/moden PCs with Quad Processors and high speed processors. When older slower PCs run modern software, the result is typically that the PC slows down dramatically. And in additional as mentioned a few times, much more memory is required than in the past.

 

Yes I think this is needed because all of their software is actually part of the security suite. It is becoming more and more of a pain to figure out exactly what a use has running from Comodo since it always shows the Comodo Internet Security installed. However, from your logs it does seem like only the firewall is running.

No problems will occur from this. Comodo will need to be told every time you get a new version of the programs too. You can tell Comodo it is a trusted application.

Nope! In your logs you can see the below running:

Let's remove it along with AOL and the Vade Retro Outlook Express stuff. We will use ComboFix that I see you ran on Nov 15th but we will need to get a new version because that version will have expired.

Now download and save a copy of combofix.exe and save it directly onto your Desktop folder overwrite your old version. Just save it right now. We will run it further down.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

After clicking Fix, exit HJT.

Now goto Add/Remove Programs and uninstall the below. If you don't find them or they do not uninstall, just keep going.
LiveUpdate 3.0 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Symantec KB-DocID:2003093015493306




Now we need to use ComboFix

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

If after running Combofix you discover none of your programs will open up because you recieve the following error: Illegal operation attempted on a registry key that has been marked for deletion then you will need to reboot your computer which will normally fix this problem.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Run it anyway.

 

Okay it appears that AOL, Vade Retro Express, and Symantec are now gone. How are things running ?

 

You're welcome.

More of a topic for the Software Forum if you are looking to tweak. However I personally would not allow any of the below but you may need these for things you use. You will have to check and decide for yourself as I do not know what you need. Only you do.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
3. Go back to step 4 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 6 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!