pc gone like a snail !!!! can anyone help?

Please do not post HijackThis logs unless they are requested.
Your log does not show any signs of having run the online scanners from the READ ME FIRST. Did you skip them? Did you skip any other steps?

You should not be running more than one antivirus application. You have both AVG and Norton/Symantec installed. Pick the one you prefer and uninstall the other. If you are having a problem with your PC being slow, uninstalling Norton would be the best choice.


Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'. On the page that opens, scroll down to System Startup Service or SvcProc Then right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Next, open up HJT, but instead of scanning, click on the "None of the above, just start the program" button at the bottom of the choices. At the lower right, click on the 'Config" button, and then the Misc tools' button ... select 'Delete an NT Service" ... copy/paste the following into the box that opens, and press "OK":

SvcProc

You may be told to reboot at this point. Do not reboot just exit HijackThis and we will be restarting it with different options in a moment.

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).


Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing) <-- this may be gone already due to above steps


After clicking Fix, exit HJT.

Boot into safe mode and use Windows Explorer to delete (if found):
C:\WINDOWS\svcproc.exe

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now run Ccleaner (installed while running the READ ME FIRST). Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.


Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Backweb stuff is there because you installed all the crap from HP with their printer. Most people treat backweb as mild malware. You can just have HJT kill the below process:

C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe

And then have HJT fix the below line in your log:


O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe

If you want to speed things up you have to look at all the unnecessary items that you are loading and decide whether you really require them or not (but they are not malware. They are just things you don't need ware!). Some examples:

4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpScannerFirstBoot] c:\hp\drivers\scanners\scannerfb.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe <--- many people do not use this
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE <-- you probably do not need this
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

Again these are not malware. You are the one that must decide whether you need them or not. Some of these may be useful to you and some may not be.

Also, do you use Windows Messenger? It's running: C:\Program Files\Messenger\msmsgs.exe

 

MSN Messenger and Windows Messenger are two different programs? Most people never use the built in Windows Messenger and it is quite often a cause of popups.

Removing the Backweb process will not affect your printer. Read the below:
( http://www.liutilities.com/products/wintaskspro/processlibrary/backweb-137903/

 

Read about them a little with the info I give below. And you decide if you want them or not. You can also use a program like Startup CPL to stop them from loading at startup temporarily to see if they affect anything you need. Also this will let you know if they are slowing your PC down. If you find out you need the process to run, you can then re-enable them.

c:\windows\system\hpsysdrv.exe - http://www.liutilities.com/products/wintaskspro/processlibrary/hpsysdrv/

C:\WINDOWS\System32\hkcmd.exe - http://www.liutilities.com/products/wintaskspro/processlibrary/hkcmd/

C:\Windows\system32\HpSrvUI.exe - No one is really sure what this HP Printer service does. It could be needed.

c:\hp\drivers\scanners\scannerfb.exe - related to HP scanner. Not sure what it's purpose is.

c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe - http://www.liutilities.com/products/wintaskspro/processlibrary/hpqcmon/

c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe - http://www.liutilities.com/products/wintaskspro/processlibrary/hpgs2wnd/


C:\HP\KBD\KBD.EXE - http://www.liutilities.com/products/wintaskspro/processlibrary/kbd/

also see this: http://support.microsoft.com/default.aspx?scid=kb;en-us;812337


C:\Windows\Creator\Remind_XP.exe - http://www.liutilities.com/products/wintaskspro/processlibrary/Remind_XP/

ALCXMNTR.EXE - http://castlecops.com/s180-Alcxmntr_exe.html

 

What is the speed and processor type in your PC and how much memory do you have installed?

When is the last time you did a defrag?

 

Does it seem slow in safe mode too?

If you do not have a connection (physically unplug the cable) to the internet in normal boot mode and all browser windows are closed, does it also seem slow?

 

Did you right click on MyComputer and select Automatic Updates and then select Turn off Automatic Updates?

Take a look at your HijackThis log from a safe mode boot and compare it to a normal mode boot. See what additional processes are running in normal boot mode. And then try killing those processes when in normal boot mode. Does it help the speed problem?

 

Many people run into problems stopping this. It is really a discussion that belongs in the Software Forum.

Another way to stop it is for you to run services.msc and disable the Automatic Updates service. You will have to re-enable again yourself if you ever want them back on again.