s-l-o-w-!-!-! but can't find viruses/spyware

Not sure how to explain this because it sounds like I don't really have a problem. A few days ago, my system started dragging. For instance, pulling up Internet Explorer takes 5-10 seconds as opposed to the usual 1-3 seconds. Or queueing up print jobs can take 10-30 seconds as opposed to the usual 3-10 seconds.

I don't recall anything of note that I or my wife did around the time things started slowing down. We've had the system (Dell Dimension 2400) for 1.5 years without many problems. We don't surf a ton or download much of anything, so I was surprised to have what seems to be some sort of spyware dragging me down.

I was even more surprised to have no problems identified by all the tools suggested by this site (with the one exception mentioned below). I've done each and every step, including the alternative scans, in the READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal posting. Things may have improved slightly (from CCleaner?), but the only thing identified was what appears to be a SoBig virus in an archived email folder (which I have now deleted, but I don't think that could have been affecting anything).

Any suggestions? I notice that READ ME FIRST... posting is approaching a year old. Is there maybe something new and exciting I should run that may identify my problem? I've done a Hijack This! scan and will be happy to post the log. I'm going to try to analyze the log right now...

thanks in advance,
Domino

 

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Thanks, bj... hijack log is attached.

 

Please look in Add or Remove Programs for the following and Uninstall them if found:

Viewpoint

Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;http://localhost
(Keep this if you need it)

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
(This restriction is from Spybot S&D, its best if you remove this.)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -%windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


After doing ALL of the above, REBOOT and then Scan with HijackThis and attach the new log.

 

wanna make sure I do this right, so forgive the trepidation...

I see a "Viewpoint Manager (Remove Only)"

uninstall?

 

Yes, that right!

 

Alright...all done. Log is attached.

FYI...
O4 - ... ViewMgr.exe didn't show up in the hijack scan (assume it wasn't supposed to since I uninstalled it)
Spybot found nothing
cleanmgr had nothing to clean up (but I ran it anyway)

 

follow-up for bj...

I'm calling it a night. I don't think it's just my imagination or wishful thinking...I think my performance is quite a bit better (hesitate to say 'back to normal' yet).

thank you; thank you

curious as to what you think the problem was, though. was it just that Viewpoint Manager? I'd like to be able to do some independent (and successful) troubleshooting on my own next time.

thanks again!

 

I havnt actually researched any with Viewpoint, I just know its best to uninstall and get rid of it.

Your HJT log is now clean, are you having any further problems?

 

Looking much better. I'll follow up in a couple of days if it's just my imagination.

Thanks very much for the assistance.

 

Good Deal!

You should see this article on How to Protect yourself from malware!