Intermittent Slow Browsers

[andybeach]

Hi there - if there's a post on this issue already please point me to it. I've looked but can't find one.

 

My issue concerns browsers (IE8, Firefox3) but the root cause may lie elsewhere so feel free to redirect this to another forum if this is more appropriate.

 

Everything will be working fine then without any apparent reason pages will stop loading and may time out. Then, after several minutes of inactivity, everything kicks back into life as if nothing had happened. Investigations so far ….

 

1. It’s not a browser-specific issue as it occurs with both IE and Firefox

2. It’s not a network issue as other machines on the network (wired and wireless) do not see this problem

3. It’s not a bandwidth issue (Number One Son and his online gaming!) as I see it when sole user on the network

4. I don’t think it’s related to firewall or antivirus as I’ve disabled these and still had the problem (but I don’t rule this out completely in case there’s something left ‘on’ in the background).

5. I’ve run SUPERAntiSpyware Free Edition several times to get a clean report

6. Task Manager reports no significant computer or network activity during these ‘slow’ periods

 

I am now at a loss and would welcome any comments or suggestions. System information ……

 

Microsoft Windows XP Professional Version 5.1.2600 Service Pack 3 Build 2600

Processor: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~2999 Mhz

BIOS Version/Date: American Megatrends Inc. P1.40, 26/06/2008

Total Physical Memory: 4,096.00 MB

Available Physical Memory: 2.25 GB

Total Virtual Memory: 2.00 GB

Available Virtual Memory: 1.95 GB

Page File Space: 5.03 GB

Firewall & Antivirus: PC Guard Version: 6.0.1.29609

 

I’ve also attached a HijackThis logfile.

 

Many thanks for your attention.

 

Andy

hijackthis.txt

Edited July 27, 2009 by andybeach

[RandyL]

Hi andy;

 

I see a lot going on here. You have enough startup items running to choke a mule for one thing.

 

It also appears you have multiple AV's and dubious programs. Other computers on your network may have something to do with it too. Gaming for instance uses a lot of bandwith.

 

But what bothers me most is that you have a torrent program running. Unless you are prepared to rid yourself of it we are not prepared to continue. We don't condone file sharing of this nature due to the most common reason for having it.

 

Rid all your computers on the network of all such things as you really do have a mess in my opinion.

[andybeach]

Hi Randy,

 

Thanks for the prompt response. Guess I'll have to downgrade my experience from 'some experience' to 'knows enough to screw it up'!

 

With you all the way on illegal file sharing - I had my system rebuilt for me recently so looks like I don't know exactly what's been installed. Found Bittorrent and now removed it from my PC (updated Hijack file attached) but will need to check the other computers (two sons) when they get back this evening.

 

Wow - startup items, multiple AV (antivirus?) and dubious programs - too much for you to assist with? Am I going to be better to physically get it to someone who knows what they're doing?

 

Thanks again.

 

Andy

hijackthis_02.txt

[RandyL]

Please be patient andy. Thanks for removing bittorrent.

[andybeach]

Randy, no rush - I've been living with this for a while!!

 

Had a go with Win Patrol so done some tidying up on the startup items - revised logfile attached.

 

Thanks

hijackthis_03.txt

[snow]

Hi Andy,

 

Having looked at your Hijack this log, I can see the following antivirus programs running:

 

Authentium Antivirus

Pest Patrol

Virgin PC Guard

 

Before installing or running any further antivirus programs, first you need to remove these from the computer, so they don't conflict with them.

 

You should only run one antivirus program at a time.

 

To uninstall them, go to the control panel, then double-click on 'Add/Remove Programs'. Find each of the above, remove them, and then re-start the PC.

 

The following steps should then insure that the computer is cleaned of any malware or unwanted programs:

 

 

 

Your computer appears to be infected with Malware. Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a combination of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

 

It is in your best interest to note the following:

 

1. Please disable your resident security applications (such as AVG, Spybot, WinPatrol, etc.) before performing the below procedure so that they do not interfere with the process.
   
2. Perform all the steps in the order listed to avoid any conflicts.
   
3. If unsure, please stop and voice your doubts.
   
4. You might be required to go offline during the disinfection process. Therefore, it is recommended to print off the instructions below for ease of reference.
   

If you stick to the above guidelines, all should go smoothly.

 

================================================

STEP 1

 

1. Download ATF-Cleaner by Atribune.
   
2. Save the file to your Desktop.
   
3. Double-click on the file to run the program.
   
4. On the Main tab, check the Select All button.
   
5. Next, click on the Firefox tab (if applicable) and check the Select All button.
    
   Note: If you would like to preserve your saved passwords in Firefox, then click No at the corresponding prompt.
   
6. Now, click on the Opera tab (if applicable) and check the Select All button.
    
   Note: If you would like to preserve your saved passwords in Opera, then click No at the corresponding prompt.
   
7. Press the Empty Selected button and click OK to acknowledge the corresponding prompt.
   
8. Click on the Exit button to quit the program.
   

================================================

STEP 2

 

1. Please click here to download Malwarebytes' Anti-Malware.
   
2. Save the file to your Desktop.
   
3. Double-click mbam-setup.exe and follow the prompts to install the program.
   
4. At the end, make sure a check mark is placed next to:
   
   1. 
      
   2. Update Malwarebytes' Anti-Malware
      
   3. Launch Malwarebytes' Anti-Malware
      

 

[*]Click Finish.

[*]The program will download and update itself if it finds the necessity to do so. Please allow this.

[*]Once the program has loaded, select Perform full scan, then click Scan.

 

 

Note: Depending on your computer specifications, the scan may take some time to complete. Please wait patiently and do not interrupt the process.

[*]When the scan is complete, click OK, and then Show Results to view the results.

[*]Make sure that every entry is selected, and click Remove Selected.

[*]Restart your computer.

================================================

STEP 3

 

1. Please click here to download SUPERAntiSpyware (Free Version).
   
2. Save the file to your Desktop.
   
3. Double-click SUPERAntiSpyware.exe and follow the prompts to install the program.
   
4. Open SUPERAntiSpyware.
   
5. Under Configuration and Preferences, click the Preferences button.
   
6. Click the Scanning Control tab.
   
7. Under Scanner Options make sure the following fields checked:
   

    

    

    

   1. Click the Close button to leave the control center screen.
      
   2. On the main screen, under Scan for Harmful Software click Scan your computer.
      
   3. On the left, make sure you check mark All the Fixed Drives.
      
   4. On the right, under Complete Scan, choose Perform Complete Scan.
      
   5. Click Next to start the scan. Please be patient while it scans your computer.
      
   6. After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.
      
   7. Make sure every entry has a check mark next to it and click Next.
      
   8. A notification will appear that Quarantine and Removal is Complete. Click OK and then Finish to return to the main menu.
      
   9. Restart your computer.
      

   ================================================

   STEP 4

    

   1. Please visit the ESET Online Scanner, using Internet Explorer to initiate the scan.
       
      Note: If you are running Windows Vista, then you will need Administrative privileges to complete the latter part of the procedure. To do so, right-click on the Internet Explorer icon in the Start Menu and select the Run As Administrator option in the shell context menu.
      
   2. Check mark the YES, I accept the Terms of Use box.
      
   3. Click the Start button.
      
   4. Click the Install button on the following screen.
      
   5. Click Start. This will will initialize and update the scanner engine.
      
   6. Check mark the box beside Remove found threats.
      
   7. Click the Scan button. This will start the scan. Please be patient while it is in progress.
      
   8. Restart your computer.
      

   ================================================

   STEP 5

    

   1. Click on Start > Programs > Accessories > System Tools and select System Restore.
      
   2. Choose the radio button marked Create a Restore Point on the first screen and click Next. Give the restore point a name then click Create. The new point will be stamped with the current date and time. Keep a note of this so you can find it easily should you need to use System Restore.
      
   3. Next, click on Start > Run, type Cleanmgr and click on OK.
      
   4. Click on the More Options tab.
      
   5. Click the Clean Up button in the System Restore section to remove all previous restore points except the most recent one.
      

   This will remove any infected files that have been backed up by Windows. The files in "System Restore" are protected to prevent any programs changing those files. This is the only foolproof way to ensure the deletion of those files.

    

   Note: Do not clear restore points on a regular basis as doing so will clear all previous restore points even those that you may need. System Restore is a useful tool to revert your computer back to a working condition if something goes wrong.

    

    

    

   I know from personal experience that Virgin media, your internet service provider, can throttle (slow down) their user's internet connections depending on how much traffic is used, or the time of day.

    

   Does this happen during peak times only (evening)?

    

   If another user on your network downloads large files or watches youtube, this could also cause slowdown. What speed to virgin say they give you?

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining

[andybeach]

Snow, that's a lot of information! Thanks for taking the time to look.

 

Antivirus: I only use PC Guard - have no idea where the others have come from, nor can I remove them through add/remove programs as they don't register. Advice on next step here appreciated!

 

Will work though the sequence of malware removal when I've finished the stuff I need to get done today - looks like it might take a while!

 

I'm convinced it's not a network speed issue (I may be wrong!) as I've had the problem when at home (like today) and no other user on our network. Virgin speed - We're on the 'L' package so supposedly 10MB (speed check now says 9608 so not bad - I'll try it again this evening). I had heard they do restrict speeds when things get busy.

 

Thanks again.

 

Andy

[andybeach]

Morning, worked my way through the actions as above - see how it goes. Although I have disabled (I think!) Authentium Antivirus & Pest Patrol I cannot seem to be able to remove them - any advice on this one? A new dimension: I can't add an attachment to this message, nor use any of the message formatting tools. Have I disabled something I shouldn't have in my zeal to clean the system?!! Thanks for the help. Andy

[Guest Wolfeymole]

You can add attachments via the Manage Attachments box further down before you reply Andy.

 

Also use the Add New Post button rather than Quick Reply.

[andybeach]

Thouht I did use Add New Post! And the Manage Attachment does not work!!!! Something has changed - what have I done?! [Edit: Quick Reply does not work either!!]

[Guest Wolfeymole]

What error message are you getting as the forum software is working perfectly?

[snow]

It's strange that those two anti-virus programs aren't showing up in your add/remove programs list.

 

What you will need to do is re-start your computer in safe mode. To do this, re-boot, and when the black screen appears listing your hard-drives etc repeatedly press F8. A menu will appear where you can choose the option 'Start Windows in Safe mode with networking'

 

Once you are in the safe mode desktop, press Ctrl-Alt-Del to bring up the task manager, and look for a process called dvpapi.exe. Right-click on it and choose 'End Task'.

 

Open my computer, and navigate to C:\Program Files\Common Files\Authentium

 

Delete the whole folder.

 

Edit: Your new log shows no sign of Pest Patrol

Edited July 28, 2009 by snow

[andybeach]

None - the buttons don't respond, but ....

 

I'm now in IE8 and they work fine so it's Firefox specific - I see there's an upgrade (3.5) so I'll go for that and see if it corrects whatever I did.

 

However, I've just had another 'browser not responding' moment (for approx 2 minutes) so whatever is going on is still going on. I see that Authentium is running again - how can I get rid of it?!

 

Latest Hijack This file attached for info.

 

Thanks

 

[Edit - just read post Re: AV - thanks]

hijackthis_04.txt

[andybeach]

What you will need to do is re-start your computer in safe mode. To do this, re-boot, and when the black screen appears listing your hard-drives etc repeatedly press F8. A menu will appear where you can choose the option 'Start Windows in Safe mode with networking'

 

Once you are in the safe mode desktop, press Ctrl-Alt-Del to bring up the task manager, and look for a process called dvpapi.exe. Right-click on it and choose 'End Task'.

 

Open my computer, and navigate to C:\Program Files\Common Files\Authentium

 

Delete the whole folder.

 

OK - did all this - TWICE to make sure it was gone - and then watched it reinstall before my eyes when I retarted windows normally!! Tried frantically to hit the cancel button but it was having none of it - persistent little blighter!

 

Note that dvpapi.exe wasn't running under Safe Mode.

 

Really grateful for your suggestions so far. Anything else I should try or is it probably not doing any harm?

 

Thanks

 

Andy

[RandyL]

Andy you said that someone recently rebuilt your system? I take that to mean that someone reinstalled your Windows operating system.

 

If so I have to wonder why all these programs and program remnants are on your computer that you know nothing about. There are many different things that should not be there on a fresh reinstall. Also there are things that should not have been there in the first place such as bittorrent.

 

In addition I see that at one time you had an optimizer program that had a reg cleaner too. That could also seriously compromise your system.

 

Andy these things are not part of Windows and had to be installed later. They are rarely installed for no reason. It's usually because a system is messed up and someone in a misguided attempt to fix it has made it worse.

 

At some point one has to conclude that your system was seriously messed up to start with. After that mistakes were made trying to fix it which just made it worse.

 

I firmly believe that it is time to backup everything and reinstall Windows so that you can rid yourself of the damage that others have done without your knowledge.

[andybeach]

Andy you said that someone recently rebuilt your system? I take that to mean that someone reinstalled your Windows operating system.

 

I use a local guy to do my PC maintenance (and have done for many years - a former colleague from times gone by) - he upgraded my system (processor, disks etc) a part of which was an upgrade to XP64. However, due to too many incompatibilities I elected to reinstall XP Professional which he did for me as a clean install (or so I thought).

 

The problem I have, while frustrating, is not a line-stopper so I'm reluctant to be quite so drastic in case other, more serious issues, arise. I can understand why you say what you do, and I really appreciate the support I'm getting here, but I don't feel quite confident (or competent) enough to do such a fundamental reinstall. You guys might say it's simple - doesn't look it from where I'm sitting!!

 

Thanks again.

 

Andy

 

ps - reinstalled Firefox and all working normally!

[RandyL]

That's good to hear that Firefox is working good now. Are you still having trouble with IE8? If so have you considered uninstalling it and reverting to IE7?

[andybeach]

Randy

 

May have misled you with this comment - Firefox is now working on this website again - all the formatting and file attachment functions (see earlier notes) - I still have the intermittent response issue.

 

I had the problem again several times yesterday and checked that dvpapi.exe was NOT running at the time so I guess I can rule this out. Looks like your advice to wipe the system and start again might be the only way to sort it.

 

Thanks for your support - appreciate it.

 

 

Andy

[RandyL]

Andy I too hate the option of a clean install if a fix can be found instead. So I'm still trying just like you.

 

I'm not sure if I remember right so can you check something for me? By any chance are you with Virgin Media and do you have their PC Guard security installed?

 

Look in add/remove in the control panel for PC Guard and Radial Point software.

 

There have been issues in the past with these two programs from Virgin that cause connectivity issues.

[andybeach]

Yes - I'm with Virgin and using PC Guard as my AV and firewall - no worries about changing this if you can suggest something.

 

Just checked add/remove as you suggested: Have 'Broadband Adviser' and 'PC Guard' but no specific reference to Radial Point software BUT if I look in WinPatrol at services I see that Virgin Broadband PC Guard Update Service is running (rpsupdaterR.exe) from Radialpoint Inc.

 

 

Andy

Edited July 29, 2009 by andybeach

[RandyL]

Andy I'm not in the UK but if I remember right PC Guard with Radialpoint is a free download if you are with Virgin. As such it might be worth a try to uninstall both PC Guard with Radialpoint and see what happens.

 

If there is or is not a change you can always download the latest version and reinstall that version.

 

The point is to test your connection issue with them uninstalled.

[andybeach]

You are correct. Formerly Blueyonder (I still have a blueyonder.co.uk email address) it was acquired by Virgin Media a year or two ago, and as you rightly say PC Guard is the 'free' AV software available on certain packages. I keep mine up to date so if there's a problem it'll be with the latest version as well.

 

I will try as you say - I'll try one of the other packages recommended in this forum and see how I get on - I'll let you know.

 

And

[RandyL]

Andy I would just try the uninstall first and see how it goes. We are just trying to determine the cause.

 

There was a time a while back that connections issues were caused by this software and the solution was to uninstall then ininstall the new version. Just updating didn't work. Virgin/PCGuard confirmed this.

 

With computers it's a matter of trial and error. Maybe a bit of insight involved.

 

I'll comment on security products if we get beyond the main isue.

[andybeach]

Oh! I've jumped the gun a bit and uninstalled PC Guard and now installed Avira (free version).

 

For information: The persistent dvpapi.exe is no longer running so I can only assume it was part of the Virgin installation.

 

Andy

[RandyL]

Not a problem andy.

 

Now that the other security is uninstalled let us know if you are still experiencing any other problems.