Computer Support Forum

HJT, and slow internet and popups

Question: HJT, and slow internet and popups

hey guys i'm not sure whats going on with my computer its always been pretty clean.. but now i keep getting lots of popups and my internet is horribly slow, and also i get trojan alearts which i move to fault then couple hours/days just keep getting more. i know somethings wrong and i need to fix it, i've run adaware and sypware deleted some stuff then ran AVG full system scan cleaned the infected files, restarted my computer and it doesn't seem to be any better.. heres my HJT log..

Logfile of HijackThis v1.99.1
Scan saved at 8:56:39 PM, on 10/6/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
X:\avgamsvr.exe
X:\avgupsvc.exe
X:\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Search Engine Commando\ScheduleService.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
X:\avgcc.exe
C:\Program Files\AIM\aim.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.Begin2Search.com/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{C7EDAB2E-D7F9-11D8-BA48-C79B0C409D70} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\SafetyBar.dll (file missing)
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll
O4 - HKLM\..\Run: [AVG7_CC] X:\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\RunServices: [Virtual Drivers Builder] C:\Program Files\Virtual Drivers Builder\sysrun.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1119109224984
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - X:\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - X:\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - X:\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NTBOOTMGR (NTBOOT) - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Search Engine Commando Schedule Service (SECScheduleService) - Tates Creek Software, LLC - C:\Program Files\Search Engine Commando\ScheduleService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: wampapache - Unknown owner - C:\wamp\apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\wamp\mysql\bin\mysqld-nt.exe

thanks for any help.. -cnelson.

Relevance 100%
Preferred Solution: HJT, and slow internet and popups

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: HJT, and slow internet and popups

Please download SmitfraudFix (by S!Ri)

Extract (unzip) the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

Warning: Do not run Option #2 until you are instructed to do so. Running option #2 on a non infected computer will remove your Desktop background.

3 more replies
Relevance 58.22%

This is my first time posting a question on bleeping computer. We are so thankful that you are out there to help us and not rip us off. I think my computer is infected. My desktop starts up very slowly, my internet connection is slow (it's slow in pulling up websites and some never come up). I'm getting lots of pop ups (even though pop up blocker is enabled). When I go to open the control panel, a flashlight pops up as if it is looking for it (it eventually does open but it takes a while). I had a problem at one time with a lot of POS.TMP files and followed advice from posts on this site to get rid of them. Well, my current problems started when a friend downloaded a music program. I believe it was called Soundman. When I noticed the computer acting funny, I went into the control panel and deleted it along with some other programs I found (PPC Booster, P2P Max, Ron Tool Adsoftinc, Wyzo, Eco Bar). Any help will be greatly appreciated. Here is my Hiijack This log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:23:41 PM, on 12/24/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\Sy... Read more

Answer:COMPUTER LOADING SLOW,INTERNET SLOW,POPUPS

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.At first glance I see that you have quite a bit of infection on there.It appears that someone has been doing file sharing on that computer, so the fact that it is infected is understandable. Please remove P2P (file sharing programs) before I clean your computer. The nature of such software and the high incidence of malware in files downloaded with them is counter productive to restoring your PC to a healthy state.There is a list here: http://spywarehammer.com/simplemachinesfor...php?topic=110.0Following that I will need to see some information about what is happening in your machine. Please perform the following s... Read more

1 more replies
Relevance 55.76%

Recently I've started getting annoying popups every now and then. The content seems to be random, but often involves something involving the IP 82.98.231.93/? and Google saying the link appears broken. Along with this, a few sites are working very slowly or not working at all.

I ran a Trend Micro OfficeScan and it only found some JOKE_RENOS thing which it sometimes pops up and says "Succesful, no action required". That was already there before the current problem (although I wouldn't mind getting rid of it).

Thanks

I'll post the hijackthis log in a reply
 

Answer:Popups and slow internet

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:04:56 PM, on 16/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Novell\XTAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe
C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mdnsresponder.exe
C:\Program Files\Novell\ZENworks\nalntsrv.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Novell\ZENworks\wm.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\WINDOWS\TEMP\JXC4AC.EXE
C:\Program Files\Trend Micro\OfficeScan Client\tmproxy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program F... Read more

1 more replies
Relevance 55.76%

Have had some issues with slow internet and popups lately. I've had LimeWire on my computer for a bit and I also got affected by the virus (?) that spread through MSN a couple of days ago. Anyways, here's my HJT log, hope someone can help out!

Logfile of HijackThis v1.99.1
Scan saved at 19:19:04, on 2005-03-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program\QuickTime\qttask.exe
C:\WINDOWS\system32\cthelper.exe
C:\WINDOWS\system32\PCsync.exe
C:\windows\saap.exe
C:\Program\ISTsvc\istsvc.exe
C:\WINDOWS\WINFRW.EXE
C:\WINDOWS\vcaqdluw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\MSN Messenger\msnmsgr.exe
C:\Program\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program\Compaq\EASYAC~1\BttnServ.exe
C:\Program\Internet Explorer\iexplore.... Read more

Answer:Slow internet and a lot of popups

10 more replies
Relevance 55.76%

Hi.I have popups and recently i got this virus i forgot what it is called but i was playing this game. I had 200 ping from and now 280 and ive been lagging alot. The virus description said " Makes computer slow and internet slow " and i have been experiencing that. Here is a HiJackThis Log.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:27:28 PM, on 11/2/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exeC:\Program Files�... Read more

Answer:Popups / Slow Internet

Hello, dog54321. to BleepingComputer.comMy name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)I want to apologise that it has taken so long to get back to you. We on the HJT Team are working as fast as possible to get your log answered.If you do not still need help, please let me know, so that I can move on to other users who still need help.Please take note of the following:While a HJT Team member is working with you, please refrain from making any changes to your computer.Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Please reply using the button in the lower left hand corner of your screen.Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .If you would still like help, please follow the inst... Read more

34 more replies
Relevance 55.76%

Basically the problem is in the title, when i run internet explorer it loads pages slower than usual, i guess this is due to "Avast! antivirus" running in the background stopping "some" of the popups and internet page redirecting. but still Avast! isnt able to stop all of the popups and i get loads of random ones, such as "trebor mints" and "best antivirus protection" and "home and office internet security software" and stuff like that, i have run a thorough scan of the computer using avast and removed alot of problems, i also used spybot search and destroy to also remove a load and then after that I ran Wincleaner, to clean other crap off of the computer. Previous problems that i had before this included the computer freezing and an annoying antivirus spyware coming up saying the computer was infected and to buy their software etc... this problem was solved using the antivirus, spybot s&d and wincleaner. but it wasnt until i ran internet explorer i still realised i had the popups. please some one help me or direct or guide me into fixing this problem.
Cheers, Nayth.

Answer:Slow internet and Popups

Hello and welcome. First I am moving this to the Am I Infected from XP forum as you are...Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan bu... Read more

1 more replies
Relevance 55.35%

Hi there, im really grateful that a place like this exists. recently my computer has slowed down to a crawl and everytime i go on the net i have this syssecruitycentre.net as my homepage, pop ups on my bottom-right toolbar next to the clock every minute. then the web browser crashes every 15 mins or so. Thank you so much! (i tried organising the file as best i could)

Logfile of HijackThis v1.99.1
Scan saved at 12:36:45, on 22/07/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\isnotify.exe
C:\WINDOWS\System32\ishost.exe
C:\WI... Read more

Answer:Hijackthis log, very slow and internet popups

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted.

Please read this post completely before begining. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.


* * * * * * ADDITIONAL DOWNLOADS * * * * * * * * * * * * * *


Please download SmitfraudFix
Extract the content (a folder named SmitfraudFix) to your Desktop.

Download Dr.Web CureIt & save it on desktop. We shall be using it later

Download & install - CleanUp.exe (not recommended for WinXP64)

'UNPLUG'/DISCONNECT your computer from the Internet when you have finished downloading.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.


* * * * * * PURGING TEMP FOLDERS * * * * * * * * * * * * * * *


Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider initially to Standard CleanUp!
3. Uncheck the following:Delete Newsgroup cache
Delete Newsgroup Subscriptions
Delete Cookies
4. Click OK
5. Press the CleanUp! button to start the program.

* CleanUp! will not create any backups!!


* * * * * * RESTART WINDOWS IN SAFE MODE * * * * * * * * * *


1. Restart your computer
2. After h... Read more

4 more replies
Relevance 55.35%

Hi, I've been getting random pop-ups on IE (and firefox) and very slow connection when visiting certain sites. Here's my log. Thank you.

===
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:53:44 PM, on 9/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\... Read more

Answer:Slow Internet, Random Popups

Hello and Welcome. Apologies for any delay in replying, but we have been rather busy lately.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

---------------------------------------------------------------------------------------------

If you still require assistance with this issue, and since it's been several days since your original log was posted, please do this:
Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt here.
Please attach info.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\rsit\info.txt

Click Upload.

---------------------------------------------------------------------------------------------

2 more replies
Relevance 55.35%

hi.ive downloaded something and have somehow become infected by at least toolbar888. there are probably other things that i just don't know about. the internet is noticeably slower than usual. i get frequent popups advertising fake ad removal programs. sometimes the start bar will dissapear then appear again. sometimes i will find the cursor has moved to the top left of the screen without me even touching the mouse. just now when i booted up the computer, it said my copy of windows was fake. i know it isnt. i have followed this guide:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/and now i have a hijack this log:Logfile of HijackThis v1.99.1Scan saved at 14:18:29, on 19/07/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Iomega\REV System Software\RevUDF.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\ashMai... Read more

Answer:Toolbar888, Popups, Slow Internet.

Hello chuzzlewitty,

We are currently studying your log and will be back to you as soon as possible. Thank you for your patience.

7 more replies
Relevance 54.53%

Hi BleepingComputers

When using firefox, I get occasional popups and in general it is just very slow. It crashes often and lags excessively when streaming videos. Edit: Pop ups just recently started popping up at an annoyingly fast face today even when I do not have the browsers up. I do not know the full effects yet but it seems like after turning on the computer today, the problems got a lot worse. Any help is appreciated.
This is my DDS log:
DDS (Ver_09-03-16.01) - NTFSx86
Run by Eric Lo at 15:08:28.25 on Wed 05/06/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.367 [GMT -4:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\SR... Read more

Answer:Internet browsers extremelly slow and popups

Please note that opening two topics creates confusion. This topic is closed as the second post is replied.

1 more replies
Relevance 54.53%

First off, I am new here so I hope I am doing this posting correctly.I have been plagued by unwanted popups whenever I use Internet Explorer. I think it may have started when I unknowingly tried to open an .exe file. Anyway, the family shares a DSL line and apparently I'm slowing everyone down, which is not good and they are hounding me to GET IT FIXED! So that's why I'm here. I seem to get the same popups, especially one for "Registry Defender". I seems like my whole computer is running slowly, especially when I try to open anything. Did I get infected with something? I hope someone can help because I don't want to reformat, again. Thanks in adance!Here are my logs: Logfile of random's system information tool 1.04 (written by random/random)Run by Roxanne at 2008-11-27 13:37:15Microsoft Windows XP Home Edition Service Pack 3System drive C: has 150 GB (63%) free of 238 GBTotal RAM: 1023 MB (37% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:37:55 PM, on 11/27/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defende... Read more

Answer:unwanted popups and slow internet connection

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any scr... Read more

2 more replies
Relevance 54.53%

I get three pop ups constantly. one stating I have Trojan, the other two are spyware alert. and my internet has slowed down.

My Hijack list. Please help

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:49:30 AM, on 4/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\IVP\swupdate\s... Read more

Answer:slow internet and anti spyware popups

Thank for your help I am being helped by spyware beware thanks.

1 more replies
Relevance 54.53%

I have run spybot and adware in safe mode and still it takes a minute for my explorer to become available and then randomly popups from rootv, laughnetwork.com, kontraband.com come up. Here is my hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 7:45:23 PM, on 3/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\cisvc.exe
c:\program files\ge security supra\syncservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\GE Security Supra\ProxyDaemon.exe
C:\SSL\stunnel-4.10.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GE Security Supra\SyncInfoApp.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.ex... Read more

Answer:random popups and slow internet explorer

Download Superantispyware (SAS)

http://www.superantispyware.com/superantispywarefreevspro.html

Install it and double-click the icon on your desktop to run it.
It will ask if you want to update the program definitions, click Yes.
Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click Yes.
To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click a... Read more

1 more replies
Relevance 54.53%

Hello everyone. I tried to get as much of this cleaned up as much as I can but I am stuck so here I am.

Deckard's System Scanner v20071014.68
Run by PH & JH on 2008-04-18 10:35:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 78% (more than 75%).
Total Physical Memory: 384 MiB (512 MiB recommended).


-- HijackThis (run as PH & JH.exe) ---------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-18 10:35:32
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINNT\system32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\system32\lxczcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Pro... Read more

Answer:[SOLVED] Popups and Slow Internet/Computer

Nevermind. I was able to clear it up. Thanks.

1 more replies
Relevance 54.53%

its as the title says, but the popups part i dont know much about because it cld be the websites ads or something, but yeah. its kinda slow i posted another thread like this quite a while ago, like maybe a week or 2, but didnt report or anything because all was well or at least i thought it was. heres my hjt log. plz tell me im just paranoid lol

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:25:26 PM, on 8/10/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Windows\ehome\ehtray.ex... Read more

Answer:Solved: my computers just slow, so is the internet and im getting a few popups

8 more replies
Relevance 54.53%

I've been getting these weird popups and really slow internet lately on any browser I use. Whenever I search something up it takes a long time, and when I click on a link, sometimes it brings me to a new link about women's health, pregnancy, nutrition, etc. I might have clicked on a bad link or downloaded something, I'm not very sure. Please help!

Answer:Slow internet + random search popups

Here is a very good step by step check.http://www.selectrealsecurity.com/m...

3 more replies
Relevance 54.53%

My log is

Logfile of HijackThis v1.99.1
Scan saved at 1:28:47 PM, on 6/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\eMachines Bay Reader\shwiconem.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\system32\Uqpdbq.exe
C:\Program Files\Oona\Jwjxe.exe
C:\WINDOWS\fkopnvbl.exe
C... Read more

Answer:[Resolved] Popups, ads, slow internet, help plzzzz

12 more replies
Relevance 54.53%

When i start my computer i am getting two errors that show up as shown in the picture. Also when i run Firefox it is very slow and i am getting pop ups when searching on google or just browsing the web. Any help is appreciated. thanksDDS (Ver_09-03-16.01) - NTFSx86 Run by Iva Sullivan at 11:00:01.57 on Sat 03/28/2009Internet Explorer: 7.0.5730.11AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)============== Running Processes ============================= Pseudo HJT Report ===============uStart Page = hxxp://www.yahoo.com/uSearch Page = hxxp://www.google.comuSearch Bar = hxxp://www.google.com/ieuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uDefault_Search_URL = hxxp://www.google.com/ieuInternet Settings,ProxyOverride = *.localuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%smSearchAssistant = hxxp://www.google.com/ieBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: {2e7833fa-3d9e-49f1-ba82-a009c94e872a} - c:\windows\system32\fewikini.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dllBHO: {01d300d3-7e91-be4a-d5f4-8f0c45a94146}: {64149a54-c0f8-4f5d-a4eb-19e73d003d10} - c:\windows\system32\hhv... Read more

Answer:Slow Internet / Popups / Rundll errors

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

2 more replies
Relevance 54.53%

Hi guys. Basically my computer seems to have been infected with something and I have no idea what it is. Avast, my current antivirus can't find it and i've done a panda scan and that cant find anything wrong either. Whatever i have has causedmy internet to run really slowly which shouldnt happen as i have a 6mb connection. Once the internet isopen this also seems to affect my pc, making that run slower. finally, whenever i click a link to a new page or change website that im looking at, an unrelated pop up appears. im really confused and would appreciate your help. This is my log from hi jack this. i hope its useful as i realsie i havnt given you any virus names...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04:15, on 17/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Progra... Read more

Answer:Dead slow internet + pc + loads of popups!

Ok.I see the offender..




Please download SDFix from here and save it to your desktop

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Please copy and paste that log in your next reply.

=================================


Ok.We need to download ComboFix.exe. This will give a better view to the files running and also hidden on your ... Read more

13 more replies
Relevance 54.12%

Im having a number of issues and not sure why....i get random porn popups (and other popups) everytime my computer is left idle for any period of time...my internet is slow, but the internet on my parents computer (same cable internet connection, thru a hub) becomes a lot slower whenever my computer is turned on, making me think that my computer is draining bandwidth....and finally, whenever i go to shut down, the computer "balks" for like a minute, and only after ive told it to shut down 2 or 3 times will it begin the shut down process....HELP?!

ive been running spybot and adaware fairly frequently, but still i have problems...anyways, heres my HJT log:

Logfile of HijackThis v1.97.7
Scan saved at 3:01:58 AM, on 6/29/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Dell Computer\Dell Image Expert\IXApplet.exe
C:\Program Files\iMesh\Client\iMeshClient.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Yahoo!\Messenger\ymsg... Read more

Answer:Porn PopUps, Slow internet, and Delayed Shut Down

Bumping this up, hoping for help...
 

2 more replies
Relevance 54.12%

So lately I've been getting random popups while using Firefox, and even when it's closed. Nothing explicit or anything, just ads. At the same time, my internet has really slowed down.

Here's my HiJack This log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:37:15 PM, on 12/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\GetModule\GetModule31.exe
C:\Documents and Settings\Owner\Application Data\gadcom\gadcom.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\... Read more

Answer:Random firefox popups/slow internet speeds

Hi, welcome to TSF!

You posted incomplete logs.

Please follow our pre-posting process again, outlined here:

http://www.techsupportforum.com/secu...oval-help.html

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

7 more replies
Relevance 54.12%

Hi, I've just recently had the issues mentioned in the topic title and I could use some help disinfecting my computer. Please let me know what to do in order to assist you with the process. Thank you for your assistance in advance!

Answer:Google redirect, internet unusually slow, getting some popups

Hello koenigseggCC7 I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the ... Read more

23 more replies
Relevance 54.12%

My laptop is experiencing several problems at the moment. To start with, startup usually takes longer then usual. I also get a message about the paging file being too low, either during or shortly after the startup. I also usually run into a few warnings labeled "bad image", and the warning says something about a missing dll. In addition, the computer itself is running very slowly-- if I try to do even the simplest of things, like opening up Notepad, it could take far longer than usual.

Currently, my computer is offline. Whenever I stick the ethernet cable into it, though, I can get on the Internet just fine... except I suddenly get a bunch of popups trying to load at once. Even if I don't have any browsers open, I'll get popups from both Internet Explorer and Mozilla Firefox. The browsers will go to random websites I've never been to before, or they'll just be an ad for something.

I tried running all the anti-malware programs and such as described in the sticky a few times, but I couldn't really get anywhere with it. If I was somehow able to miraculously start and run the first anti-malware program on there, it would crash the computer at the end of the scan and I'd have to restart everything and try again.

The specs are:

Running Windows XP 2 Professional, with Service Pack 2
Manufactured by VARtek Value Added Technology
Intel Pentium III
Mobile CPU 1066 MHz, 535 MHz
256 MB RAM

 

Answer:Slow-running computer, can't connect to Internet due to popups

StuffGal said:





My laptop is experiencing several problems at the moment. To start with, startup usually takes longer then usual. I also get a message about the paging file being too low, either during or shortly after the startup. I also usually run into a few warnings labeled "bad image", and the warning says something about a missing dll. In addition, the computer itself is running very slowly-- if I try to do even the simplest of things, like opening up Notepad, it could take far longer than usual.Click to expand...

Most of the above is may not have anything to do with malware.





StuffGal said:





except I suddenly get a bunch of popups trying to load at once. Even if I don't have any browsers open, I'll get popups from both Internet Explorer and Mozilla Firefox. The browsers will go to random websites I've never been to before, or they'll just be an ad for something.Click to expand...

This does sound like malware.




StuffGal said:





The specs are:

Running Windows XP 2 Professional, with Service Pack 2
Manufactured by VARtek Value Added Technology
Intel Pentium III
Mobile CPU 1066 MHz, 535 MHz
256 MB RAM
Click to expand...

Sorry but your PC is on the slow side and 256 MB of RAM is insufficient to properly run and updated Windows XP and all the other software your PC requires (like antivirus, antispyware, firewall..... and e... Read more

4 more replies
Relevance 54.12%

I am pretty tec savvy, atleast i think I am...I can usually take care of problems with computers and troubleshoot them to where they are back in top shape...however this one is just too much to handle.I have been in college out of state for the last 4 years and I just moved back home with my parents. Their computer is just obnoxiously slow, has random popups all over the place and my google searches dont do anything, i get redirected to spam sites and whatnots.the last straw was when i was working on removing this all...a program called Malware defense tried uninstalling my virus protection programs. I decided to use my "last resort" tool which is "hijack this" and post the log on one of these sites. I could not find the site I used previously, however came across this one and it looked really good.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:52:07 AM, on 1/18/2010Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4 ... Read more

Answer:Random popups, redirected searches, slow internet

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions... Read more

2 more replies
Relevance 54.12%

I'm including my log at the bottom. I'm not sure what is going on, I see no odd programs installed in Add/Remove Programs but there are a lot of weird things in my HJT log it seems....

Well the problem is my computer is dog slow, various internet pages do not work properly (eg Yahoo mail, Google search, etc...) while others do (such as this one!) and popups randomly appear from time to time to sell me, among other things, anti-spyware products! Wonderful.... If anyone can please help me with this I would be very very grateful!

_____________________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:47 PM, on 6/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PowerDVD\PDVDServ.exe
C:\Program Files\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\InstallS... Read more

Answer:Internet not working, popups, very slow computer, HJT log posted, please help!

Hello and welcome to TSF

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.
What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

========
Logs Required
C:\Deckard\System Scanner\main.txt
C:\Deckard\System Scanner\extra.txt<----Attached

11 more replies
Relevance 54.12%

I went thru the 5 steps. Here is a copy of activescan:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-04-30 04:21:57
PROTECTIONS: 85
MALWARE: 36
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.39.0.154
Yes Yes
Avira AntiVir PersonalEdition Classic 7.0.2.82
No Yes
Avira AntiVir PersonalEdition Classic 7.0.0.174
Yes Yes
Avira AntiVir PersonalEdition Classic 7.0.0.174
Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.179
Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.110
Yes Yes
Avira AntiVir PersonalEdition Classic 6.39.0.154
Yes... Read more

Answer:Lost desktop, internet slow, popups, and virus ***PLEASE HELP ***

Hello and welcome to TSF

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

========

Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear, a lack of symptoms does not mean that it is no longer present.

=========

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

=========

P2P

P2P - I see you have P2P software LimeWire 4.16.6 installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are Here,
Here and Here.

=========

Click > Start > Contro... Read more

8 more replies
Relevance 54.12%

here is my hijack log

Logfile of HijackThis v1.97.7
Scan saved at 1:20:13 PM, on 2/12/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\COMMON FILES\WINTOOLS\WTOOLSA.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\WINTOOLS\WSUP.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\TEMP\BUNDLE.EXE
C:\PROGRAM FILES\VSN\VSN.EXE
C:\PROGRAM FILES\WINDOWS SYNCROAD\SYNCROAD.EXE
C:\WINDOWS\DHUPDT.EXE
C:\WINDOWS\DHBRWSR.EXE
C:\PROGRAM FILES\WINDOWS SYNCROAD\WINSYNC.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\QOYYGU.EXE
C:\WINDOWS\TEMP\ICD16.TMP\SVCMM32.EXE
C:\WINDOWS\TEMP\CXTPLS_LOADER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\TEMP\180AX.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\AUN_0010.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP... Read more

Answer:internet windows load slow and almost constant popups

9 more replies
Relevance 54.12%

Hello,

I've read and followed all instructions in the Read and Run Me First section. Several malware, viruses and infections where found and I believe eliminated. However, I would like to know for sure.

Attached are the 5 logs as requested. I will place 4 in this post and the final in a reply to this post.

Thank you
 

Answer:Slow Hanging Internet and lots of nasty popups

final log file attached as requested
 

7 more replies
Relevance 53.3%

Hi my name is Mattias. My internet is getting almost unuseable. First crome stoped working. where you couldnt get out the home page, now firefox is really slow aswell. HELP Please.

Answer:constant popups. internet is really slow. ad choices and epicolors removal.

Hello Mfrost258,

Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
   If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
   Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

   Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.  1.Please download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool .Click on the Scan button.AdwCleaner will begin to scan your computer.After the scan has finished...Click on the Clean button.Press OK when asked to close all programs and follow the onscreen prompts.Press OK again to allow... Read more

2 more replies
Relevance 53.3%

Noticed recently additional windows opening while surfing in IE. AOL broadband became VERY slow. Last night I could NOT get IE to stop opening my email(gmail) client window, and had to reboot. Hijackthis log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:22:16 AM, on 4/5/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\svchost.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\system32\SearchIndexer.exeC:\Program Files\Microsoft Hardware\Mous... Read more

Answer:Slow internet, ad popups, multiple window openings... cant be stopped.

NEW log, just in case:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:21:45 AM, on 4/8/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\svchost.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Microsoft Hardware\Mouse\point32.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java... Read more

12 more replies
Relevance 53.3%

Hello,

The kids snuck on to the computer and I found a program called Gamevance so I attempted to remove it. I'm not quite sure what else the kids clicked on but the computer is now ridden with popups, the internet connection is very slow (the page just keeps refreshing and ticking but takes forever to fully load). Also the overall computer performance is very slow. I ran AVG and it detected some trojans and removed them but my computer isn't any better. I've searched the forums for anything that might be similar but haven't had any success. Please help. Thanks in advance.

Raggz

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:12, on 2008-08-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxM... Read more

Answer:Solved: Help! Popups, slow internet/cpu performance..AVG detects trojans. HJT log Inc

16 more replies
Relevance 52.89%

My HJT log is below...
Explanation; I downloaded some paid software, for free, from a site...
this went fine...but when I went to get the key for it, i downloaded a .exe file (untrusted) and it came with many malicious viruses, trojans, adware, spyware and the whole nine yards...My comp is running unbearably slow, internet connection will start sometimes, sometimes not, tons of pop-ups, computer integrity threats, even my wallpaper changed to say "Warning! Spyware threat has been detected on your PC. Your computer has several fatal errors due to spyware activity. Your IP address is ##.##.##.### and via this address an unauthorized access was gained by another computer. blah blah."

What can I do to get my old system back?

HJT LOG;

Logfile of HijackThis v1.99.1
Scan saved at 3:13:24 PM, on 9/18/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~... Read more

Answer:Popups, Slow, Interrupted internet connection, etc. -Trojan Downloader.Generic4.IQO

Here is my new log...not too much has changed, but I did manage to get rid of a few...PLEASE HELP. THANKS.

Logfile of HijackThis v1.99.1
Scan saved at 8:05:17 PM, on 9/18/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\System32\WinAvXX.exe
C:\WIND... Read more

15 more replies
Relevance 52.89%

sorry i'm a newb this my first ever hijackthis usage so please pardon me if i'm a bit slow.i got this msn spyware a few days ago and since then used avg free,windows defender, adare 2007 free and spybot search destroy to try and get rid of it all but i j cant get rid of this problem that my internet connects automatically and i get like pop ups every 30secs ofwinantivirus and other stuff.thanks for the timeheres my hijack this log:Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEC:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exeC:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exeC:\Program Files\QuickTime\qttask.exeC:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Thomson\Sp... Read more

Answer:Winantivirus Popups And Other Pop Ups, Computer Slow, Automatic Internet Connection At Start Up

Hello,Your are dealing with several nasty infections..* Download: HostsXpertUnzip hoster to an own folder, eg C:\HostsXpert Start HostsExpert.exe, click 'Restore Original Hosts' and click OK. Then, * Download Combofix to your desktop.Doubleclick combofix.exeFollow the prompts.Don't click on the window while the fix is running, because that will cause your system to hang.When finished and after reboot (in case it asks to reboot), combofix will open again to gather the necessary information for the log. This may take a bit. When done, Combofix will close and a log should open, combofix.txt. Post the contents of this log in your next reply together with a new hijackthislog.Do NOT post the ComboFix-quarantined-files.txt - unless I ask you to.

8 more replies
Relevance 52.89%

We are using Windows XP Professional ver 5.1 SP3 on our laptop. Using IE 6

Recently, we started to get a lot of Pop ups and so my husband changed the settings to block Pop ups. He also decided to shut off the auto update feature as it was taking very long and do it manually once a week.

Since then we started to get a different - constant popup problem from Trend Micro Office scan that says URL Blocked and the URL is always url.adtrgt.com\...... with a very long message everytime we browse anything (it doesn't matter what browser we use)

Other Problems:
1. We are noticing internet browsing has slowed down considerably
2. When I click on any link on my Hotmail web page it keeps showing its Loading which has never happened before. It takes several clicks for the link to finally work. It also keeps giving me a message Windows Live Hotmail has diconnected. Please try again later. This has also never happened before.
3. When I shut off the computer a window pops up showing Ending now RUNDLL32. It seems like it is saving information and trying to shut the program down but when its towards the end of the bar. It says program has stopped responding. So I have been clicking the END NOW button and then it shuts off OK.
4. Today when I switched on the computer, it gave me a Windows message saying error opening IE. I forgot to note it down. But some error wherein I had a choice to SEND report etc.

I think the situation is turning from bad to worse. We have scanned the compute... Read more

More replies
Relevance 52.89%

sorry about the first time. i now have all the proper logs and information. i'm attatching the said files and here is my log. PLEASE HELP! all help is greatly GREATLY appreciated.




DDS (Ver_09-01-07.01) - NTFSx86
Run by Kent at 13:17:54.64 on Fri 01/23/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.5.0_14
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.98 [GMT -6:00]

AV: AVG Internet Security *On-access scanning enabled* (Outdated)
FW: McAfee Personal Firewall Plus *enabled*
FW: AVG Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Kent\Desktop\dds.com

============== Pseudo HJT Re... Read more

Answer:Thousands of popups, slow internet, no way to update programs. Properly Logged! HELP!

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------


Quote:




FW: McAfee Personal Firewall Plus *enabled*
FW: AVG Firewall *enabled*




Although no longer installed, it appears McAfee Personal Firewall Plus is still registered in your WMI.

Please follow these instructions for de-registering McAfee Personal Firewall:

**Note: Make sure you only delete McAfee products.
Go Start > Run and copy/paste wbemtest into the Run box and click 'OK'.
Click 'Connect'.
Copy/paste root/securitycenter into the box and click 'Connect'.
Click 'Query'.
Copy/paste SELECT * FROM FirewallProduct under 'Enter Query' and click 'Apply'.
If there is more than one result, it means there is more than one Firewall program registered.
Double-click on each result to view the properties for that Firewall product.
Identify the product(s) registered by scrolling down to 'companyName' then click 'Close'.
In the 'Query Result' window, click 'Delete' for any Firewall software that is no longer installed.
Click 'Close', then 'Exit'.
-----------------------------------... Read more

7 more replies
Relevance 52.89%

Hello

My problems started a few days ago when i noticed a fake anti spyware scanner called security tool. I booted into safe mode and used malwarebytes, spybot and norton to remove it. It was very persistent, so i downloaded lots of anti spyware programs like adaware, spysweeper and so on. Finally i used a tool called security master AV removal tool to kill virus processes before scanning with norton. At that point it found alot of virusses/spyware and removed it succesfully.

Since then i noticed that my internet is slow and when i click on a google result it loads very very slow. Sometimes it gives a nginx error. Sometimes when i click on a result i get a different website.

I don't know what software can help me now at this point. So i searched for this problem with google and found this forum. I hope someone can help me fix this.

Thanks in advance.
Bart

edit : My norton endpoint security gave a warning today : http redirect detected. It blocked this redirect and i did a full scan yesterday. I seems it can't find the virus or spyware that's causing this.

More replies
Relevance 52.89%

So lately my internet on my desktop has been running pretty slow, with unusual amounts of popups constantly interrupting. My desktop is pretty old, running on windows xp, but my laptop recently died because of trojans. A-squared had detected trojans and when I tried to quarantine it I guess I damaged an essential file or something because now my windows won't start up on the laptop. Anyways, similar thing has been happening on my desktop and a-squared detected a two high risk files named something like kuang2 and backdoor something (obviously I'm not very computer literate). Anyways here's the hijackthis log. I didn't try to do anything with the trojans this time in case I ended up killing my desktop as well. I'm not sure what other information you guys need, just let me know if you need anything else. Thanks!

---------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:50 PM, on 4/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:... Read more

Answer:Kuang2? slow internet, constant popups, trojans detected via a-squared

bump*
thx in advance
 

1 more replies
Relevance 52.89%

Right... So I've got some problems...
-It started just a while ago when I suddenly started getting all of these pop-ups. One of the appeared to be a virus-scanner advising me to buy or download it. I didn't really heed that one.
-Right after that, my own computer started giving me messages saying 'you're computer is infected'. That, and the machine itself started crackling like some sort of coffee machine or something. When I clicked on the message balloon I told you about earlier, I got the same popup.
-A curious thing that has happened also: I just restarted the computer, and it went REAAAALLLY slow.
-Another curious thing: my computer has suddenly decided to get a mind of its own, it appears. At random moments, it opens up random maps (usually my documents).
-I can't do anything on the internet anymore. All websites I choose to visit, just don't appear. It appears as thought they are blocked somehow. The browsers do say they're "done loading the webpage", but all I get is a white screen. And in the case of internet explorer, a message saying the program doesn't respond -_-'. I actually have to get help on my sister's computer XD
-The final, and most troubling thing of all: I just attempted to restart the computer, and I don't get anything done anymore. When I click on my icon in the startup screen, the 'startup sequence' begins, I can see my wallpaper and all, and then it completely stops... N... Read more

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svc

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svc

Answer:Search results redirect + popups + slow internet connection + browser functionality issues

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Do not Attach logs unless I ask you to.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note**Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Note**Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.I would like to get a better look at your system, please do the following so I can get some more detailed logs.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' messa... Read more

15 more replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svc

More replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

Answer:Search results redirect + popups + slow internet connection + browser functionality issues

duplicategringo

1 more replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.I am unable to post my hijackthis log for some reason, but I have saved it.

Answer:Search results redirect + popups + slow internet connection + browser functionality issues

I am still unable to attach the log in any way and it looks like I have accidentally posted this topic multiple times. I apologize. Any help?

2 more replies
Relevance 51.66%

When I click on a result from a search engine I am sometimes redirected and there will be a blue loop icon or a green globe icon in the top corner of my browser tab. Also, I sometimes get random popups, my connection has slowed considerably and my browser (firefox) often times out. I am running windows XP but sometimes when I log in it has the appearance of windows2k (gray boxy toolbars and window borders).I have run malwarebytes, spybot s&d, avg and superantispyware with no success.Here is my hijack this log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:10:49 PM, on 6/15/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI

More replies
Relevance 48.38%

Hi,
This is my first post here, so I hope that I follow all of the rules. And thanks in advance for any help. My computer has been running slow for a while, and I think one of my kids might have gone to a website that allowed some malware in. My OS is Windows XP SP3. I have noticed a few things, 1. Had a problem with Adobe acrobat reader, it wouldn't update for some reason, and couldn't open PDF files for a while, after uninstalling and reinstalling several times, I think it is now working. Also noticed more recently when working in MS Word 03 every once in a while it won't let me save files. Now I am noticing that when I have Internet Explorer open for a while, IE tries to pop open a new window, to which the IP address is blocked by K9 web protection 91.212.226.6 is the IP. After googling this IP address, I found a few posts leading me to think there might be a trojan kicking around on my pc. I have run MBAM and Hijackthis in an attempt to find the culprit, but MBAM comes up clean, and I can't find it on Hijackthis. Any help woould be appreciated.
Thanks!

Answer:PC running slow,Problems w/MSword, Internet explorer problems with popups and blocked sites

1. Start an Office program.
2. On the Help menu, click Detect and Repair.
3. In the Detect and Repair dialog box, do any of the following:
* Click to select the Restore my shortcuts while repairing check box. By default, this check box is selected. If you select the Restore my shortcuts while repairing option, Detect and Repair will keep your custom Office shortcuts. If you do not select this option, Detect and Repair will remove your custom Office shortcuts.
* Click to select the Discard my customized settings and restore default settings check box. If you select the Discard my customized settings and restore default settings option, Detect and Repair will set the following back to the state that they appeared in when you first installed Office:
o The Assistant character selection.
o Most-recently-used entries on the File menu will be removed.
o The size of the program window for all programs.
o Menu and toolbar position and any customizations.
o The security level for each program.
o View settings in the program, such as the Calendar view in Outlook.
o You must re-enter your User Name and Initials when you restart your Office programs.
4. Click Start.
5. Click Ignore if the Close Office Programs dialog box displays the following message (where program is any Office program that is currently running):
In order to correctly pick... Read more

2 more replies
Relevance 48.38%

This computer has been really slow at everything lately. Has lots of pop ups too and even the balloons in the bottom right corner that pop up.No real virus or malware protection has been on this comp, but we are ready to do what ever we need to! Thanks for the help!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:32:36 PM, on 6/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16850)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC: ... Read more

Answer:New Log, very slow computer, popups, other on screen popups...

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.-----------------------------------------------------------We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, ... Read more

7 more replies
Relevance 47.97%

Hello,I keep getting enormous amounts of different advertisement pop ups (uk prize,celldorado phone ... much much more) and false spyware security website pop ups wanting me to download spyware. fp.pc-on-internet popups- this is usually in the url/website address bar before some of the pop up appears, but not in all. I have tried various antispyware/antimalware packages, such as ad-aware 2007,ad-watch 2007, spybot search & destroy, spyware doctor, super antispyware, xoft spy... I have run my anti-virus Norton 360(21/1/2008) and have detected tracking cookies and adware advantage risk (registry entries, files and browser cache), but this has not cleared or removed the problem. It also seems my keyboard is affected; I sometimes have to press the key twice for the letters to come up. I have read the FAQ forum posting guidelinesMaybe I have Malware/spyware/adware..Here is my hijack this log(20/1/2008)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:36:44, on 20/01/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16575)Boot mode: NormalRunning processes:C:\Windows\System32\smss.exeC:\Windows\system32\csrss.exeC:\Windows\system32\wininit.exeC:\Windows\system32\services.exeC:\Windows\system32\lsass.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\System... Read more

Answer:Please Check; Regular Advertisement Popups, Including False Security Popups; Fp.pc-on-internet.com Url

Hello,here is a new hijackthis log updated from the one I sent on the 21st januaryLogfile of Trend Micro HijackThis v2.0.2Scan saved at 14:40:23, on 25/01/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16575)Boot mode: NormalRunning processes:C:\Windows\System32\smss.exeC:\Windows\system32\csrss.exeC:\Windows\system32\wininit.exeC:\Windows\system32\services.exeC:\Windows\system32\lsass.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exec:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Windows\system32\svchost.exeC:\Program Files\Spyware Doctor\svcntaux.exeC:\Program Files&#... Read more

2 more replies
Relevance 47.97%

Lets see so far my computer is very slow I tried using windows system restore twice both times it said unable to restore sometimes when I am bringing any page up on internet explorer a popup will come up either one from the internet or one that is either from my system or disguised to be my system before I also was hgetting some kind of terminaton eroor every 5 minutes say something about terminationg a program all i remember is the code which was 0x00000000 exactly
DDS (Ver_09-03-16.01) - NTFSx86
Run by Gregg at 23:27:22.67 on Tue 04/21/2009
Internet Explorer: 7.0.5730.13
AV: CA Anti-Virus *On-access scanning enabled* (Updated)
FW: CA Personal Firewall *enabled*

============== Running Processes ===============
============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe=

{outputEncoding}&sourceid=ie7&rlz=1I7ACEW
uWindow Title = Microsoft Internet Explorer
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=0&o=xph&d=0808&m=le1200
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai r... Read more

Answer:Infected Windows Explorer and random "systm" popups and internet popups

Bump.... aparently the virus i have is Vundo r at least one of them is=============Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, you wouldn't want someone to assist you who is not familiar with your issue and attempt to fix it, would you?We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or m... Read more

3 more replies
Relevance 47.97%

it appears as though i picked up a virus by merely visiting a website. i use firefox, i never get pops-ups and now everytime i open firefox i get pop-ups, and when i accidently clicked on one, 48 internet explorer windows popped up. it was so fast i had to wait until it finished. on top of that, this virus has slowed down my computer, and i cant access all of the websites i used to, including gmail.

i used spybot but have mostly been using adware constantly. ad-aware has found various things but still hasnt been able to find whatever this virus is. i just ran a full adaware this morning, it found some malicious objects, removed them, asked me to restart, i did, but then once i clicked on firefox, popups galore, everything slow to run, and cant pull up all the websites i normally do. so ad-aware is not working on this issue

any thoughts, help would be appreciated. frustrated and as you can probably tell not particularly computer saavy.
thanks.

Answer:internet explorer popups posing as firefox which NEVER has random popups

Hello lolacomp Welcome to TSF.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html
After running through all the steps, you shall have a proper set of logs. Please post them in a new topic,
as this one will be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 45.92%

Hi and Help! I am at my wit's end with these problems I'm having with my computer. The SYMPTOMS: slow slow startup, slow opening of any program, it takes 10 seconds for My Computer folder or any other system folder to open up, and even longer for my IE browser to start getting to a new page. The Browse button of any of the programs that I run seems to be stuck on "working" forever. I have tons of popups, from inqwire, everykind of antivirus ads under the sun...WHAT I HAVE DONE SO FAR:I ran every antivirus program that I could download, spybot, adaware, norton scan, cleaned my cache, temp files. While doing this, I found some unwanted programs listed in the control panel under "add or remove programs". These include: powerscan, SideFind, Surf Accuracy, Yoursitebar. I uninstalled all of them using the "uninstall" feature but now I'm regretting it. I think those uninstallation options came with the spyware and all it did was hiding the bad guys even better than before....I ran Hijack this! and deleted some entries, including an entry on istsvc.exe which i learned was harmful. This entry no longer shows up on my log, however, nothing has improved on my computer. I still have all the symptoms I started off with!!!!I need serious help. I'm running on Windows XP. I have installed both service packs. I have norton.Below is my log (by the way, this QQ program is a foreign instant messenger program. It is a safe software just in cas... Read more

Answer:Numerous Viruses, Popups, Sidefind, Slow Slow Processing..baah!

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.Please download AproposFix from here:http://swandog46.geekstogo.com/aproposfix.exeSave it to your desktop but do NOT run it yet.Then please reboot your computer in Safe Mode by doing the following:1) Restart your computer2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.3) Instead of Windows loading as normal, a menu should appear4) Select the first option, to run Windows in Safe Mode.Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.

3 more replies
Relevance 43.05%

This is my 2nd computer used by my son. 512MB, 80GB Hard Drive, Windows XP SP2, IE 7.0. Everything runs extremely slow, even downloading HighJackThis. Some stuff on his computer I feel is highjacking and adding malware, spyware, etc. An example is PalTalk. You guys did an outstanding job on fine tuning my main computer and would appreciate any help you can give me on computer 2. Thanks in advance. Here the log file:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:16:34 AM, on 8/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\AOL\1147838733\ee\AOLSoftware.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\program files\common files\aol\1147838733\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.... Read more

Answer:Computer Very Slow With Popups And very slow

7 more replies
Relevance 41.82%

My computer is unusually slow and it takes up to 10-15 minutes just for my computer to completely start up.

Here is the HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:18 AM, on 12/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files... Read more

More replies
Relevance 41.82%

(adding system info):
Dell M90, Vista, all updates current.
Wireless: AT&T Expresscard

Concurrent wil all this, something is resetting my trackpad settings back to default on every reboot. Solved this last summer by removing something from Logitech, but the problem is back now. Weird.

Internet MUCH slower than usual, responses sluggish on- and offline. System fans kick on within 2-3 minutes of startup. I've run all the usuals - McAfee, Ad-Aware, SpyBot, disk cleanup, and chkdsk. Hard boot after all that, then ran HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:29:36 PM, on 2/27/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe
C:\Windows\sttray.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files... Read more

Answer:computer slow to boot, slow response, very slow internet, fans on high - HJT log

Any thoughts, anybody?

catillac said:


(adding system info):
Dell M90, Vista, all updates current.
Wireless: AT&T Expresscard

Concurrent wil all this, something is resetting my trackpad settings back to default on every reboot. Solved this last summer by removing something from Logitech, but the problem is back now. Weird.

Internet MUCH slower than usual, responses sluggish on- and offline. System fans kick on within 2-3 minutes of startup. I've run all the usuals - McAfee, Ad-Aware, SpyBot, disk cleanup, and chkdsk. Hard boot after all that, then ran HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:29:36 PM, on 2/27/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\CSR\Vista Profile Pack\BtHidUi.exe
C:\Windows\sttray.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Microsoft... Read more

1 more replies
Relevance 41.41%

For some odd reason, in the past 4 weeks, my streaming video has become VERY slow, and I do not know why. I have a high-speed cable connection, the same I have had for the past 6 months. It is slow, sound-with-stil-images and/or constantly rebuffering, and this is true with WIndows Media, Winamp, Realplayer and even Flash videos (on YouTube for example). I cannot take it anymore. I tried this Hijackthis thing, and this is my log:

Logfile of HijackThis v1.99.1
Scan saved at 3:58:08 PM, on 7/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sophos\Remote Update\cachemgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\sophos\remote update\imonitor.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sophos SWEEP for NT\S... Read more

Answer:Slow internet, slow video streaming, slow computer... aaaaah!

Please, somebody.
 

2 more replies
Relevance 41.41%

Well somethings up... I took out outerinfo.... but know as soon as try some diffrent anti virus or spy ware it does a critical error when it gets to system 32 files.... Please help or let me know what to do cause this is my work computer... Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:58:42 PM, on 8/16/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\odtnrhxs.exeC:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\SiteAdvisor\6066\SAService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXEC:\windows\system32\lmdsregj.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\Common Files\Sonic\Update Manager\sgtray.exeC:\Program Files\SiteAdvisor\6066\SiteAdv.exeC:\WINDOWS\retadpu361.exeC:&#... Read more

Answer:Need Help With Slow And Popups

Hello,Your system is terribly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts. Actually this doesn't suprise me at all.... I notice that you do not seem to be running Antivirus software and a Firewall. This is somewhat suicidal in today's digital world.That's why I want you to install them first!!Avira, AVG OR Avast are good FREE antivirus.Never install more than one antivirusscanner or firewall on your system! Several together can give problems and decrease the reliability of it seriously!... Read more

2 more replies
Relevance 41.41%

first let me say thanks in advance for any help or suggestions this forum is a godsend.
i have a hp notebook running vista operating system. about a month ago started getting popups and noticed performance was not as it was prior. now popups dont appear to be as bad. but performance is terrible very slow and sluggish,crashing for no apparent reason.
ran superantispyware and mcaffee scan. it detected some adware but nothing has really changed. again any suggestions or help is appreciated.
 

Answer:slow,slow,slow, popups,popups,popups, help,help,help

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:13 PM, on 9/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80016
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80016
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\... Read more

2 more replies
Relevance 41.41%
Question: Slow and Popups!

Hi guys, would be grateful if anybody could help me.

The computer has been running slow and been having problems on the net.

Now got AVG antivirus, Spyblaster & a firewall installed.

I have run new versions of CWShredder, Search & destroy, and Adaware.

Any help of what should be fixed etc.

Many Thanks.

This is the run from hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 15:33:25, on 25/02/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Tools\BlackIce\blackd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\msnplus.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon06.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\mcafee.exe
C:\WINDOWS\System32\mcafee32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Hewlett-Packa... Read more

Answer:Slow and Popups!

O4 - HKLM\..\Run: [CTzLIYd] C:\windows\temp\CTzLIYd.exe looks quite suspicious...Might want to clean out temp folder and clear your history, cache etc. Perhaps a defrag is in order as well.

What are your system specs? I have known of many cases in which Black Ice has slowed down a system considerably.
 

2 more replies
Relevance 41.41%

Hello. I initially created a topic in the hijackthis area but I have yet to receive a reply. I believe my computer is infected and I am unable to locate and/or remove the problem. I am receiving many browser pop ups (chrome) and my web connection has slowed to a crawl. I am also receiving a rundll32.exe error every time I shutdown or restart my PC.

I have scanned my system using AdAware, Spybot and Avast Anti-virus but the problem still exists. I have tried updating my system using Windows Update but nothing happens when Internet Explorer opens. It just sits there with the Windows Update address and doesn't appear to connect to the site. The Avast log viewer will not open also but I see it in the task manager.

Can someone please help me with this issue?

My OS is:

Windows XP Pro 2002 with SP3

Let me know if I left out any important information or if you have any questions. I really need some help with this! Thanks in advance!

Answer:Web is very slow and I have popups now.

Most likely you are infected with something. I would go get Malwarebytes Anti-Malware, and then run a scan in Safe Mode.

18 more replies
Relevance 41.41%

I've run every antimalware, antivirus, etc. under the sun. I also followed all your instructions to the tee, and this laptop is STILL riduculously slow, especially at boot up. I have a popup blocker running since this problem started (before which I had no popups at all), and it has blocked 158 popups in about 3-4 weeks. I use Zone Alarm, McAfee Virus Scan, and AVG on a regular basis. Here is my hijack this log:Logfile of HijackThis v1.99.1Scan saved at 9:13:08 PM, on 4/14/2007Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Network Associates\Common Framework\FrameworkService.exeC:\Program Files\Network Associates\VirusScan\mcshield.exeC:\Program Files\Network Associates\VirusScan\vstskmgr.exeC:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exeC:\WINDOWS\System32\tcpsvcs.exeC:\WINDOWS\System32\svchos... Read more

Answer:Too Slow And Too Many Popups

Welcome to the BleepingComputer HijackThis forum pjsam Before we can provide you with any further assistance,you first need to go here and install Service Pack 1a;http://www.microsoft.com/windowsxp/downloa...p1/default.mspxThis will patch numerous security vulnerabilities in Internet Explorer and the Windows operating system. As your machine stands right now it's exremely vulnerable to infection. You need to get these updates installed first before we can proceed or we?ll both be wasting our time.Note:Do not install Service pack 2.If you install SP 2 on an infected machine it will cause serious problems within the operating system.When you've finished above,restart your pc and post a new Hijackthis log into your next reply please.

10 more replies
Relevance 41.41%

Hi, I am on aol and keep geting popups on ie. i would be very lucky to stay logged on for 10 mins without freezing. I would very much apreciate any help you can give..... Here is Hijackthis note :


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:10:26, on 27/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\1135796903\ee\AOLSoftware.exe
C:\Program... Read more

Answer:Very Slow and IE popups

Hi there..



Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

O4 - HKLM\..\Run: [Microsoft Help Service] scvhost.exe
O4 - HKLM\..\Run: [Jugs Surf Inter Media] C:\Documents and Settings\All Users\Application Data\STORE LESS JUGS SURF\that bait.exe
O4 - HKLM\..\Run: [corn dvd inside media] C:\Documents and Settings\All Users\Application Data\Balm Seek Media Store\flaw less bold.exe
O4 - HKLM\..\RunServices: [Microsoft Help Service] scvhost.exe
O4 - HKCU\..\Run: [flap delete] C:\DOCUME~1\PCWORL~1\APPLIC~1\PLATFO~1\bibaxisrdr.exe



Close all windows except HijackThis and click "Fix Checked".
Please Download NoLop to your desktop from one of the links below...

Link 1
Link 2
Link 3First close any other programs you have running as this will require a reboot
Double click NoLop.exe to run it.
Carefully type or copy and paste this series of characters into the lower text area labeled Insert CLSID Here.
Include the {}:
{CLSID GOES HERE}Now click the button labeled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Click OK
Now click the "REBOOT" Button.
A Message should popup from NoLop. If not, double click the program again and it will finish... Read more

3 more replies
Relevance 41.41%

Hello,
When my brother turns on his WinXPsp2 PC it takes forever to boot and when we try to access the internet, advertising and web pages are opening up everywhere, stuff about dating, loans , Antispyware programs and porn. The Internet is insanly slow.
Spybot was on the computer so we ran that and it must have found at least 50 items. Many of them trojans. It was able to delete most of them but some keep coming back.
and he is still getting popups.
I was able to install HJT on it with a thumb drive. This HJT scan is berfore the Spybot scan
Thanks in advance
HJT log:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:51:00 PM, on 11/5/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\bWFpbg\command.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\VTTimer.exe
C:\WINDOWS\System32\VTtrayp.exe
C:\WINDOWS\plite731.exe
C:\WINDO... Read more

More replies
Relevance 41.41%
Question: slow with popups

I have ran ad-aware and spy-bot and still am running slow with popups I am running xp. My pop ups are coming me in with Security up dates on the title like a microsoft bar. here is my Hijack this list
Logfile of HijackThis v1.99.1
Scan saved at 6:46:39 PM, on 6/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\LEAD Technologies, Inc\LEADTOOLS ePrint\Bin\LPSVS13N.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.... Read more

Answer:slow with popups

10 more replies
Relevance 41.41%

When starting IE7, popups constantly appear. winantiviruspro appears to be the culprit.

DSS main.txt:

"Deckard's System Scanner v20071014.68
Run by Marsha Lamarre on 2007-10-17 21:21:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
90: 2007-10-18 01:21:58 UTC - RP512 - Deckard's System Scanner Restore Point
89: 2007-10-18 00:46:43 UTC - RP511 - Software Distribution Service 3.0
88: 2007-10-18 00:39:59 UTC - RP510 - Software Distribution Service 3.0
87: 2007-09-16 15:02:20 UTC - RP509 - Software Distribution Service 3.0
86: 2007-09-15 19:28:26 UTC - RP508 - System Checkpoint


-- First Restore Point --
1: 2007-06-19 12:14:43 UTC - RP423 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-10-17 21:27:12
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDO... Read more

Answer:PC slow with many popups

Ok..Lets start with this....


Please download Combofix from HERE or HERE


Save ComboFix to the desktop.

1. Double click on combo.exe & follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Copy and Paste the contents of that log in your next reply with a new hijackthis log. Do not use Code or html unless asked for.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

8 more replies
Relevance 41.41%

Hi,
my PC (OS - Windows XP) has become quite slow and i keep getting lot of pop ups. it takes lot of time when i log into my profile. Using some of the previous threads have downloaded:
ewdio anti spyware
CWshredder
CCleaner
cwsserviceremove

they have helped to a certain extent but the popups keep coming up
i also get the msg not able to start 'c\..........\ibm0004.exe' when i start my system
please help its getting to my nerves
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Thimme\Local Settings\Application Data\cd43e303.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Thimme\Desktop\HijackThis.exe

F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00004.exe&quo... Read more

Answer:PC has become slow and keep getting lot of popups

7 more replies
Relevance 41.41%

Hi, I would introduce myself in the other forum first but I am in a rush to have my pc available to me again for school tests; I will however shortly introduce myself as Brian from WA.

I have run many many anti-spyware,virus and adware programs but most didn't do anything to help.

I have run HijackThis and here is the log.

Logfile of HijackThis v1.99.1
Scan saved at 2:36:47 AM, on 5/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\nv... Read more

Answer:Slow PC and many popups.

Hello Thisone and Welcome to TechSupport,

Please do the following:

STEP 1.
======
Combofix by sUBs Download this file - combofix.exe
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

17 more replies
Relevance 41.41%
Question: Slow PC and Popups

Dr. Moriarty just got done helping me with my PC, and I figured I would tackle my wife's machine.

I started by running RogueKiller as per the initial instructions. About halfway through it just stops. I let it sit there for two hours and it would not get past C:\Windows\System32\drivers\nvstor.sys

I tried it three times, it paused at the same spot for at least an hour each time. I have used RogueKiller many times and have never had a problem with it.

It's a 32bit machine (I checked to make sure I was using the 32 bit version) running Windows 7. I have disabled my antivirus and made sure UAC was turned off.

I tried it in Safe Mode also and got the same result, so I was not able to attach a log file.
 

Answer:Slow PC and Popups

Please download OTM by Old Timer and save it to your Desktop.

Run OTM.exe by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).
Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
(or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
the code box

Code:

:Processes
explorer.exe

:Files
C:\Program Files\iMesh Applications
C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\1a5vc6bz.default\searchplugins\Search_Results.xml
C:\Users\Amy\Documents\Optimizer Pro
C:\ProgramData\59168fa61798068e
C:\ProgramData\DDEalpeak
C:\ProgramData\ddownloaditkeep
C:\ProgramData\ReauLdeeaal
C:\Users\Amy\AppData\Local\Temp\*.*

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iMeshMediaBar_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iMeshMediaBar_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\OptimizerPro_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\OptimizerPro_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\optprosetup_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\optprosetup... Read more

10 more replies
Relevance 41.41%
Question: Slow with popups

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:11:35 PM, on 12/8/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Norton Internet Security\Engine\16.1.0.33\ccSvcHst.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\sm56hlpr.exeC:\HP\KBD\KBD.EXEC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\ctfmon.exeC:\Program F... Read more

Answer:Slow with popups

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I may ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download random's system information tool (RSIT) and save it to your desktop.Double click on RSIT.exe to run it.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

11 more replies
Relevance 41.41%
Question: Slow PC and popups

Hi, I don't know what else to do about these problems, I've already run spybot and Ewido in safe mode and I'm still getting the same thing, really slow and popup windows.
Here's my hijack this logfile if anyone can help me.
Thanks

Logfile of HijackThis v1.99.1
Scan saved at 11:08:29 AM, on 7/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\issearch.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Fi... Read more

Answer:Slow PC and popups

16 more replies
Relevance 41.41%
Question: Slow PC & popups

Hello please could someone look at my log file as im getting really slow performance from my PC and alot of unwanted popups

thanx..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:17:39, on 21/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe
C:... Read more

Answer:Slow PC & popups

Hi...


Please download the OTMoveIt by OldTimer. Save it to your desktop.
Please double-click OTMoveIt.exe to run it.
Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


C:\Windows\system32\dcz.exe
C:\Windows\dcz.exe


Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
Click the red Moveit! button.
Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

=====================

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

O4 - HKLM\..\Run: [Windows Automatical Updater] dcz.exe
O4 - HKCU\..\Run: [Windows Automatical Updater] dcz.exe
O4 - HKUS\S-1-5-18\..\Run: [Windows Automatical Updater] dcz.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Windows Automatical Updater] dcz.exe (User 'Default user')


Post a new HJT log when done.

1 more replies
Relevance 41.41%
Question: Slow and popups

My machine is slow and I get popups. I have run Adaware, Spybot, and virus scanned my system. Here is a HijackThis log. Any ideas?

Logfile of HijackThis v1.99.1
Scan saved at 7:42:33 PM, on 12/31/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\MICROSOFT WORKS\WKSSB.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKUFIND.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\UNLOAD\HPQCMON.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\EN-US\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MSN\MSNCOREFILES\MSN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\MSN\MSNIA\MSNIASVC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\INTERNET EXP... Read more

Answer:Slow and popups

Hi and welcome to TSG..
This some work to be done cleaning your log..While waiting for a log expert..
Clean out all temp files..Clcik on tools in IE>internet options>delete temp and cookies..
D/load Easycleaner..
http://personal.inet.fi/business/toniarts/ecleane.htm
Use unnecessary and Registry..not duplicates..
Post new log..installed in C:\ program file..so back ups can be made..
 

1 more replies
Relevance 41%

Logfile of HijackThis v1.99.1
Scan saved at 2:41:47 PM, on 11/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\kvqeuyb.exe
C:\Documents and Settings\XcEpTiOnAL 1\My Documents\hjackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Se... Read more

Answer:help...computer has popups/slow/etc...

9 more replies
Relevance 41%

My family's PC has become slower in the past few weeks and more and more pop-ups apear.
Most of them are from mercadolibre.com and others are from some dating services.

I use Firefox as my default browser, but my family uses IE, and last time i used it, i noticed that http://searchweb2.com/ sets as the default homepage eventhought i change it.

I already followed all the procedures you guy sugests, S&D, Ad-Aware, etc, and deleted tons of spyware, but still i wanted some extra help to get rid of everything if not most of this things.

Thnx in advance

Here is the Hijacthis log:

Logfile of HijackThis v1.99.1
Scan saved at 0454 p.m., on 29/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Serv-U\ServUDaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Archivos de programa\Microsoft Hardware\Keyboard\type32.exe
C:\Archivos de programa\Archivos co... Read more

Answer:Slow Pc with mercadolibre.com popups

Sorry for the delay but we're a bit short handed at the moment. It's been sometime since the last hijackthis log is posted. If you still require assistance, please post a fresh hijackthis log. I'm subscribed to this thread & would be notified of your reply.

6 more replies
Relevance 41%

I've tried numerous virus/spyware scans, but this computer continues to give me trouble. Can anyone help? Here's my hijackthis.log. Thanks in advance.Logfile of HijackThis v1.99.1Scan saved at 3:28:04 PM, on 06/06/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exeC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Windows Defender\MSASCui.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exeC:\Program Files\Messenger\msmsgs.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\dlbxcoms.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Microsoft Money\Syst... Read more

Answer:Running Slow/popups

Hi and welcome to BleepingComputer I'm Jet Ian , and I will be handling your log to help you get it cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.We also recommend that you Subscribe to this thread so that when I or the other experts replied, you will get an email notification. To do this: Click on then and make sure you set it to Immediate Email Notification.

5 more replies
Relevance 41%

HELLO EVERYONE I HAVE ANOTHER POST IM WORKING ON A FRIENDS COMPUTER SHE WAS COMPLAINING OF A SLOW COMPUTER AND MANY MANY POPUPS AND NOT BEING ABLE TO GET ONLINE. WHEN OPENING INTERNET EXPLORER DOES NOT CONNECT TO ANY WEB SITE. ON HER DESKTOP SHE NOW HAS A YELLOW TRIANGLE THAT SAYS CLICK TO FIND AND FIX ERRORS WHICH WE KNOW IS NOT GOOD. I INSTALLED AND RAN SPYBOT IT DID FIND FILES AND DID DELETE ALOT ALSO RAN VUNDOFIX IT DID FIND ABOUT 8 FILES THAT IT ALSO DELETED. WHEN SPYBOT IS RUN THERE IS A PROCESS I BELIEVE THE COMMAND.EXE OR SOMETHING CLOSE TO THAT EFFECT THAT IT STATES IS POTENTIALLY BAD AND SHUTS IT DOWN AND RUNS SPYBOT WHEN WINDOWS STARTS. I INSTALLED AD-ADWRE 2007 BUT THE COMPUTER HAS A HARD TIME STAYING ONLINE THAT I CAN NOT UPDATE THE DEFINITION FILES.....I DID RUN A HIGH JACK THIS LOG AND CLEANED UP WHAT I KNEW HERE IS A COPY OF THE LOG I HAVE NOW......I WILL BE USING MY COMPUTER TO GET ONLINE AND CARRY OUT ANY INSTRUCTIONS BEING HERS IS UNABLE TO CONNECT AND STAY ONLINE........THANKS FOR YOUR HELP ONE MORE TIMEP.S SHE DOES HAVE NORTON INSTALLED ON HER COMPUTER WHICH DOES NOT START AT WINDOWS LOAD I WILL TRY AND UPDATE AND DO A SCAN ONCE I DO GET ONLINE I WILL RUN BITDEFENDER ONLINE TO CHECK FOR ANY VIRUSESLogfile of Trend Micro HijackThis v2.0.2Scan saved at 11:16:12 PM, on 10/28/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WIND... Read more

Answer:Many Popups Slow Computer

Please download FindAWF:http://noahdfear.net/downloads/FindAWF.exeSave the file to the Desktop Double-click the FindAWF icon.If a Security Alert shows, allow the program to run.As instructed, press any key to continue.Use the following option: Press 1 then Enter to scan for bak foldersThe scan may take a while, please be patient.When done, a text file, Find AWF report is produced.Please provide Find AWF report in your reply.

14 more replies
Relevance 41%

Hey i was wondering if anyone could help me out. I have been geting a great amount of pop ups lately, and their really annoying. I ran malwarebytes and it got rid of alot of stuff, but i dont think its everything. Please help if you can. Im begging YOU
DDS (Ver_09-03-16.01) - NTFSx86
Run by Kristian at 18:55:47.14 on Wed 04/29/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.760.384 [GMT -4:00]

AV: avast! antivirus 4.8.1335 [VPS 090429-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D: ... Read more

Answer:wow.. slow computer with popups **HELP**

Does anyone see any problems?============Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to b... Read more

13 more replies
Relevance 41%

hey guys
recently my computer has been running really slow, especially when i have internet explorer on
ive found out that by terminating windows explorers things speed up a bit, but not by much
also, theres been several popups lately, most of them start with an address that looks something like: 65.107.204.1
i just made up that number, because it changes everytime, but it always starts with either a 64 or a 65

anyways, i did a hijackthis scan, and i was wondering if you guys can help me out
so here it is
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:13 AM, on 10/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\nvkoenoh.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctf... Read more

Answer:popups and slow computer

16 more replies
Relevance 41%

i think i have a virus. there are lots of popups and it keeps freezing. i am not that great with computers all the time, so could you tell me how to report a hijack log to you so you can see what the problem is. thanks

Answer:Popups And Slow Computer

please help me!

2 more replies
Relevance 41%

This is a friends computer i'm scanning for, please helpLogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:41:51 AM, on 9/16/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\SiteAdvisor\6172\SiteAdv.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeC:\Program Files\Common Files\??sembly\w?crtupd.exeC:\PROGRA~1\McAfee\MSC\mcpromgr.exec:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeC:\Program Files\McAfee\MPF\MP... Read more

Answer:Popups And Slow Performance

Hi, Please take note of the following:I will be handling your log and helping you, please do not make any system changes yet. The process is not instant. Please continue to review my answers until I tell you that your computer is clean. Be patience.The fixes are specific to your problem and should only be used for this issue on this machineIf there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.Please reply to this thread. Do not start a new topic.Please give me some time to look over your log and I will get back to you as soon as possible.

3 more replies
Relevance 41%

I've been working with popup blockers for a while now. But a while back, I think I broke something. Now, for most popups, before they come, the internet browser window freezes for a bit, then the popup comes. This slowdown is very annoying. My machine specs are in my sig.

I run both IE and Slimbrowser and both have the same problem. I never had this problem before a while ago. This even happens with NO popup blocker running. I mainly run Popup Killer 1.45.3. I also run a modded HOSTS file, but I don't see how that would affect this.

Does anyone know what's wrong and how I could possibly fix this? Thanks for any help.
 

Answer:Popups slow down system a lot

7 more replies
Relevance 41%

Hi guys, i dont know that much about computers and recently my computer has been running really slow, a million pop ups are coming up and when i try to run some programs it comes up with the window that says it has encountered a problem and needs to close. I need help please!!!!

Hijack this logfile is below. Thanks guys.

Logfile of HijackThis v1.99.1
Scan saved at 12:34:42 AM, on 9/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Catia\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WinAble\winable.exe
C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program ... Read more

Answer:Slow computer and popups

i dont see 2 much wrong glancing over your hijackthis file.. if your computer is running slow then it could be a couple of things..i take it SUPERAntiSpyware is not helping..are u using the full scan option.

next are the popups coming from firefox or explorer: if there firefox pop ups try using adblock from firefox: Tools > Add-ons > get extensions > Add block Plus > download

if your still getting popups then try an antivirus program or a different spyware program.A different program might find spyware that superANTIspyware cant. i have spyhunter v2.9 which is really good. u can download the trial version for free to see what infections u got.

and finally your pc might be running slow because your running too many programs from startup. follow these steps: Start > Run > "msconfig" > Startup > only uncheck those u are certain of and Apply.

hope this helps
 

2 more replies
Relevance 41%

First, I found you guys through google and was hoping you can help me through this problem. I run two business as well as do schooling online and this slows me down. I have symantac antivirus and have updated and run several full scans and nothing came up. The issue I am having is random popups and slower IE. For example, if I go to login through my college login and a popup for online learning comes up and anything semi related to what I am searching for popups. If you need anymore information please let me know.
 

Answer:Slow IE and random popups

Hi, Welcome to TSG!!
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

3 more replies
Relevance 41%

My computer has slowed down, even worse I get popups in the cornner and the homepage is not what I want.

Answer:Slow PC with lots of popups

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here.If you get crashes in normal mode,run it in safemode with networkingDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

8 more replies
Relevance 41%

Just started getting pop ups just about everywhere i go
im running windows 8 
not done anything yet 

Answer:getting popups and running slow

Hello,
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
§  Flush DNS
§  Report IE Proxy Settings
§  Reset IE Proxy Settings
§  Report FF Proxy Settings
§  Reset FF Proxy Settings
§  List content of Hosts
§  List IP configuration
§  List Winsock Entries
§  List last 10 Event Viewer log
§  List Installed Programs
§  List Devices
§  List Users, Partitions and Memory size.
§  List Minidump Files
§  List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
---------------
 
ESET Online Scanner
§  Click here to download the installer for ESET Online Scanner and save it to your Desktop.
§  Disable all your antivirus and antimalware software - see how to do that here.
§  Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
§  Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
§  Select Enable detection of potentially unwanted applications.
§  Click Advanced Settings, then place a checkmark in the ... Read more

17 more replies