Computer Support Forum

slow computer, applications ending, firefox popups

Question: slow computer, applications ending, firefox popups

Slow computer, never idle, Firefox/explorer ending randomly
Hi there,

I have been having problems for about a week now. I think its got something to do with the recent vista updates i just installed. Either way I am having random problems:

- Firefox is getting popups which it never did before
- Firefox/Explorer keeps getting errors and terminating at random times
- Firefox/Explorer decides which websites it wants to display. Meaning that some work and some don't. Google comes up but searches do not.
- Windows Explorer keeps getting errors too and terminating
- Windows Defender (which is rubbish) scans and finds an error and can't remove it with error code: 0x80501001. The problem it did find was: Trojan:Win32/Vundo.gen!R. It has just recently been quarantined and removed after I found what the error code meant (rar file error).
- My hard drive is constantly working even when my computer is idle. Something it never used to do. I have put ad-aware on my laptop after thinking windows defender could deal with spyware. It found 460 issues. and couldn't remove a few. I load adwatch and it tells me that :

"The process 'explorer.exe' (4852) is trying to modify the (ValueChangeOrAdd) the registry

Path:
HKEY_CURRENT_USER
Software\Microsoft\Windows\CurrentVersion\Run

Do you want to block or allow it?

It comes up with a notification every second.. right now its on 193 notifications queued and will keep increasing unless I unload Ad-watch.

My Hijackthis log is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:46:01, on 17/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Amit\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
c:\program files\google\googletoolbar2user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files\thechatterbox.cc\tbthec.dll
O1 - Hosts: ::1 localhost
O2 - BHO: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files\thechatterbox.cc\tbthec.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} - C:\Program Files\Video Add-on\isfmdl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files\thechatterbox.cc\tbthec.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SNPSTD2] C:\Windows\vsnpstd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [googletalk] C:\Users\Amit\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ares vista] "C:\Program Files\Ares Vista\Ares.exe" -h
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Amit\AppData\Local\Temp\jkkiFYQI.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Amit\AppData\Local\Temp\ddcCSMec.dll,c
O4 - HKCU\..\Run: [lphcr1bj0en7w] C:\Windows\system32\lphcr1bj0en7w.exe
O4 - HKCU\..\Run: [7e6b96a3] rundll32.exe "C:\Users\Amit\AppData\Local\Temp\qobfpsyf.dll",b
O4 - HKCU\..\Run: [BM7d58a53f] Rundll32.exe "C:\Users\Amit\AppData\Local\Temp\cssgdrcl.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Digsby.lnk = C:\Program Files\Digsby\digsby.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://magnet.2020.net/virtualplanne...erAX_Win32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 12872 bytes

Please can someone help me as I am trying to revise and this problem is causing so many issues! I'm so tempted to format and go back to windows XP as Vista is a pile of poo! Many thanks,

Cena

More replies
Relevance 100%
Preferred Solution: slow computer, applications ending, firefox popups

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 71.75%

Help! My computer is running really slow. I am using XP. I currently have SpyBot, Spyware Doctor, and Trend Micro PC-Cillin. I've had them tell me I have the Mytob Worm, Monder trojan, and Sinowal key logger, but when I use things specifically to remove those they come back as they can't be found. Here is my hijackthis log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:35:09 PM, on 01/31/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exeC:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exeC:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\... Read more

Answer:Slow Computer + Firefox Popups, trojan, worm, etc

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.NEXTPlease download RSIT by random/random and save it to your Desktop.Double click on RSIT.exe to run RSITBefore you click "Continue", make sure you change the List files/folders created or modified in the last 3 monthsClick Continue at the disclaimer screen.Once it has finished, two lo... Read more

18 more replies
Relevance 63.96%

How do I end applications from dos prompt. When I type in command I get
c:\~DOCUMEN 1\<my name >
 

Answer:ending applications from dos prompt

Hi

Could try Taskkill from a CMD prompt, syntax would be if say you had MSPAINT open >>>> taskkill /IM mspaint.exe
 

1 more replies
Relevance 61.91%

Hi!
I have a problem of slow Internet. My speed is supposed to be 20 mbps (and when I do a speedtest, that’s what it shows as well), but my Internet is really slow, whether in Firefox, Chrome or even in the iTunes Store on iTunes, or loading images in emails in Thunderbird. Most of the pages take a really long time to load (sometimes not even loading at all so I have to refresh) and I don’t understand why. I tried restarting my computer, running Firefox in safe mode, checking for viruses and running Malware Bytes and CCleaner, but nothing I tried changed anything. Internet is at its normal speed on all my other computers and devices. My computer in itself is sometimes a little slow, but a few weeks ago, the Internet speed was still normal no matter what.
Also, in case you need to know, I’m on Windows 7.
Any suggestions for what I could try?
Thanks in advance!

More replies
Relevance 61.91%

Running older PC Clone 2.0 Ghz Dual CPU Pentium, 1GB Ram Win XP Home Edition system.

While navigation on Internet Explorer or Google Chrome, system runs extrememly slow and/or crashes. When using applications such as Itunes, Email, or simply opening up Word and other applications, it runs very slow and almost seems to stop. The IE7 that was on the computer had changed to an operate with add-ons off as a result of the infection. I downloaded and reinstalled IE7 and this seems to have fixed that problem for the time being. MalwareBytes and SuperAntiSpy icons dissappeared from my desktop. When trying to use them from the Start / Menu options the programs no longer worked. I reinstalled them and they appear to work fine now. However, the system still seems to run very slow over all and its performance is greatly hindered.

Next, I ran free version of SuperAntiSpyware and all it detected was a couple Adware cookies. Secondly, I ran free version of Malware Bytes Anti-Malware and it detected PUP.GamePlayLab infections located in the Registry Key: HKLM\SOFTGWARE\Microsoft\Windows.... These files were removed and quarantined by MWB. Thirdly, I ran Old Timer's TFC and then rebooted the computer and it appeared to run a little faster, but still sluggish while using IE7. So, finally, I ran ESET Free Online Scanner, and it detected "Win32/Toolbar.Babylon and Win32/TopMedia.a" virus infections. Scan took about 2 1/2 hours. I set it to search the drives/ar... Read more

Answer:Computer runs Slow, Internet slow, Applications slow

Hello, lets look a bit more.Please DownloadTDSSkillerLaunch it. Click on change parameters-Select TDLFS file system Click on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan results.>>>>>>>>Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on adwcleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.You will be prompted to restart your computer. A text file will open after the restart.Please post the contents of that logfile with your next reply.You can find the logfile at C:\AdwCleaner[S1].txt as well.>>>>>>> Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Finally...MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of Hos... Read more

15 more replies
Relevance 61.09%

Sometimes when I try to go to several different pages, firefox just... doesn't load them, and instead, a new tab with this link opens up (don't click, just a reference) : http://systemerrorfixer.com/clean/i...0b205-60604-52395-36f54-00025-a444b-04550-f02

I'd ran adaware, spybot S+D, trendmicro's free online scan, and I've tried SDFix, too. Any help, please? Thank you.
 

Answer:firefox is slow/popups

any help, please? firefox is ridiculously slow and i keep on getting more and more popups
 

2 more replies
Relevance 61.09%

Just recently, my computer has been acting funny, and I've started to get pop-ups in both Firefox and Internet Explorer. Pop-ups are generally ads about "WinProDoctor" (or something like that) and "SystemDoctor". Sometimes Firefox is also extremely slow when loading pages, not sure if this is also an effect. Ad-Aware and Spybot - Search and Destroy don't seem to help either. I've had Windows SP2 installed a while ago, along with all the updates.

Panda ActiveScan Log:

Incident Status Location

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\dhjbtlpn.dll
Adware:adware/savenow Not disinfected c:\program files\VVSN ... Read more

Answer:Popups + Slow IE / FireFox

1. Download this file -> http://download.bleepingcomputer.com...a/ComboFix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that log & a fresh HJT log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

6 more replies
Relevance 60.68%

Everytime I use ie or firefox I keep getting random popups every other page I visit. Popups like areaconnect, hornymatches, battleknight, lonelycheatingwives n such. I've run all sorts of scans avg, xoftspy, spybot, spysweeper, malwarebytes anti malware, ad aware, hijackthis and yet I still keep getting these popups. Can anyone please help me fix this problem

Answer:Never ending popups help

Please post the results of your MBAM scan for review.To retrieve the MBAM scan log information, launch MBAB.? Click the Logs Tab at the top.mbam-log-2008-10-12(13-35-16).txt should show in the list. <- your dates will be different from this exampe? Click on the log name to highlight it.? Go to the bottom and click on Open.? The log should automatically open in notepad as a text file.? Go to Edit and choose Select all.? Go back to Edit and choose Copy or right-click on the highlighted text and choose copy from there.? Come back to this thread, click Add Reply, then right-click and choose Paste.

1 more replies
Relevance 60.68%

Hi! I've downloaded Adaware se personal and sypbot search and destroy, yet nothing seems to fix my problems with the popups. When I leave my my computer on for around 7 hours, 57 popups are waiting! Help! It's getting really annoying! Here is my HJK log and I hope you can help me. Thanks.Logfile of HijackThis v1.99.1Scan saved at 9:13:35 AM, on 08/08/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Acer\Empowering Technology\ePerformance\MemCheck.exeC:\Program Files\Symant... Read more

Answer:The Never Ending Popups!

Hey Merii and welcome to Bleeping Computer's security forum.My name is David, I will be helping you with your log today.It is a good idea to print off these instructions:This will be useful as there is a possibility some of the instructions will need to be carried out where internet access is not available. You may also like to save these instructions in word/notepad to the desktop where they can be easily found for the same reasons as above. A print out of the instructions would be a good reference to make sure you don't yet lost.Also, it is important that you complete the instructions in the right order, and also that you don't miss any steps out!If you have any queries about the process or just general questions, just ask.1) Please download Ewido Anti-Spyware and save the file to your desktop.This is a free 30 day trial version of the program. Locate the icon on your desktop and double click it to open the set-up program. Follow the instructions on screen to install Ewido. Run the program and you will meet the main screen. Select the icon "Update" then select the "Update now" link Next click the "Start Update" button; a progress bar will show the updates being installed. Now select the "Scanner" icon at the top of the screen, then select the "Settings" tab. Click on "Recommended actions" and then select "Quarantine". Close the program now, we will be running a scan a bit later.2) Start HijackThis, cl... Read more

13 more replies
Relevance 60.68%

It takes forever to pull up Interent Explorer... and still everything is very slow in terms of reaction time to my clicking/typing. If I leave my computer on overnight, it takes a few minutes it seems to "warm up" once I try to access an application.

Any suggestions? I know this is a vague description. Thanks.

My HijackThis log:

Logfile of HijackThis v1.96.1
Scan saved at 8:36:33 PM, on 8/19/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Personal Firewall\SymProxySvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton Personal Firewall\NISSERV.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\Norton Personal Firewall\IAMAPP.EXE
C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
C:\PROGRA~1\NORTON~2\WinFax\WFXSWTCH.exe
C:\WINDOWS\System32\wfxsnt40.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:... Read more

Answer:My computer is painfully slow after a few hours of inactivity. Applications VERY slow

Anything look familiar?
 

3 more replies
Relevance 60.27%

I have been getting random popups on firefox, and firefox is running really slow. I ran the following so far
- Microsoft Security Essentials
- XoftSpySE
- Spyware Terminator 2012
- Malwarebytes Anti-Malware
- Spybot - Search & Destroy
And ESET's online scanner

Here is the log files







.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by DJ Nice at 18:20:30 on 2011-12-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1919.840 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe... Read more

Answer:Firefox Slow and Random Popups

BUMP Please..
I also have some info that might help. I found that after I changed to a new Firefox Profile, I don't have the problem. So it is somehow connect to the "default" profile of my firefox. I also forgot to mention that the popups only happened "on click" not just out of nowhere.

14 more replies
Relevance 60.27%

I keep getting a trojan horse Downloader.Generic6.AEPH. I get popups like every 1 to 2 minutes. I have ran smitfraudfix in safe mode numerious times. i have run AVG but the popups will not go away.

The folder that is getting the trojans has a jete76d.tmp file that I cannot delete. It is saying it is being currently used by a person or program.

Please help me.
 

Answer:Trojans and never ending popups.

13 more replies
Relevance 60.27%

hi.

at home, my laptop had problems with excessive popups but after dl a spyware program, the pop ups disappeared.

im in my college dorm right now and im having the same problem once again, but my spyware isnt working. my norton anti virus isnt deleting all the infected files, and my internet connection is really slow due to pop ups being loaded onto the screen. i get a lot of popups from 680130.net or something like that.

please help.

thank you in advance.
 

Answer:Solved: never ending popups

16 more replies
Relevance 59.86%

This computer has been really slow at everything lately. Has lots of pop ups too and even the balloons in the bottom right corner that pop up.No real virus or malware protection has been on this comp, but we are ready to do what ever we need to! Thanks for the help!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:32:36 PM, on 6/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16850)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC: ... Read more

Answer:New Log, very slow computer, popups, other on screen popups...

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.-----------------------------------------------------------We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, ... Read more

7 more replies
Relevance 59.45%

Got infected after visiting a website using IE, now Firefox and IE both work very slowly (or not at all until I CTRL-ALT-DEL and delete processes that are taking up a ton of CPU%). I've tried a bunch of programmes to remove whatever's in here, like AVG, Spybot S&D, MalwareBytes', and Ad-Aware but Virtumonde and other bad stuff continually comes up in the scans, I'm still getting very slow performance and popups in both IE and Firefox, and Firefox seems to have completely "reset" itself.Deckard's System Scanner v20071014.68Run by Owner on 2008-05-13 01:35:50Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --23: 2008-05-13 05:36:08 UTC - RP846 - Deckard's System Scanner Restore Point22: 2008-05-12 11:52:08 UTC - RP845 - Last known good configuration21: 2008-05-12 11:52:00 UTC - RP844 - Installed Ad-Aware 200720: 2008-05-12 11:51:59 UTC - RP843 - Last known good configuration19: 2008-05-12 11:51:59 UTC - RP842 - Last known good configuration-- First Restore Point -- 1: 2008-05-12 11:51:58 UTC - RP824 - System CheckpointBacked up registry hives.Performed disk cleanup.Total Physical Memory: 511 MiB (512 MiB recommended).System Drive C: has 5.37 GiB (less than 15%) free.-- HijackThis Clone --------------------------------------------------------... Read more

Answer:Firefox Bookmarks Are Gone, Slow Performance, And Popups...

Hi,Go to start > run and copy and paste next command in the field:"C:\Documents and Settings\Owner\Desktop\dss.exe" /daftAn application will open..Click on the Scan button.Select everything it is displaying thereClick the Fix button.Then rescan with DAFT again - it should say now that "All associations are OK"Close DAFT if you receive that message. This means that it is fixed now.Then, I see you have Viewpoint installed...Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.ViewpointViewpoint ManagerViewpoint Media Playerthen, * Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixThis includes installing the Windows XP Recovery Console in case you have not installed it yet.Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

17 more replies
Relevance 59.45%

Hey folks, thanks in advance for your help.

This thing takes forever to boot up, performance is horrible, and I get frequent browser popups (got one for 'registry defender' while making this post).

Followed all the directions however combofix scan wouldn't complete (I let it run for an hour - let me know if I should let it run longer).

Thanks again. It's appreciated.



w
 

Answer:Laptop with slow boot, popups in Firefox and IE

Welcome to MajorGeeks

Please stop and close ComboFix and do the following:

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 8 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Administrator


You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.exe
Rkill.com
Rkill.scr
Rkill.pif
If you are having problems running Rkill, try downloading one of these renamed copies of RKill.com
iExplore.exe
eXplorer.exe
uSeRiNiT.exe
WiNlOgOn.exe

Once you've gotten one of them to run then try to immediately run the following.

Now run this: Using Malwarebytes Anti-Malware

Then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Windows 7, use right click and select Run As Administrator).

Please attach the below logs to your next reply:
MBAMlog.txt
updated MGLogs.zip

dr.m
 

14 more replies
Relevance 59.45%

I am pretty sure I have a virus of some kind. The Symantec Email Proxy is constantly popping up. The only way to stop it is to disconnect the internet connection. I found XP Spyware 2009 on my computer today and was able to get rid of that using Malwarebytes' Anti Malware. When I run that program, it identifies other malware, most of which it is able to remove, but there is one file in my Windows/System32/folder -- xwpxlo.dll -- that it cannot get rid of. Anti Malware tells me to reboot to clean up this file, but when I reboot, the Anti Malware clean up program is disabled (TC Monitor alerts me to the registry change and that the Anti Malware cleanup is an expected value but does not show up).

Any help would be greatly appreciated.

Answer:Never Ending Symantec Email Popups

I ran Anti Malware again and detected new viruses. Again, I cannot get the Anti Malware to run clean up when I reboot as the virus seems to be screwing around with the registry.

I have run Anti Malware and ATF Cleaner several times. But the never ending Symantec Email Proxy keeps appearing. I even tried to disable scanning of outgoing emails, but that didn't seem to do anything.

Does anyone have any suggestions?

1 more replies
Relevance 59.04%

So lately I've been getting random popups while using Firefox, and even when it's closed. Nothing explicit or anything, just ads. At the same time, my internet has really slowed down.

Here's my HiJack This log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:37:15 PM, on 12/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\GetModule\GetModule31.exe
C:\Documents and Settings\Owner\Application Data\gadcom\gadcom.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\... Read more

Answer:Random firefox popups/slow internet speeds

Hi, welcome to TSF!

You posted incomplete logs.

Please follow our pre-posting process again, outlined here:

http://www.techsupportforum.com/secu...oval-help.html

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

7 more replies
Relevance 59.04%

Hello all. I had a few new additions to my startup, namely dedezaye, bisevona, and vimoveta. I have pop-ups in firefox that are all geared towards any searches I make. Finally, my once super quick system is not loading some webpages and those that is is, it is as slow as molasses in winter. Please help me, here is the RSIT log.Logfile of random's system information tool 1.04 (written by random/random)Run by Rich Hawran at 2008-12-11 21:00:42Microsoft Windows XP Professional Service Pack 2System drive C: has 99 GB (42%) free of 234 GBTotal RAM: 3069 MB (83% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:00:50 PM, on 12/11/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\PROGRA~1\AVG\AVG8\avgtray.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1�... Read more

Answer:New items in startup, popups in firefox, and slow browsing

Hello, my name is fenzodahl512 and welcome to BC.. Please do the following...Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..Please download ComboFix by sUBs from one of the locations below, and save it to your Desktop.Link 1Link 2Link 3Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply..Note: DO NOT mouseclick combofix's window while its running. That may cause it to stallNEXTPlease download GMER and unzip it to your Desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.Post these logs in your next reply..1. ComboFix2. A fresh HijackThis log3. Attach GMER reportRegardsfenzodahl512

15 more replies
Relevance 59.04%

Hello everyone. Recently I've been getting more and more Antivirus 2009 popups and they're starting to affect my comps. performance. I've tried using MBAM but it keeps coming back and im not sure what to do now. I've attached my HJT file below. Thank you for any help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:03:00 PM, on 12/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ATI Technologies\ATI... Read more

Answer:IE popups in firefox,antivirus 2009 and slow comp.

16 more replies
Relevance 59.04%

*I have attached the GMER log to this post* oops, forgot to attach the GMER log - will run and attached this morning Thank you for any help you can offer! I have recently had a lot of problems with PC freezing, firefox has crashed several times in the last few days for the first time ever. pc seems to be running a bit slow but it is a acer aspire one netbook so speed not really something it ever had. I do notice that often the performance is indicating 90%+ on the CPU and all that I have is music from pandora or youtube playing and a word document open. When I minimize windows they have started to do a "slow motion" fade from top to bottom and sometimes it seems like the computer is struggling to open a word doc, other times it seems fine, no problem. MS Word seems to be crashing for no apparent reasons when I try to save file on occasion, had a few pop ups the other night. I have a symatec program from my school that I keep updated and run ad-aware, auto updates enabled for XP. I did a search of the security log and it looks like someone is logging on to my PC, I think that would be a trojan, I dont really know much about pc's but I downloaded and ran a squared, it came up with nothing. but there are a few periodic notes of security failure in the secuity log that says an NT authority loged on to my pc I posted some of the message below: Failure Audit: IPSec Services: IPSec Services failed to get the complete list of network interfaces on the machi... Read more

Answer:slow pc, popups, firefox and Word crashing, pc freezing

Hello,My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if youwould let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.Please download Malwarebytes' Anti-Malware from HereNote: If you already have Malwarebytes' Anti-Malware, just update then run it.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy and Paste the entire report in your next reply .Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.Download random's system information tool (RSI... Read more

13 more replies
Relevance 58.63%

On startup I get this popup window "Application cannot be executed. The file wscntfy.exe is infected. Do you want to activate your antivirus software now?" I click "No" and everytime I try to launch any application (Task Manager, even MS Paint), that application doesn't load and I get the same popup window.

Lower-right part of screen is a small popup window: "Antivirus software alert. INFILTRATION ALERT: Your computer is being attacked by an Internet Virus. It could be a password-stealing attack, a trojan - dropper or similar. DETAILS: [...] Do you want to block the attack?"

I also get intermittent popups of IE windows to websites that I most definitely have not been to before!!

There are also about fifty little red shields in my icon tray, so many that they obscure the other icons and the time.

HOWEVER, if I start in Safe Mode, run MSCONFIG.EXE and click "Selective Startup," unclick "Load Startup Items," and restart, then the bad stuff does not load.

Edited to Add: I guess I should add that I'm using Windows XP Professional SP 2

Help!!

Answer:Never-ending popups 'Application cannot be executed" at startup

Please download TFC by Old Timer and save it to your desktop.alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser!Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.Click the Start button to begin the cleaning process and let it run uninterrupted to completion.Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean. Please download RKill by GrinlerLink #1Link #2Link #3Link #4Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.Download Link #1.Save it to your Desktop.Double click the RKill desktop icon.
If you are using Vista please right click and run as Admin!A black screen will briefly flash indicating a successful run.If this does not occur please delete that application and download Link #2.Continue process until the tool runs.If the tool does not run from any of the links tell me about it. Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default set... Read more

6 more replies
Relevance 58.22%

Hi,

My laptop was running smooth, but after returning home after 2 wks from out of town, my laptop takes around 8 minutes to completely load up. Whenever I click on any application, it takes 5 minutes to open up. All applications run really slow, videos on youtube skip even after they have completely loaded and when I play songs on my itunes they skip horribly and pause, and when I type on microsoft word theres a long delay in the words I type appearing on screen. I have over 20GB of memory available on both my C and D drive. I ran all scans on Norton 360 which I purchased after this started, but it didnt detect anything and my computer is still really slow.

I's greatly appreciate any help anyone on here could offer me. I ran a scan of Hijackthis, let me know if you want me to post it.

Thanks

Answer:All applications on computer run slow

Hi kenshinsword and welcome to TSF

Sorry for the delay in getting to you, the forum is really busy and all our helpers are volunteers.

Please post a log from a new HijackThis scan

5 more replies
Relevance 58.22%

Hello I have a windows 8.1 computer and I am trying to use it to the fullest and fastest it can be. One of the ways I use the computer is play using Steam. I have about 50 gigabytes worth of space used and have about 610 gb remaining. Will having my games and other stuff slow down my computer?

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 3980 Mb
Graphics Card: Intel(R) HD Graphics 4000, -2041 Mb
Hard Drives: C: Total - 703461 MB, Free - 656306 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: Windows Defender, Disabled

Thanks you can also contact me through < Moderator removed password. all help to be on the forum not by email >
 

Answer:Does My Applications Slow Down My Computer?

13 more replies
Relevance 57.81%

Hey guys,
As of two weeks ago my computer's running speed decreased dramatically. It takes approx. 30 seconds to open up windows task manager. Also, a few gaming applications now crash on start up, such as Warcraft III and Dota 2 and with numerous applications freezing.

I've run virus scans on Malwarebytes and Spybot Search & Destroy with no hits. I'm very tempted to do a system restore but I'd really rather avoid this. Could you help me guys?

Thanks in advance.

--------------------------
HIJACK THIS:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:24:29 PM, on 6/3/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Kaspe... Read more

Answer:Computer Extremely Slow - Applications Crashing Computer

You've got multiple antivirus programs installed and running in that computer.

That in itself will bog down a computer because they're fighting each other.

I suggest that you get rid of everything that's associated with Lavasoft Ad-Aware and AVG.

Also get rid of Spybot - Search & Destroy and replace it with SUPERAntiSpyware 5.0.0.1150.

SUPERAntiSpyware and Malwarebytes Anti-Malware(which you already have) work well together in combating malware, spyware, rogues, hijackers, etc..

-----------------------------------------------------------
 

1 more replies
Relevance 57.4%

In the last couple of days, my system is almost completely unresponsive unless started in "safe" mode. Apps either take forever to open or don't open at all, it is impossible to shut the system down without a hard reboot. I ran a complete system scan with Avast! but it reported no infections. Don't believe I've intentionally downloaded anything that would have caused this unless I got a bad update from Windows update, as those are the only recent downloads my system is showing. "HiJack This" and other logs follow. Did not get any kind of rootkit warning form GMES, so there is no "ark.txt" log. At bottom of post is my system info. Thanks in advance for any assistance.

Regards,
Randy Grove

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:56:11 PM, on 8/25/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\Dee\Desktop\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Int... Read more

Answer:Applications won't open, computer very slow

16 more replies
Relevance 57.4%

My computer seemingly got infected over night, I got an error message, and when I booted the computer up it was very slow and no applications would open in the regular mode. I have opened safe mode and installed malwarebytes but it keeps stopping at 30 seconds and saying it is not responding when I scan the hard drive in full and quick scan. Any help would be appreciated thanks!

Answer:Slow computer, applications will not open.

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Scan with FRST in normal modePlease download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)Run FRST. Don´t change one of the checkboxes and hit Scan. Logfiles are created on your desk... Read more

4 more replies
Relevance 57.4%

Hey,

My Windows 7 SP1 computer has recently started being very slow. Startup from the password screen takes 2 1/2 to load the desktop. General file management tasks, like viewing, copying, moving, and deleting files operate at normal speed. However, when I do something that Windows has to "look up" i.e, not cached, the entire computer slows to a crawl. The application does open, but I get a lot of 'Not Responding" messages in the title bar as I use the application. There is one external drive connected via USB 2.0. Page file is set to system managed.

Could this be my HDD going? I haven't checked the disk for errors yet, going to do that next.

Let me know your thoughts on this.

Thank you,

wws

Answer:Slow computer when opening applications, Bad HDD?

Hello wws,

Post a screenshot of your Hard Drive(s) using Crystal Disk Info software:CrystalDiskInfo - Software - Crystal Dew World
Run a Hard Drive test:SeaTools for DOS and Windows - How to Use
Run Disk Check on your hard disk for file system errors and bad sectors on it:Disk Check
Scan with Kaspersky TDSSKiller:Anti-rootkit utility TDSSKiller
ESET online scanner: Free Online Virus Scanner | ESET

3 more replies
Relevance 56.99%

Hi! I really appreciate any help or insight you can give me. My computer has become (over some time) really slow. It is a few years old, so possibly the RAM and processor speed are partly to blame. However, something else seems to be bogging down the startup and in particulrm the opening of applications. It seems to take forever. Frequently it hangs up and I have to use task manager to shut down applications and processes until I can regain some control. I have Norton, so I don't think it is a virus, but I am not sure.

Thanks for any advice you can give me.

Stoney
Here is my DDS file:
DDS (Ver_09-12-01.01) - NTFSx86
Run by Stoney at 21:32:52.53 on Wed 12/16/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.110 [GMT -6:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Norton Interne... Read more

Answer:very slow computer (esp. booting and opening applications)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 56.99%

Ok, so here is what has gone down so far:

I had Windows Home Premium x64, and decided that I wanted to go back to factory settings. I used Dell Datasafe to revert to factory settings but it froze (I let it sit for 24 hours just to make sure) and I had to turn it off. It wouldn't boot up after that past the Windows animation, so I tried to install Windows Ultimate x64 over it. That worked as far as I can tell, but now it is extremely slow and all my applications say (not responding) whenever I try to use them.

If anyone knows what I can do to troubleshoot or fix this, that would just make my day.

A few things I tried already:
- Used a clean boot, still extremely slow, takes about 10 minutes just to get to the login screen
- Tried safe mode, still extremely slow, and applications still doing the same thing.
- Tried safe mode, ran slow until I deleted my system.old. It ran fast for the remaining time I was on it, but when I went back to normal startup it slowed back down. I will try safemode again to make sure that wasn't just a spurt of luck.

**I will troubleshoot and update as I go along**
Thanks in advance,
moneybagman

Answer:Computer running slow; All applications (not responding)

Perhaps someone else will jump in with a better suggestion, but I'd recommend doing another clean install of the Ultimate x64. I think this will be a faster approach (even if you have to reinstall updates, programs etc) than tying to troubleshoot the issue. This tutorial may provide a clue if (for example) a step was missed during the original install.

Clean Install Windows 7

If you used an Ultimate upgrade disk follow this tutorial:

Clean Install with a Upgrade Windows 7 Version

3 more replies
Relevance 56.99%

I have tried everything I know to do, and I am at a loss. My computer is suddenly SLOW in all browsers (Firefox, Chrome, IE), and all native applications (Photoshop, CorelDraw, etc). 
 

 
I uninstalled Real Player (seemed to start right after I installed Real Player)
 
I have a Windows 7 home premium computer, HP Pavilion p6120f Desktop PC, Motherboard Manufacturer: Asus, Motherboard Name: IPIBL-LB, HP/Compaq motherboard name: Benicia-GL8E, pc2-6400 ddr2 sdram 2gb • CL=6 • Unbuffered • NON-ECC • DDR2-800 • 1.8V • 256Meg x 64, 16g ram, etc.
 
It suddenly slowed down in the last week or so. My husband just got rid of RocketTab, and we are on the same network, but I don't have that same program. He's now running at speed. 
 
I have run: Internet speed test, Malwarebytes (found nothing), Spybot (found nothing), my native antivirus McAfee (found nothing), tdsskiller (found nothing). I ran a check of my hardware, which found no issues. My hard drive is only about 30% full. I have uninstalled and reinstalled McAfee, I tried removing all temp files, etc, etc.
 
I am a power user, but not an expert.
 
I am at a loss, other than reloading Windows from scratch, which is too painful, or taking it to BestBuy, which is too expensive. Can someone help?
 
I would appreciate it!
 
Thanks,
Lorey
 

Answer:Suddenly slow computer all browsers and all applications

Welcome to Bleeping Computer Do you see the problem in safemode in networking? Please post the speedtest result next time. Try downloading Speccy and then install the program.  To post and publish a snapshot of your PC.. In the Menu bar, click File -> Publish Snapshot. Click Yes > then Copy to Clipboard. On your next reply, right-click on a empty space and click Paste on reply box then click Post. Download MiniToolBox and open/run the program.When open, checkmark or select all options then click Go.A notepad will open then copy-paste the report on your next reply. Download SecurityCheck.exe from Here. Run SecurityCheck and follow the instruction from inside the code box.. When the scan is finished, a notepad will automatically open as check.txt   Please copy and paste the contents here on your next reply. 

2 more replies
Relevance 56.99%

This is my first time posting a question on bleeping computer. We are so thankful that you are out there to help us and not rip us off. I think my computer is infected. My desktop starts up very slowly, my internet connection is slow (it's slow in pulling up websites and some never come up). I'm getting lots of pop ups (even though pop up blocker is enabled). When I go to open the control panel, a flashlight pops up as if it is looking for it (it eventually does open but it takes a while). I had a problem at one time with a lot of POS.TMP files and followed advice from posts on this site to get rid of them. Well, my current problems started when a friend downloaded a music program. I believe it was called Soundman. When I noticed the computer acting funny, I went into the control panel and deleted it along with some other programs I found (PPC Booster, P2P Max, Ron Tool Adsoftinc, Wyzo, Eco Bar). Any help will be greatly appreciated. Here is my Hiijack This log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:23:41 PM, on 12/24/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\Sy... Read more

Answer:COMPUTER LOADING SLOW,INTERNET SLOW,POPUPS

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.At first glance I see that you have quite a bit of infection on there.It appears that someone has been doing file sharing on that computer, so the fact that it is infected is understandable. Please remove P2P (file sharing programs) before I clean your computer. The nature of such software and the high incidence of malware in files downloaded with them is counter productive to restoring your PC to a healthy state.There is a list here: http://spywarehammer.com/simplemachinesfor...php?topic=110.0Following that I will need to see some information about what is happening in your machine. Please perform the following s... Read more

1 more replies
Relevance 56.17%

Hi,
My computer is running slower and slower,
and uses 100% cpu usages from time to time. Especially when watching videos online (using Microsofts Silverlight applications. Also svchost.exe files are taking up all resources..

what to do?


Have done all the tests required (or at least tried to)..

SASlog.txt log from SuperAntiSpyware. ATTACHED
Malwarebytes Anti-Malware log ATTACHED
ComboFix.txt (normally C:\ComboFix.txt) Can't load from Desktop:
in other words it starts loading, with the green bar. but after that stops and does nothing.

RRlog.txt (from RootRepeal) when trying to open it: says ERROR: attempt to write to addresss 0x014ac000

MGlogs.zip - normally it is C:\MGlogs.zip
Have run this, but the program kept saying that it couldnt write to C:\MClog.

Im attaching from the MCtools folder the HiJackthis.log (Logfile of Trend Micro HijackThis v2.0.4-in lack of something better)..

What to do now???


Am runining a Sony Vaio Z-31 laptop
Win 7 home premium
SP 1
Intel core 2 Duo CPU 2,66ghz ..
4gb ram
32-bit

thank you for your help and assistance. highly appreciated.

Regards,
 

Answer:Computer is slow on start up, and uses 100% cpu usage on M.silverlight applications

Re: Computer is slow on start up, and uses 100% cpu usage on M.silverlight applicatio

Did you set the below proxy yourself?




R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 82.103.133.114:8080Click to expand...

Now go to this MGTools and download the new version of MGtools.exe. Overwrite your previous MGtools.exe file with this one.

Make sure that MGTools.exe is directly in the root folder of your Windows Boot drive, usually C:\ (Do not have it to your desktop)

Run the new C:\MGTools.exe and attach the C:\MGlogs.zip that it produces.
 

11 more replies
Relevance 56.17%

so my pc runs fine one day than bogs, cpu usage will spike to 100% with no applications running, i did not download anything that i know of, also it does not matter if i use ie or firefox my browser runs very slow, just typing this is taking forever i scanned with adaware, spy bot and use spyware blaster, i use all three on a regular basis, symantec antivirus is updated and used at least once a week. i used panda, bit defender and the third recommended scanner on this site. all to no avail. i am posting a hijack log in hopes of someone being able to help, thanksLogfile of HijackThis v1.99.1Scan saved at 4:28:45 PM, on 5/27/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\AlienGUIse\wbload.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exeC:\PROGRA~1�... Read more

Answer:Computer Infected? Running Slow But No Applications In Manager

Hello mrhippopotamus and welcome to the BC HijackThis forum. I don't see any signs of viruses or malware in the log. It is clean.The HijackThis forum deals exclusively with virus and malware issues. HijackThis does not have the capability to analyze performance, hardware or application issues. For these types of issues I would suggest posting to the Windows XP Home and Professional forumThe techs in that forum specialize in matters pertaining to the operating system, performance and applications. Let them know that you have been to this forum and that no malware was found.When posting to any other forum, do not post a HijackThis log or the post will simply be moved back to this forum for infection analysis. That is what HijackThis is used for and that is what we specialize in here in this forum.Also, when posting in any other forum for assistance, give as much detail as possible regarding any issues that are occurring. The more information they have, the better the techs can analyze the issue and make any recommendations for resolving it.Cheers.OT

1 more replies
Relevance 55.76%

In August of 2009 I got Windows Security Suite virus....I was able to remove it within a day, and a few weeks after all of my search engines were screwed up and redirecting searches. That eventually stopped, and up until January of 2010. The Google Language changed to "elkland" and would not change back. However, I could still search.

Then, around May ALL search engines stopped working, the Google Homepage wouldn't load up, but websites still ran at a normal speed. I scanned with MBAM, and nothing was found.

Current Status as of August 21 2010: All websites run below par speed, Facebook is extremely slow, Youtube videos take a very long time to load. Computer Applications are slow, like iTunes. Everyting is just running below par and I need to fix this computer for the upcoming school year. Search engines still don't work. I guess Browsers in general just aren't working. I can still use the URL bar though.

Any help would be appreciated, I'm just very confused on what is going on and what I need to do.

Answer:Computer is acting up...Search Engines don't work, Applications are slow.

Any help is appreciated..... I have no idea what to scan with and how to get rid of this.

32 more replies
Relevance 55.76%

Hi everyone. I did something very foolish which was installing a program which I knew nothing about on my laptop. Unfortunately, that program was iLivid. My computer has now been infected. My browser has been hijacked (redirecting to a weird search engine), my applications I need for work cannot be opened (Adobe Lightroom 3.4) and my computer is noticeably slower than usual.After researching about iLivid malware on the net, I have come to realize that this virus is far beyond my skills of tech know how. I greatly need the help of the tech wizards of this forum to solve my problem. Could any kind soul please aid me? I will be forever grateful to whoever does. I have read the Preparation Guide and I will now continue to post what is required. DDS.txt logDDS (Ver_2012-11-07.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16450Run by lenovo at 20:58:08 on 2012-11-14Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6048.3241 [GMT 8:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\windows\sys... Read more

Answer:Infected with iLivid & Applications Won't Run. Hijacked Browser. Slow Computer

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

20 more replies
Relevance 55.76%

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:55:26 PM, on 10/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
... Read more

More replies
Relevance 55.76%

Hi there,

I have been having problems for about a week now. I think its got something to do with the recent vista updates i just installed. Either way I am having random problems:

- Firefox is getting popups which it never did before
- Firefox/Explorer keeps getting errors and terminating at random times
- Firefox/Explorer decides which websites it wants to display. Meaning that some work and some don't. Google comes up but searches do not.
- Windows Explorer keeps getting errors too and terminating
- Windows Defender (which is rubbish) scans and finds an error and can't remove it with error code: 0x80501001. The problem it did find was: Trojan:Win32/Vundo.gen!R. It has just recently been quarantined and removed after I found what the error code meant (rar file error).
- My hard drive is constantly working even when my computer is idle. Something it never used to do. I have put ad-aware on my laptop after thinking windows defender could deal with spyware. It found 460 issues. and couldn't remove a few. I load adwatch and it tells me that :

"The process 'explorer.exe' (4852) is trying to modify the (ValueChangeOrAdd) the registry

Path:
HKEY_CURRENT_USER
Software\Microsoft\Windows\CurrentVersion\Run

Do you want to block or allow it?

It comes up with a notification every second.. right now its on 193 notifications queued and will keep increasing unless I unload Ad-watch.

My Hijackthis log is:

Logfile of Trend Micro HijackThis v2.0.2
Scan sa... Read more

Answer:Firefox/explorer ending randomly

please help me!
 

1 more replies
Relevance 55.35%

Hello!

I'll just get straight to this..

I've never really had any problems with my computer before that my subscription to Norton couldn't really handle but my subscription to that has run out and I think I've been infected with something pretty serious!

I have windows XP.
I'm getting an unusual amount of random pop ups that I've never experienced before coming from websites I frequently visit.
When Google searching on Firefox I'm being redirected to blank pages transferring data from "adwarefeed.com" and "doubleclick"
My Computer is also crashing at random times, sometimes on boot up after the windows XP loading screen it'l just go to a black screen with my mouse able to freely move about it making me have to restart!
I've downloaded a few programs to try and sort my computer out, like SDFIX, ATF Cleaner and Giant AntiSpyware, they have all found stuff and were able to successfully remove them but they still have not sorted out the problem!

I also downloaded MBAM, but when i click on setup to try and install it, after choosing my language it automatically closes down. I've also tried to rename it but that hasn't worked either! it wont let me change the type of file to BAT or anything!
I also cannot access there website!

Any help would be much appreciated! thank you x

Answer:Computer Freezing/ adwarefeed.com redirecting firefox / popups!

Please download GooredFix by jpshortstuff and save it to your Desktop:Download Mirror #1Download Mirror #2Double-click Goored.exe to run it.A DOS like window will open.Select option 2. Fix Goored by typing 2 and pressing Enter. Make sure all instances of Firefox are closed at this point.Type y at the prompt and press Enter again.Notepad will open with a log called Goored.txt.Please post the contents of Goored.txt in your next reply (a copy of the log will also be saved to your desktop).Note: If you receive a message saying that GooredFix needs your system to be restarted, please close all applications and reboot your system. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you when usiing GooredFix. Please temporarily disable such programs or permit them to allow the changes. Click this link to see a list of programs that should be disabled.Please download and scan with Dr.Web CureIt.Follow the instructions here for performing a scan in "safe mode".If you cannot boot into safe mode, then perform your scan in normal mode. Be aware, this scan could take a long time to complete.-- Post the log in your next reply.

13 more replies
Relevance 55.35%

this computer needs a LOT of help!! i came back for summer vacation to find my parent's computer really messed up.

first of all...norton antivirus picked up several viruses that apparently cannot be cleaned, only quarantined: downloader, trojan horse, infostealer,and trojan.vundo

second, i tend to only use mozilla firefox, but random internet explorer popups appear from time to time, i'm not certain what type of popup they are because unlike the normal popups i've seen, they don't usually occur when something is opened or closed, but appear when i'm in the middle of an already fully loaded page.

lastly, and this seems to be the biggest problem, the computer randomly crashes while i'm online. i can still use the internet and use any program already running (but can only maneuver using alt-tab) but cannot open any new programs. in fact, the start bar? (bar on the bottom of the screen) disappears, as well as all the desktop icons leaving the only way to shut down the computer either by forcing it (pushing the power button) or by using ctrl-alt-del and shutting off from there.

please help! and i'm sorry there are so many problems. thanks so much in advance.

the main log:
Deckard's System Scanner v20070611.50
Run by Mom on 2007-06-12 at 15:36:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a D... Read more

Answer:running firefox w/ ie popups, viruses, computer crashing...

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------
Download combofix.exe to your desktop.
Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

---------------------------------------------------------------------------------------------


Open Hijack This and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.

---------------------------------------------------------------------------------------------

12 more replies
Relevance 54.94%

My computer has been slow for months now. Getting slower. A week or so ago, it started locking up. Applications (Outlook, Excel, etc.) would freeze. Ctrl Alt Del did not work. Had to power off numerous times. Then, upon bootup, I got a Blue Screen giving the following error:*** STOP: 0x0000007eI booted into safe mode, ran my Ccleaner, AVG antivirus, Spybot, and Adaware. Did not find anything.Same error.Booted into safe mode again - did system restore to earlier date when things were more stable.Same error.After numerous reboots, it finally booted up. Though, it took a very long time. Attached is my Hijack This log. I would appreciate any advice you may have!!! Thanks!!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:13:00 PM, on 10/03/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Pr... Read more

Answer:Bsod Stop:0x0000007e Error, Applications Freezing, Computer Is Slow

to BleepingComputer.comI want to apologise that it has taken so long to get back to you. We on the HJT Team are working as fast as possible to get your log answered.If you do not still need help, please let me know, so that I can move on to other users who still need help.Please take note of the following:While a HJT Team member is working with you, please refrain from making any changes to your computer.Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Please reply using the button in the lower left hand corner of your screen.Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .If you would still like help, please follow the instructions below:We need to create an OTViewIt ReportPlease download OTViewIt by OldTimer.Save it to your d... Read more

7 more replies
Relevance 54.94%

COmputer is extremely slow lately with everything, especially shutting down, logging on and off a computer user, and loading internet explorer and other applications. It was never this slow.. I dont think its cause of any memory clogging cause I do have around 200gb free. Everything used to run MUCH faster, I ran Norton AV, and Spysweeper, nothing finds anything.

HJT LOG PROVIDED:

Logfile of HijackThis v1.99.1
Scan saved at 6:14:12 PM, on 1/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated serv... Read more

More replies
Relevance 54.94%

This was announced earlier this year by Mozilla, the makers of Firefox.Starting now there is an extended sport.From another source comes this:https://arstechnica.com/information-technology/2017/03/final-firefox-version-with-windows-xp-plugin-support-released-today/QuoteFirefox 52 is out today, and it's a landmark release for a couple of reasons.The release is the final major version to support two legacy operating systems: Windows XP and Windows Vista. Future major versions of the browser will require at a minimum Windows 7. Firefox 52 is an Extended Support Release; it will receive security fixes (and only security fixes) for approximately one year. New features, however, will be restricted to the mainline version of Firefox. Microsoft no longer supports Windows XP at all, and Windows Vista drops out of extended support on April 11, 2017. Google dropped Windows XP and Windows Vista support in Chrome in April 2016.I am not going the let them make me cry. 

More replies
Relevance 54.94%

This was announced earlier this year by Mozilla, the makers of Firefox.Starting now there is an extended sport.From another source comes this:https://arstechnica.com/information-technology/2017/03/final-firefox-version-with-windows-xp-plugin-support-released-today/QuoteFirefox 52 is out today, and it's a landmark release for a couple of reasons.The release is the final major version to support two legacy operating systems: Windows XP and Windows Vista. Future major versions of the browser will require at a minimum Windows 7. Firefox 52 is an Extended Support Release; it will receive security fixes (and only security fixes) for approximately one year. New features, however, will be restricted to the mainline version of Firefox. Microsoft no longer supports Windows XP at all, and Windows Vista drops out of extended support on April 11, 2017. Google dropped Windows XP and Windows Vista support in Chrome in April 2016.I am not going the let them make me cry. 

Answer:Firefox is ending support for Windows XP and Vista

I used firefox for about a year after switching from chrome. I started having memory leaks, which was resolved by switching back to Chrome. I still use firefox at work since I don't seem to have the issue. Don't cry, I'm sure there are other browser out there that you might like

2 more replies
Relevance 54.53%

I believe I have a virus and maybe even a spyware.I have run scans many times and sometimes it would find the same trojan and remove it.I had encountered a lot of viruses during the last 5 days.The detected item is Trojan:Win32/SisronI have also seen svc2.exe running, I would find the file in windows and delete it as well as the prefetch file.Sometimes the 2008.exe file is deleted as well.When running firefox, I have random IE popups and my computer begins to lag as if the IE popups are running in a continuous loop.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:29:03 AM, on 9/12/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResp... Read more

Answer:(I believe Continuous loop) Random IE popups when using Firefox slowing computer

first of all, should i delete this qoobox folder, i believe theres quarantined items in there? as well as the killbox 2008.exe i deleted?I followed this possible fix below.==Download SmitfraudFix (by S!Ri) from http://siri.urz.free.fr/Fix/SmitfraudFix.zipExtract the content (a folder named SmitfraudFix) to your Desktop.- Restart your computer in Safe Mode.- Open the SmitfraudFix folder and double-click SmitfraudFix.cmd, select option #2 - Clean [type 2 and Enter]You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer Y and Enter [which will remove the desktop background and clean registry keys associated with the infection].The tool will next check if wininet.dll is infected- if it is you will be prompted to replace the file ; type Y and press "Enter".It will also create a log named rapport.txt in the root of your drive, eg: Local Disk C:\Restart in normal Windows. Please post C:\rapport.txt[You may also have to restore your desktop background...If so, go Start >run, type regedit and <enter>. Navigate to this key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\SystemPlease export that key: in the left pane highlight system with a lclick, go File, export... , save as bluewall with file type .txt. Close regedit and post that txt file.]==Download this file to your desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe- to run it dclick combofix.ex... Read more

4 more replies
Relevance 54.53%

I believe I have a virus and maybe even a spyware.I have run scans many times and sometimes it would find the same trojan and remove it.I had encountered a lot of viruses during the last 5 days.The detected item is Trojan:Win32/SisronI have also seen svc2.exe running, I would find the file in windows and delete it as well as the prefetch file. Sometimes the 2008.exe file is deleted as well. When running firefox, I have random IE popups and my computer begins to lag as if the IE popups are running in a continuous loop.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:29:03 AM, on 9/12/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSRe... Read more

Answer:(I believe Continuous loop) Random IE popups when using Firefox slowing computer

first of all, should i delete this qoobox folder, i believe theres quarantined items in there? as well as the killbox 2008.exe i deleted?I followed this possible fix below.==Download SmitfraudFix (by S!Ri) from http://siri.urz.free.fr/Fix/SmitfraudFix.zipExtract the content (a folder named SmitfraudFix) to your Desktop.- Restart your computer in Safe Mode.- Open the SmitfraudFix folder and double-click SmitfraudFix.cmd, select option #2 - Clean [type 2 and Enter]You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer Y and Enter [which will remove the desktop background and clean registry keys associated with the infection].The tool will next check if wininet.dll is infected- if it is you will be prompted to replace the file ; type Y and press "Enter".It will also create a log named rapport.txt in the root of your drive, eg: Local Disk C:\Restart in normal Windows. Please post C:\rapport.txt[You may also have to restore your desktop background...If so, go Start >run, type regedit and <enter>. Navigate to this key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\SystemPlease export that key: in the left pane highlight system with a lclick, go File, export... , save as bluewall with file type .txt. Close regedit and post that txt file.]==Download this file to your desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe- to run it dclick combofix.ex... Read more

2 more replies
Relevance 54.53%

Hi! I went to a site, and now I think I'm infected with something real bad. I can't access the internet through my normal settings, I had to go into safe mode. My computer is so slow in normal mode that internet pages won't load. I also get tons of popups. I ran McAfee Security, SpyEraser, SpySweeper and went onto Trend Micro's site to try to clear it up myself, but all of those programs detected nothing wrong. I'm right now running Kaspersky Scanner and need to go back into normal mode to get my HijackThis scan and Dss scan.

I will post Hijack This, Dss and Kaspersky's log below in a few moments. Thanks for your help!

Answer:Please help me with my computer--very slow w/popups

Here are the Kaspersky Deckard's System Scanner and Hijack this logs, both done in SafeMode (not sure if that makes a difference.


OK, here is the Kaspersky Scan:


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, May 10, 2008 12:23:44 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 10/05/2008
Kaspersky Anti-Virus database records: 750724
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 97886
Number of viruses found: 4
Number of infected objects: 10
Number of suspicious objects: 0
Duration of the scan process: 01:31:04

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\U... Read more

3 more replies
Relevance 54.53%

Hello all,

Another desktop computer is extremely slow (takes a significant amount of time to just load windows explorer). There have been a couple of popups, but a Spybot scan didn't find anything and Avira is running as an active scan, which also didn't find anything. Part of the problem is that there's no firewall (which I will install after the system is clean).

Anyways, I made a HJT log; hopefully someone super nice could help me find out what's wrong with the computer! Also, are there any recommendations for free, CPU-light firewalls? Thanks a bunch!
 

Answer:Computer slow, sometimes odd popups

6 more replies
Relevance 54.53%

Hey, i've noticed that my computer has started being a lot slower than usual lately and i've been getting a lot of popups all the time. These popups are usually prefixed with 'CiD:'.

If somebody could help me get rid of them I guess that'll help my computer get a bit faster again.

Here's my HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:45:24 PM, on 3/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewle... Read more

Answer:Popups and slow computer

16 more replies
Relevance 54.53%

There are porno popups and gambling popups and all sorts of things that come up on my computer even when I am not on the internet.I ran Norton and a couple other ones but It couldn't find anything.here is my log:Logfile of HijackThis v1.99.1Scan saved at 11:44:57 AM, on 2/17/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exeC:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXEC:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXEC:\Program Files\Comm... Read more

Answer:Computer Is Slow And Keeps Getting Popups

Hello and welcome to the forum, please follow the directions.1) C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe Look at the links:http://www.clickz.com/news/article.php/3561546http://www.greatis.com/appdata/u/v/viewmgr.exe.htmhttp://www.spywareinfo.com/newsletter/arch...4.php#viewpointThis is optional but I suggest you use Add Remove progam to uninstall this junk.2) Thanks to Atribune and any others who helped with this fix Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.Click the Scan for Vundo button.Once it's done scanning, click the Remove Vundo button.You will receive a prompt asking if you want to remove the files, click YESOnce you click yes, your desktop will go blank as it starts removing Vundo.When completed, it will prompt that it will shutdown your computer, click OK.Turn your computer back on.Please post the contents of C:\vundofix.txt and a new HiJackThis log.We will have more to do.Thanks...pskelleyBleepingComputer

3 more replies
Relevance 54.53%

hey guys
recently my computer has been running really slow, especially when i have internet explorer on
ive found out that by terminating windows explorers things speed up a bit, but not by much
also, theres been several popups lately, most of them start with an address that looks something like: 65.107.204.1
i just made up that number, because it changes everytime, but it always starts with either a 64 or a 65

anyways, i did a hijackthis scan, and i was wondering if you guys can help me out
so here it is
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:13 AM, on 10/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\nvkoenoh.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctf... Read more

Answer:popups and slow computer

Closing duplicate thread to: http://forums.techguy.org/malware-removal-hijackthis-logs/634548-popups-slow-computer.html
 

1 more replies
Relevance 54.53%

My mother-in-law asked me to look at this laptop to see if there's any crud on it that would account for it being so slow and for the pop-ups. I wan't able to get any really specific info out of her, so I just want to see if anything stands out.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16618
Run by rac at 17:42:00 on 2013-07-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3003.1876 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutr... Read more

Answer:Slow computer, popups.

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please download aswMBR.exe to your desktop. Double-click aswMBR.exe to run it.
When prompted to download the latest Avast! virus definitions, please choose Yes
Click the Scan button to start scan.
Wait until it says, 'Scan finished successfully'. ( Note - do not select any Fix at this time)
Click Save log, and save it to your desktop.
Click Exit.
Please post the contents of that log, aswMBR.txt, in your next reply.
There shall also be a file on your desktop named MBR.dat. Right-click that file and select Send To > Compressed (zipped) folder. Please attach that zipped file to your next reply.

------------------------------------------------------

When you run this tool, remember to choose 'Skip' not 'Cure' if it finds something. We just want a scan, not a fix.

Download tdsskiller.exe and Save it to your Desktop.

Double-click tdsskiller.exe and click 'Run'

Click 'Start scan'.

If no infection is found, click 'Close' and let me know.

If an infection is found, select 'Skip' from the dropdown menu... Read more

17 more replies
Relevance 54.53%

Hello all, thanks for the help in the past.

I run Windows XP. I keep getting popus, and my computer is very slow. A lot of times when i click on links to a website, it takes FOREVER, and there are usually a lot of red X's. Also many times it gets the unable to connect to site screen.

I run Spybot, Rogue Remover and Super Anti-spyware. I also have Avast anti-virus.

Any help is appreciated.

Luke

Answer:Keep Getting Popups, Computer Is Very Slow

Hello there and welcome to BleepingComputer.Take a look at the following page to make sure that malware is to blame for the problems you are experiencing:Slow Computer/Browser? Check Here First; It May Not Be MalwareIf this does not solve the problem for you, please follow our Preparation Guide For Use Before Posting a HijackThis Log; running all of the scans before posting your HijackThis log. Do not post your log here, but instead use our HijackThis Logs and Analysis Forum.After posting a log you should NOT make further changes to your computer except those that are advised by a member of the HijackThis Team; doing so can cause system changes that may not be visible in your log. Please be patient whilst waiting for a response, our HJT Team is currently very busy, and as we try to deal with logs on a "first come first served" basis, you may have to wait a short while.

2 more replies
Relevance 54.53%

Hi,

In the past couple of months my Dell Desktop Computer has become REALLY slow. I tried to delete all the files I don't need, and all the programs I don't use, to try and make it work faster. But it hasn't really made much difference. The computer is still really slow and it lags a lot- when clicking on a program it only opens about 30 seconds later. In Internet Explorer, popups keep appearing, and then when I try to close them down, the computer freezes and "Ends the Program immediately". I have now downloaded Firefox, and it's giving me less problems, although it's still a bit slow.

I would really appreciate help! Please tell me whether you need any more details. I have posted the HiJackThis log below:
Thanks,
Leon

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:45, on 14/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\TGVvbiBTdGV2ZW5z\command.exe
C:\Program Files\De... Read more

Answer:Computer REALLY slow. Popups in IE. Please Help : )

Hi,

Is there anyone out there willing to help me?

Thanks,

Leon
 

1 more replies
Relevance 54.53%

Recently, I've been getting random popups. Also, my computer started running considerably slower, taking up to 5 minutes to open up an internet browser. My antivirus software has been picking up funny things every two minutes and when I get rid of the threat it gets found again. ><

I have no clue what's wrong or why this is happening, since I just reformatted my computer.

Here is my HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:06:12 AM, on 21/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifie... Read more

Answer:Slow computer + popups

Also.. I'm not sure where to ask about this.. but I've been trying to install East Asian languages, and it keeps saying I need a Windows Professional XP Servive Pack 2 CD. I've installed the languages before and this never happened, so I don't know why it's happening now. How can I fix this/Where can I get the SP2 disk?
 

1 more replies
Relevance 54.53%

Hi, I came here a few months ago and remembered the great help I got here.

Today I was browsing a site I've been to numerous times before and know it's a trust-worthy site. Anyway, I was going along as any other internet surfer would and I was suddenly attacked by some sort of Malware that automatically downloaded and installed itself, and I couldn't stop it in any way. Accompanying it were many Internet Explorer popups(Not my main browser).

I couldn't do anything to stop the program from downloading or installing, and it began a "virus scan" automatically. I stopped it, deleted it, and went back to the internet. Popups continued, and then the whole process started again. I rebooted(It hasn't tried to download since), and downloaded a 3-month trial of Panda Internet Security. I also did a scan with SpyBot Search & Destroy and came up with some problems, and deleted them.

After Panda Internet Security(PIS) finished scanning it asked for a reboot, I complied, and it did another quick scan at startup. PIS then notified me of a spyware/malware threat in my system32 folder, and blocked it. After that an error popped up (literally) every 5 seconds saying C:\WINDOWS\system32\jkhhi.dll(I can't quite remember the filename, I should have written it down) is unaccessible: Access is not allowed.

Then it seemed that PIS crashed, and stopped blocking the .dll file in the process, stopping the incoming spam of errors. Now, in it's current state, my computer seems t... Read more

Answer:Slow Computer and Popups

Also here is the HijackThis Log I forgot.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:16:49 PM, on 1/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc... Read more

13 more replies
Relevance 54.53%

hey guys
recently my computer has been running really slow, especially when i have internet explorer on
ive found out that by terminating windows explorers things speed up a bit, but not by much
also, theres been several popups lately, most of them start with an address that looks something like: 65.107.204.1
i just made up that number, because it changes everytime, but it always starts with either a 64 or a 65

anyways, i did a hijackthis scan, and i was wondering if you guys can help me out
so here it is
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:13 AM, on 10/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\nvkoenoh.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctf... Read more

Answer:popups and slow computer

16 more replies
Relevance 54.53%

I don't know what happened, but suddenly I've been getting tons of popups that say "CiD: *insert whatever the pop up is about here*" and my computer's been going slow. My Internet Explorer also freezes occasionally too... I have the HijackThis log below for anyone that can help. Thank you!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:41:19 PM, on 03/09/08Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSche... Read more

Answer:"cid: " Popups And Slow Computer

Hi raincarlove and welcome to BleepingComputers Forums.My name is Trevuren and I will be helping you with your problem.A. I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player?s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto-updating for the Viewpoint Manager -- the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.V... Read more

11 more replies
Relevance 54.53%

Just started getting constant popups including a "Microsoft Explorer" popup that tells me my system is slow and I should download some antispyware program. I have also been getting a "buffer overrun detected" error. I have updated Windows and installed spyware blaster but wasn't able to run a successful panda scan (it only checked about 40% in one hour, I left, and when I came back I didn't even have a windows explorer window up).

The following is the Deckard log.

Deckard's System Scanner v20071014.68
Run by Jeff Rosner on 2008-05-13 16:33:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
76: 2008-05-13 20:34:51 UTC - RP1027 - Deckard's System Scanner Restore Point
75: 2008-05-13 15:01:37 UTC - RP1026 - Software Distribution Service 3.0
74: 2008-05-13 10:34:34 UTC - RP1025 - Removed MSXML 4.0 SP2 (KB936181)
73: 2008-05-12 18:05:54 UTC - RP1024 - Removed RIA-Media Viewer
72: 2008-05-12 17:38:45 UTC - RP1023 - Removed RIA-Media Viewer


-- First Restore Point --
1: 2008-05-12 13:48:17 UTC - RP952 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 79% (more than 75%).
Total Physical Memory: 255 MiB (512 MiB recommended).


-- HijackTh... Read more

Answer:popups and slow computer

Ok.We need to download ComboFix.exe. This will give me a better view to the files that are running and also the ones that are hidden on your computer.It may also remove some,but not all, of the infected files if found.

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix


Please ensure you read this guide carefully and install the Recovery Console first.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time. Disregard Windows Recovery Console if you have SP3 for Home,XP or are running W2k and Vista.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:[list=1][*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


When the tool is finished, it will produce a report for you. Please copy and paste the "C:\ComboFix.txt" along with a new 'HijackThis' log so that we can continue to do any further cleaning that your system may require.

Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Mal use ca... Read more

10 more replies
Relevance 54.53%

hey, i'm new to these forums but i really need help with my computer
i think it started with me downloading a keygen on April 16, which when at the time of me posting is 3 days ago.
i used it, deleted it and logged off. later in the day, i noticed that my computer was going really slow.

when i pressed ctrl alt del, in the processes tab it would keep on showing rundll32.exe even when i ended it. also in the performance tab my cpu usage would always be changing from between 1 to 65%.

this is making a lot of my programs run very slowly and also i seem to be getting the occasional popup from partypoker or imvu, which would never happen before i downloaded the keygen

when i was in a desperate search for a solution to the problem i download spybot and adaware and used them to delete things that im guessing were slowing down my computer, but one thing that would always come back even when i deleted it was something called virtumonde.

this is really bothering me and i'm thinking about doing system restore but i have a lot of files that i would like to keep.

i would also like to make note that the norton antivirus protection that i have on my computer has been expired since last year sometime which i think might have made a difference in stopping whatever malware or spyware or anything else that has infected my computer.

anyway, I know the people on this website probably have their own lives to worry about and are probably busy, but i hope that someone could at least t... Read more

Answer:popups and computer really slow

16 more replies
Relevance 54.53%

I ran the Hijack this and below is what was outputted. I then ran getservice.bat and got the getservice.txt file from that. I have some popups and seems to run slower than normal. Any help will be appreciated.

Logfile of HijackThis v1.98.2
Scan saved at 4:20:56 PM, on 11/11/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\imyhcchy.exe
C:\windows\msbb.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\System32\desbyhdw.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Common Files\PSD Tools\ChannelUp.exe
C:\PROGRA~1\AWS\WEATHE~1\WEATHER.EXE
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Documents and Settings\Default\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=2c00&s=consumer&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dev.ntcor.com/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http... Read more

Answer:Computer slow and popups

Go here and download Ad-Aware SE.

Install the program and launch it.

First in the main window look in the bottom right corner and click on Check for updates now then click Connect and download the latest reference files.

From main window :Click Start then under Select a scan Mode tick Perform full system scan.

Next deselect Search for negligible risk entries.

Now to scan just click the Next button.

When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)

Restart your computer.

Then go here and download Spybot Search & Destroy.

Install the program and launch it.

Before scanning press Online and Search for Updates .

Put a check mark at and install all updates.

Click Check for Problems and when the scan is finished let Spybot fix/remove all it finds marked in RED.

Restart your computer.

Come back here and post another Hijack This log and we'll get rid of what's left.
 

3 more replies
Relevance 54.53%

i think i have a virus. there are lots of popups and it keeps freezing. i am not that great with computers all the time, so could you tell me how to report a hijack log to you so you can see what the problem is. thanks

Answer:Popups And Slow Computer

please help me!

2 more replies
Relevance 54.53%

so the problem i am having with my computer is that for the past week or so it is starting to get slower especially when turing on and i am also having radom popups open even thought i have a popup blocker they are not all going to one site in particular but to a variety such as 888 casino, antivirus solutions, dating sites they are just a couple that i can remeber.

so i followed the 5 steps to do before posting so hopefully i have done everything correctly and thanks in advance for the help.

Deckard's System Scanner v20070729.57
Run by Jenny on 2007-07-31 at 21:28:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
110: 2007-07-31 20:28:47 UTC - RP299 - Deckard's System Scanner Restore Point
109: 2007-07-31 17:02:13 UTC - RP298 - System Checkpoint
108: 2007-07-30 16:25:00 UTC - RP297 - System Checkpoint
107: 2007-07-29 16:20:50 UTC - RP296 - Installed DirectX
106: 2007-07-29 16:16:54 UTC - RP295 - Installed Secret Files Tunguska


-- First Restore Point --
1: 2007-05-03 16:30:03 UTC - RP190 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Jenny.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:33:... Read more

Answer:slow computer with popups

Hello and welcome to TSF.

Disable realtime scanners, especially AVG Anti Spyware.

Please download ComboFix

Note: It is important that it is saved directly to your desktop.

Close all browsers. Double click combofix.exe & follow the prompts.
When finished, it will produce a log for you. Post that log in your next reply and a fresh HijackThis log please.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.

5 more replies
Relevance 54.53%

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 6/3/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Fi... Read more

Answer:Slow computer, popups

Hi and Welcome to TSF!

Here's what you can do....

Please subscribe to this thread so you'll be notified as soon as we post your fix. To do this, please click here. On the proceeding page, make sure Instant notification by email is selected, then click Add subscription.

In the meanwhile, I suggest that you stop using Interent Explorer until we've fully disinfected your machine. Please download & use an alternative browser like Firefox.

After reviewing your log I found a few items that requires our attention.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

During the course of disinfection, I may ask you to fix a program that you wish to retain. Please post back to inform me.


WARNING
You are running HiJackThis from an inappropriate location. It should be run from a permanent folder. This program creates backup files which we may need to use later. If the program is in a temporary folder, important backups may be accidentally deleted.
Please go into Windows Explorer
Click on C:\
Click on File > New > Folder
Call it HJT, or another name of your choice.
Move all files to the newly created folder.


P2P - I see you have P2P software installed on your machine. We are not here to pas... Read more

1 more replies
Relevance 54.53%

My computer has been running slow all week, and this morning I got a popup for Windows Defender. Please help. I've attached the DDS log.

Answer:Slow computer and popups

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I may ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download DDS and save it to your desktop.Disable any script blocking protection Double click dds.scr to run the tool. When done, DDS.txt will open. A second report, Attach.txt will open next.Save both reports to your desktop.Please copy and paste both logs into your next reply.=============The next log will show us any hidden files that are present.Download GMER from here:Unzip it to the desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results (if any) into this thread.

7 more replies
Relevance 54.53%

Hi guys, i dont know that much about computers and recently my computer has been running really slow, a million pop ups are coming up and when i try to run some programs it comes up with the window that says it has encountered a problem and needs to close. I need help please!!!!

Hijack this logfile is below. Thanks guys.

Logfile of HijackThis v1.99.1
Scan saved at 12:34:42 AM, on 9/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Catia\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WinAble\winable.exe
C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program ... Read more

Answer:Slow computer and popups

i dont see 2 much wrong glancing over your hijackthis file.. if your computer is running slow then it could be a couple of things..i take it SUPERAntiSpyware is not helping..are u using the full scan option.

next are the popups coming from firefox or explorer: if there firefox pop ups try using adblock from firefox: Tools > Add-ons > get extensions > Add block Plus > download

if your still getting popups then try an antivirus program or a different spyware program.A different program might find spyware that superANTIspyware cant. i have spyhunter v2.9 which is really good. u can download the trial version for free to see what infections u got.

and finally your pc might be running slow because your running too many programs from startup. follow these steps: Start > Run > "msconfig" > Startup > only uncheck those u are certain of and Apply.

hope this helps
 

2 more replies
Relevance 54.53%

so, i was recently infected with spyware doctor 2006, i deleted its program files folder with killbox, but my computers still slow, and i was having trouble with pop-ups before even thatLogfile of HijackThis v1.99.1Scan saved at 5:19:06 PM, on 11/28/2006Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\wltrysvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:... Read more

Answer:Slow Computer, Popups, Etc :(

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Next, please reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, a menu with options should appear;Select the first option, to run Windows in Safe Mode, then press "Enter".Choose your usual account.Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmdSelect option #2 - Clean by typing 2 and press "Enter" to delete infected files.You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.A text file will appear onscreen, with results from the cleaning process; please copy/pa... Read more

1 more replies
Relevance 54.53%

My computer is running slow with a lot of pop ups. I have ran (all updated first) Ad-aware (cleaned up 401 problems), Spybot & destroy (cleaned up 12 problems) & CWShredder (no problems) all was run in Safe Mode. I have also ran McAfee virus scan which came up clean. Here is my HiJackThis log; could some one please have a look at it to see if they can suggest anything else???

Thanks,

Logfile of HijackThis v1.98.2
Scan saved at 8:03:10 PM, on 12/14/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
c:\jetsuite\jsdaemon.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\inKline Global\PC Booster\pcbooster.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\jetsuite\J... Read more

Answer:Computer is slow with popups

6 more replies
Relevance 54.53%

Hi all i can use some help working on a computer i cleaned up most of it but i am still getting flash full screen popups please help here is my highjack this log.....the computer is an HP mini running vista

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:26 AM, on 10/4/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HPBTWD.exe
C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\VERIZONDM\bin\sprtcmd.exe
C:\Program Files\Verizon\Online Backup & Sharing\Auto Update\OnlineBackup.UpdateSystemTray.exe
C: ... Read more

Answer:slow computer and popups

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===[*]Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)Delete the folder in bold.C:\Program Files\PriceGong\Restart the computer normally.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse... Read more

7 more replies
Relevance 54.53%

HELLO EVERYONE I HAVE ANOTHER POST IM WORKING ON A FRIENDS COMPUTER SHE WAS COMPLAINING OF A SLOW COMPUTER AND MANY MANY POPUPS AND NOT BEING ABLE TO GET ONLINE. WHEN OPENING INTERNET EXPLORER DOES NOT CONNECT TO ANY WEB SITE. ON HER DESKTOP SHE NOW HAS A YELLOW TRIANGLE THAT SAYS CLICK TO FIND AND FIX ERRORS WHICH WE KNOW IS NOT GOOD. I INSTALLED AND RAN SPYBOT IT DID FIND FILES AND DID DELETE ALOT ALSO RAN VUNDOFIX IT DID FIND ABOUT 8 FILES THAT IT ALSO DELETED. WHEN SPYBOT IS RUN THERE IS A PROCESS I BELIEVE THE COMMAND.EXE OR SOMETHING CLOSE TO THAT EFFECT THAT IT STATES IS POTENTIALLY BAD AND SHUTS IT DOWN AND RUNS SPYBOT WHEN WINDOWS STARTS. I INSTALLED AD-ADWRE 2007 BUT THE COMPUTER HAS A HARD TIME STAYING ONLINE THAT I CAN NOT UPDATE THE DEFINITION FILES.....I DID RUN A HIGH JACK THIS LOG AND CLEANED UP WHAT I KNEW HERE IS A COPY OF THE LOG I HAVE NOW......I WILL BE USING MY COMPUTER TO GET ONLINE AND CARRY OUT ANY INSTRUCTIONS BEING HERS IS UNABLE TO CONNECT AND STAY ONLINE........THANKS FOR YOUR HELP ONE MORE TIMEP.S SHE DOES HAVE NORTON INSTALLED ON HER COMPUTER WHICH DOES NOT START AT WINDOWS LOAD I WILL TRY AND UPDATE AND DO A SCAN ONCE I DO GET ONLINE I WILL RUN BITDEFENDER ONLINE TO CHECK FOR ANY VIRUSESLogfile of Trend Micro HijackThis v2.0.2Scan saved at 11:16:12 PM, on 10/28/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WIND... Read more

Answer:Many Popups Slow Computer

Please download FindAWF:http://noahdfear.net/downloads/FindAWF.exeSave the file to the Desktop Double-click the FindAWF icon.If a Security Alert shows, allow the program to run.As instructed, press any key to continue.Use the following option: Press 1 then Enter to scan for bak foldersThe scan may take a while, please be patient.When done, a text file, Find AWF report is produced.Please provide Find AWF report in your reply.

14 more replies
Relevance 54.53%

hi,
my system is running slow and i have frequent popups.
sometimes xp auto updates dont take.
can you please help?
i ran the programs suggested and it found some malware and virus.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:51:57 AM, on 3/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Portrait Displays\HP Display Assistant\dtsslsrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Portrait Displays\HP Display Assistant\DTSRVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search &... Read more

Answer:slow computer with popups

please help. see my post

3 more replies
Relevance 54.53%

Hello,

My log file is below. My computer has been running very slow of late. I've had my laptop for about two years and haven't had any major issues until recently it took much longer to startup. Once I started up I've noticed pages on the internet load much slower and when I watch videos on youtube the sound skips.

I haven't had any odd popups and my home page is the same. I haven't had any pages added to my bookmarks either. I use firefox as my regular browser, but I keep IE downloaded for sites I come across that don't look so hot on firefox.

Let me know if any other information would be helpful. Thank you in advance for any help you can give.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:18:59 PM, on 12/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawse... Read more

Answer:Computer very slow, no popups though

6 more replies
Relevance 54.53%

Logfile of HijackThis v1.99.1Scan saved at 5:37:09 PM, on 5/18/2007Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Cain\Abel.exeC:\WINDOWS\System32\drivers\CDAC11BA.EXEC:\WINDOWS\System32\svchosts.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\HPAware.exeC:\Program Files\Common Files\{3D0B1A01-01F2-1033-0122-030928190001}\Update.exec:\progra~1\intern~1\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\Chris\Desktop\WC3 - D2 StealthBot\StealthBot v2.6R3.exeC:\Documents and Settings\Chris\Desktop\SC - WC2 Stealthbot\StealthBot v2.6R3.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Chris\Desktop\HiJackThis\HiJackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:/... Read more

Answer:Computer Popups And Very Slow

C:\Program Files\Cain\Abel.exe

I do not know how to get rid of that.

5 more replies
Relevance 54.53%

Logfile of HijackThis v1.99.1
Scan saved at 2:41:47 PM, on 11/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\kvqeuyb.exe
C:\Documents and Settings\XcEpTiOnAL 1\My Documents\hjackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Se... Read more

Answer:help...computer has popups/slow/etc...

9 more replies
Relevance 54.53%

My computer has been slow for the last few days and there have been loads of popups, my norton has blocked spysheriff and a trojan from downloding to my computer can someone help. thanks, i dont know what to do
 

Answer:Slow computer and popups , HELP

Sounds like your Norton has missed Spyware/Adware.

I reccomend Adware SE or Spybot S&D.
 

2 more replies
Relevance 54.53%

My parents have contracted something. They are over 1000 miles away so this may be a bit challenging, but I can get access to thier computer. Here is a copy of a hijackthis log I just ran on their machine. Can anyone tell just how bad is it? Any help would greatly be appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 12:08:36 PM, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbOEAddOn.exe
C:\PROGRA~1\SPAMBL~1\Bin\484~1.0\SBInst.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\SYSTEM32\USRsh... Read more

More replies
Relevance 54.53%

Hey i was wondering if anyone could help me out. I have been geting a great amount of pop ups lately, and their really annoying. I ran malwarebytes and it got rid of alot of stuff, but i dont think its everything. Please help if you can. Im begging YOU
DDS (Ver_09-03-16.01) - NTFSx86
Run by Kristian at 18:55:47.14 on Wed 04/29/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.760.384 [GMT -4:00]

AV: avast! antivirus 4.8.1335 [VPS 090429-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D: ... Read more

Answer:wow.. slow computer with popups **HELP**

Does anyone see any problems?============Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to b... Read more

13 more replies
Relevance 54.53%

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:07:16 AM, on 4/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Belkin\Cardbus F5D7010\Wireless Utility\Belkinwcui.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\... Read more

Answer:IE popups, slow computer, etc.

Just thought I'd bump this to make sure it doesn't get lost in the shuffle since it's been 4 days
 

1 more replies
Relevance 54.53%

Logfile of HijackThis v1.99.1
Scan saved at 11:47:49 PM, on 5/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\System32\s... Read more

Answer:Slow computer and Popups... HJ Log!!

Update: Here is the new Log after i deleted some stuff...

Logfile of HijackThis v1.99.1
Scan saved at 1:02:55 AM, on 5/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Fil... Read more

2 more replies
Relevance 53.71%

This is my 2nd computer used by my son. 512MB, 80GB Hard Drive, Windows XP SP2, IE 7.0. Everything runs extremely slow, even downloading HighJackThis. Some stuff on his computer I feel is highjacking and adding malware, spyware, etc. An example is PalTalk. You guys did an outstanding job on fine tuning my main computer and would appreciate any help you can give me on computer 2. Thanks in advance. Here the log file:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:16:34 AM, on 8/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\AOL\1147838733\ee\AOLSoftware.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
c:\program files\common files\aol\1147838733\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.... Read more

Answer:Computer Very Slow With Popups And very slow

7 more replies
Relevance 53.71%

here is my hijack this log file, i have tried running ad-ware but computer restarts everytime i run it.

Logfile of HijackThis v1.99.1
Scan saved at 4:43:21 PM, on 9/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe... Read more

Answer:trogans??? IE popups, slow computer....

9 more replies
Relevance 53.71%

When a Google search is attempted, no links can be clicked - they are all redirected. The computer itself runs slowly, sometimes freezes, and pop-ups sometimes appear. I use NoScript, so I am unsure of the content of these popups and redirects, but I can disable it and see if it is necessary.

I have attempted to run MalwareBytes, but it will not start, even after a reinstall and in Safe Mode. Spybot S&D will not install; it claims it cannot connect to the server. Avast is unable to update, and while scans find some viruses (I am told - I have not run it personally yet), they are not really removed; they supposedly are, but if a new scan is run immediately afterward, they are still there.

The operating system is Windows XP. Any other information needed I will gladly provide.

HijackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:48:35 PM, on 8/22/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\arservice.exe
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Ylr.exe
C:\WINDOWS\eHome\ehRecvr.exe
... Read more

Answer:Redirect, popups & slow computer

9 more replies
Relevance 53.71%

Hello. I am having a serious problem. I am having a popup problem and I've noticed that when I go to the cmd part of Vista, my computer freezes up. I've ran McAfee, Stinger, SpyBot Search and Destroy, Spyware Blaster, and so far I haven't been able to fix the problem. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:04:09 AM, on 2/19/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16609)Boot mode: NormalRunning processes:C:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\SiteAdvisor\6066\SiteAdv.exec:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\McAfee\MPS\mpsevh.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Windows\system32\Dwm.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\Windows\explorer.exeC:\Program Files\Trend Micro\HijackThis\Crusty.exeC:\Users\Hornes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G03V1501\stinger[1].exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU�... Read more

Answer:Popups And Computer Starting To Run Really Slow

Hello Welcome to the Bleeping Computer Malware Removal Forum, sorry about the delay, but the amount of people posting with infected computers is through the roof and sometimes we can't get to logs as fast as we would like to. If you have not resolved your issue and still need assistance, post a new HJT log please as your system may have changed since your original post.Ken

2 more replies
Relevance 53.71%

Here is my Hijack Log File. Hopefully someone can help me get this computer back into tip top shape. I have plenty of memory and I have a 100 gig hard drive... My computer should not be running slow. Any help you can offer would be great! Thanks....

Logfile of HijackThis v1.99.1
Scan saved at 12:12:47 PM, on 6/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Common Files\AOL\1159396935\ee\AOLSoftware.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program... Read more

Answer:Solved: CID Popups and Slow Computer!! Help Please!

6 more replies
Relevance 53.71%

Hello,
I hope you can help me with this. My computer is openeing popups and I can't block them. After that started, it became very slow. I have run AVG, Adaware, and Spybot Search and Destroy. Thae last one found some treads but the computer is still the same. I'm sending my HijackThis bellow.
Thank you,

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 18:36:11, on 04/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\RegCure\RegCure.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPo... Read more

More replies
Relevance 53.71%

I have a windows XP professional service pack 2 pc that is starting to act slow. I also get random popups from internet explorer even when I am on Mozilla firefox. I am not sure what would be the problem but I want to fix this before the computer gets really slow and eventually freezes. Thanks.

PandaScan log:

Incident Status Location

Adware:Adware/Seekmo Not disinfected C:\Program Files\Seekmo\bin\10.0.406.0\Srv.exe
Adware:Adware/Zango Not disinfected C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe
Adware:adware/seekmo ... Read more

Answer:HELP!!Slow computer and Random Popups....

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

I apologize for the delay in responding, but as you can probably see the forums are quite busy
and sometimes a post manages to slip by us.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please post a fresh Hijack This log to this thread.
I will be notified and I will get back to you ASAP.

Please include a description of your current problem/s

Click here to download HJTinstall.exeSave HJTinstall.exe to your desktop.
Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\\Program Files\\Trend Micro\\Hijack This.
Click I accept
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

CCleaner
Please download CCleaner from here to clean temp files from your computer.Double click on the ccsetup.exe file to start the installation of the program.
Select your language and click OK, then next.
Read the license agreement and click I Agree.
Click next to use the defaul... Read more

7 more replies
Relevance 53.71%

Somehow, my PC was infected. I've got tons of tmp files, a red x on my C drive, tons of popups, computer lags, very slow. I've run ComboFix and it gave my the following log. Any help would be GREATLY appreciated. Thank you!!!!!!

ComboFix 08-04-10.5 - Mona 2008-04-10 2050.1 - NTFSx86
Running from: C:\Documents and Settings\Mona\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\Mona\Application Data\AVSystemCare
C:\Documents and Settings\Mona\Application Data\CROSOF~1.NET
C:\Documents and Settings\Mona\ResErrors.log
C:\Program Files\Common Files\mcroso~1.net
C:\Program Files\Temporary
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\isgTi19
C:\temp\tn3
C:\WINDOWS\aconti.log
C:\WINDOWS\aconti.sdb
C:\WINDOWS\acontidialer.txt
C:\WINDOWS\cookies.ini
C:\WINDOWS\default.htm
C:\WINDOWS\system32\adult.txt
C:\WINDOWS\system32\bkmoopob.exe
C:\WINDOWS\system32\dpqaqlqx.bin
C:\WINDOWS\system32\drivers\blank.gif
C:\WINDOWS\system32\drivers\box_2.gif
C:\WINDOWS\system32\drivers\button_buynow.gif
C:\WINDOWS\system32\drivers\button_freescan.gif
... Read more

Answer:Red X on C Drive, slow computer, PopUps...HELP!

Hello! You are infected with some nasty stuff!

====================================================

You don't have Window's Recovery Console installed. Whilst it may not be needed at this time, current infections tend to patch a lot of critical system files now, these often result to multiple problems and sometimes, they can cause unbootable machines. Having Window's Recovery Console installed on your machine will help you and I in case something goes wrong while we are in the process of cleaning your machine.

Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System



Download the file & save it as it's originally named, next to ComboFix.exe.



Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

====================================================

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :Restart your computer
After hearing your computer beep once during startup, but before the Windows icon... Read more

3 more replies
Relevance 53.71%

Hello,

I have a Sony Vaio VPCS125FH (about a year old) and it barely moves. I get ad popups in the lower left corner and when trying to browse, it is extremely slow. I just downloaded and installed MBAM and ran a quick scan. The scan found 8 infected files up to a certain file and then it got stuck. I ran it twice and it got stuck around the same place (not sure if it was the same file, though). The file it seemed to freeze on the second time around is: C:\USERS\VAIO\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini I greatly appreciate any help you might be able to give. Thank you!

Answer:ad popups computer extremely slow

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

60 more replies
Relevance 53.71%

Hello,
I'm a first time poster. I've searched this forum for similar cases, most times vundofix is suggested. VundoFix picks up nothing for me. I've done an AVG scan, it has deleted some infected files but computer performance hasn't improved much.

I'm getting popups when I'm surfing the net along with what is now a snail-paced computer. Sometimes it will take a very long time to load a page, if it loads at all.

A pop up I receive constanty appears to be a google search bar, it states
"Oops this seems to be a broken link" along with the following url:
http://82.98.231.93/?source=venus_r...fff&rid=upa100001&ver=21115&m=lg20&b42=0.0032

My HijackThis Log is attached.
Thank you very much for your help!
I'd really like to get this headache off my system.
 

More replies
Relevance 53.71%

Yesterday my Kaspersky anti-virus detected a trojan and I believe it is in quarantine now. I am still getting random popups and my computer has slowed down from before I had the virus. I don't have any knowledge on the removal or viruses/malware etc. so I would really appreciate any kind of help. I would like to get my computer back to normal.

Thank you.

Answer:Random popups and slow computer

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. I currently have as many open topics as I can effectively handle; this will have you back in queue with the proper logs so an available helper would be able to assist.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 53.71%

for the past few weeks, my computer has been filled with spyware, but adaware and spybot don't seem to be taking much off. my computer is slow, i have resorted to using mozilla because using ie give me a popup a minute, and all my fonts are messed up in aol instant messenger. i downloaded hijackthis and my logfile is posted below, please help me to get this junk off my computer!- mnsdgLogfile of HijackThis v1.97.7Scan saved at 4:54:36 PM, on 6/1/2004Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Unable to get Internet Explorer version!Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\aol\ACS\acsd.exec:\PROGRA~1\mcafee.com\vso\mcvsrte.exeC:\WINDOWS\System32\sdpasvc.exeC:\WINDOWS\wanmpsvc.exeC:\Program Files\Common files\WinTools\WToolsS.exec:\PROGRA~1\mcafee.com\vso\mcshield.exeC:\WINDOWS\Explorer.EXEC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exeC:\PROGRA~1\mcafee.com\vso\mcvsshld.exeC:\Program Files\Messenger Pl... Read more

Answer:slow computer, many popups, please read my hjt log

C:\WINDOWS\wxrxhmjv.exe - done a virus scan lately?Make sure you do the update function for Ad-aware and Spybot. (In Ad-aware, your reference file should be denoted as 5-30, tho they come out with new additions almost daily). Most of these should be detected with the latest definitions.The links to Ad-aware, Spybot, and some free online virus scanners can be found here:http://www.closedsocket.com/links.htmlRun those, then repost your log and we'll give it another look.

6 more replies