Hello. I just have moved houses and ever since then my computer has been running poorly. When im running applications my computer seems to have small "hicupps" where my computer freezes doing its current process. For example say I am typing: "move", and it hicups when i im typing the "o" key it seems to freeze up and type "o" a bunch ( would look like: mooooooooooooooooooooooooooooooooooooooo" ). I thought it was a ram problem since i am using 2 512 sticks so ive been swapping them out and running single sticks, however it hasnt helped. Prior to swapping out all the sticks i used adaware and cleaned all the files as well as running the virus scan at housecall.antivirus.com. I also did a defrag. Nothing has helped. I just noticed that i have Comwiz.exe running in my process list. I am running Windows XP professional. When i try to end the process it doesnt end. I was wondering if Comwiz could be causing the problems I have been having? If so, can i just boot up and delete it and it should be ok? Or is there a better way to go about it? If this isnt the problem, any idea what it could be? I am going to attach a HijackThis log. If there is anything else tha needs help, please let me know -- I would like to solve this problem. Thanks. Logfile of HijackThis v1.97.2 Scan saved at 22:48:17, on 2003/09/28 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\Mixer.exe C:\Root\Appz\Multimedia\Winamp3\winampa.exe C:\PROGRA~1\COMMON~2\ADDRES~1\Winnet.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\STOPzilla!\Stopzilla.exe C:\WINDOWS\wt\updater\wcmdmgr.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\root\appz\multimedia\quicktime\qttask.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Root\Appz\Chat\AIM\aim.exe C:\Program Files\MSN Messenger\MsnMsgr.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\Systran\4_0\Premium\SYSTRA~1.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe C:\PROGRA~1\COMMON~2\ADDRES~1\comwiz.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\underlings\Desktop\HijackThis.exe O2 - BHO: BabeIE - {00000000-0000-0000-0000-000000000000} - C:\PROGRA~1\COMMON~2\ADDRES~1\cnbabe.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\root\appz\multimedia\adobe\acrobat\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar_en_2.0.95-big.dll O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\WINDOWS\System32\StopzillaBHO.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.95-big.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe /IMEName O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [WinampAgent] "C:\Root\Appz\Multimedia\Winamp3\winampa.exe" O4 - HKLM\..\Run: [winnet] C:\PROGRA~1\COMMON~2\ADDRES~1\Winnet.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\Stopzilla.exe /autorun O4 - HKLM\..\Run: [SZMsgSvc.exe] C:\Program Files\STOPzilla!\SZMsgSvc.exe O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [imjpmig] E:\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload O4 - HKLM\..\Run: [QuickTime Task] "C:\root\appz\multimedia\quicktime\qttask.exe" -atboottime O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [AIM] C:\Root\Appz\Chat\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Root\Appz\Utilities\Microsoft Office\Office10\OSA.exe O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Root\Appz\UTILIT~1\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmsimilar.html O8 - Extra context menu item: Translate Page - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmtrans.html O9 - Extra button: AIM (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} (CscClnt Class) - http://205.159.125.199/central/02030106/cccabs/CleverContent.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} (Video Class) - http://stream10k.redhotnetworks.com/cabs/videox.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe O16 - DPF: {4AD7DA15-AB2F-4C91-BEF5-3876DA4A2CCC} - http://www.cambridgesoft.com/plugins/activex/install/NetInstall.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/76808a0e7ae82f/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6D5237D-A6C7-4C83-A67F-F9F15586FA62} (SBFullInst Control) - http://www.spyblast.com/download/SBFull.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab

Phase: Here's a link to Symantec Security that has some info on "comwiz.exe".. Looks like it is part of a trojan so you may be infected. Look under the Technical section. Comwiz.exe is one of the first files listed. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.comiz.html

Comwiz.exe is the parasite CommonName Toolbar. Try this, Install and update Spybot-S&D. Spybot Then hit ctrl > alt > del and end process on the following: C:\PROGRA~1\COMMON~2\ADDRES~1\comwiz.exe C:\PROGRA~1\COMMON~2\ADDRES~1\Winnet.exe Run Spybot and have Spybot remove all red entries it lists.