# slow computer

May 30, 2009 at 18:30:33
Specs: Windows XP
 My computer has recently just slowed down. This happened shortly after I "updated the system", it resulted in having to reboot the entire computer. Now I'm noticing that yet again I am seeing that there are more automatic updates for my system but I am thinking the only reason they are showing up is due to the fact there could be a virus - I have hijack this but am not sure what i should/shouldn't remove. Any help would be appreciated. I have scanned with avast and avg and have not found anything but there is no reason for the sudden slowdown and sudden psycho break from reality my computer had when it last updated. HELP!the cursor is winking at me...i think it likes me...

See More: slow computer

#1
May 30, 2009 at 18:35:40
 Download and run Kaspersky AVP tool: http://devbuilds.kaspersky-labs.com...Once you download and start the tool:# Check below options: * Select all the objects/places to be scanned. * Settings > Customize > Heuristic analyzer > Enable deep rootkit search # Click Scan # Attach Scan log/Summary to your next message. Illustrated tutorial: http://img32.imageshack.us/img32/76...-------------------------------------------------

Report •

#2
May 31, 2009 at 07:21:14

Report •

#3
May 31, 2009 at 08:06:07
 ok that is actually a small fraction of the log...there is no way i could post the entire thing. i don't know what to do. :(the cursor is winking at me...i think it likes me...

Report •

Related Solutions

#4
May 31, 2009 at 08:09:16
 Its ok Scan with malwarebytes and superantispyware. Post scan results.-------------------------------------------------

Report •

#5
May 31, 2009 at 18:31:10

Report •

#6
May 31, 2009 at 18:41:30
 Can you please post your AVZ log:Note: Run AVZ in windows normal mode. If avz.exe doesn't start, then try to rename the file avz.exe to something else and try to run it again. Fix what superantispyware detected. Leave malwarebyte scan for now. When you make this log make sure you have your web browser open in background.1) To create the logfile, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.2) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.3) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator.You should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.begin ExecuteStdScr(3); RebootWindows(true); end. Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called virusinfo_syscure.zip inside. Upload that file to rapidshare.com and paste the link here.Image Tutorial-------------------------------------------------

Report •

#7
May 31, 2009 at 20:58:57
 !-- AVZ XML Report -->−

Report •

#8
May 31, 2009 at 20:59:36


Report •

#9
May 31, 2009 at 21:00:12


Report •

#10
May 31, 2009 at 21:00:51


Report •

#11
May 31, 2009 at 21:01:38
 i hope that is what you were looking for - it seemed a little strange to me but i hope its what you were looking for. the cursor is winking at me...i think it likes me...

Report •

#12
May 31, 2009 at 21:03:28
 Please read Response Number 6 carefully i need the whole .zip file upload it to free file hosting like rapidshare.com.-------------------------------------------------

Report •

#13
June 1, 2009 at 07:14:21
 i'm sorry! duh.http://rapidshare.com/files/2396126...the cursor is winking at me...i think it likes me...

Report •

#14
June 1, 2009 at 07:44:08
 Follow these Steps in order numbered. Don't proceed to next step unless you have sucessfully completed previous step:1) Run this script in AVZ like before, your computer will reboot:begin SetAVZGuardStatus(True); SearchRootkit(true, true); QuarantineFile('c:\program files\malwareremovalbot\malwareremovalbot.exe',''); DeleteFile('c:\program files\malwareremovalbot\malwareremovalbot.exe'); DeleteFileMask('C:\WINDOWS\Tasks', 'malwareremov*.job', false); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end. 2) After Reboot. Attach a Combofix log, please review and follow these instructions carefully.Download it here -> http://download.bleepingcomputer.co...Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.Now, please make sure no other programs are running, close all other windows and pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) until after the scanning and removal process has taken place.Please double click on the file you downloaded. Follow the onscreen prompts to start the scan. Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please upload that file to rapidshare.com and paste the link here.-------------------------------------------------

Report •

#15
June 1, 2009 at 15:49:15
 http://rapidshare.com/files/2397718...the cursor is winking at me...i think it likes me...

Report •

#16
June 1, 2009 at 15:59:22
 Follow these Steps in order numbered. Don't proceed to next step unless you have sucessfully completed previous step:1) Run this script in AVZ:begin CreateQurantineArchive('c:\quarantine.zip'); end. 2) A file called quarantine.zip should be created in C:\. Then please zip up C:\qoobox\quarantine and upload both it and C:\quarantine.zip to a filehost such as http://rapidshare.com/ Then, Private Message me the Download link to the uploaded file. 3) Lastly, uninstall Combofix by: pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) > Start > run > type combofix /u > ok. Or Start > run > type 123.exe /u > ok.-------------------------------------------------

Report •

#17
June 1, 2009 at 16:31:27
 did the first step - what exactly do you mean by "zip up" do you mean open? or move them all into the same folder - sorry i'm a little dense when it comes to tech termsthe cursor is winking at me...i think it likes me...

Report •

#18
June 1, 2009 at 16:44:49
 Create a zip of folder C:\qoobox\quarantine . Refer to http://www.bleepingcomputer.com/tut...-------------------------------------------------

Report •

#19
June 1, 2009 at 19:40:36
 Can you remake new log Response Number 6 and post it again. Also post your hijackthis log.-------------------------------------------------

Report •

#20
June 1, 2009 at 20:24:25

Report •

#21
June 1, 2009 at 20:31:32
 Thanks for the files. Please follow these steps in order numbered and post summary log after each step.1) If you use Windows System restore, turn it off > reboot. How to turn it off/on: http://support.kaspersky.com/faq/?q... Run a full scan with http://www.eset.eu/online-scanner# Check the box next to YES, I accept the Terms of Use. # Click Start # When asked, allow the activex control to be installed. # Click Start # Check below options: * Remove found threats * Scan for potentially unwanted applications (Advance Settings). * Enable Anti-Stealth technology (Advance Settings). # Click Scan # Wait for the scan to finish # When it finishes it will create a log file here: C:\Program Files\EsetOnlineScanner\log.txt # Attach this logfile to your next message. Note: Turn system restore back on, if you wish; this to remove malware from system volume information files. 2) Install, update and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log, but Please Don't fix anything yet, until the log is reviewed.3) House cleaning [Optional]. Scan with SuperAntispyware : http://www.superantispyware.com/dow... . Fix what it detects and post summary scan log.-------------------------------------------------

Report •

#22
June 1, 2009 at 20:44:42
 here's this other log as well.http://rapidshare.com/files/2398286...the cursor is winking at me...i think it likes me...

Report •

#23
June 1, 2009 at 20:47:48
 All seems good follow Response Number 21. Is your original problem solved?-------------------------------------------------

Report •

#24
June 2, 2009 at 05:17:10
 its still pretty slow - i'm wondering if the whole thing needs to be wiped. i've tried deleting (prior to this) certain items and taking them out of add/delete programs and its to no avail. stupid things like some games and such. here's the eset log. will do the other logESETSmartInstaller@High as downloader log:all ok# version=6# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.5863# api_version=3.0.2# EOSSerial=8584deedbf4e9b448c13488dcf1f7bd3# end=finished# remove_checked=true# archives_checked=false# unwanted_checked=true# unsafe_checked=false# antistealth_checked=true# utc_time=2009-06-02 05:11:32# local_time=2009-06-02 12:11:32 (-0600, Central Daylight Time)# country="United States"# lang=1033# osver=5.1.2600 NT Service Pack 2# compatibility_mode=769 62 16 97 236339669062500# compatibility_mode=1026 21 100 100 11775110937500# scanned=124280# found=1# cleaned=1# scan_time=4581C:\WINDOWS\Fonts\grepc.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000the cursor is winking at me...i think it likes me...

Report •

#25
June 2, 2009 at 05:43:53
 lol im not sugesting any kaspersky.kaspersky antivirus for me not only rubish, but if compare to rubish. rubish more 1000x time more good. for better choice we dontneed ant antivirus with all protection. itmake computer slow down and wasting money and time. choose only simple antivirus and simple protection. i have tested all antivirus release in market. but most of them is rubish. clear your mind. antivirus is protect from virus. antivirus is to clean your virus. no any antiviruses can protect virus.they only clean the virus after virus attack the computer. that means only old virus they can protect. i sugest you can simple but nice : use avira antivirus and spybot to slow down virus attack. other antivirus is not protect even slow virus effecting the computer.i sugest avira because avira is very fast release technical solution for new virus. kaspersky take 3 month to identify 3 months to create cleaner/removal and 3 months to sell product. if you not beleive what i say. fo to their website and read any virus information. all of them take more than 6 months to clean every viruses..

Report •

#26
June 2, 2009 at 07:18:43
 Finish Response Number 21 then i will tell you two more things to clean and clear up few things after which if you still feel you can wipe/reinstall.-------------------------------------------------

Report •

#27
June 2, 2009 at 07:28:05
 Malwarebytes' Anti-Malware 1.37Database version: 2213Windows 5.1.2600 Service Pack 26/2/2009 9:26:17 AMmbam-log-2009-06-02 (09-26-09).txtScan type: Full Scan (C:\|D:\|)Objects scanned: 210419Time elapsed: 2 hour(s), 5 minute(s), 28 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 1Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 4Files Infected: 9Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CURRENT_USER\SOFTWARE\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> No action taken.Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:c:\documents and settings\all users\application data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> No action taken.c:\documents and settings\Compaq_Owner\Application Data\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Settings (Rogue.MalwareRemovalBot) -> No action taken.Files Infected:c:\program files\Creative\shared files\CTNeo6.dll (Trojan.Agent) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\rs.dat (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log\2009 Jun 01 - 03_00_02 AM_656.log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log\2009 Jun 01 - 03_00_03 AM_328.log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log\2009 May 31 - 01_52_47 PM_296.log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log\2009 May 31 - 08_03_30 PM_109.log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log\2009 May 31 - 10_29_23 PM_421.log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Log\2009 May 31 - 10_39_45 PM_562.log (Rogue.MalwareRemovalBot) -> No action taken.c:\documents and settings\compaq_owner\application data\malwareremovalbot\Settings\ScanResults.pie (Rogue.MalwareRemovalBot) -> No action taken.the cursor is winking at me...i think it likes me...

Report •

#28
June 2, 2009 at 07:35:10
 Fix what malwarebytes detected. Run these two after:-------------------------------------------------

Report •

#29
June 2, 2009 at 13:59:26
 i can't seem to do the last two tasks you had asked - mozilla doesn't allow them to run and when i go to internet explorer and click on the scans i get this strange almost fly swatting sound that happens when i press the button. when all this is said and done, should i leave allthe different scanners on the computer or disable them. ie kaparasky (i know its spelled wrong) malaware, superantispyware, etc?the cursor is winking at me...i think it likes me...

Report •

#30
June 2, 2009 at 14:03:52
 kaspersky Uninstall. Malwarebytes/superantispyware up to you to decide. Also post a HijackThis log and upload it to rapidshare.com. HijackThis: Here-------------------------------------------------

Report •

#31
June 2, 2009 at 20:02:48
 http://rapidshare.com/files/2402074...is this going to get rid of the error messages i'm now getting. ntlxEventHandler.exe not found at start upthe cursor is winking at me...i think it likes me...

Report •

#32
June 2, 2009 at 20:20:41