|
Had Department of Justice money pack virus. Now computer is acting strange. Could someone take a look at my hijackthis log?
|
|
AfterDawn Addict
|
29. December 2012 @ 17:59 |
Link to this message
|
|
Lucky you..
The whole problem is: if I'm trying to help you and you are doing your own thing without my knowledge, it's a lost cause....
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
Advertisement
|
 |
|
|
|
wheelstb
Senior Member
|
29. December 2012 @ 18:31 |
Link to this message
|
|
That is true. I do apologize
|
AfterDawn Addict
|
29. December 2012 @ 18:44 |
Link to this message
|
apology accepted.
I don't hold grudges,so if you need help and can follow instructions, give me a jingle
What color does a smurf turn when you choke him? 
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
AfterDawn Addict
|
29. December 2012 @ 20:54 |
Link to this message
|
wheelstb, it is sensible and commendable that you prefer to take away what you are told here and do some further reading before acting on it. However, in the short term, no amount of reading will match the first hand experience of someone like 2oG.
My point is that I would implore you to have faith in the advice you're being given and act upon it; there aren't many frequent posters left here, but the ones who are left are here to help.
If you're still having issues with your PC, perhaps do another HJT scan and post the log here, in full, so we can have a look and go from there.
|
|
wheelstb
Senior Member
|
29. December 2012 @ 21:03 |
Link to this message
|
I am still having difficulties. It seems to be running much slower than I would expect.
Here is my HJT log.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:03:15 PM, on 12/29/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Cloudmark\Desktop\Service\cdswin.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dnsspserver.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Users\Tommy\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bho - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1727603458-3655430775-3759167011-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1727603458-3655430775-3759167011-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Cloudmark DesktopOne.lnk = C:\Program Files (x86)\Cloudmark\Desktop\Service\cdswin.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i...tDetection2.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://ec2-174-129-18-125.compute-1.ama...eivers/FMSI.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s...ash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11958 bytes
|
AfterDawn Addict
|
29. December 2012 @ 21:22 |
Link to this message
|
There is nothing showing in yout HJT log. We already cleared it out. there are other problems that I had a fix nearly done before you started changing things up.. Maybe I can still salvage it, we'll see..
@Ripper, Here is a little of the HJT Tutorial I am working on. It's gonna take a while but I'm trying to make it for the Novices to understand..
I'm saddened to hear that Trend Micro has abandoned development of HiJackThis. I was hoping to see version 2.0.5 or 2.0.6 in the near future to make it compatible with 64bit systems.
Trend Micro has placed the program in open source, so perhaps development will continue beyond the version 2.0.4 that it's been stuck at for awhile.
HijackThis doesn't support 64-bit operating systems. However, you can still use it if you know how to interpret the logs. You can tell if it?s a 64bit system (Vista or Win7) by finding the ?Program Files (x86)? folder in the running processes of a HJT Log. 32bit systems do not use or have this folder. They only have the ?Program Files? folder. A 64bit system has Both!
Tips for analyzing a HJT Log on a 64bit system:
1.) Ignore the O23 entries with "@" signs and showing (file missing). They are Legal Microsoft services not normally showing in a HijackThis log.
2.) If you are checking a 64bit system, any 023 entry other than the ones with ?@? signs that show (file missing) are there because 64bit Windows placed them in the folder sysWOW64 instead of system32 and 32bit HJT can?t see them there so it shows (file missing). Do not fix them unless they are really a *bad* file..
3.) HijackThis will only show running processes for one user in 64bit (Windows 7 and Vista).
4.) If Windows is denying access to the Hosts file, run HijackThis as Administrator or disable the UAC first.
For both 32bit and 64bit always remember this:
Originally posted by Clamity Jane:
You will see (file missing) or (no file) as well in some of the lines in different sections. You can only rely on that to be true in the sections for BHOs and Toolbars (02s & 03s)
When you see (file missing) in other sections, it may really NOT be missing. You will see it in the 09's and the 023s especially. The only time you should fix the (file missing) in those sections is IF AND ONLY IF you see a *bad* file there. Be aware that "fixing" doesn't remove the malware either. It's important to have them manually delete the file as well (plus any other recommended removal methods)
Except for the 02 & 03 Sections, good items listed in other sections with (file missing) should be left alone. Most often they ARE THERE but HJT doesn't see the file.
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
AfterDawn Addict
|
29. December 2012 @ 21:37 |
Link to this message
|
Originally posted by wheelstb:
I am still having difficulties. It seems to be running much slower than I would expect.
That is why I had you run this program. So I could see the condition of your OS drive. Too bad it wouldn't run. Try it again and see if we have better luck.
Security Application Check:
Please download and save SecurityCheck.exe to your Desktop from one of the links below.
Link 1 http://www.bleepingcomputer.com/download/securitycheck/
Link 2 http://screen317.spywareinfoforum.org/SecurityCheck.exe
? Double-click SecurityCheck.exe then follow the on-screen instructions inside of the black box.
? A Notepad document should open automatically called checkup.txt
? Please post the contents of the checkup.txt in your next reply.
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
AfterDawn Addict
|
29. December 2012 @ 21:54 |
Link to this message
|
Quote:
@Ripper, Here is a little of the HJT Tutorial I am working on. It's gonna take a while but I'm trying to make it for the Novices to understand..
Skimmed over it - looks good! I'm not massively into security/anti-virus so I will no doubt learn a thing or two myself.
Admittedly though I haven't really taken a look at any specifics or logs in this thread, so I'll leave you to it before I clutter things up.
|
AfterDawn Addict
|
29. December 2012 @ 22:13 |
Link to this message
|
|
Ya gotta jump in before you learn to swim :)
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
wheelstb
Senior Member
|
29. December 2012 @ 22:15 |
Link to this message
|
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Malwarebytes Anti-Malware version 1.65.1.1000
HijackThis 1.99.1
TuneUp 2.4.6.4
Java(TM) 6 Update 20
Java(TM) 6 Update 21
Java version out of Date!
Adobe Flash Player 11.5.502.135
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
|
AfterDawn Addict
|
29. December 2012 @ 23:25 |
Link to this message
|
well, I can't see anything. Fragmentation on drive c is just 1%
you have a few programs that are out of date.
check and fix these HJT lines one is a true missing file and the others are unnecessary to be running all the time. fixing them will not delete them, just keep them from starting when you boot. can be started manually.
Launch HiJackThis
Click the Do a system scan only button
Put a check next to the entries listed below (if they still remain)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" ?start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM..Run: [ISUSPM] C:ProgramDataFLEXnetConnect11\isuspm.exe ?scheduler
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
Click the Fix checked button and close HiJackThis
got to get some shut eye now.... let me know what happens and I'll be looking for something else.
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
wheelstb
Senior Member
|
30. December 2012 @ 12:48 |
Link to this message
|
|
I removed all of the increase you suggested.
Then I shut down the system, started it up later. I have not noticed any measurable differences.
|
AfterDawn Addict
|
30. December 2012 @ 15:05 |
Link to this message
|
Well assuming that your PC is "clean", do you have a Windows install disc handy? You could try a system repair.
As per another thread, you've recently updated HDD controller drivers. Perhaps it would be worth testing your RAM for faults - have a look at, and run, memtest86+
http://www.memtest86.com/
|
|
wheelstb
Senior Member
|
30. December 2012 @ 15:31 |
Link to this message
|
|
I'll give it a try. Thanks.
|
AfterDawn Addict
|
30. December 2012 @ 16:23 |
Link to this message
|
You are CLEAN! Like Ripper said, about the only thing left is RAM. Check it out..
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
wheelstb
Senior Member
|
31. December 2012 @ 12:18 |
Link to this message
|
Thanks, I'll check out the RAM and report back.
I've noticed that overtime performance seems to degrade and it seems like reinstalling Windows is the only way to fix the problem. I was hoping that was not my problem although, I was kind of thinking it could be the problem.
What opinion do you guys have on operating systems degrading over time? Some people seem to think it is a phenomenon that exist and other people seem to think it's garbage.
|
Senior Member
|
31. December 2012 @ 14:56 |
Link to this message
|
i ran xp pro for over 4 years with no reinstalls.i dont believe that an operating system just degrades over time.i do however believe that we cause our own problems as far as performance goes.regular maintenance ie defrags [although windows 7 doesnt seem to need this near as much],disk cleaning,registry cleaning etc is as important as it comes.and,as 2old says,good antivirus,malware,spyware programs.and lastly,although it probably should be first,common sense.in conclusion,i see no good reason to wipe ones hard drive and reinstall windows at all.
|
|
wheelstb
Senior Member
|
31. December 2012 @ 15:55 |
Link to this message
|
|
I agree. Staying on top of regular maintenance is important. I did a fairly good job of staying on top of my necessary maintenance. But I am still experiencing a slowdown.
|
AfterDawn Addict
|
31. December 2012 @ 17:33 |
Link to this message
|
Originally posted by wheelstb:
I agree. Staying on top of regular maintenance is important. I did a fairly good job of staying on top of my necessary maintenance. But I am still experiencing a slowdown.
If you look at the logs of the programs I had you run and count the number of deleted malware, crapware and orphaned registry entries that were deleted, they don't indicate Necessary Maintenance has been done!
I agree with aldan that you should Never have to re-install Windows just because your computer is running slow.
I have NEVER reformatted or reinstalled the OS on a computer because it was slow and I have been building and using computers since the late 1960's.
My first store bought computer, not counting the mainframes I build before they were available was a Radio Shack Model I with 16 kilobytes of memory and an Intel Z80 processor that ran at 1.4 Mega Hertz. There is always a reason for a slowdown. Be it software, hardware, memory, fragmented drive, driver settings or whatever.
Which reminds me of something I overlooked - You may have a load of tracking cookies.
Run SuperAntiSpyware, you have it on your computer, and post the log here.
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 31. December 2012 @ 17:45
|
|
wheelstb
Senior Member
|
31. December 2012 @ 23:02 |
Link to this message
|
|
I built the computer three or four years ago. I was Staying on top of the maintenance for quite some time. Then, I noticed a slowdown that I could not figure out. Foolishly from that point I let the maintenance laps. But for a while it was shipshape :-)
I am a recent graduate and I had a bunch of stuff from when I was in school that I really don't need any more and a bunch of other programs that I installed that I don't need. I was going to start with a fresh install partly because there's something refreshing about starting from scratch, at least for me. But I am still on the job search and I know that with a fresh install sooner or later I will find something important that I forgot to backup. For some reason I decided it was a good idea to wait until I got a job, that way if something would be handy for the job search it wouldn't come up missing.
I typically like leaving cookies because I have difficulty typing and it makes it a little bit easier. But I will run super anti-spyware in the morning and post the results.
Happy new year!
This message has been edited since posting. Last time this message was edited on 31. December 2012 @ 23:02
|
AfterDawn Addict
|
31. December 2012 @ 23:17 |
Link to this message
|
|
SAS does not delete ALL of the cookies - just the trackers... I am sure now that you have a butt load of them.. :)
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
wheelstb
Senior Member
|
31. December 2012 @ 23:36 |
Link to this message
|
Thanks I did not think about that but, you are right it only removes the tracking cookies.
I don't have a butt load of cookies, what is bigger than a butt load that is what I have. :-)
I'm calling it a night for real this time. I will check my RAM and report the results as well as run super anti-spyware and report those results in the morning.
Thanks
This message has been edited since posting. Last time this message was edited on 31. December 2012 @ 23:38
|
AfterDawn Addict
|
1. January 2013 @ 00:23 |
Link to this message
|
|
Show the LOG! Chicken....
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
wheelstb
Senior Member
|
1. January 2013 @ 14:49 |
Link to this message
|
Originally posted by 2oldGeek:
Show the LOG! Chicken....
LOL.
It takes at least 40 minutes to complete the scan and I intended to go to bed earlier than I did. Here is my log
Actually, I didn't see a way to get the log. So I will just report the results. My definition were completely up-to-date. The only objects found were 73 tracking cookies.
As soon as I complete this post I'm going to run the memory testing program and report those results as well.
|
|
Advertisement
|
|
|
AfterDawn Addict
|
1. January 2013 @ 15:18 |
Link to this message
|
Originally posted by wheelstb:
Actually, I didn't see a way to get the log. So I will just report the results. My definition were completely up-to-date. The only objects found were 73 tracking cookies.
Hey wheels, I?m not as dumb as I look.. You can get the Log from the home page of SAS by clicking on ?view scan logs? and copy/past it here. That?s just a cop out because you don?t want us to see the Porn sites etc. that you been poking around in? 
2oG
?May you have the hindsight to know where you've been, the foresight to know where you are going, and the insight to know when you have gone too far?
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
