Computer running slow

Status
Not open for further replies.
Hello and welcome to Techspot.

Your system has a lop infection.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Please Download NoLop to your desktop from one of the links below...
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/...pmod;dl=item16

First close any other programs you have running as this will require a reboot
Double click NoLop.exe to run it
Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Click OK
Now click the "REBOOT" Button.
A Message should popup from NoLop.
If not, double click the program again and it will finish.

--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.-- http://www.boletrice.com/downloads/mscomctl.ocx

Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, the C:\NoLop.log and AVG Antispyware logs as attachments into this thread, only after doing the above.

Regards Howard :wave: :wave:

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Your system is infected with several nasties.

This is from my post above.

Post fresh HJT, the C:\NoLop.log and AVG Antispyware logs as attachments into this thread

Please supply all the requested log files, then I`ll help you.

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Ok mate, no problem. Once I have your AVG Antispyware log, I`ll attempt to clean your system of the nasties it has left(if any). Please post a fresh HJT log as well, after the AVG Antispyware scan..

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
howard_hopkinso said:
Ok mate, no problem. Once I have your AVG Antispyware log, I`ll attempt to clean your system of the nasties it has left(if any). Please post a fresh HJT log as well, after the AVG Antispyware scan..

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

AVG report. sorry it took so long.
 
Please Download NoLop to your desktop from one of the links below...
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/...pmod;dl=item16

First close any other programs you have running as this will require a reboot
Double click NoLop.exe to run it
Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Click OK
Now click the "REBOOT" Button.
A Message should popup from NoLop.
If not, double click the program again and it will finish.

--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.-- http://www.boletrice.com/downloads/mscomctl.ocx

Download combofix.exe. Double click combofix.exe & follow the prompts. A window will open with a warning. Type "Y" (and Enter) to start the fix. When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log. Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Post a fresh HJT, the Combofix and C:\Nolop logs after doing the above.

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Your still haven`t posted a Nolop log. I need to see this before I can start to tell you what and how to get rid of stuff. This is because your system still has a lop infection.

Post the Nolop log as well as a fresh HJT log, after running the Nolop programme..

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
howard_hopkinso said:
Your still haven`t posted a Nolop log. I need to see this before I can start to tell you what and how to get rid of stuff. This is because your system still has a lop infection.

Post the Nolop log as well as a fresh HJT log, after running the Nolop programme..

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

This is what NoLop says.
 
Sorry for the confusion with Nolop, I had forgotten earlier on in your thread that Nolop hadn`t found anything.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Acceleration Software
ACCELE~1

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

stopsignav.exe
Loudmapi.exe
EANTH_~1.EXE
InsideLog.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {A919D199-20B3-1DD1-75D3-ADDA659437E1} - (no file)

O4 - HKLM\..\Run: [rule htm type bend] C:\Documents and Settings\All Users\Application Data\joyvgarulehtm\Loudmapi.exe

O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus

O4 - HKLM\..\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\ANTI-V~1\EANTH_~1.EXE /Startup

O4 - HKCU\..\Run: [Ante Readme] C:\DOCUME~1\Potts\APPLIC~1\MP3CLO~1\InsideLog.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\DOCUME~1\Potts\APPLIC~1\MP3CLO~1<Delete the entire folder.
C:\PROGRA~1\ACCELE~1<Delete the entire folder.
C:\Documents and Settings\All Users\Application Data\joyvgarulehtm<Delete the entire folder.
C:\Program Files\Acceleration Software<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Download and run the CWShredder from HERE.

Post fresh HJT and AVG Antispyware logs, after doing the above.

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Ok, do the following.

Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.


Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

Loudmapi.exe

Close task manager.

Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.

This is the filepath you need to enter into killbox.

C:\Documents and Settings\All Users\Application Data\joyvgarulehtm\Loudmapi.exe

Once your system has rebooted, rehide your protected OS files. Don`t forget to run the CWShredder programme.

Post fresh HJT and AVG Antispyware logs

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Your HJT log is clean. I can`t comment on your AVG Antispyware log, due to fact you didn`t post one. ;)

Regards Howard :)

This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.
Back