TechSpot

Computer running slow

By Mil
Jan 29, 2007
  1. here is my HJT log and my AVG is on way
     

    Attached Files:

  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system has a lop infection.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Please Download NoLop to your desktop from one of the links below...
    http://www.spywareedge.net/nolop/NoLop.exe
    http://www.thespykiller.co.uk/forum/...pmod;dl=item16

    First close any other programs you have running as this will require a reboot
    Double click NoLop.exe to run it
    Now click the button labelled "Search and Destroy"
    <<your computer will now be scanned for infected files>>
    When scanning is finished you will be prompted to reboot only if infected, Click OK
    Now click the "REBOOT" Button.
    A Message should popup from NoLop.
    If not, double click the program again and it will finish.

    --If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.-- http://www.boletrice.com/downloads/mscomctl.ocx

    Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, the C:\NoLop.log and AVG Antispyware logs as attachments into this thread, only after doing the above.

    Regards Howard :wave: :wave:

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. Mil

    Mil TS Rookie Topic Starter

    fresh HJT log
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your system is infected with several nasties.

    This is from my post above.

    Please supply all the requested log files, then I`ll help you.

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. Mil

    Mil TS Rookie Topic Starter

    NoLop found no infections and AVG is scanning now
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok mate, no problem. Once I have your AVG Antispyware log, I`ll attempt to clean your system of the nasties it has left(if any). Please post a fresh HJT log as well, after the AVG Antispyware scan..

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. Mil

    Mil TS Rookie Topic Starter

    AVG report. sorry it took so long.
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Please Download NoLop to your desktop from one of the links below...
    http://www.spywareedge.net/nolop/NoLop.exe
    http://www.thespykiller.co.uk/forum/...pmod;dl=item16

    First close any other programs you have running as this will require a reboot
    Double click NoLop.exe to run it
    Now click the button labelled "Search and Destroy"
    <<your computer will now be scanned for infected files>>
    When scanning is finished you will be prompted to reboot only if infected, Click OK
    Now click the "REBOOT" Button.
    A Message should popup from NoLop.
    If not, double click the program again and it will finish.

    --If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.-- http://www.boletrice.com/downloads/mscomctl.ocx

    Download combofix.exe. Double click combofix.exe & follow the prompts. A window will open with a warning. Type "Y" (and Enter) to start the fix. When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log. Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

    Post a fresh HJT, the Combofix and C:\Nolop logs after doing the above.

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  9. Mil

    Mil TS Rookie Topic Starter

    there u go
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your still haven`t posted a Nolop log. I need to see this before I can start to tell you what and how to get rid of stuff. This is because your system still has a lop infection.

    Post the Nolop log as well as a fresh HJT log, after running the Nolop programme..

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  11. Mil

    Mil TS Rookie Topic Starter

    This is what NoLop says.
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Sorry for the confusion with Nolop, I had forgotten earlier on in your thread that Nolop hadn`t found anything.

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).

    Acceleration Software
    ACCELE~1

    Close control panel.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    stopsignav.exe
    Loudmapi.exe
    EANTH_~1.EXE
    InsideLog.exe

    Close task manager.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: (no name) - {A919D199-20B3-1DD1-75D3-ADDA659437E1} - (no file)

    O4 - HKLM\..\Run: [rule htm type bend] C:\Documents and Settings\All Users\Application Data\joyvgarulehtm\Loudmapi.exe

    O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus

    O4 - HKLM\..\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\ANTI-V~1\EANTH_~1.EXE /Startup

    O4 - HKCU\..\Run: [Ante Readme] C:\DOCUME~1\Potts\APPLIC~1\MP3CLO~1\InsideLog.exe

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\DOCUME~1\Potts\APPLIC~1\MP3CLO~1<Delete the entire folder.
    C:\PROGRA~1\ACCELE~1<Delete the entire folder.
    C:\Documents and Settings\All Users\Application Data\joyvgarulehtm<Delete the entire folder.
    C:\Program Files\Acceleration Software<Delete the entire folder.

    Reboot into normal mode and rehide your protected OS files.

    Download and run the CWShredder from HERE.

    Post fresh HJT and AVG Antispyware logs, after doing the above.

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  13. Mil

    Mil TS Rookie Topic Starter

    I get this error when i try to delete one of the folders
     
  14. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok, do the following.

    Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.


    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    Loudmapi.exe

    Close task manager.

    Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.

    This is the filepath you need to enter into killbox.

    C:\Documents and Settings\All Users\Application Data\joyvgarulehtm\Loudmapi.exe

    Once your system has rebooted, rehide your protected OS files. Don`t forget to run the CWShredder programme.

    Post fresh HJT and AVG Antispyware logs

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  15. Mil

    Mil TS Rookie Topic Starter

    another fresh log
     
  16. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean. I can`t comment on your AVG Antispyware log, due to fact you didn`t post one. ;)

    Regards Howard :)

    This thread is for the use of Mil only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...