Periodic lag

Status
Not open for further replies.
Chronus

Chronus

Posts: 118   +0
Hey, helping a friend wiht her computer, ran the scans and including some other info for help.
 
some more logs

The registry were things that the Ccleaner found problems with in the registry cleaner. Also is there a way to get a log of all the programs that are in the msconfig:Startup that i can show you guys and get some help on things to get rid of.

Thanks for any help you can give.
Chronus

PS:
Sorry, last time i posted the person asked for all the previous logs and so i thought i would get them all in now instead of when i get back.
 
THe following should be removed using HiJackthis!

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: (no name) - {C378F1A7-F2D3-46BB-95F5-58979019EDB7} - (no file)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

Download and install this, http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx, open it and click save as in the file menu, post the log file, between that and the hijack log, we should be able to eliiminate quite a bit.:)
 
I don't know if you'd be interested in these, but after i did the scans you recommended i did a scan with spybot search and destroy and these are what is in the log folder, it fixed 13 things. (this was before the fixes with the hijack this and the explorer)
 
strategic said:
THe following should be removed using HiJackthis!
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
Click to expand...

This is only "sorta" spyware. There are a couple processes initiated by Realtek Audio, it phones home, but isn't harmful, At least I'm guessing that, if it's in the "Realtek" program folder, it's good. You can disable this from running at startup with the Spybot S&D that's already installed on the machine. Use Spybot in "advanced" mode , expand "tools" then click on "system startup", every process running at startup is explained, and can be shut down. The eliminates the need to run "msconfig" to control startup programs and processes.

Chronus said:
I don't know if you'd be interested in these, but after i did the scans you recommended i did a scan with spybot search and destroy and these are what is in the log folder, it fixed 13 things. (this was before the fixes with the hijack this and the explorer)
Click to expand...
The "wild tangent" is a big problem ands needs to be fixed.

In the future, (after the cleanup), you should either use CCleaner, or configure Firefox to eliminate the "tracking cookies" The CCleaner finds them almost instantly, rather than doing lengthy scans with an anti-spyware program. Firefox will dump the cookies upon exiting the program when correctly configured. Thus; "tools" > "options" > "privacy", then set keep cookies "until I close Forefox" and you can also set "clear history when I close Firefox". It's almost like you were never there, but be prepared to renter your password at Techspot when you return.
 
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
Click to expand...

That one is a legit BHO, relating to Microsoft Money.

What did you use to research those entries strategic?

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
Click to expand...

This one is part of the AVG antivirus, even though it says 'no file' it doesn't necessarily mean just that.

You are getting them to remove legit files
 
O4 - HKLM\..\Run: [NI.UGA6P_0001_N122M2210] "C:\DOCUME~1\Owner\LOCALS~1\Temp\install_en.exe"

Looks very suspicious in your last Hijackthis log. Legitimate programs generally do not run from a Temp folder.

You should remove that entry using Hijackthis - place a check on the item and allow hijackthis to remove it.

Hope that helps.
Zyldar
 
Multiple antivirus programs, Foistware, P2P> all will cause vulnerabilities and malware.


Zydlar, you don't have a user remove an entry because "Looks very suspicious in your last Hijackthis log." You find out what it is-then act appropriately.
 
That's a good point. The program can be disabled using MSConfig or you can backup the registry entry first prior to removing it. If you later determine that you need the program running on bootup, you can simply re-enable it using MSConfig.

If you need details on backing up the Registry or using MSConfig, please leave a post here.

Hope that helps.
Zyldar
 
Ok, i'm geting so much information. so can one person tell me what to do.

Also, is there anything i can do about periodic lag spikes that kills anything that is running at the time, or am i SOL?
 
Also, is there anything i can do about periodic lag spikes that kills anything that is running at the time,
Click to expand...

Yes, you can get rid of the malware. This requires an orderly process, with the programs laid out, followed by the logs which are then reviewed.

There are no trained malware helpers on TechSpot at this time. And it gets pretty hard on someone with a problem to be given a lot of different suggestions!

See Tech-101. Follow the steps in the preliminary removal, post the logs. They will be reviewed by trained malware helpers.

I am very sorry for your frustration.
 
Its alright, I've been getting excellent help from here for years now and i greatly appreciate it. I'm also in the prosses of updating drivers right now as well as a game crashed the computer at a specific point. but that for a different topic. I'll take a look at the tech-101 when i get the chance, thanks.
 
Status
Not open for further replies.

Similar threads

R
Solved Norton blocked attack by: System Infected: Miner.Bitcoinminer Activity #
2
Replies
32
Views
3K
Broni
Broni
Jimmy2x
AMD's Anti-Lag+ issues causing bans, crashes, and other issues in several online games
2
Replies
46
Views
1K
VcoreLeone
VcoreLeone
Daniel Sims
  • Locked
Apple "Find My" app led a Missouri SWAT team to raid an innocent family's home, lawsuit pending
2 3
Replies
53
Views
12K
hwertz
hwertz

Latest posts

Back