Background processes

[Lady Cardea]

~Hello..lil ol me again..

Howard, again thank you for your help in my last thread. The pc you helped clean up is my gaming pc. I have another pc that is for music and 3D Art. I recently purchased it and did a HJT on it just to see what was there. It seems to have a LOAD more running than my gaming pc. Yet, both are XP SP2 . It has more ram, a much better vid card and faster processor, but runs more sluggish than my gaming pc. I thought it was due to the work that it is used for, but after viewing the HJT, I'm not so sure. Would anyone have the time to take a peek and tell me if there is a problem, or if there are some processes I can take off the start up through misconfig, please...thnx.

~Lady Cardea

 

[howard_hopkinso]

Your system is infected with a collection of nasties, including newdotnet.

First, follow these instructions.

NEW.NET
Click Start/Control Panel/Add/Remove Programs and uninstall: New.net Application or New.net Domains
If neither is listed, download and run this: www.new.net/support/uninstall6_38.exe

Then, go HERE and follow the instructions exactly.

Post a fresh HJT log into this thread, only after doing the above.

Regards Howard

 

[Lady Cardea]

Howard!!!

I've done all up too Ewido...but at 55% Ewido just closes out...I've restarted it twice, then I tried booting into SafeMode..the pc just goes in circles back to the screen of where it asks what mode you want to boot into... Currently I've gone into reg Windows and burning info on to cd's as I have an $850 project that I cannot afford to lose. REALLY scared... why's it doing this??? I used the Kaspersky & Bitfender scanners before the Ewido. Do you want the logs?

Lady Cardea

 

[howard_hopkinso]

Ok, don`t worry. I think you`re being sensible backing up your important data.

If you`re having problems with any of the steps in the instructions, just skip that step and go on to the next one.

Once I have your HJT log, I`ll be in a better position to advise you.

Regards Howard

 

[Lady Cardea]

I cannot get into SafeMode to do the rest.... here is the HJT. Do I need to just nuke it?

 

[howard_hopkinso]

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm

O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm

O16 - DPF: {E6B72B91-7AC8-42A3-9545-A38C12700F6B} (JamagicCtl Class) - http://www.clickteam.com/~webftp/files/Jamagic/jamagic.cab

Click on the fix checked button.

Close HJT.

Other than the above, your HJT log is clean.

You should install an antivirus programme and a firewall programme.

AVG free and Zonealarm are both very good.

You can get them HERE and HERE.

Please post a fresh HJT log and the Kapersky and Bitdefender logs.

Regards Howard

 

[Lady Cardea]

Here are the logs. Now, how come I cannot get into SafeMode? Isn't that a bad thing? Again.. ty for everything.

Didn't realize the time, have to be up in 4 hours for work. Will check back tomorrow.

G'nite

 

[howard_hopkinso]

I don`t know why you can`t boot into safe mode. What happens when you try?

Try this.

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ALCXMNTR.EXE
regperf.exe
crack.exe

Close task manager.

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\ld100.tmp
C:\WINDOWS\system32\regperf.exe
D:\My Documents\MUSIC CONVERTORS\ACOUSTICA AUDIO CONVERTER PRO\file6.zip/crack.exe
D:\My Documents\MUSIC CONVERTORS\ACOUSTICA AUDIO CONVERTER PRO\file6.zip


Reboot into normal mode and turn system restore back on.


Regards Howard

 

[Lady Cardea]

For safemode it would just go in circles, ask which safemode I wanted (safemode..safemode w/command prompt...) I choose safemode, screen restarts then goes right back to asking which mode. I went to ur link and did the msconfig way and it still went in circles, only this time, it would not allow me to boot into Windows normally... so I tried System Recovery,,,,, it asked for a Admin password, I NEVER put one on to begin with..... Now what?? Thankfully I did back everything up but I do have a deadline and need this pc to finish the work. :blackeye:

 

[Lady Cardea]

Nm, I found my recovery cd's that I made a few months back...So, maybe it's just best this way.. a clean machine is a good machine Ty for your time.

~Lady Cardea~