Go Back   Cyber Tech Help Support Forums > Software > Malware Removal
Reload this Page Not sure if its a virus - PC running very slow
Register FAQ Calendar Today's Active Topics Search

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old September 15th, 2006, 02:01 AM
karlosio's Avatar
karlosio karlosio is offline
Senior Member
  
Join Date: Jul 2006
O/S: Windows XP Pro
Location: Scottish Highlands
Age: 43
Posts: 101
Not sure if its a virus - PC running very slow
Hi, im not sure whats going on with my PC, firefox keeps closing every so often and I also cant display the task manager by pressing the CTRL + ALT + DEL combo. The PC also seems to slow down like the whole of its CPU usuage is being used, but im not even using any CPU heavy applications (just firefox).

Im using Windows XP Pro.

I read your thread on Hijack This and downloaded the app, here is what it produced in the scan.

Any help appreciated, thanks

Logfile of HijackThis v1.99.1
Scan saved at 01:59:02, on 15/09/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\phpdev\Apache\Apache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\TrojanHunter 4.6\THGuard.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\phpdev\Apache\Apache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Karlos
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.6\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Apache - Unknown owner - C:\phpdev\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Reply With Quote
  #2  
Old September 17th, 2006, 03:52 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
Howdy karlosio,


No infection showing here. Little of anything else either. No XP patches/upgrades or IE upgrades? Looks to be running some form of server setup as well like that. Surprised there is no infection given that.


Let's do two things at once. As this shows zero attempts of upgrading, we'll need to be sure we can move forward within CTH's minimal rule about not assisting on systems that do not have authorized OS installs. Please visit this site:
http://www.microsoft.com/resources/h...s/default.mspx

You just need to run the "Validation Wizard". Then copy paste in this thread the entire text you receive.



And Go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here. You can use separate posts here if needed.
Reply With Quote
Reply

Bookmarks

« Previous Topic | Next Topic »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Virus? Browser Running too slow! melodysue Malware Removal 1 February 20th, 2016 12:42 PM
Virus? Pc Is Running a bit slow I think TexasSportsFan Malware Removal 21 November 3rd, 2010 06:31 AM
laptop running very slow - virus? HJT log lbowman Malware Removal 18 June 20th, 2009 05:19 AM
After virus clean XP running Slow Please Help btti123 Windows XP 2 December 31st, 2007 04:44 PM
Virus?? I'm running really slow; can someone check my HJT log terrier Malware Removal 1 September 28th, 2004 08:06 AM


All times are GMT +1. The time now is 10:22 PM.