Processes

[nrs2420]

As of this moment I have 90 processes running.  I've gone to websites to see which ones I should keep but I'm just too afraid to stop any processes.  Somebody said I should post my hijack this log.  I'm going to post all three logs just to make sure.  Any and all help would be appreciated.

[Saving space - attachment deleted by admin]

[evilfantasy]

Open HijackThis and select Do a system scan only.

Place a check mark next to the following entries: (if there)

- R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
- O4 - HKUS\S-1-5-18\..\RunOnce: [supportdir] cmd /c \"rmdir /q /s \"C:\WINDOWS\TEMP\{BF90215F-2D7B-4C84-8A24-A03BC41B95DD}\"\" (User \'SYSTEM\')

Important: Close all windows except for HijackThis and then click Fix checked.

Exit HijackThis.

----------

Download ComboFix by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note:  It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
 
Double click combofix.exe & follow the prompts.
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

[nrs2420]

So would any of this be part of why it takes so long for my computer to startup and shutdown?  Or is that a totally different issue?

The logs attached.

[Saving space - attachment deleted by admin]

[evilfantasy]

So would any of this be part of why it takes so long for my computer to startup and shutdown?  Or is that a totally different issue?

Not sure yet. I'm beginning to think that you need to do some maintenance to see if it helps.

• Click START then RUN
  
• Now type Combofix /u in the runbox
  
• Make sure there's a space between Combofix and /u
• Then hit Enter.

• The above procedure will:
• Delete the following:
• ComboFix and its associated files and folders.
• Reset the clock settings.
• Hide file extensions, if required.
• Hide System/Hidden files, if required.
• Set a new, clean Restore Point.

.
Run CCleaner.

----------

Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system

Go to Start > Run and type notepad.exe then click OK

Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

Code: [Select]

REGEDIT4

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"configmsi"=-
Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work.

Delete the fixme.reg from the Desktop.

----------

StartupLite

• Download StartupLite by MalwareBytes to your Desktop.
  
• Doubleclick StartupLite.exe to launch the program.
  
• Ensure the Disable box is checked.
  
• Click Continue.
  
• A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
• Re-start your computer.

.
----------

Defragment your hard drive

I suggest using a third party defrag utility. If you don't have one the Defraggler is very good and free. http://filehippo.com/download_defraggler/

Be sure to restart the computer when you are done with the defrag.

A tutorial for disc defragmentation is available at BleepingComputer.com

How is it now?

[nrs2420]

The registry thing worked fine.

My computer still seems to start up and shutdown slow.  It's not bad but I think it could be faster.  I still have 82 processes running and my cpu usage will jump from 5% to 50% while not doing anything. 

Should I post any logs?

[evilfantasy]

Try doing some of the suggestions here. Slow Computer? It May Not Be Malware

[nrs2420]

I've done most of that stuff in the past.  I normally defrag every week or so.  I'll try some other stuff.

[evilfantasy]

I'm pretty sure it isn't malware. We can do one more scan to be sure.

Use the Kaspersky Online Scanner

In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon and choose Run as Administrator.

Click on SCAN NOW
Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
• After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  
• This will start the program and scan your system.
• The scan will take a while, so be patient and let it run.
• Once the scan is complete, click on View scan report
  
• Now, click on the Save Report as button.
  
• In Save as type: click the drop arrow and select: Text file [*.txt]
  
• Then, click: Save
  
• Save the file to your desktop.

Post the Kaspersky log in your next reply.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

If needed this animation will guide you through the process.

[nrs2420]

log attached

[Saving space - attachment deleted by admin]

[evilfantasy]

Download OTMoveIt2 by OldTimer and save it to your Desktop.

Note: If you are running on Vista, right-click on OTMoveIt2.exe and choose Run As Administrator.

1. Double-click OTMoveIt2.exe to run it.
2. Copy the lines in the codebox below.

Code: [Select]

[kill explorer]
C:\Documents and Settings\Nathan\My Documents\Computer Updates\SBC_SST_Installer.exe
EmptyTemp
[start explorer]
3. Return to OTMoveIt2, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste
4. Click the red Moveit! button.
5. Copy everything in the Results window (under the green bar) and paste it in your next reply.
6. Close OTMoveIt2

Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. If not, reboot anyway.

[nrs2420]

log attached

[Saving space - attachment deleted by admin]

[evilfantasy]

1. Double click OTMoveIt2.exe to launch it.
If using Vista Right-Click OTMoveIt and choose Run As Administrator
2. Click on the CleanUp! button.
3. OTMoveIt2 will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)

• When finished exit out of OTMoveIt2

.
----------

Any remaining problems are not malware related. I suggest starting a new thread in the Windows forum if needed.

Use the Secunia Software Inspector to check for out of date software.

• Click Start Now
  
• Check the box next to Enable thorough system inspection.
  
• Click Start
  
• Allow the scan to finish and scroll down to see if any updates are needed.
• Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.