We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Virtual memory low! Hijack log and Avira log updated.2nd Dec
Options
Comments
-
Updating avg at the moment, by the way my cpu seems to be running at or near 100% constantly any ideas why this may be please? Thanks for the help so far folks.Four guns yet only one trigger prepare for a volley.Together we can make a difference.0
-
When I click on my clock it shows correct date, is there another place that actually dates the pc?date also seems to be incorrect on your PC
Scan saved at 20:13:49, on 08/08/2006
you are running an old version of hijackthis , when you finish the fixes do a fresh scan after downloading
To download a free Trend Micro™ HijackThis™, please click the button below.
Four guns yet only one trigger prepare for a volley.Together we can make a difference.0 -
when you open task manager, click on the "process" tab and sort by CPU column.
If there's anything other than "system idle process" running at above 90% then that's worth mentioning here."Gold is the money of kings; silver is the money of gentlemen; barter is the money of peasants; but debt is the money of slaves." - Norm Franz0 -
shaven-monkey wrote: »when you open task manager, click on the "process" tab and sort by CPU column.
If there's anything other than "system idle process" running at above 90% then that's worth mentioning here.
Sorry I may be being a little thick here but nothing showing as percentage.
Okay found what you mean, have ranked by cpu usage and only one regularly peaking over system idle is MRT.exe
Have deleted ewido and updated to ie8 beta but now browser opens without ad-ons which is absolutely no use to me and I need to reverse this can someone help here please.
Also my problems seem to be getting worse not better as a result so far, I cannot keep a browser open now fox keeps crashing within around ten minutes of browsing and ie is just not happening.
I am unable to download sp3 it keeps telling me I am running on ie5 and need to update this.Four guns yet only one trigger prepare for a volley.Together we can make a difference.0 -
.
BumpFour guns yet only one trigger prepare for a volley.Together we can make a difference.0 -
You may be able to remove the IE8 beta from the add remove programs window. Hopefully that will roll back to your previous version allowing you to use windows update.
mrt.exe is microsoft malicious software removal tool.
In the task manager list of processes, if you right click on mrt.exe you should be able to "terminate process", you'll be asked to verify you want to kill it, click yes. should speed things up a bit.
apparently it's a bit buggy.
try visiting
http://www.microsoft.com/malwareremove
and getting a newer version."Gold is the money of kings; silver is the money of gentlemen; barter is the money of peasants; but debt is the money of slaves." - Norm Franz0 -
Quote:
Originally Posted by ben500
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
avg antivirus.
Quote:
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Prevx1\PXConsole.exe
PX antimalware scanner.
Quote:
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
zonealarm firewall.
Quote:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: Yahoo! Toolbar Helper - !!02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
remove through add remove programs.
Quote:
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
disable through acrobat agent thingy in or acrobat settings.
Quote:
O2 - BHO: Malicious Scripts Scanner - !!55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll Unable to locate this file no (application data) folder visible by this route.
O2 - BHO: DriveLetterAccess - !!5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll Unable to delete..
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll deleted.
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
cannot delete access denied.
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe Deleted.
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe Cannot delete access denied.
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
deleted
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start Deleted
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" Deleted
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe Deleted
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe Cannot delete access denied.
O4 - HKLM\..\Run: [PrevxOne] C:\Program Files\Prevx1\PXConsole.exe Not found
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP Not found
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtim e.dll,_RunDLLEntry@16 Deleted
O4 - HKLM\..\Run: [dlcgmon.exe] "C:\Program Files\Dell AIO 810\dlcgmon.exe" Cannot find in A10 810 folder.
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Program Files\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
gambling is not the best way to save money. remove these applications for your own good.
Quote:
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
tnsclicker may be malware / spyware, bad thing. remove it.
Quote:
O16 - DPF: !!0CFA086E-6336-4D95-B6AA-90F564E99631} (TNSClicker.Clicker)
O16 - DPF: !!17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: !!77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control)
O16 - DPF: !!7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
tnsclicker seems to be malware / spyware, bad thing.Four guns yet only one trigger prepare for a volley.Together we can make a difference.0 -
Ive had a quick gander at the original log file Ben
You have too many anti virus programs running!
Unless im mistaken you have ~
AVG
AVIRA
PC GUARD
and 'Authentium' (Personally never heard of it)
You really need to remove all except for one. Id suggest keeping Avira
(Im amazed your computer actually runs to be honest!)
Zonealarm and Spybot are fine though
(Use spybots IMMUNISE feature to block nasties though)
You also have things running that look WELL dodgy to me
Download MALWAREBYTES
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&!!!!!button
UPDATE and QUICK SCAN
Post the log here AFTER youve deleted everything it finds
then post another 'hijack' log:idea:0 -
when attempting to remove Titan poker I get this program trying to open up ptu209_tmp.exe have googled it but nothing found have not opened it yet.Four guns yet only one trigger prepare for a volley.Together we can make a difference.0
-
Ben ~
Download the malwarebytes program I just sent
And uninstall PC guard, AVG and Authentium
Your computer appears to be at SERIOUS risk!:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards