Computer slow, resource meter at 78%, normal

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by vaosu, Feb 24, 2004.

  1. vaosu

    vaosu Private E-2

    As you can tell by the title, my computer has slowed down to a crawl, but my resource meter still shows 78%. I ran nortons with my brand new virus definitions, didn't find anything. I ran ad aware 6 and didn't find anything out of the ordinary. I also ran spybot search and destroy, normal. I checked the msconfig for anything odd, unchecked somethings, played around in there, nothing helped. When I click on the start button the menu appears in like 20 seconds, and it takes my AIM almost 3 minutes to log in. I unchecked the '3rd Party Software' box in the Internet Explorer internet options, because I had a problem there before, but resolved it. I haven't installed anything new in about 3 weeks, the problem started 3 dyas ago. I was wondering if it might be outwar.com, because I know that site has a good deal of adware and spyware. Anyone have any idea as to what could be wrong?


    Edit: I also ran defrag, didn't help any. Deleted a bunch of games and stuff that I didn't think I would ever play again beforehand. I tried to run scandisk about 3 times, each time the progress bar would go up 7 blocks, then restart itself.
     
    Last edited: Feb 24, 2004
  2. vaosu

    vaosu Private E-2

    Wal-Mart Connect
    Norton's AntiVirus
    Explorer
    Navapw32
    Aim
    Rnaapp
    Msgloop
    Nisserv
    Msg32
    Iamapp

    All normal
     
  3. vaosu

    vaosu Private E-2

    OS - Windows 98 SE2, running a Hewlett-Packard XE743
    Internet - Internet Explorer, version 6.0.2800.1106
    Safe Mode - Slower, if anything
     
  4. billH

    billH Master Sergeant

    Hi Vao, have you tried an online scan like pest patrol or pc flank or trend micro yet? They might find something that Adaware and Spybot missed. Both Adaware and Spybot are good apps but who knows, maybe something will show in the above noted tests that they didn't catch.
     
  5. alanc

    alanc MajorGeek

    Hard to say without knowing what nasties you might have on your system, so I agree with xflat - download HijackThis and post the log here so we can take a look.

    It also wouldn't hurt to run CWShredder just in case CWS is your problem.
     
  6. vaosu

    vaosu Private E-2

    Thanks for the Pest Patrol link, here's what the Pest Scan found:

    Win32.Holar.G - Trojan
    WildTangent - Adware
    SearchSprint bar - Toolbar
    Locators Toolbar - Browser Helper Object
    Zedo - Spyware Cookie
    TribalFusion.com - Spyware Cookie
    TrafficMarketplace - Spyware Cookie
    Targetnet.com - Spyware Cookie
    Servedby.Advertising.com - Spyware Cookie
    RealMedia.com - Spyware Cookie
    Qksrv.net - Spyware Cookie
    Mediaplex.com - Spyware Cookie
    Gator.com - Spyware Cookie
    FastClick.com - Spyware Cookie
    DoubleClick - Spyware Cookie
    Commission-Junction.com - Spyware Cookie
    CGI-Bin - Spyware Cookie
    ~~~Details: C:\WINDOWS\Cookies\harold woodard@cgi-bin[1].txt
    Bluestreak.com - Spyware Cookie
    AtlasDMT.com - Spyware Cookie
    Advertising.com - Tracking Cookie
    Ads.RampidAds - Spyware Cookie


    The End!

    24 things found, but I only count 22. I think my main problem is the Win32.Holar.G, so I am going to get rid of it now. Anything else I should hurry and get rid of ASAP? I know I can't get rid of all these tonight, so which ones are my majors?
     
  7. vaosu

    vaosu Private E-2

    no, I don't have that version and I haven't updated my adware/spyware. I think I will do this. I think I successfully removed the Win32.Holar.G, what should I tackle next? Just go down the line?
     
  8. vaosu

    vaosu Private E-2

    Running my adaware right now, will post what the results are once it gets done. It is only doing like 100 files a minute, so bear with me, :p

    Update: Through both Ad Aware 6 and my SpyBot, I have just rid myself of 17 files. I think I will reboot now, see if that trojan I deleted was the reason of slowness. Here's the Ad-Aware log:

    ArchiveData(auto-quarantine- 24-02-2004 20-51-46.bckp)

    ======================================================

    TRACKING COOKIE

    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    obj[0]=File : c:\windows\cookies\harold woodard@gator[1].txt

    obj[1]=File : c:\windows\cookies\harold woodard@doubleclick[1].txt

    obj[2]=File : c:\windows\cookies\harold woodard@qksrv[1].txt

    obj[3]=File : c:\windows\cookies\harold woodard@fastclick[1].txt

    obj[4]=File : c:\windows\cookies\harold woodard@zedo[1].txt

    obj[5]=File : c:\windows\cookies\harold woodard@commission-junction[1].txt

    obj[6]=File : c:\windows\cookies\harold woodard@mediaplex[1].txt

    obj[7]=File : c:\windows\cookies\harold woodard@trafficmp[2].txt

    obj[8]=File : c:\windows\cookies\harold woodard@tmpad[2].txt

    obj[9]=File : c:\windows\cookies\harold woodard@advertising[1].txt

    obj[10]=File : c:\windows\cookies\harold woodard@targetnet[1].txt

    obj[11]=File : c:\windows\cookies\harold woodard@bluestreak[1].txt

    obj[12]=File : c:\windows\cookies\harold woodard@atdmt[1].txt

    obj[14]=File : c:\windows\cookies\harold woodard@servedby.advertising[2].txt

    obj[15]=File : c:\windows\cookies\harold woodard@tribalfusion[2].txt

    obj[16]=File : c:\windows\cookies\harold woodard@counter.hitslink[2].txt

    OTHER

    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    obj[13]=File : c:\windows\cookies\harold woodard@cgi-bin[1].txt



     
    Last edited: Feb 24, 2004
  9. vaosu

    vaosu Private E-2

    Only 5 things found off of Pest Patrol:

    WildTangent
    SearchSprint bar
    Locators Toolbar
    RealMedia.com
    Ads.TampidAds

    Reboot Time.

    Edit: Back from the reboot, still slow, :mad: ! I ran the PestScan once again and found 7 items!

    The 2 new ones are
    TribalFusion.com
    DoubleClick

    I had adaware remove these 2, but now I am going to remove all 7 manually, then reboot again to see what's new.
     
    Last edited: Feb 24, 2004
  10. IMSA

    IMSA Private First Class

    What Is CWS?

    What Is CWS?

    Just ran CWShredder and my computer's running much faster than before.

    IMSA
     
  11. Boccemon

    Boccemon First Sergeant

    cws is

    CoolWeb Search. A hijack. CWShredder is a utility to remove it.:)
     
  12. alanc

    alanc MajorGeek

  13. IMSA

    IMSA Private First Class

    What's a Hijack?

    Who or what does it and what does hijacking do?

    IMSA
     
  14. Boccemon

    Boccemon First Sergeant

    a hijack is

    malicious code that is covertly downloaded on your machine to "hijack" your home page and is often accompanied by trackers and dialers. Most often noted when you cannot change your homepage in internet options. Dirty buggers out there....;)
     
  15. IMSA

    IMSA Private First Class

    Thanks Boccemon

    I had no idea I had been hijacked except my computer seemed to be running real slow while surfing. I thought it had something to my with my LAN. We're talking dial up slowness even though I'm on cable. By the way, I love your avatar.

    I see you're from NE Oregon, what part? Joseph? Enterprise? Baker City? Halfway? ( or is that Halfway.com :eek: )

    IMSA- The few, the proud, the native Oregonians
     
    Last edited: Feb 25, 2004
  16. Boccemon

    Boccemon First Sergeant

    Beautiful Weston, OR

    But this is not the place to chat. Send me an E-Mail?
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds