It is currently Mon Sep 24, 2018 8:11 am


Got really slow recently

Is your PC infected? Is it running slow? Just can't figure out what's making it sluggish? Here is the place to get some help.

Moderators: liljim, Gecko

Re: Got really slow recently

Postby Gecko » Fri Sep 03, 2010 2:09 pm

nicholasp7,

Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.
KILLALL::

Driver::
PNKBSTRK

File::
d:\windows\system32\ShellManager310E2D762.dll
d:\WINDOWS\system32\PnkBstrA.exe
d:\WINDOWS\system32\PnkBstrB.exe

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=-
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=-

Now drag then drop the CFScript file onto ComboFix.exe
Image

This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply along with a new HijackThis log.
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5209
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Got really slow recently

Postby nicholasp7 » Fri Sep 03, 2010 8:30 pm

That is for my call of duty 1...... I don't think i want to delete that..... Or is it infected?
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Re: Got really slow recently

Postby Gecko » Sun Sep 05, 2010 9:11 pm

nicholasp7,

Ok I didn't realize the two file were part of a game, we still need to get rid of the one bad file though.

Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.
KILLALL::

File::
d:\windows\system32\ShellManager310E2D762.dll


Now drag then drop the CFScript file onto ComboFix.exe
Image

This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5209
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Got really slow recently

Postby nicholasp7 » Fri Sep 10, 2010 12:37 am

i did that but my comp shut off and the txt file is gone.....
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Re: Got really slow recently

Postby nicholasp7 » Mon Sep 20, 2010 11:57 pm

any news? should i delete it even though its for my game? is it infected? Thanks Gecko!
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Re: Got really slow recently

Postby Gecko » Tue Sep 21, 2010 3:07 pm

nicholasp7,

Submit the file d:\windows\system32\ShellManager310E2D762.dll for analysis to the following web site:
http://camas.comodo.com/

Please paste their response into your next reply
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5209
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Got really slow recently

Postby nicholasp7 » Sun Sep 26, 2010 4:24 am

that file is not on my pc it says....
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Re: Got really slow recently

Postby Gecko » Thu Sep 30, 2010 12:39 am

nicholasp7,

Let's try the newest version of Trend Micro's Free Online Virus Scan "Housecall" it can be downloaded from here:
http://housecall.trendmicro.com/

Please select a "Full system scan" and post then log file.
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5209
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Got really slow recently

Postby nicholasp7 » Sun Nov 14, 2010 3:19 pm

Sorry for long wait..... I can't afford to pay $69 sorry....
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Re: Got really slow recently

Postby Gecko » Wed Nov 17, 2010 1:05 am

nicholasp7

Please run this free online virus scanner from ESET

* Note: You will need to use Internet explorer for this scan
* Tick the box next to YES, I accept the Terms of Use.
* Click Start
* When asked, allow the activex control to install
* Click Start
* Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
* Click Scan
* Wait for the scan to finish
* Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
* Copy and paste that log as a reply to this topic
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5209
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Got really slow recently

Postby nicholasp7 » Sat Nov 27, 2010 7:48 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=6629202bb996e44fb1a5d2fd8fdc8fca
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-11-20 07:10:57
# local_time=2010-11-20 02:10:57 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 94759889 94759889 0 0
# compatibility_mode=2560 16777175 100 0 0 0 0 0
# compatibility_mode=5121 16776533 100 96 9234059 42277342 0 0
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=195020
# found=6
# cleaned=6
# scan_time=11641
C:\Dc++ Downloads\System\Data Recovery\System Mechanic 7.5.5.1 Professional\SystemMechanic7Pro.exe probably unknown NewHeur_PE virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Dc++ Downloads\System\Optimization\Defragment\Raxco.PerfectDisk.2008.Professional.Build.64.Incl.Keymaker\Keygens\CORE\keygen.exe probably a variant of Win32/Agent.LYUBMXR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\Documents and Settings\Administrator\My Documents\Downloads\NEW_nero8321[tfile.ru]\Nero-8.3.2.1_all_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
D:\System Volume Information\_restore{F2495D76-7DE4-4AC2-8E3C-86819A3B3A5B}\RP841\A0101043.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
N:\Dc++ Downloads\Programs\CD-DVD Burning-Scanning\Nero.8.Ultra.Edition.v.8.0.3.0.MULTiLANGUAGE-FiCKDiEBiATCH\nero8-fdb\Toolbar.exe Win32/Toolbar.AskSBar application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
N:\Dc++ Downloads\Programs\CD-DVD Burning-Scanning\Nero.8.Ultra.Edition.v.8.0.3.0.MULTiLANGUAGE-FiCKDiEBiATCH\nero8-fdb\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Re: Got really slow recently

Postby Gecko » Tue Nov 30, 2010 12:46 pm

nicholasp7,

It looks like it found the trojan and removed it.

So how is it running now?
User avatar
Gecko
Super Moderator
Super Moderator
 
Posts: 5209
Joined: Thu Oct 25, 2001 1:00 am
Location: Florida, USA

Thanks given:1
Thanks received:23
Top

Re: Got really slow recently

Postby nicholasp7 » Thu Dec 02, 2010 3:00 pm

Good now, my McAfee also scanned well finally..... TYTYTY, this has been long but that is because this is on my desktop at my parents house and I dont live there anymore..... Much.... Lol. TY again.!
nicholasp7
Geek
Geek
 
Posts: 59
Joined: Wed Sep 05, 2007 10:32 pm
Location: USA

Thanks given:0
Thanks received:0
Top

Previous

Return to Malware Support

Who is online

Users browsing this forum: No registered users and 2 guests

cron