Problem with computer slowing down

Ok I think I know whats going on
so report back with results,,
also fix these (again)

O3 - Toolbar: Promotion ToolBar - {1DD3AA35-D7C0-4030-A318-F4252E292E43}} - (no file)
O3 - Toolbar: (no name) - {1DD3AA35-D7C0-4030-A318-F4252E292E43} - (no file)

 

Lonny, I fixed those two items, but I hope you dont think I am slow, but where do I open task manager at?

 

Thats OK task manager aka sometimes called the close program diolog box

press "ctrl" "alt" and "del' at the same time

 

Lonny, when I hit control/alt/delete these come up

Explorer
sk9910dm
winmgmt
watch
avgcc32
wkcalrem
psfree
lycoms
hidserv
avgserv9
diskserv


What do I do now?

 

that's it

end this proccess "diskserv"
by selecting it then hit end task,, wait a few and another box will appear. click the end task button

then

Once thats done atart hijackthis again and fix these once again and reboot
(with all IE's closed and any programs that show in the taskbar closed also)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,
O4 - HKCU\..\Run: [Disk Master] C:\windows\diskserv.exe


then if you can (this is optional) find and delete "diskserv.exe "

Might as well Post a fresh hijackthis log ,after the above

 

OK, I did everything you said in your last post and even deleted diskserv

Here is my log

Logfile of HijackThis v1.97.7
Scan saved at 9:34:54 PM, on 2/23/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAM FILES\ADAPTEC\GOBACK\GBPOLL.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SK9910DM.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\TWAIN_32\S6U12BX\WATCH.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dynastydefenders.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by InsightBB.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_7.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_7.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\AVEO\ATTUNE\bin\AttnEngn.exe
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Insight\BBClient\Programs\RegCon.exe "
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Adaptec\GoBack\GBPoll.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE "
O4 - HKCU\..\Run: [Disk Master] C:\WINDOWS\diskserv.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\S6U12BX\WATCH.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Pop-Up Stopper Free Edition.lnk = C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
O4 - Startup: Pop-Up Control Center.lnk = C:\Program Files\Panicware\Pop-Up Stopper Free Edition\Pop-Up Control Center.url

 

Great its not showing as a Running processes

fix this entry with hijackthis
O4 - HKCU\..\Run: [Disk Master] C:\WINDOWS\diskserv.exe

Then download Rundll32 for ME systems.
http://www.zerosrealm.com/downloads/rundll32me.zip

and unzip it to the windows folder overwriting the old one

Do you have a zip program ?
then check control panel see if everything works

 

There is a removal tool that you can try that norton provides which might also help. Check out this link.

http://service1.symantec.com/SUPPOR...88256ace0076cc02?OpenDocument&src=bar_sch_nam

Or do a search on their website with the word RNAV

Alicia

 

I checked that item Lonny, I dont have a zip program though.

This could just be a coincidence, but my mail program is now giving me this error message and not working.


The connection to the server has failed. Account: 'mail.insightbb.com', Server: '127.0.0.1', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: 10061, Error Number: 0x800CCC0E

 

Install winzip
WinZip® Home Page: http://www.winzip.com/
Its shareware ,, has a trial period, no adware spyware
Last I remember it keeps working after the trial with a small delay
Until registered
Then the easiest way to explain it is download the rundll32.zip put it in the windows folder.. right click on it and in the context menu choose Winzip > extract to here,, you will be asked if you want to overwrite the file so say yes

what email program do you use
Maybe the others here can help with that.


Lonny

 

I use Microsoft Outlook Express.

 

OK, I got my mail working

 

Lonny I do have an extract all items from folder option on my computer, so I downloaded that program you linked and I went to open it and it said it is NOT a valid windows operation

It wont even let me open it from its current location.





PS...I really appreciate all of your help so far. I will link your site up at Dynasty Defenders on my general chat board. We have about 1300 members and I am the administrator there. I have the link to my site in my signiture here and you can come by and promote what you would like if you wish.

 

Im Not sure what you mean ,, did you download and install winzip ?
did you download rundll32me.zip

do not try to open zip's and exe's from out on the internet.
If winzip is installed,,
Place rundll32me.zip in the windows folder,,
right click on it ,rundll32me.zip,, in the context menu choose winzip,, then extract to here

Lon

 

I installed winzip and the rundll32ME but now what do I do?


I extracted it into a folder that has the windows icon on it, but I still cant open anything in my control panel.

 

Dont get discuraged,, we are making progress
So Im just checking ,, the new rundll32.exe is now in the windows folder "
C:\WINDOWS

 

Lonny, I unzipped the file and the icon that came from it says this when I click on the properties of that icon

(location) C:\unzipped\rundll32me

 

Go to that folder (C:\unzipped), right click the file and select cut. Back out to C:. Locate the folder named windows, right click on it and select paste. If prompted to overwrite existing, click yes.

 

OK, I did that...now what?



I went to the unzipped folder and right clicked and chose cut and then did a search for the folder entitled windows and pasted and selected YES when I found it

 

Hey guys, it has worked...I can open my control panel icons You guys are awesome.. I hope you stop by our website. Its a sports site but we have a general board and I linked you guys up in the headers prominantly. Thanks

Mark