spyware or slow startup

[Vic]

Last week my computer started to get popups. I ran ad
aware and spybot to clear things but now my computer runs
so slow its to a complete stop. Sometimes it doesnt even
load windows. Do i have a virus? I think it might be an
exe file of some sort that runs whenever i startup to
cause my comp to run so slow. My internet explorer doesnt
work too because it gets stuck on some webpage. There is
a mysterious exe file on my desktop. There is a link in
my favorites that shouldnt be there. etc etc. I do not
want to reformat my computer because i have important
files on it. So any advice will help. Thanks in advance.

 

[sgopus]

It may not be necessary to format, have you tried
Hijackthis??
There are some new spyware/malware infecting pc's that are
extremely difficult to remove, and take special software
to detect, I copied the following from someone else's
efforts with permission.

There is a new class of malware/adware/virus/trojan that
is neither found nor
fixed using the conventional tools, such as Norton,
McAffee, Lavasoft, etc.
It is based on a super hidden dll that is not detectable
by the OS, even in
safe mode. A full discussion can be found at

http://www.pcsympathy.com/sutra1193.html

including a link to a simple but effective tool called
xfind.

http://home.mnet-online.de/horst.muc/int/find23.zip

Basically, this simple tool can search for files, but it
reports the name of
the file that it cannot read. In my case it was
comjiac.dll. That is the
malware executive that keeps reinfecting the machine. It
is loaded from the
registry key under the AppInit_Dlls but that key remains
invisible and
unreadable by inheriting the file permissions. Once you
know the name from
xfind, you rename or delete using the repair console.
Once the name has
changed, the registry key now appears with normal
permissions and can be
deleted.

For those that are curious, Win2k and XP supports file
permissions that do
not let the file be read or modifed by anyone including
the OS itself. It is
super-super hidden, which is why the anti-virus programs
cannot find it.
However, the registry console apparently does not
consider file permissions
when doing simple operations such as dir, rename, or
delete. xFind gives you
the name, the repair console allows you to kill it, and
regedit allows you to
kill the load process.

Please pass along this information to other software
forums. It took me a
day of searching with google to find the kind person who
copied the recipe
from another site.

Copied with Permission


Be aware the process is multi step so be careful

 

[DL]

Important files and no backup- thats a contradiction

I do not

 

[R Lanni]

Install a SECOND copy of windows. This is what I have done on my computer.
Then when my primary OS gets hosed, I load my secondary OS and continue to
access my files till I can clear up the problem. The second OS has complete
access to the primary's files, so you can search for strange files, edit the
startup files, etc.

I started doing this after Windows no longer offered a floppy, stand-alone
emergency disk. (ARE YOU LISTENING MICROSOFT???? WOULD IT KILL YOU TO
OFFER AN EMERGENCY CD-ROM OS???)

(sorry)

--
--
--ralph sleeps....
--

<(((º>`·.¸¸.·´¯`·.¸.·´¯`·...¸><(((º>¸.

·´¯`·.¸. , . .·´¯`·.. ><(((º>`·.¸¸.·´¯`·.¸.·´¯`·...¸><(((º>
--

 

[Bob I]

Try decaf

How To Install the Windows Recovery Console
http://support.microsoft.com/default.aspx?scid=kb;en-us;216417&Product=win2000