Computer Slow/Locking up - spam found in temporary folder !!

Page 1 of 9 123 ... LastLast

  1. Posts : 300
    Windows 7 Home Premium 64
       #1

    Computer Slow/Locking up - spam found in temporary folder !!


    C;\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5

    and in there was about 250MB of folders all containing the same two pictures, of an album cover that I own (hundreds of them) and a few webpages linking to chrome.

    I discovered this anomaly just now when I was running CCleaner, which I had to run in diagnostic mode. Soon as I put it into that everything runs smooth again. Recently it's been getting slower and slower, and it's never been like this since I got it.

    So I am just deleting a few things and trying to get to the bottom of it.

    Thinking about doing a complete system restore, but that would involve a million updates probably...

    Also wondering if I have a virus and looking to run MSE in safe mode at some point. I had about 8 updates pending for a couple of days so maybe that will have fixed the issue.

    I had to initially turn the computer off by holding down the power this time, and I've never had to do that before, and when I started it up again in safe mode the problem appeared to be still there, ie. it just seemed to lock up every time I tried to do anything. Managed to restart from there though and have tried a few things. I need to look into this urgently and find out if I have some not not so good malware.

    I also looked at internet explorers events log as that is where I discovered the spam folders, and it appears to have been communicating a lot using nvstreamsvc which is something to do with NVidia graphics dirvers, I'm hearing that they have started putting out bloatware.

    Maybe I should uninstal MSE and use AVAST instead I heard that MSE is not as good anymore and that everyone uses Avast now?
      My Computer


  2. Posts : 300
    Windows 7 Home Premium 64
    Thread Starter
       #2

    This thing is running lightning fast in diagnostic mode! must have been something or things running in the back ground that I don't need, and I reckon it's probably something to do with NVidia.

    Is it possible to set it to only employ applications that I need, there must be some processes running in the background that I don't need to have most of the time that are slowing things down. I don't understand what they are all though.

    I have a lot of stuff installed on this, I need to get rid of some of it I think.
      My Computer


  3. Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       #3

    Hi,
    Antivirus opinions tend to vary
    But one thing that is common is that not one antivirus is a silver bullet,
    Now days most threats are Malware and none specialize is that threat,
    So no matter which antivirus is being used you do need a product like this,
    Run the Custom scan Not the threat scan,
    http://www.malwarebytes.org/products/malwarebytes_free

    At your current state I would also like to see what this scanner comes up with,
    Review Jacee’s instructions to run Adwcleaner here on post#7,
    Ignore the title of the thread,
    https://www.sevenforums.com/system-security/316404-instant-savings-app.html
    Or download it from bleepingcomputer.com
    Screen shot of the download button to use for Adwcleaner
    http://www.bleepingcomputer.com/download/adwcleaner/

    This is also an awesome free utility,
    Temp files delete,
    Run this as administrator and Start the scanner,
    Shut your machine down after it finishes,
    http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
      My Computer


  4. Posts : 300
    Windows 7 Home Premium 64
    Thread Starter
       #4

    OK I ran malwarebytes and it deleted some stuff.

    Two things called pup.optional.sweetim and...

    ..it's still running.

    OK finished now got about 10 of them all in quarantine, waiting to be dealt with. Agh what are they get them off me!

    I also don't know if this was a custom scan or a threat scan, I can't see anywhere in the option to set that.
    Last edited by STU9000; 13 Jun 2014 at 11:35.
      My Computer


  5. Posts : 300
    Windows 7 Home Premium 64
    Thread Starter
       #5

    This is what adwcleaner detected, more sweet IM stuff and a few other things

    # AdwCleaner v3.212 - Report created 13/06/2014 at 17:37:37
    # Updated 05/06/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Owner - OWNER-VAIO
    # Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\xltmmy9p.default-1384281180295\user.js
    Folder Found : C:\Program Files (x86)\SweetIM

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEDAF650-12B8-48F5-A843-BBA100716106}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
    Key Found : HKCU\Software\SweetIM
    Key Found : [x64] HKCU\Software\SweetIM
    Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
    Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatealbrechto_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updatealbrechto_RASMANCS
    Key Found : HKLM\Software\SweetIM
    Key Found : [x64] HKLM\SOFTWARE\DeviceVM
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17126


    -\\ Mozilla Firefox v30.0 (en-GB)

    [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\xltmmy9p.default-1384281180295\prefs.js ]

    Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 0);

    -\\ Google Chrome v35.0.1916.153

    [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Found [Startup_urls] : hxxps://mail.google.com/mail/ca/u/0/?shva=1#inbox

    *************************

    AdwCleaner[R0].txt - [2585 octets] - [13/06/2014 17:37:37]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2645 octets] ##########
      My Computer


  6. Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       #6

    Hi thanks for the information,
    Please go to Uninstall a program and on the top right next to the "?" question mark,
    Change the page view to List,
    Then take screen shots of the list, hopefully list view will allow you to get all of the program in one screen shot,
    If not take another one for a complete list,

    Malwarebytes should shoe across the top "Scan" go to that section
    Cheers.
      My Computer


  7. Posts : 300
    Windows 7 Home Premium 64
    Thread Starter
       #7

    Sorry I'm not really following, do you want me to post the list of programs?
    Attached Thumbnails Attached Thumbnails Computer Slow/Locking up - spam found in temporary folder !!-uninstalprogs.jpg  
      My Computer


  8. Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       #8

    Hi yes good job,
    I don't see any of the listing adwcleaner found,
    Still waiting for what the custom scan finds in malwarebytes,

    I would also like you to run JRT,
    Junkware Removal Tool Download
    Cheers.
      My Computer


  9. Posts : 300
    Windows 7 Home Premium 64
    Thread Starter
       #9

    I posted the results of a scan with adwcleaner, but like I said i don't know if it was custom or threat, I can't where to set that in preferences.
      My Computer


  10. Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       #10

    Hi,
    Open Malwarebytes,
    Scan is listed across the top,
    Then select the drive to be scanned = usually C drive,
    Attachment 321600
    Last edited by ThrashZone; 22 Feb 2015 at 19:57.
      My Computer


 
Page 1 of 9 123 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 13:07.
Find Us