XP home IE6 mystery window named monitor-now runs slowly

Running XP Home, IE 6 all updated.  I saw a very short flash of a very small window flash with the word 'monitor' at the top. The next time, the window had no title.  The computer started running slowly shortly before that.
PC-Cillin Internet Security 2007, Housecall, found nothing. Now I am afraid to reboot.
shlewAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
RedKelvinConnect With a Mentor Commented:
It may have just been a freak event. Backup all of your important data, before rebooting...Just in case.
0
 
rpggamergirlCommented:
Is it only at startup? it could just be the LegalNotice's.

Can we look at a hijackthis log to rule out malware?
http://danborg.org/spy/hjt/alternativ.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

You can either upload the log to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: either these sites:
http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here:
0
 
shlewAuthor Commented:
Not at startup. I am on 24/7.
I ran HijackThis, went to ee-stuff, browsed to the file, clicked on upload but find no activity.
The forum format is new since my last visit so maybe I don't understand, did it upload somewhere and I didn't see it? If so, there must be 3 copies by now...  :-(
 Same with trying to upload it to TomCoyote and related.

I'll try rafb.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
shlewAuthor Commented:
http://rafb.net/p/ie5YtP35.html
finally figured out the paste sequence...
0
 
shlewAuthor Commented:
But I don't uderstand why I get invlaid file tpe from ee-stuff for a text file...
0
 
rpggamergirlCommented:
Thanks for the log, I don't know why it gave you an invalid file, I haven't uploaded for a long time, maybe it needed to be zipped, it's supposed to accept .txt so maybe it's just bug, sorry about that.

Unfortunately, I couldn't find any suspicious entries in the log, but it can happen that nasties hides from the scan.
Can you please try downloading and running SUPERAntispyware, it's a ver good scanner:
http://www.superantispyware.com/


Then after that, please run Combofix, it gives us a log to look at as well.
Download ComboFix to your Desktop, from either of these locations:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double click "combofix.exe" and follow the prompts.
When finished, it shall produce a log for you.
Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall
0
 
shlewAuthor Commented:
While SuperAntispyware is running, I should tell you that, even after finding the conflict between the new Trend 2007 and Spybot seems to have problemetic solutions, I have unwillingly removed Spybot, still slooow, I had discontinued PC-Cillin,-that is turned it off, still rediculously slow.
Windows take minutes to load, move, do anything.
The SuperAntispyware has been running for 1.5 hours and has only just finished scanning the updates file and is starting on PCHealth.
Frustrating.
Any further thoughts?
0
 
shlewAuthor Commented:
What about trying a restore point? Or is that going to work if I have a bad guy?
I am afraid to reboot for fear I won't be able to reboot properly!
0
 
rpggamergirlCommented:
I can't blame you for hesitating to boot, when suspicious thing going on.

If the bad guy hasn't affected the System Restore and you go back as far back as before you were infected, then it should be okay.

Also you need to check first that userinit.exe in system32 folder folder is still there so you can log back in.
You also check to make sure there aren't any suspicious entries in your winlogon notify keys,
 It's when a bad files is removed and the related registry entry still intact could cause the bootup problems.
0
 
shlewAuthor Commented:
I checked my restore points and still hesitated. So I ran several online scanners-don't remember all of them. There were a few what looked like cookies and one non cookie which I removed. I wish I could remember but have been ill. I did run ComboFix based on your recommendation.

I just wish I could rmemeber what solved it.  Perhaps a combination of things. I usually keep a diary of problems and fixes but that evaporated too.

Points for all the effort and ComboFix.
0
All Courses

From novice to tech pro — start learning today.