Solved

XP home IE6 mystery window named monitor-now runs slowly

Posted on 2007-04-02
10
238 Views
Last Modified: 2013-12-08
Running XP Home, IE 6 all updated.  I saw a very short flash of a very small window flash with the word 'monitor' at the top. The next time, the window had no title.  The computer started running slowly shortly before that.
PC-Cillin Internet Security 2007, Housecall, found nothing. Now I am afraid to reboot.
0
Comment
Question by:shlew
  • 6
  • 3
10 Comments
 
LVL 22

Accepted Solution

by:
RedKelvin earned 500 total points
ID: 18840552
It may have just been a freak event. Backup all of your important data, before rebooting...Just in case.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 18840635
Is it only at startup? it could just be the LegalNotice's.

Can we look at a hijackthis log to rule out malware?
http://danborg.org/spy/hjt/alternativ.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

You can either upload the log to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: either these sites:
http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here:
0
 

Author Comment

by:shlew
ID: 18841566
Not at startup. I am on 24/7.
I ran HijackThis, went to ee-stuff, browsed to the file, clicked on upload but find no activity.
The forum format is new since my last visit so maybe I don't understand, did it upload somewhere and I didn't see it? If so, there must be 3 copies by now...  :-(
 Same with trying to upload it to TomCoyote and related.

I'll try rafb.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:shlew
ID: 18841573
http://rafb.net/p/ie5YtP35.html
finally figured out the paste sequence...
0
 

Author Comment

by:shlew
ID: 18841581
But I don't uderstand why I get invlaid file tpe from ee-stuff for a text file...
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 18841773
Thanks for the log, I don't know why it gave you an invalid file, I haven't uploaded for a long time, maybe it needed to be zipped, it's supposed to accept .txt so maybe it's just bug, sorry about that.

Unfortunately, I couldn't find any suspicious entries in the log, but it can happen that nasties hides from the scan.
Can you please try downloading and running SUPERAntispyware, it's a ver good scanner:
http://www.superantispyware.com/


Then after that, please run Combofix, it gives us a log to look at as well.
Download ComboFix to your Desktop, from either of these locations:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double click "combofix.exe" and follow the prompts.
When finished, it shall produce a log for you.
Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall
0
 

Author Comment

by:shlew
ID: 18846874
While SuperAntispyware is running, I should tell you that, even after finding the conflict between the new Trend 2007 and Spybot seems to have problemetic solutions, I have unwillingly removed Spybot, still slooow, I had discontinued PC-Cillin,-that is turned it off, still rediculously slow.
Windows take minutes to load, move, do anything.
The SuperAntispyware has been running for 1.5 hours and has only just finished scanning the updates file and is starting on PCHealth.
Frustrating.
Any further thoughts?
0
 

Author Comment

by:shlew
ID: 18847013
What about trying a restore point? Or is that going to work if I have a bad guy?
I am afraid to reboot for fear I won't be able to reboot properly!
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 18847609
I can't blame you for hesitating to boot, when suspicious thing going on.

If the bad guy hasn't affected the System Restore and you go back as far back as before you were infected, then it should be okay.

Also you need to check first that userinit.exe in system32 folder folder is still there so you can log back in.
You also check to make sure there aren't any suspicious entries in your winlogon notify keys,
 It's when a bad files is removed and the related registry entry still intact could cause the bootup problems.
0
 

Author Comment

by:shlew
ID: 18949296
I checked my restore points and still hesitated. So I ran several online scanners-don't remember all of them. There were a few what looked like cookies and one non cookie which I removed. I wish I could remember but have been ill. I did run ComboFix based on your recommendation.

I just wish I could rmemeber what solved it.  Perhaps a combination of things. I usually keep a diary of problems and fixes but that evaporated too.

Points for all the effort and ComboFix.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question