Slow Explorer

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

Hi

Every so often, my machine just seems to hang. It doesn't seem to matter
whether I'm online or not. It doesn't seem to regular i.e. something calling
home, but can happen intermittently sometimes once an hour sometimes perhaps
2 or 3 times within 15 minutes. I get no increased cpu usage etc. However,
when it's hanging even Task Manager has to wait. Sometimes there does seem
to be network traffic and other times not. What I find is that when I click
on a folder in Explorer, the system hangs for about 30-45 seconds at a
time. I have no mapped network drives. I have switched indexing on and off
so see if this makes a difference. I've run Panda, AdAware and Spybot. My
system seems pretty clean.

Any suggestions

Thanks

Simon
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

From: "Simon Woods" <simonDELETECAPSjwoods@hotmaiIl.com>

| Hi
|
| Every so often, my machine just seems to hang. It doesn't seem to matter
| whether I'm online or not. It doesn't seem to regular i.e. something calling
| home, but can happen intermittently sometimes once an hour sometimes perhaps
| 2 or 3 times within 15 minutes. I get no increased cpu usage etc. However,
| when it's hanging even Task Manager has to wait. Sometimes there does seem
| to be network traffic and other times not. What I find is that when I click
| on a folder in Explorer, the system hangs for about 30-45 seconds at a
| time. I have no mapped network drives. I have switched indexing on and off
| so see if this makes a difference. I've run Panda, AdAware and Spybot. My
| system seems pretty clean.
|
| Any suggestions
|
| Thanks
|
| Simon
|

What are the versions of Ad-aware and SpyBot S&D ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eiTVW96WFHA.3532@TK2MSFTNGP10.phx.gbl...
> From: "Simon Woods" <simonDELETECAPSjwoods@hotmaiIl.com>
>
> | Hi
> |
> | Every so often, my machine just seems to hang. It doesn't seem to matter
> | whether I'm online or not. It doesn't seem to regular i.e. something
calling
> | home, but can happen intermittently sometimes once an hour sometimes
perhaps
> | 2 or 3 times within 15 minutes. I get no increased cpu usage etc.
However,
> | when it's hanging even Task Manager has to wait. Sometimes there does
seem
> | to be network traffic and other times not. What I find is that when I
click
> | on a folder in Explorer, the system hangs for about 30-45 seconds at a
> | time. I have no mapped network drives. I have switched indexing on and
off
> | so see if this makes a difference. I've run Panda, AdAware and Spybot.
My
> | system seems pretty clean.
> |
> | Any suggestions
> |
> | Thanks
> |
> | Simon
> |
>
> What are the versions of Ad-aware and SpyBot S&D ?

Ad-aware SE1R42
SpyBot 1.3

If you mean the updates, I've downloaded the latest and tested with both

Simon
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

From: "Simon Woods" <simonDELETECAPSjwoods@hotmaiIl.com>


|
| Ad-aware SE1R42
| SpyBot 1.3
|
| If you mean the updates, I've downloaded the latest and tested with both
|
| Simon
|

Thanx Simon,

I was referring to the versions. I find many still use Ad-aware6 and older versions of
SpyBot S&D.

Would you mind trying the following AV scanner, just to make sure Panda didn't miss
anything...

Dump the contents of the IE Temporary Internet Folder cache (TIF)
Start --> Settings --> Control Panel --> Internet Options --> Delete Files

Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear


Download CLEAN.EXE from the URL --
http://www.ik-cs.com/programs/virtools/clean.exe

It is a self-extracting ZIP file that contains the Kixtart Script Interpreter
{ http://kixtart.org Kixtart is CareWare } three batch files, two Kixtart scripts, two Link
(.lnk) files and a PDF instruction file.

GETFILES.BAT -- For downloading (FTP) the files needed to run the McAfee Command Line
Scanner. If you are using Windows XP, you may have to disable the Windows XP FireWall to
allow the FTP utility to download the needed files

CLEAN.BAT -- For running within Windows after running c:\mcafee\GetFiles.BAT. If you choose
to scan again at a future date, run this batch file. It will automatically check the date
of the McAfee DAT files and if it is a couple of days old, it will download (FTP) the latest
signature files and install them before performing the scan.

DOSCLEAN.BAT -- For use on a Win9x/ME PC or on a Win2K/WinXP PC that is using FAT32 after
you have booted from an Emergency Boot Disk or DOS disk and have already executed;
c:\mcafee\GetFiles.BAT from within Windows. DOS disk boot images can be obtained from;
http://www.bootdisk.com/bootdisk.htm

I need you to perform the following...

Execute; CLEAN.EXE
Choose; Unzip
Choose; Close

Execute; c:\mcafee\GetFiles.BAT
{ or Double-click on 'GetFiles Link' in c:\mcafee }

Reboot the PC into Safe Mode [F8 key during boot]

Shutdown as many applications as possible !
It would also help for you to read - "How to perform a clean boot in Windows XP"
http://support.microsoft.com/kb/310353

Execute; c:\mcafee\CLEAN.BAT
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
It is suggested that you move the report out of c:\mcafee before performing another scan.
It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.


* * * Please report back your results * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eelHp57WFHA.2664@TK2MSFTNGP15.phx.gbl...
> From: "Simon Woods" <simonDELETECAPSjwoods@hotmaiIl.com>
>
>
> |
> | Ad-aware SE1R42
> | SpyBot 1.3
> |
> | If you mean the updates, I've downloaded the latest and tested with both
> |
> | Simon
> |
>
> Thanx Simon,
>
> I was referring to the versions. I find many still use Ad-aware6 and
older versions of
> SpyBot S&D.
>
> Would you mind trying the following AV scanner, just to make sure Panda
didn't miss
> anything...

<snip>

Thanks David ... will get back to you asap

Simon
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

David see below for the scan results ... I'm about to look for a cleaner for
the virus found

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

> * * * Please report back your results * * *

Using C:\McAfee\EXTRA.DAT to scan for 2 additional virus(es).


05/18/2005 17:58:01


Options:
/ADL /UNZIP /WINMEM /SUB /ANALYZE /PANALYZE /STREAMS /CLEAN /ALL /DEL
/PROGRAM /MIME /HTML "C:\MCAFEE\SCANREPORT.HTML"

Scanning C: [Local Disk]
Scanning C:\*.*
C:\Documents and Settings\Simon Woods\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3cc46f89-13
ea4f30.RB0\INSTALLERAPPLET.CLASS ... Found the Exploit-ByteVerify trojan !!!
C:\Documents and Settings\Simon Woods\Application Data\WWMH~1.EXE\WWMH~1.EXE
.... Found potentially unwanted program Adware-ClickSpring.
The file or process has been deleted.
C:\Documents and Settings\Simon Woods\Local Settings\Temp\addit.exe ...
Found potentially unwanted program Adware-Midaddle.dr.
The file or process has been deleted.
C:\Documents and Settings\Simon Woods\Local Settings\Temp\Lc.dll ... Found
potentially unwanted program Adware-Midaddle.dll.
The file or process has been deleted.
C:\Documents and Settings\Simon Woods\Local Settings\Temp\mw.exe ... Found
potentially unwanted program Adware-MemWatcher.
The file or process has been deleted.
C:\Program Files\hhProxy\hhproxy.exe ... Found potentially unwanted program
Hhproxy.
The file or process has been deleted.
C:\Program Files\Sonic\MyDVD\LeaderReg.EXE\00415620.EXE ... Found
potentially unwanted program Adware-Powerreg.
The file or process has been deleted.
The archive has been deleted.
C:\Program Files\Sonic\Simple Backup\System\leaderreg.exe\00415620.EXE ...
Found potentially unwanted program Adware-Powerreg.
The file or process has been deleted.
The archive has been deleted.
C:\Program Files\TightVNC\VNCHooks.dll ... Found potentially unwanted
program TightVNC.
The file or process has been deleted.
C:\Program Files\TightVNC\vncviewer.exe ... Found potentially unwanted
program TightVNC.
The file or process has been deleted.
C:\Program Files\TightVNC\WinVNC.exe ... Found potentially unwanted program
TightVNC.
The file or process has been deleted.
C:\WINNT\system32\adsnt640.exe ... Found potentially unwanted program
Adware-IEDriver.
The file or process has been deleted.
C:\WINNT\system32\ADVAPI32.exe ... Found potentially unwanted program
Adware-IEDriver.
The file or process has been deleted.
C:\WINNT\system32\cmpbk321.exe ... Found potentially unwanted program
Adware-IEDriver.
The file or process has been deleted.

Summary report on C:\*.*
File(s)
Total files: ........... 232025
Clean: ................. 231961
Possibly Infected: ..... 1
Cleaned: ............... 0
Deleted: ............... 13
Non-critical Error(s): 2
Master Boot Record(s): ......... 2
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning D: [InfoFlex]
Scanning D:\*.*

Summary report on D:\*.*
File(s)
Total files: ........... 217479
Clean: ................. 217478
Possibly Infected: ..... 0
Cleaned: ............... 0
Non-critical Error(s): 1
Master Boot Record(s): ......... 2
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning E: [Web]
Scanning E:\*.*

Summary report on E:\*.*
File(s)
Total files: ........... 8963
Clean: ................. 8963
Possibly Infected: ..... 0
Cleaned: ............... 0
Master Boot Record(s): ......... 2
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning F: [Dev Tools]
Scanning F:\*.*
F:\CCRP\hhproxy_rel.exe\HHPROXY.EXE ... Found potentially unwanted program
Hhproxy.
F:\CCRP\PlanetSource\CodeFixer\GeneralServices.bas ... Found the
VBA/Generic.src virus !!!
The file or process has been deleted.
F:\CCRP\PlanetSource\Code_Fixer16626510232003.zip\GENERALSERVICES.BAS ...
Found the VBA/Generic.src virus !!!
F:\CCRP\PlanetSource\Ulli's_Cod1558233122003\dCodeProfiler.Dsr ... Found the
VBA/Generic.src virus !!!
The file or process has been deleted.
F:\CCRP\PlanetSource\Ulli's_Cod1558233122003.zip\DCODEPROFILER.DSR ... Found
the VBA/Generic.src virus !!!

Summary report on F:\*.*
File(s)
Total files: ........... 47655
Clean: ................. 47608
Possibly Infected: ..... 4
Cleaned: ............... 0
Deleted: ............... 2
Non-critical Error(s): 2
Master Boot Record(s): ......... 2
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning G: [Bin]
Scanning G:\*.*

Summary report on G:\*.*
File(s)
Total files: ........... 10969
Clean: ................. 10965
Possibly Infected: ..... 0
Cleaned: ............... 0
Non-critical Error(s): 2
Master Boot Record(s): ......... 2
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0


Time: 04:14.54
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.general (More info?)

From: "Simon Woods" <simonDELETECAPSjwoods@hotmaiIl.com>

| David see below for the scan results ... I'm about to look for a cleaner for
| the virus found
|
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
|
>> * * * Please report back your results * * *
|
| Using C:\McAfee\EXTRA.DAT to scan for 2 additional virus(es).
|
| 05/18/2005 17:58:01
|
| Options:
| /ADL /UNZIP /WINMEM /SUB /ANALYZE /PANALYZE /STREAMS /CLEAN /ALL /DEL
| /PROGRAM /MIME /HTML "C:\MCAFEE\SCANREPORT.HTML"
|
| Scanning C: [Local Disk]
| Scanning C:\*.*
| C:\Documents and Settings\Simon Woods\Application
| Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3cc46f89-13
| ea4f30.RB0\INSTALLERAPPLET.CLASS ... Found the Exploit-ByteVerify trojan !!!
| C:\Documents and Settings\Simon Woods\Application Data\WWMH~1.EXE\WWMH~1.EXE
| ... Found potentially unwanted program Adware-ClickSpring.
| The file or process has been deleted.
| C:\Documents and Settings\Simon Woods\Local Settings\Temp\addit.exe ...
| Found potentially unwanted program Adware-Midaddle.dr.
| The file or process has been deleted.
| C:\Documents and Settings\Simon Woods\Local Settings\Temp\Lc.dll ... Found
| potentially unwanted program Adware-Midaddle.dll.
| The file or process has been deleted.
| C:\Documents and Settings\Simon Woods\Local Settings\Temp\mw.exe ... Found
| potentially unwanted program Adware-MemWatcher.
| The file or process has been deleted.
| C:\Program Files\hhProxy\hhproxy.exe ... Found potentially unwanted program
| Hhproxy.
| The file or process has been deleted.
| C:\Program Files\Sonic\MyDVD\LeaderReg.EXE\00415620.EXE ... Found
| potentially unwanted program Adware-Powerreg.
| The file or process has been deleted.
| The archive has been deleted.
| C:\Program Files\Sonic\Simple Backup\System\leaderreg.exe\00415620.EXE ...
| Found potentially unwanted program Adware-Powerreg.
| The file or process has been deleted.
| The archive has been deleted.
| C:\Program Files\TightVNC\VNCHooks.dll ... Found potentially unwanted
| program TightVNC.
| The file or process has been deleted.
| C:\Program Files\TightVNC\vncviewer.exe ... Found potentially unwanted
| program TightVNC.
| The file or process has been deleted.
| C:\Program Files\TightVNC\WinVNC.exe ... Found potentially unwanted program
| TightVNC.
| The file or process has been deleted.
| C:\WINNT\system32\adsnt640.exe ... Found potentially unwanted program
| Adware-IEDriver.
| The file or process has been deleted.
| C:\WINNT\system32\ADVAPI32.exe ... Found potentially unwanted program
| Adware-IEDriver.
| The file or process has been deleted.
| C:\WINNT\system32\cmpbk321.exe ... Found potentially unwanted program
| Adware-IEDriver.
| The file or process has been deleted.
|
| Summary report on C:\*.*
| File(s)
| Total files: ........... 232025
| Clean: ................. 231961
| Possibly Infected: ..... 1
| Cleaned: ............... 0
| Deleted: ............... 13
| Non-critical Error(s): 2
| Master Boot Record(s): ......... 2
| Possibly Infected: ..... 0
| Boot Sector(s): ................ 1
| Possibly Infected: ..... 0
| Scanning D: [InfoFlex]
| Scanning D:\*.*
|
| Summary report on D:\*.*
| File(s)
| Total files: ........... 217479
| Clean: ................. 217478
| Possibly Infected: ..... 0
| Cleaned: ............... 0
| Non-critical Error(s): 1
| Master Boot Record(s): ......... 2
| Possibly Infected: ..... 0
| Boot Sector(s): ................ 1
| Possibly Infected: ..... 0
| Scanning E: [Web]
| Scanning E:\*.*
|
| Summary report on E:\*.*
| File(s)
| Total files: ........... 8963
| Clean: ................. 8963
| Possibly Infected: ..... 0
| Cleaned: ............... 0
| Master Boot Record(s): ......... 2
| Possibly Infected: ..... 0
| Boot Sector(s): ................ 1
| Possibly Infected: ..... 0
| Scanning F: [Dev Tools]
| Scanning F:\*.*
| F:\CCRP\hhproxy_rel.exe\HHPROXY.EXE ... Found potentially unwanted program
| Hhproxy.
| F:\CCRP\PlanetSource\CodeFixer\GeneralServices.bas ... Found the
| VBA/Generic.src virus !!!
| The file or process has been deleted.
| F:\CCRP\PlanetSource\Code_Fixer16626510232003.zip\GENERALSERVICES.BAS ...
| Found the VBA/Generic.src virus !!!
| F:\CCRP\PlanetSource\Ulli's_Cod1558233122003\dCodeProfiler.Dsr ... Found the
| VBA/Generic.src virus !!!
| The file or process has been deleted.
| F:\CCRP\PlanetSource\Ulli's_Cod1558233122003.zip\DCODEPROFILER.DSR ... Found
| the VBA/Generic.src virus !!!
|
| Summary report on F:\*.*
| File(s)
| Total files: ........... 47655
| Clean: ................. 47608
| Possibly Infected: ..... 4
| Cleaned: ............... 0
| Deleted: ............... 2
| Non-critical Error(s): 2
| Master Boot Record(s): ......... 2
| Possibly Infected: ..... 0
| Boot Sector(s): ................ 1
| Possibly Infected: ..... 0
| Scanning G: [Bin]
| Scanning G:\*.*
|
| Summary report on G:\*.*
| File(s)
| Total files: ........... 10969
| Clean: ................. 10965
| Possibly Infected: ..... 0
| Cleaned: ............... 0
| Non-critical Error(s): 2
| Master Boot Record(s): ......... 2
| Possibly Infected: ..... 0
| Boot Sector(s): ................ 1
| Possibly Infected: ..... 0
|
| Time: 04:14.54
|

Simon:

The following Trojan and Virus were found ...
VBA/Generic.src virus
Exploit-ByteVerify trojan


Delete; F:\CCRP\PlanetSource\Ulli's_Cod1558233122003.zip

The following is a "Exploit-ByteVerify trojan " found in a Java Jar...

C:\Documents and Settings\Simon Woods\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3cc46f89-1ea4f30.RB0\INSTAL
LERAPPLET.CLASS

Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general --> settings -->
delete files

In addition to the above, several adware objects were found...

1) Download the following item...

Adaware SE (Free personal version)
http://www.lavasoftusa.com/

2) Update Adaware with latest definitions.
3) Reboot your PC into Safe Mode
4) Using Adaware SE, perform a Full Scan of your platform and clean/delete
any parasites found.

When done...

Execute; c:\mcafee\CLEAN.BAT
{ or Double-click on 'Clean Link' in c:\mcafee }

* * * Please report back your results * * *

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom