Lately, and just lately my comp has been acting up. Firefox is freezing, stuff takes longer to load online and offline, and its kinda slow.

Ive run through the normal things to do in these cases (virus scan with NOD32, spyware scan with spybot and cleaned the registry with regseaker)

All of those programs are up to date with latest definitions.

Ive closed programs in the background, but it shouldnt matter because they where running b4 this happened.

Somethings up, i can feel it.

Any suggestions on what i can do?

Reformat/Get new comp asap.

reformat, just like what i need to do to my computer or try ccleaner and window washer and see if that helps

Two great suggestions there... FFS would you guys buy a new car because the performance has dropped off a little or give it a service?

TheCanuk:
Clean out your internet cache and flush unwanted cookies.
Delete everything in your temporary folders (C:\WINDOWS\TEMP and C:\DOCUMENTS AND SETTINGS\<username>\LOCAL SETTINGS\TEMP\)
Empty the Recycle Bin
Run a decent defrag software - I use Raxco's PerfectDisk with aggressive freespace consolidation enabled.
Download and run HijackThis (latest version is 1.99) and post the log here.

Two great suggestions there... FFS would you guys buy a new car because the performance has dropped off a little or give it a service?


Cuz we can.. :shifty:

Cuz we can.. :shifty: wow well thought out reply!!!!!

I agree with chewie not everybody has the money in the world. not to forget different country's have a different economy its and different technology in date

if his PC does the job for him and he is happy and doesn't want to spend the money for a new one then whats wrong with that.

some people in this world are patient (not many left)

even if a anti virus doesn't pick up a virus on a scan doesn't mean you don't have a virus.

I seriosuly suggest a format if none of what chewie mentioned work

also do a cntrl al delete and see if theres anything really dodgy processors running

oh shit my stero doesn't sound like the ones they have on stage I better go spend allot of money on a new one!!!

post a list of your processes.
(in taskmanager)

Two great suggestions there... FFS would you guys buy a new car because the performance has dropped off a little or give it a service?

TheCanuk:
Clean out your internet cache and flush unwanted cookies.
Delete everything in your temporary folders (C:\WINDOWS\TEMP and C:\DOCUMENTS AND SETTINGS\<username>\LOCAL SETTINGS\TEMP\)
Empty the Recycle Bin
Run a decent defrag software - I use Raxco's PerfectDisk with aggressive freespace consolidation enabled.
Download and run HijackThis (latest version is 1.99) and post the log here.

Sorry it took so long for me to reply, ive been out lately.

Im going to do all the stuff u told me, ill be back in a little while.

Thanks for helping everyone!

Ok this is my hijack this log with version 1.99



Logfile of HijackThis v1.99.0
Scan saved at 1:58:24 PM, on 2/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andrew Smith\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv.com/music/video/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: CCHelper Class - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - C:\Program Files\Panicware\Pop-Up Stopper Companion\CCHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Pop-Up Stopper &Companion - {8F05B1A8-9D77-4B8F-AF54-6B2202066F95} - C:\Program Files\Panicware\Pop-Up Stopper Companion\popupus.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://rtc1.webresponse.one.microsoft.com/media/xp/TLIEFlash.CAB
O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/oas/ActiveX/FileXfer.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/check/netset/install/gtdownls.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49D9E530-0F55-47AE-878B-5A1D962E96E7}: NameServer = 206.47.244.56 206.47.244.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{49D9E530-0F55-47AE-878B-5A1D962E96E7}: NameServer = 206.47.244.56 206.47.244.138
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NOD32 Kernel Service - Unknown - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe


Theres a pic of my task manager
http://img84.exs.cx/img84/1904/Untitled-192.th.jpg (http://img84.exs.cx/my.php?loc=img84&image=Untitled-192.jpg)
Im going to run a defrag later on.

edit

The process
MDM.EXE seems to be the problem
look here
http://www.2-spyware.com/file-mdm-exe.html
This is a non-essential process - Turn it off.

The Microsoft Machine Debug Manager (mdm.exe) does not connect to the Internet itself. However, it is still a rather ill-behaved program that leaves scads of temporary files on the hard drive that it never deletes, and fails to unload properly (on shared computers, when a user logs on a new instance of mdm.exe may start, but it won't necessarily exit when the user logs off. Depending on how many users have used the PC since the last reboot, dozens of copies of this program could be simultaneously running, eating up CPU and memory!).
mdm.exe is known to cause crashes and fatal errors on some PCs using Dial-Up Networking.

also if it is found anywhere else than windows/system32 then it is a Trojan (and in your case......where is it.......?

How to turn off Machine Debug Manager in Office XP - http://support.microsoft.com/default.aspx?scid=kb;en-us;321410


How to Turn Off the Machine Debug Manager
If you run Microsoft Internet Explorer 5 or later, you can turn off the Machine Debug Manager by turning off script debugging. To do this, follow these steps:
1. Open Internet Explorer.
2. On the Tools menu, click Internet Options.
3. Click the Advanced tab.
4. Click to select the Disable script debugging check box, and then click OK.
5. Close Internet Explorer.
6. If you run Microsoft Windows 98 or Microsoft Windows Millennium Edition (Me), delete the registry value that starts the Machine Debug Manager. To do this, follow these steps.

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
a. Click Start, and then click Run.
b. In the Open box, type regedit, and then click OK.
c. In the Registry Editor, locate the following subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
d. In the right pane, right-click MDM7, click Delete, and then click OK to confirm the deletion.

NOTE: The value for your version of the Machine Debug Manager may be different from MDM7.
e. Close the Registry Editor.

NOTE: Running Detect and Repair in Office 2000 adds the registry entry for the Machine Debug Manager and causes it to run at startup. If this occurs on your system, use the previous procedure to remove the registry entry.