Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What Should I Do Next ? Pc Has A Fewpopups And Is Slow Responding


  • Please log in to reply
4 replies to this topic

#1 stanpatpick

stanpatpick

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SouthEast US
  • Local time:10:51 PM

Posted 06 September 2007 - 09:25 PM

History - I have beeen working on this pc trying to remove viruses, adware, malware, etc.
I have used avast, adaware, spybot, avg, and the panda online scanner.

WINXP has been very recently updated completely with @ 2.5 -3 years wortth of updates. Unfortunately the pc spent some time on the net vis dsl before any updates or protection programs were installed.

All has gone well except for the 2nd run of adaware as I was trying to follow the instructions for posting in the Hijack thread.

After rebooting for the second full pass ( @ 6 items were found and removed ) the desktop background appears then a message that taskmgr could not be found ( I click - OK ) a message follows saying that " could not load or run C:Windows\taskmgr.exe' specified in the registry. Make sure file exists on your computer or remove the reference to it from the registry. ( I click - OK ).

The pc then continues to boot to the desktop. Avast finds the followingC:\Windows\System32\urhvufxl.dll, avast identifies this as malware name Win32:Vundo-gen49[Adw]. ( I choose - no action ) then pane with Error loading C:\WINDOWS\Ssytem32\urhvufxl.ll Access is denied. (I cloick ok ).

Within a few minutes of opening IE7 I will get a new window (Pop up?) without an address for drivecleaner and one labeled Please visit our sponsor or Crush calculator, the mouse can be moved but the pc responds very slowly, if you try to close a new window and will eventually say that IE is not responding. If I click end now the pc will very slowly respond. The desktop will blank except for the background and then repopulate.

Thanks in advance.

jazzisjazz

BC AdBot (Login to Remove)

 


#2 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:07:51 PM

Posted 06 September 2007 - 10:44 PM

Since you have avast! installed and running on the machine, I would recommend that you start with a boot time scan. After you have done the boot time scan, move on and scan with SuperAntiSpyware. Download and install SAS, accepting the default options, run a full update. Once SAS is updated, restart the computer in safe mode. Run SAS, and click the complete scan button. Once the scan is complete, let SAS quarantine/remove everything that it finds, and then restart the computer. Let us know your results, please.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#3 stanpatpick

stanpatpick
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SouthEast US
  • Local time:10:51 PM

Posted 07 September 2007 - 01:09 PM

Update

Sluggishness seems to have been eliminated.

message that taskmgr could not be found ( I click - OK ) a message follows saying that " could not load or run 'C:Windows\taskmgr.exe' specified in the registry. Make sure file exists on your computer or remove the reference to it from the registry. ( I click - OK ). - Still appears at startup

- The windows task manager is still there if ctrl/alt/del/ though.

Error loading C:\WINDOWS\Ssytem32\urhvufxl.dll The specified module could not be found. I click ok.

A popup appears after opening IE7 - ZEDO - redorbit video

Things are much improved.

What should I do next?

Edited by stanpatpick, 07 September 2007 - 01:25 PM.


#4 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:07:51 PM

Posted 07 September 2007 - 01:59 PM

Run spybot search and destroy again, However click {Mode}, and change to advanced mode. Click Tools, System Startup. Find the entry for C:\WINDOWS\Ssytem32\urhvufxl.dll, and highlight it in blue. go to the top menu and click the red x to remove it. See if there is a listing for task manager startup there and remove it also. Run the Bitdefender Online Scan Specified in the Preparation guide and see what it locates and removes. Restart the machine and see how it runs now. If this does not get rid of the ZEDO popup, finish the guide and post the hijack this log.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,069 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:51 PM

Posted 07 September 2007 - 03:11 PM

From what you describe in regards to the error messages, the file(s) is probably an orphaned entry related to a program (or malware) that was set to run at startup. Windows is trying to load this file but cannot locate it since the file may have been removed during an anti-virus scan, the uninstall of a program or use of a specialized fix tool. However, an associated registry entry remains and is telling Windows to load the file when you boot up.

When Windows loads, it looks for any files associated with registry entries for programs that are set to run at startup. If the file was removed but not the registry entry, Windows will display an error message indicating that the file was not found. You need to remove this registry entry so Windows stops searching for the program when it loads. Following oldf@rt's advice should resolve this issue. You could also download and run Autoruns, search for the related entry and then delete it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users