Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Performanceoptimizer Error Box


  • Please log in to reply
10 replies to this topic

#1 jackiemarie

jackiemarie

  • Members
  • 406 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:56 AM

Posted 02 December 2007 - 06:08 PM

I turned on my dv6135nr HP laptop, IE7, Windows XP Prof and the color of the home page of msn.com had changed to red from my choice of blue and there was a windows live search box on top of the home page (had not ever asked for any of this). Within 30 seconds, an IE dialog box appeared "NOTICE: Errors in your PC can cause data loss, hardware or software failure and performance fail. Install PerformanceOptimizer to fix errors, monitor changes and maintain PC stability!" There was also a mini browser in lower right with an address of http://performanceop..... Because of the bad grammar and spelling, I assumed it was fraudulent; I clicked cancel rather than OK; it wouldn't go away, I kept x'ing out and finally was able to get it all x'd out; it seemed to be about servers etc. which I have no relation to; I never clicked to another link.

I ran Webroot spysweeper and it was negative; tried to run Norton AV but it hung up; I would shut down and restart and the regular pages I go to would hang up/freeze. Tried to install and run a virus detection tool from symantec; the extraction wizard would not work, and got a Windows Explorer box: szAppName: explorer.exe szAppVer: 6.0.2900.3156 szModName: hungapp szModVer: 0.0.0.0 offsett: 000000000. Went to support at microsoft, did what they said. Still had hang ups. Then went to add-ons and disabled anything to do with Windows Live. Finally able to run symantec security check from their website; both checks said no problems. I was also able to run a regular Norton full scan and it was OK. Then suddenly a DEP error; Data Execution Prevention shut down the whole system-for my protection of course. In checking under General Tab of Internet Options, it showed Windows Live as being my default search provider (which I have never asked for) but google was also listed and google was still on my browser; I deleted Windows Live and made google the default search (even though the browser had never changed). At different times, spysweeper keeps telling me that a BHO ieframe.dll and iexplore.exe are trying to access my computer and do I want to block or allow installation. I have blocked the installation so far.

Can you please tell me if performance optimizer is valid; if so, how do I download it? The only thing I've added since doing a recovery 11/21 (because of the mess that flooded into my hard drive when I checked out the Media Center) is Glary Utilities Registry Repair. I'm not technically savvy (obviously) and have never had any problems with the Windows XP, IE7 or system instability.
Thanks in advance for your guidance.
anniehannah

EAM, MBAM Pro, MB Anti-Exploit 

HP g7-1310 - Windows 7 Home Premium 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:56 AM

Posted 02 December 2007 - 07:27 PM

It is not a legit program.

Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

IF Super Antispyware finds Vundo or Virtumonde---
Use the Vundofix tool in the link below.
http://vundofix.atribune.org/

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

Post back with the results of the scans

Edited by buddy215, 02 December 2007 - 08:02 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 406 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:56 AM

Posted 03 December 2007 - 12:06 PM

It is not a legit program.

Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

IF Super Antispyware finds Vundo or Virtumonde---
Use the Vundofix tool in the link below.
http://vundofix.atribune.org/

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

Post back with the results of the scans

Thank you for your response. I am hesitant because I already have Webroot Spysweeper and Norton AV on my laptop since I got it. Have run both of these twice and results are negative; have gone to symantec site and run the security check of threats and viruses twice and it comes up safe and clean.
I never installed this thing; I x'd out until it all went away - following up immediately with full scans by spysweeper and norton (negative results). Do I still try to find something? I've done a Norton full scan in safe mode and it was clean.
Thanks.

EAM, MBAM Pro, MB Anti-Exploit 

HP g7-1310 - Windows 7 Home Premium 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#4 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:56 AM

Posted 03 December 2007 - 01:36 PM

You definitely had/have malware on your computer that is why I wanted you to do a scan with SAS. Still do.
post back with what SAS finds.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 406 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:56 AM

Posted 03 December 2007 - 05:02 PM

You definitely had/have malware on your computer that is why I wanted you to do a scan with SAS. Still do.
post back with what SAS finds.

Well, buddy215, I would be glad to but...now internet explorer is not working in safe mode, it says an http error warn of 12007...it was working yesterday. Is it worth it to go the site and run the check not in safe mode? I uninstalled and reinstalled internet explorer at the add/remove programs in control panel, but it didn't make any difference.
Thank you.

EAM, MBAM Pro, MB Anti-Exploit 

HP g7-1310 - Windows 7 Home Premium 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#6 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:56 AM

Posted 03 December 2007 - 05:09 PM

If you cannot run in safe mode, try it in normal mode. Sounds like more malware has gotten on your computer.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 406 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:56 AM

Posted 03 December 2007 - 06:31 PM

If you cannot run in safe mode, try it in normal mode. Sounds like more malware has gotten on your computer.


OK, the report showed: 1 adware cookie (it came from msn portal). It scanned 497 memory items, 6320 registry items, 41988 files taking 41:31 minutes.
The cookies was quarantined.

The home page has been normal all day yesterday and today.
I had an IE shutdown from iexplore.exe.

I remember now that when I did the Spysweeper full scan on Sat., 12/1, I blocked installation of an iexplore.exe BHO; I think I've always allowed this installation. Could I have not allowed something that is needed to make IE work?

Any other ideas?
Thank you.

EAM, MBAM Pro, MB Anti-Exploit 

HP g7-1310 - Windows 7 Home Premium 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#8 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:56 AM

Posted 03 December 2007 - 06:40 PM

It is time for the experts to take a look.

Post a Hijack This Log in the Hijack This Forum by following the directions in the link below. DO NOT post a log in this forum. http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 406 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:56 AM

Posted 03 December 2007 - 06:52 PM

It is time for the experts to take a look.

Post a Hijack This Log in the Hijack This Forum by following the directions in the link below. DO NOT post a log in this forum. http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Thank you; I will follow these instructions.
Blessings.

EAM, MBAM Pro, MB Anti-Exploit 

HP g7-1310 - Windows 7 Home Premium 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#10 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 406 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:56 AM

Posted 03 December 2007 - 07:00 PM

It is time for the experts to take a look.

Post a Hijack This Log in the Hijack This Forum by following the directions in the link below. DO NOT post a log in this forum. http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Thank you; I will follow these instructions.
Blessings.

One more thing please, do I leave the superantispyware on my laptop? Looks like there are several more programs to install and run on the link you gave me; do all those programs conflict?
Thank you.

EAM, MBAM Pro, MB Anti-Exploit 

HP g7-1310 - Windows 7 Home Premium 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#11 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:56 AM

Posted 03 December 2007 - 07:37 PM

The important thing is to get the HJT log posted.
SAS is good to have around. Just update it once a week or you can delete it if you want.
If you are unable to do any of the steps, just skip and go on to the next.
Good luck to you.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users