PC is being a bitch

[loverboy]

This is likely adware/malware, hence AVG didn't pick it up. I had similar (not the same) a couple of weeks back.......adaware/spybot wouldn't remove it but this did...

http://www.malwarebytes.org/

.....& it's free! Be prepared to be persistent & if necessary run the application a few times.You only need to run it in quick scan mode. You may also need to run other removal applications (spybot/adaware etc) & in extreme cases manually edit/delete the registry entries once detected. Don't worry......we'll talk you through it.
Your work friend talks good sense..........ignore the doom-merchants.......I run SP3 with no issues whatsoever & it's my only firewall!

[emuler]

A quick and easy way to fix things is to download the trial version of Norton Internet Security 2009.
http://us.norton.com/downloads/
If you don't like it you can uninstall it after it has done its job. Personally, I'm sold. It is light, fast and updates itself every few minutes (maximum 7 minutes by my observation). I've got my friends and relatives together and am buying a multi-user license (a 5 user license costs about half per person as compared to a single user license).

I have had ZERO problems with SP3. Never has a major upgrade been as painless. By all means get it. Also enable Windows Update, or at least run it manually every once in a while. Lots of security patches are released by M$ via this mechanism.

[Amadeus]

Your work friend talks good sense..........ignore the doom-merchants.......I run SP3 with no issues whatsoever & it's my only firewall!

Google it.

[plonkah]

AVG - how often do you update ?
Download and run HiJack - this will show you what you have in all start up areas on your machine. If you see anything you don't know, disable it. Do this one by one and reboot each time. Do the same thing each time (open IE) - this should identify the culprit.

I agree and almost never use IE - BTW if it is IE7, there were explots out for a HUGE SECURITY BUG WHICH EVEN mICROSOFT ADVISED - USE AN ALTERNATIVE BROWSER !!

Good luck

[Debaser]

What does this tell you guys?

When I unplug my modem, IE (although obviously not connecting to the internet) opens in a second.

[FLL]

What does this tell you guys?

When I unplug my modem, IE (although obviously not connecting to the internet) opens in a second.

That is consistent with what I said before ...

There's a good chance it's adware/spyware which is redirecting all IE pages via its website so it can insert ads etc. If the website is inaccessible then that could explain why it takes so long to open IE.

When the modem is unplugged all internet requests will fail immediately rather than timing out.
Still sounds like adware to me, if the AVG spyware program doesn't find it try another. Plonkah's advice is worth a try too.

[Debaser]

When the modem is unplugged all internet requests will fail immediately rather than timing out.

But its not just IE, everything takes a a few minutes to load now.
Opening a movie file, clicking the START menu, opening an application, even opening word... 2mins... 2mins... 2 bloody mins!!
Although not all of the time??
Surfing the net is now fine until I close the window.

Also, I have now run 3 spyare programs!

Tonight I have just spent 3 hours running the spyware progs, antivirus progs, as well as getting rid of zonealarm, AND installing SP3.

So after all that work, what do I do now?

[emuler]

1. Did you try what I suggested? Install NIS 2009, update, then do a full system scan.

2. Check that your HDD is using DMA. Right click My Computer, select 'device manager'. Navigate to HDD controllers (mine says IDE ATA/ATAPI controllers) double click each IDE channel in turn and see under the advanced tab that the one to which your HDD is connected is using DMA. (Mine says Ultra DMA 5). If it says PIO mode, then everything will be slow because your HDD will run slow.

To fix this, right click the top entry/entries in the IDE ATA/ATAPI controllers section (mine says INTEL(R) 82801EB Ultra ATA Storage Controllers) and remove them. You will be asked to reboot. Do so. On rebooting, Windows will automatically install the drivers for the HDD controller and ask you to reboot again. Do so, and then check that the HDD is now using DMA like it is supposed to.

[Debaser]

Mine also say DMA.
Im not sure why it would have changed, as I dont touch that stuff.

Im now downloading the Norton thing.
I will give it a blast then uninstal it.
Im not holding out much hope as it uses the same updates as AVG, but of course I am willing to try and I appricitiate the help!!

I need my pc working today!

Ill let you know if Norton helps BBL

[plonkah]

Post here the Hijack log DB.

Here is stip on getting rid of a.exe :-

what happens is that these exe files are set to start up automatically, then when you try and delete them from System32 folder, you get Access is Denied.

I would check the HKLM\Software\Microsoft\Windows\CurrentVersion\Run folder in the registry. To get to the registry, go to Start, Run, type Regedit.

Once you delete from there, reboot, then try and delete it from System32.

This file sounds like it's spyware, so you can also run Ad-aware or another spyware program.

HEED this warning :-

http://www.auditmypc.com/process/a.asp

and this

http://www.lavasoftsupport.com/index.php?showtopic=8862

Basically, looks like you have a nasty trojan installed which can allow someone who gets access to your pc to do things like redirect all of your web traffic, corrupt system files, copy/delete any data etc - basically anything malicious. You should find that your firewall is warning you of outbound traffic to one or more IPs - this is the trojan "talking" to the attacker - it talks outbound to a particular IP and once it sets the session up, the attacker is in on your system. Most of these trojans are obvious and can be dealt with, some however will hide themselves by renaming your system files and then taking over from there.

When you run a FULL virus scan, what do the logs say ? Download and run both AdAware and Spybot 1.6 - make sure you update before doing a FULL scan. You can also do a FULL scan using EWIDO anti spyware - may take days to run but is very thorough. You need to be aware of two things :-

1. It is probably not safe right now to connect your PC to the network.
2. If your system files have been compromised, you may have to reinstall the OS.

My guess is that you have CWS (CoolWebSearch) on your machine.

Lots of instructions on how to detect and remove if you google "remove coolwebsearch".

One final thing (I know the horse has already bolted but...), download and install the IE7 patch or just stop using IE.

GL dude