Ok my computer is always giving me a lot of problems. I reboot my windows almost every 2 weeks becuse it always gets soo many problems that i cant fix. I have alot of programs to fix and help it but its like there useless. I use ad-aware, norton antivirus 2005, hijack this, and spybot search n destroy but they dont seem to help. My computer goes really slow most of the time and ads always pop up out of nowhere like "freebackgrounds.com" or something like that and these other ads that arent windows, there just pictures of stuff being advertised and they have a little x thats always hard to find and says close. I ran my antivirus and the other programs in safe mode but it didnt find much of anything because its still the same. Another thing is that i cant open my task manager and whenever i pick switch user it wont let me log back in, it just says that my password is wrong all the time. If anyone can tell me whats wrong or offer any help i would REALLY appreciate it.
Heres my hijack this log file. The program wouldnt open so i had to open it in safe mode. Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe O4 - HKLM\..\Run: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Microsoft messenger sd] msngersd.exe O4 - HKLM\..\RunServices: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - HKCU\..\Run: [Miscrosoft Windows Explorer] IEEXPLORER.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [rozo] C:\PROGRA~1\COMMON~1\rozo\rozom.exe O4 - HKCU\..\Run: [dvdotv] C:\WINDOWS\System32\dvdotv.exe O4 - HKCU\..\Run: [Otbw] "C:\Program Files\lcss\pets.exe" -vt mt O4 - HKCU\..\Run: [Microsoft messenger sd] msngersd.exe O4 - HKCU\..\RunServices: [Miscrosoft Windows Explorer] IEEXPLORER.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1575aaffd41fbe862b21/netzip/RdxIE601.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0D05A154-0706-4534-8CAC-3EE33C0E38C4}: NameServer = 206.47.244.42 206.47.244.101 O17 - HKLM\System\CS1\Services\Tcpip\..\{0D05A154-0706-4534-8CAC-3EE33C0E38C4}: NameServer = 206.47.244.42 206.47.244.101 O17 - HKLM\System\CS2\Services\Tcpip\..\{0D05A154-0706-4534-8CAC-3EE33C0E38C4}: NameServer = 206.47.244.42 206.47.244.101 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\enlsl1371.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Do you have a firewall? Have you updated all you spyware applications as well as Windows and Norton? Am guessing you use IE i recommend that you use FireFox as it is far more secure. Try the site below, run all test. Update all spyware program then run windows in safe mode which should hopefully remove some unwanted stuff. Download Ccleaner and run it every time you done browsing the web, it also has a very good reg scanner. Sorry but i don't speak log file very good so another user will have to help you out there. Edit: It is also i good idea to turn system restore off untill the problem is fixed as most spyware/viruses restore them self using it. http://housecall.trendmicro.com/
the easiest (and most complete, imho) way to block popups and the like is to use host file blocking. http://www.mvps.org/winhelp2002/hosts.htm will tell you all about it, after install, open either spybot (in advanced mode, go to "ie tweaks") or zonealarm (depends what build of this you're using, but firewall, advanced) and lock the host file. did this myself 3 weeks ago, and haven't seen a popup since. http://grc.com/default.htm steve gibson has a lot of little tools and tests that may help. check "shoot the messenger" and Upnp apps. hope this helps.
