Tech Problem Aggregator

# terrible, periodic computer lag. Might be malware related

Q: terrible, periodic computer lag. Might be malware related

A: terrible, periodic computer lag. Might be malware related

12 more replies

Sony Vaio, Windows XP home addition version 2002, service pack 3
mobile amd athlon(xp),1600+, 1.40ghz, 256mb of ram.

I have an older laptop, but it has ran like a dream up until a week or so ago.

There is something wrong with it, as it is taking much longer than normal to start up. Moreover, it is experiencing intermittent spikes in very high usage while i'm surfing the internet. Sometimes the lag lasts upwards of 20 minutes, where I'm unable to do anything on my computer. This is extremely frustrating, and renders my computer useless much of the time.

I originally thought it was a memory issue, as I had added a few moderately sized programs recently, but have since removed all of them and even freed up additional space.

I prefer to play dumb, and go from the square 1 approach. Thus, I'd rather have someone guide me through steps that will solve the problem, rather than me trying things out and then having someone fix those just to get to square 1.

I have had great success with bleeping computer experts getting rid of viruses in the past, and am hopeful someone at this site can remedy this issue as well.

If this is the wrong forum, please move to the correct one if possible. Thank you.

A:Terrible, periodic computer lag

3 more replies

Hello everyone, I'm having a real tough time trying tofigure out what is going wrong with my computer:

In as short as a few minutes to as long as a few hours, mycomputer will completely freeze (keyboard takes no input, mouse is stuck inlast position). The only way to resume usage is to reboot after holding downthe power button.

The only common thread through all the freezes *seems* to bethe active use of a web browser (Chrome/Firefox/Explorer). The freezes onlyseem to occur when the active window is one of the web browsers (and possiblyonly when the browser is in 'full screen mode', still testing that) what thatpoints to, I have no idea...

I did a uninstall and then re-install of all browsers withthe most current versions, but after a few hours of Chrome / Explorer, I gotanother freeze.

Any ideas as to what is going on is greatly appreciated,thank you for reading.

More replies

Every so often (once or twice in a 24 hour period), my internet completely disconnects. It drops me from IRC, torrents, Steam, any browsing I'm doing, and so on. This seems to happen only on this computer (I have another computer and an Xbox 360 on the same wireless network, and neither of them drop when my computer drops.

This, alongside the consistent HDD activity light (and sound) that appears during these disconnections, leads me to believe that there is a program on my computer causing these disconnections. I'm reasonably certain that I am virus free and a "legitimate" program is causing, as I run regular scans using both Microsoft Security Essentials and Trend Micro HouseCall.

However, I'm still stumped: I have no idea what program could be causing this and I have no idea to figure out how to deduce this. Can somebody recommend me some monitoring tools that I can use to see what programs are active when these disconnections occur? I have tried going to Resource Monitor but it never ever seems to open fast enough to display what is going on during the disconnections, so I need something that provides logging functionality. Can anyone suggest free monitoring tools I can use to clear up this mystery?

A:Periodic Internet disconnections - related to program activity?

Have a look at this Microsoft article: How to troubleshoot network connectivity problems in Internet Explorer

You might also want to run a virus scan with Malwarebytes.

http://www.malwarebytes.org/products/malwarebytes_free

6 more replies

To whom it may concern,

I don't exactly know how to explain my issue, only that my computer is skipping. It usually happens when I am playing a game and it affects my computer for a good length of time making the audio, video and mouse pointer skip from one point to the next. This issue only started happening yesterday and I thought nothing of it thinking a simple restart would help, but now after the third time it has happened today I am looking for a very effective permanent solution if one is available.

I did a google search on my issue and found a related thread here which was solved, I can only hope that you can help me as well.

- Xirion

A:Computer Skipping - Possible Malware Related.

Here is the HJT log of my computer.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:15:33 PM, on 21/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\ASUS\AI Nap\AiNap.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

1 more replies

Hey Guys,I'm New Here, And I've Been Looking For Someone Who May Be Able To Help With Me A Few Potential Problems. First Off, I've Found That When I've Booted My Computer (I'm Running XP Professional) As Soon As The Welcome Screen Dissappears (No Password Login, Just One Account) My Screen Goes Fuzzy For A Few Moments But Then Returns Normal With The Proper Desktop Picture Up. I've Tried Reinstalling My Driver Hardware For My Monitor As I Presumed It May Be That, But To No Avail, I've Tried A Restore To A Date Before The Problem Occured, But Once Again To No Avail. Another Problem I'm Finding I'm Having Is That My Mozilla Firefox Seems To Almost Reinstall Itself After A While, As My Settings For My Addons Are Reset And It Opens As If Mozilla Has Just Been Installed Onto My System. Also I'm Finding That Sometimes When My Computer Seems To Be Affected By Too Much Usage Of Memory By Processes, Upon Trying To Bring Up The Task Manager, My Computer Sometimes Does Not Respond To The Keystroke, And I'm Left To Use "Process Explorer" To Check What Is Running Upon My System.I'm Not Sure If Any Of The Problems And Issues Are Malware/Virus Related Or Maybe Hardware Related, But I'm Hoping That I Will Be Able To Find A Possible Solution As I'm Not Welcoming To The Fact Of Having To Reformat If It Can Be Avoided, Any Help In Advance Guys Would Be Fantastic, Here Is My Log In The Following..Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:46:36 PM, on 19/09/2008Platform: ... Read more

A:Not Sure If It's Malware Related, But My Computer Is Unwell In Several Ways, Can Anyone Please Take A Look At My Log?

Hello prottura,

Welcome to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

1 more replies

Hello,

I've recently been having issues where my computer will stop responding at random times. I haven't yet noticed a pattern, but the most recent issue happened when I opened Facebook. If I'm playing music when the freeze happens, it starts sounding creepy and machine-like, with high-pitched noises and other strange sounds. Other windows stop responding and I can't use my computer for about 30 seconds. I'm not sure if this is Malware related or not. I haven't been to any malicious websites or downloaded anything, but I don't know what else the problem could be.

Also, I'm running Windows 7 on an HP dm4x series laptop. I believe drivers are up to date and updates are installed to Windows.

Thanks!

Below are HJT and DDS logs. I will upload a GMER log when I can, but the scan was taking a long time.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:41:58 PM, on 2/28/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\H... Read more

A:Computer freezing constantly: Malware related?

Here is the GMER log:

GMER 2.1.19115 - http://www.gmer.net
Rootkit scan 2013-03-01 11:30:31
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST975042 rev.0003 698.64GB
Running: GMER.exe; Driver: C:\Users\Kyle\AppData\Local\Temp\kwldqpow.sys
---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]
.text C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a714bb 2 bytes [A7, 77]
.text ... * 2
.text C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe[3280] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]
.text C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe[3280] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a714bb 2 bytes [A7, 77]
.text ... * 2
.text C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]
.text C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a714bb 2 bytes [A7, 77]
.text ... * 2
.text C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe[3732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]... Read more

3 more replies

Hi there, i?m new here, i?m from spain so maybe i cant explain very exactly in english so, i?m sorry!I?ve found this site in google and i think maybe you can help me, before posting in this forum i?ve read your: "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help"I?m not able by the moment of making a backup of my data, i dont have now a external hd. is it sure to make this copy if my computer is probably already infected by a malware or something like this?I am using a hp pavilion dv7 lap top with 64 bits windows vista home premiumI am not very good with computers but i?ll try to explain my problemI was working with "adobe premiere" editing some videos, it began to give problem and finally this premiere archive i was working with stopped working at alleach time i try to run this archive it creates this files in the same directory i was saving it, they are:- lsprst7.dll- lsprst7.tgz- sysprs7.dll- sysprs7.tgz- tmpPrst.tgzI?ve looked in google and i think it has something to be with some kind of malware. You help some people with similar problem with "combofix" but i?m afraid it would not work with my windows.I?m not using a lot the computer now because i imagine the malware will go infecting other applications as i go using them, i?m a bit scared about it...i?ve also disabled my cd simulation softwarenext i?ve installed "dds" and this is the log:DDS (Ver_09-12-01.01) - NTFSX64 Run by Juan at 17:29:49,57... Read more

A:lsprst7.dll, some malware related to this archive and others infected my computer

3 more replies

A:Is my computer clean? Is the BSOD a malware-related issue?

On June 18th, my computer experienced a BSODJust once?I see, you ran BSV and it reports only one BSOD.

more replies

Few days ago my computer started randomly rebooting or locking up with no prior warning. I realize this could be a hardware issue, but the symptoms started right after I ran into some malware infections. This issue and symptoms are very similar to this one here hxxp://www.techsupportforum.com/security-center/virus-trojan-spyware-help/hijackthis-log-help-inactive/132058-computer-randomly-rebooting.html. I made a new thread concerning this problem because on a reply it was stated that the fix was computer specific. I removed some of the spyware with help of ad-aware and avg antivirus, but I doubt I had them all removed.

ZoneAlarm firewall and AVG Anti-Virus are on constantly and I try to keep my Windows update up to date all the time.

Following is a list of the programs I deleted. I got suspicious when ZoneAlarm warned me that they are trying to access internet (it was the first time they asked for rights), so I googled for them and removed them:

w.exe C:\Windows\system32\w.exe

first179.exe C:\Documents and Settings\username\Local Settings\Temp\first179.exe (removed by AVG Anti-Virus after a full system scan)

frmwrk32.exe C:\Windows\system32\frmwrk32.exe

One symptom of infection was that at first my desktop icon titles lost their transparency/drop shadow and were replaced by a "blue box" behind them. Later on, my whole desktop background became blue. I managed to "fix" this, so unfortunately I don't have a screenshot of it.

A:Computer randomly freezing or crashing - spyware/malware related?

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Your hard drive is almost full. Having too little free space on your hard drive can compromise system performance.

Quote:

C: is FIXED (NTFS) - 29 GiB total, 0,384 GiB free.

I suggest you move pictures, music, etc. to an external drive or USB stick if you have one and uninstall any programs that are never or hardly ever used.

------------------------------------------------------

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they... Read more

19 more replies

Few days ago my computer started randomly rebooting or locking up with no prior warning. I realize this could be a hardware issue, but the symptoms started right after I ran into some malware infections. This issue is very similar to this one here http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/hijackthis-log-help-inactive/132058-computer-randomly-rebooting.html. I made a new thread concerning this problem because on a reply it was stated that the fix was computer specific. I removed some of the spyware with help of ad-aware and avg antivirus, but I doubt i had them all removed. Any help is greatly appreciated.

Here's my HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:05, on 2.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe

A:Computer randomly freezing or crashing - spyware/malware related?

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:

Having problems with spyware and pop-ups? First Steps

link at the top of each page.

------------------------------------------------------

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

1 more replies

I don't have any particular problems on this computer, I just thought it was about time that I got this computer checked out. I'd appreciate any help or advice on how to improve security, etc. Thanks

Logfile of HijackThis v1.99.1
Scan saved at 16:10:21, on 06/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Hummbird\inetd32.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe

Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...up1.0.0.15.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20c5781d...p/RdxIE601.cab

Reboot.

Everything else looks okay.

3 more replies

I just finished removing a fake antivirus program using rkill and malaware. However, I'm still having a problem with internet advertising sound appearing and disappearing randomly without having IE open. Help!

PS - getting professional help from you guys is really great. Thank you.

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.21.2
Run by Amy at 22:47:50 on 2013-05-17
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.1729 [GMT -5:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvsca... Read more

A:Periodic Advertising Sound Virus / Malware

I have also attached a log from tdsskiller if that is helpful.

1 more replies

Hello,
I occasionally run an in depth clean-up of my computer to make sure it is free of malware, etc..., and often I scan, back-up, and clone for simple fix/replacement should I have a problem. My current clones are of a year old system, so there might be some issues. More recently, I am getting occasional redirects from webpages/searches that might be of concern.
If a Bleepingcomputer expert would please take a look at the logs for a review, I would greatly appreciate it.

I just completed a MBAM scan and reboot which removed 12 issues.

Thanks!

Walter
DDS (Ver_09-10-26.01) - NTFSx86
Run by Walter L Wilson Jr at 16:43:06.72 on Wed 11/11/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_10
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3069.1882 [GMT -5:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
SP: BitDefender Antispyware *enabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss

A:Periodic malware examinationb/tune-up, possible redirects

10 more replies

This Malware Issue is getting on my nerves, tried alot and nothings workedEverytime i access explorer and go into two folders a pop-up error message comes up stating "Some dangerous viruses detected in your system Microsoft windows xp etc etc" with a yes or no, obviously one would select no, but i'm still brought to a website hxxp://sc.videofreeforonline.com/id/4912933/4/1/ any ideas?heres my Hijackthis LogLogfile of Trend Micro HijackThis v2.0.2Scan saved at 2:46:36 PM, on 11/5/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\WINDOWS\System32\WL... Read more

A:Malware = Terrible

8 more replies

Hello guys,

I am just wondering whether can you guys help me to get rid of this pest? I think it's called Razespyware. I am not sure but that's the one that keep popping up. Not to mention a dozen of others. I think i have more than 1 malware cause i remembered i search with spybot before and it returned with 6 identified spware. Help .. I can't seem to get rid of it and worst of all, I CAN'T boot in safe mode. I tried to go in but something like 'mlti//ard ..disk .. dunno what partition' came out instead. I can boot in normally but i can't access another program or another website other than RAZESPYWARE !!!! But luckily for me, i have downloaded HijackThis earlier on and i am posting my log here. Please teach me what to do. Million of thanks in advance :D

Logfile of HijackThis v1.99.1
Scan saved at 7:19:03 AM, on 12/1/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe

A:Terrible Malware - I think i got 15 !!?? HELP

Oh my what a mess. Since you have no way to access the net to download programs I'm going to try a manual fix on your hijackthis log and try to get internet access back. If it doesn't work...you'll need to download the tools from another PC and move them to the infected PC and run them.

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible.
Please make sure system restore is enabled by right clicking on My Computer and go to Properties->System Restore and check the box for Turn OFF System Restore and make sure it?s NOT checked. We want system restore ON and monitoring your current hard drive. Once your clean we will turn this off and then back on to remove the infection from the restore folder and create a clean restore point.

Open up task manager and KILL the following processes...

C:\WINDOWS\System32\kernels32.exe
C:\WINDOWS\inet20066\services.exe
C:\WINDOWS\System32\vxh8jkdq2.exe
C:\WINDOWS\System32\dllcache\IExplore.exe
C:\WINDOWS\inet20066\socks.exe
C:\WINDOWS\System32\split1.exe
C:\PROGRA~1\WHATPU~1\WHATPU~1.EXE
C:\winstall.exe
C:\WINDOWS\System32\explorer.exe
C:\DOCUME~1\Joseph\LOCALS~1\Temp\svchost2.exe

Check and fix the following in HijackThis if they still exist (make sure you do not miss an entry)

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank

19 more replies

I have a three week old brand new computer running XP. Every once in a while there is this small, brief shuffle sound (page turning? A scratch?) that plays in the background, often twice three or four seconds apart. It's especially noticeable if I have my headphones on, but aside from being irritating, I'm worried that this means I have some devious malware doing something.
My old computer (also XP) had this problem too, so I'm afraid it's a site I frequent that's giving it to me. Have any of you ever heard of anything like this? Thank you so much for any help you can give me.

Sara

A:Periodic light shuffle/scrape sound - is it malware?

1 more replies

A:Dr. Guard Nightmare--I need help to remove this terrible Malware

3 more replies

So I booted up Firefox today and there were all these weird adds by something called SalePlus. Followed the link which said I could remove it from the control panel but it isn't there. AVG and Malwarebytes can't detect it apparently. Ran AdwCleaner and that didn't fix the issue either. I can't find out where the SOB is hiding and could use some help.

Thanks,
kurokun

A:Some Terrible Malware/Adware Called SalePlus is Screwing With Me.

9 more replies

Hello guys,I am just wondering whether can you guys help me to get rid of this pest? I think it's called Razespyware. I am not sure but that's the one that keep popping up. Not to mention a dozen of others. I think i have more than 1 malware cause i remembered i search with spybot before and it returned with 6 identified spware. Help .. I can't seem to get rid of it and worst of all, I CAN'T boot in safe mode. I tried to go in but something like 'mlti//ard ..disk .. dunno what partition' came out instead. I can boot in normally but i can't access another program or another website other than RAZESPYWARE !!!! But luckily for me, i have downloaded HijackThis earlier on and i am posting my log here. Please teach me what to do. Million of thanks in advance :DLogfile of HijackThis v1.99.1Scan saved at 7:19:03 AM, on 12/1/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBB... Read more

A:Terrible Malware - Razespyware? Xp Won't Start In Safe Mode

2 more replies

running windows xp, cable modem motorola, airlink 101 wireless router -- computer that is lossing connection is direct wired to router, not wireless. also have a vonage box direct to router. the wireless laptop maintains connection just fine. it's the desktop that loses connection for no apparent reason -- can't find websites and no email with eudora. rebooting restores connection. all lights are on on modem.
have checked device manager, nothing obvious. also cmd propmt ping and get 100% lost packets even when connection is there. tried to ipconfig /all but command window flashes too quick to see even trying break or escape. have shut down some services a few months back -- could a service be the culprit.
would appreciate any help.

A:periodic loss on one computer

11 more replies

I have a default Yoog Search in my Search Engines, i try to remove it and set it as google but it would again default to Yoog. Next thing is I just cannot run 'sybot search & destroy' and doesnt let me open any anti-malware related sites. I cant download any anti malware apps. I am just stuck. I saw a post " Win 2K hijack issue - unable to run malware apps!". I have exactly the same case on my system.

More replies

Hello, a while a back ago I had essentially frankensteined my computer from various parts I found at Fry’s Electronics on a black Friday night. Here are my specs:

AMD Athlon II x2 255 processor, 3100 Mhz, 2 core
10 GB RAM

Regardless of my incompetence with creating a good machine, when I managed to assemble the computer it seemed to work fine. And so for a good 9 months I was completely content with my machine running all the games I wanted in low-medium settings. I played StarCraft II and Shogun 2: Total War without any problem. Then I downloaded The Witcher, for a while I was able to play it at a consistent 25 FPS on lowish settings but somewhere along the end of the second act the game just dropped into a state of constant periodic lag so I started playing Shogun 2 and StarCraft but they did the same thing. And thus we get to the present problem. Whenever I get into a 3D intensive game (Shogun 2: Total War, StarCraft II, Dead Space, Assassin’s Creed ect) and play it for more than 5 minutes I get this periodic lag every 2-3 secs where my FPS drops from 30-40 to 5-13 for about a sec then jumps back up to normal only to do it again. This really makes all new games that I buy completely unplayable.

First I thought that my computer may be a little dirty, so I opened the bad boy up and game it a good clean with compressed air. This did not work so I decided to get some help.

Initially I went to The Witcher Forums and asked for some guidance. Some people ... Read more

A:Computer Goes into Periodic Lag When Playing Games

7 more replies

Hi all.
My computer has recently started freezing for no apparent reason at all. The cpu spikes to 100% and process explorer shows DPC using it up. no idea why it started. disappears just as randomly in like 1 - 5 minutes. I'm getting pretty desperate since i need to work on my computer a lot.

I scanned the system with spybot search and destroy. nothing found. I had recently had a memory upgrade but dont think that could cause this.

Any help would be appreciated greatly

A:periodic computer freezes (DPC takes 100% cpu)

Pardon my ignorance, what is DPC?

2 more replies

Hello, a while a back ago I had essentially frankensteined my computer from various parts I found at Fry’s Electronics on a black Friday night. Here are my specs:

AMD Athlon II x2 255 processor, 3100 Mhz, 2 core
10 GB RAM

Regardless of my incompetence with creating a good machine, when I managed to assemble the computer it seemed to work fine. And so for a good 9 months I was completely content with my machine running all the games I wanted in low-medium settings. I played StarCraft II and Shogun 2: Total War without any problem. Then I downloaded The Witcher, for a while I was able to play it at a consistent 25 FPS on lowish settings but somewhere along the end of the second act the game just dropped into a state of constant periodic lag so I started playing Shogun 2 and StarCraft but they did the same thing. And thus we get to the present problem. Whenever I get into a 3D intensive game (Shogun 2: Total War, StarCraft II, Dead Space, Assassin’s Creed ect) and play it for more than 5 minutes I get this periodic lag every 2-3 secs where my FPS drops from 30-40 to 5-13 for about a sec then jumps back up to normal only to do it again. This really makes all new games that I buy completely unplayable.

First I thought that my computer may be a little dirty, so I opened the bad boy up and game it a good clean with compressed air. This did not work so I decided to get some help.

Initially I went to The Witcher Forums and asked for some guidance. S... Read more

A:Computer Goes into Periodic Lag When Playing Games

Hi

I suspect that your computer is still infected. Take a look at these two forums. Only post in one. The first link will usually be sufficient for most users.

Am I infected? What do I do? No DDS, HijackThis, or ComboFix logs should be posted in this forum.
http://www.bleepingcomputer.com/forums/forum103.html

Virus, Trojan, Spyware, and Malware Removal Logs
http://www.bleepingcomputer.com/forums/forum22.html

As you may have noticed, no cleaning program gets everything.
Thus my suggestion to get an all clear from one of the two forums.

Once you have done gone to the Malware specialists here, Please only follow suggestions from there.

Roger

1 more replies

I am running Windows 7 64 bit. My computer freezes after starting up this usually persists for about an hour. After it runs smoothly for a while then freezes again randomly. I have ran Malware bytes and removed some malware but that did not help. I've also ran Reg cure Pro and Cccleaner. This all happened randomly after I used windows update, I am not sure if that's what caused it or just a coincidence.

A:Computer not responding after starting periodic freezes

Some systems have had issues with some of the updates, check the following link might be of help.

5 more replies

The computer I just built is working fine and everything seems to be great, except for a periodic beep that I get and can't figure out it's cause. The beep is probably about every half hour or hour. I suspect it may have something to do with my Shuttle AK32 motherboard, but I don't know how to get rid of it. Has anyone had a similar problem and or may have any suggestions.

A:Periodic Beep, Computer works great

Try stopping background applications you have running, when the beeps stop, you have your cause.

1 more replies

Straight Forward, my internet it terrible,
we use sky broadband and we pay for 15mbs or 25mbs, I don't know which one but the speeds I am getting is nowhere near even 15mbs
Please see attached for the internet speedtests...
My room is the furthest in the house and only has one plug in the whole room (I cannot use ethernet because it needs its own socket) which my computer is using
So I have a netgear wireless adapter, nearly all the time my internet is 1.5 ish mb but sometimes it goes basically to 0, the thing which is weird is how my phone
gets 10mbs as you will see in attached but the computer (at this moment in time) it getting nothing, is there any way to increase the speed and I will try anything anyone asks
because I cannot do anything with this internet, even when it is at its best at 1.5..

A:Terrible, Terrible Internet Speeds

Not my IP by the way

6 more replies

Okay so yesterday I downloaded something, it turned out to be fake. But that wasn't all I logged into my runescape account and somehow they manually turned off my computer and went on my account and stole everything, but that's not the problem.

I had Microsoft Security Essentials and it didn't do anything. I got alot of help after that, people told me I had a rat and they told me to download malwarebytes and AVG. I did that, it said I removed everything but I'm not so sure. How can I be SURE that everything is gone?

A:Need help removing this terrible, terrible thing.

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.

1 more replies

I apologize, but you will most likely first notice how long this opening post is. I've dealt with BSOD for quite a while now and I've decided to search for help.. So, I've come to you guys. I've done a lot of research on the problem so I'll throw out some of my ideas.

The Problem:
I can't seem to play semi-graphic intensive video games for no longer than 15 minutes (games such as Counter-strike:source, BF2, Half-life 2 etc). My computer will freeze momentarily, go black, and then proceed to the Blue screen. It used to be that I would recieve an "IRQ not less than or equal" error, but now my BSOD crashes remain just blue, no error codes, 'nuttin'. Now, when I play less intensive graphic games such as regular Counter-strike 1.6, I can go for a few hours before it crashes.

Some Ideas
Heat
Because my computer seems to do a bit better on less graphic intense games, I'm wondering whether it may be a heat issue. More stress = more heat = less time till BSOD? I'm not sure, I'm not a computer guru, but I know a little.
Here are my temps: CPU 51C/123F (55-57C under stress)
MB 34C/93F

Voltage/Power
I did some research, and I learned maybe that power could play a part in problems with BSOD? My PS is one that came with my computer case and I believe it is 350w. It's not the greatest in the world. Idk if i could be gettin too little power and the games may cause it to crash.

A:The terrible terrible BSOD... help appreciated

Hi Ben,

Take a look on the side of your power supply and tell us the brand name, wattage, and how many amps on each rail. That should help because you have some things on your power supply that don't seem quite correct.

Also, just for kicks, download this free program and tell us the temps, the voltages, and the fan speeds. That should help:

SensorView Pro

7 more replies

I am running windows xp sp2. Last night I got my latest malware and I removed it. One or two items were rootkits. I restarted my computer after entering safemode since I got a blue screen error with some sort of bios statement when entering normally. Now even safemode is dead. Safemode stops halfway at multi(0)disk(0)rdisk(0)partition(2)\windows\system32\DRIVERS\fltMgr.sys

also, debugging mode, bootlog, last known good configuration, and directory service restore mode aren't working. I have so much information on it. I have manuscripts, important favorite, all my music, and everything on it. That data is my most valuable possession. I would be eternally grateful if u help me recover it. Most of my data is located on my second user account within the douments folder and there is a folder on my other username's document folder. Most of my documents and music are irreplacae and my favorite list took ages to compile so I need that too and it's all in my documents. I am using my iPod to post this since my PC is basically dead.

hooked your hardrive in another computer and make sure the installer OS and recovery software is in another hardrive...
I think there no hard to get the data back if you harddrive still running....but dont forgot what I told...hooked you harddrive in another computer...dont try to recover data from the same hardrive which OS and recovery software installler..

1 more replies

I have an older computer that i bought in 2002, its a desktop presario model no. 6027 us.
it has a 2 ghz pentium 4 processor and 512 mb RAM. although these system properties aren't great they should bring me halfway decent performance. the computer is constantly crashing, lagging and even when i try to play computer games that only require half of the resources listed above they will barely play at all. I defrag the hardrives on a weekly bases. I keep it constantly clean from spyware and viruses ( most of the time) and i've even tried completely reformatting, but even after that, there is no diffrence in performance. if anybody would have any idea as to why this is please, share your ideas any help is greatly appreciated.
I also have 220 gigs of free space on two diffrent hardrives.

A:My computer performance is terrible

Cleanout the PC of dust
Makesure all fans are working (including the powersupply fan)
Is the memory in 2 sticks or just one...if two take one out and see how it runs then swop for the other one and test again.

are your video drivers up to date...check for updates on the manufactures site.

2 more replies

This is a strange one. My computer worked fine beforehand. I recently decided to install some memory. I put it in and attempted to start up my computer. The power came on, the hard drive spun briefly, and that's all. The monitor remained off. No sound, no graphics, nothing. So I removed the memory and turned on the computer a second time. It came on fine. I thought it was maybe a bad slot so I put the memory in a second slot. Same problem. No response from my computer. I removed the memory and attempted to turn the computer on a fourth time. No response. I tried rebooting. Nothing. I unplugged the computer, left it for awhile, and tried turning it on again. After several attempts, I gave up, thinking I maybe fried something (maybe the motherboard) possibly from my body's static electricity. There is carpet on the floor and, because of lack of space, the computer stays on the floor.
It was about an hour later, out of sheer boredom, I tried it again. The computer came on, the hard drive spun, and the monitor actually came on. It posted, but when it attempted to actually load Windows, I got a "no system disk found. Insert system disk and reboot(or something like that)" Maybe it was heat related. I thought my HD was dead.
I then inserted a boot disk and scandisk ran for about 5 hours, it found alot of errors, fixed most of them, but couldn't fix one which kept my computer from loading. It wasn't a physical HD problem. Maybe some data was messed up.... Read more

First, reset the processor back to defaults. Check the processor fan and heatsink, make sure it is tight and the fan is operational. Check and make sure there is nothing shorting the motherboard to the case like a misaligned screw, or something fell down inside. Reseat all the power connectors to motherboard, floppy, harddrive.
Second, remove everything but the processor, ram, video card and hard drive, try to boot it up with default processor settings. See if it will run normally without the other addin cards.
Could also be a power supply that is starting to go, not supplying enough power to all the components to get everything up and running at the same time.

If it runs start adding in the other cards and testing them, if it works great, if not, maybe you have an idea of what is causing the problem.

With you processor overclocked you are also overclocking your data bus, this can cause the data errors if your hard drive can't take it. Some older harddrives had a habit of doing this on a regular basis.

Anyways, that's the only way I can think of to troubleshoot the problem.

Another remote possiblity is that the motherboard cracked when you installed the memory, they have been known to do that. You have to take care that you don't push too hard yet some of those memory modules take quite a push to get them seated.

2 more replies

I did everything that was directed in the first thread of this forum from the Moderators and what not.

I checked my computer with the Adaware and then ran a virus scan. It detected a trojan and deleted it or at least it said it did.

I then ran Hijackthis and save the log file. I ran highjackthis Analyzer then and am copying the txt file here for help.

My problem is that when I boot my computer it takes an incredibly long time for my toolbar to become active...this just started recently. I can't access anything and it takes about two minutes before my pop-up blocker software starts as well as the toolbar and object dock I have. Nothing has changed on my computer for over 6 months. Anyway, let me know if there is anything I can fix from the HJT. Here's the log. Thanks,

===========================================================================================================================
Log was analyzed using HijackThis Analyzer - Updated on 12/17/04

***Security Programs Detected***

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.0
Scan saved at 9:43:37 AM, on 12/22/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.ex... Read more

A:Computer is booting terrible slow

Not knowing your system specs.......considering the combination of network configurations, Trend Micro apps and GAIM, I would not be surprised to hear it takes awhile to boot.

I will recommend a couple tools to try, to see if anything is hiding there. If they are unsuccessful in resolving your issue, we will have to move this thread over to the XP forum for further follow-up.

Thanks...........

==========

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link don't work) and install it. Run CleanUp! and click on CleanUp! button. When it asks you if you want to logoff, click on Yes.

Download TDS-3. Learn how to use it here. Make sure to update it after you installed it. You can get the manual updates here. When you launch the program, it will scan your memory for running processes. This will take less than 30 seconds. Next go to System Testing on the menu and choose Full System Scan. After that's finished, post the log file by selecting everything on the top pane (select from bottom to top).

3 more replies

Hi, I'd like to see if the computer is completely free of viruses and if it's possible it can be salvaged? It had a trojan before, and though it appears to be cleaned now, even with a Panda Software Virus Scan, AVG, etc, it's still got some issues. For example, the Search function no longer works as it comes up with a missing file, the computer goes to 100 percent usage fairly easily, and it's been fairly slow at times, especially in terms of the internet.

Here is a HJT log to start:

Logfile of HijackThis v1.99.1
Scan saved at 2:01:58 AM, on 4/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-... Read more

A:Computer in terrible condition after virus

16 more replies

Hi, I recieved my new computer (http://www.bestbuy.com/site/desktop...18465504&skuId=6979823&st=ibuypower&cp=1&lp=4) yesterday. The computer runs beautifully, but I can't say the same about the internet. For some reason the internet on it is about 4x slower than on my old computer. Is this because of the WIFI integrated adapter? Specs:
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10 GHz
Graphics Card: NVIDIA GeForce GTX 650
RAM: 8 GB 2x4GB
I really don't want to have to replace this computer because of the WIFI card. Really hope somebody out there can help me, thanks!

A:Solved: New computer, Terrible Connection.

12 more replies

Recently my computer started having internet speeds of about 4-6 Mbps, when I should be having closer to 50. Thinking this was a problem with the ISP, I called them up and they sent out a service tech. He got here and did a speed test on his laptop, using both wired, and wireless, and he got the speeds I should be getting.

After he left I called up my brother to bring his laptop to do the same. Once again, he got the desired speed. However, my PC is still really slow. One more oddity about the thing, is that when I use a server farther away (~150miles) I get better speeds then when I use a server in the same city.

I've included a Speed test log, which shows just how quickly it changed. The problem started on April 5.

http://www.speedtest.net/results.php?sh=b696c6a628ddd1551147a1e318a37a65&ria=0

I've run multiple MalwareBytes tests, as well an MSE scan, which all came up clean. Since it started, I installed a new network adapter, thinking mine was causing the problem, but to no success. I've also done a complete format, thinking there was something MWB wasn't picking up, but the problem stands. I should also note that it's not just the speed tests that are slow, but streaming and downloads as well. Any input on this is appreciated.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, 64 bit
Processor: AMD Phenom(tm) II X4 965 Processor, AMD64 Family 16 Model 4 Stepping 3
Processor Count: 4

A:Terrible internet speeds, this computer only.

9 more replies

Hello. Recently my computer randomly messed up, giving me a ton of explorer.exe errors and mstrui.exe errors when systeming restoring... So I couldn't get back to my old settings whatsoever. I'm not sure how this happened as I have no malware on my system as I've always made sure of that.

Well after all that business I reinstalled windows 7. My computer does not work like it use to before I reinstalled. I can't play any games without stuttering. I.E. playable for 1 minute, freeze for 5 seconds and repeat. (I was able to play oblivion max settings) and even minecraft, MINECRAFT lags(single player). Firefox constantly gives me not responding errors. So I had to give up my favourite browser for chrome, which is a resource hog itself. Checked memory, it's fine. Checked HDD it's fine. I'm not sure what it is... I've tried everything. A lot of windows options freezes for 5-10 seconds before opening, per say opening my windows documents, or opening notepad etc. Pretty much anything freezes for 5 seconds.

Specs: AMD phenom II x4 05e
2 gigs ram

A:Computer has terrible performance after reinstall

and welcome to the Forum

Did you reinstall the Chipset and other drivers after the installation?

I would run diagnostics on the hard drive by downloading the diagnostic tool for the hard drive brand and making a bootable disc.

Hard Drive Diagnostics Tools and Utilities (Storage) - TACKtech Corp.

See this for how to make a bootable cd:

How to Burn a Bootable ISO File

Also, Probably worth testing your memory . . click on the link to Memtest in my signature . . let it run on one stick at a time overnite or until it starts reporting errors

3 more replies

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:21:55 PM, on 10/13/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\uesiuqcr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\brastk.exeC:\WINDOWS\faceback.exeC:\Program Files\GetModule\GetModule23.exeC:\WINDOWS\system32\doxilglk.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\WINDOWS�... Read more

A:Daughters computer in terrible shape

Closed.. being helped below:http://www.geekstogo.com/forum/Lots-popups-t214830.html

1 more replies

About three days ago, my girlfriend installed some Korean applications on my notebook. Since then, I've noticed some very strange behaviour and slowdowns. I know that Korean software is notorious for backdoor programs. Please, give this a look and see if I have any reason to worry.Logfile of HijackThis v1.99.1Scan saved at 10:58:15 PM, on 16/04/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre1.5.0_11\bin\jusched.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exeC:\Program Files\Common Files\Logitech\QC... Read more

A:Terrible Korean Apps Are Killing My Computer

Examples of older versions in Add or Remove Programs:
Java 2 Runtime Environment, SE v1.4.2
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 6 Check any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6-windows-i586-p.exe to install the newest version.****************** Disable your antivirus program and go here http://www.bitdefender.com/scan8/ie.html and run an online scan with BitDefender (you will ne... Read more

2 more replies

okey so recently i have been having some troubles with my computer about the internet, i get random lag spikes both while browsing and playing online, at first my internet was fast but recently is been a nightmare for me (my internet provider is called "claro", now the weirdest part starts here, the lag spikes i get, only happen on my laptop, not on my other computer, not on my cellphone or tables, just here, and when im playing online, the lag spikes seem to be random, for example im playing gmod on monday and i get the "problem with internet connection, disconnecting on 30:00" every minute, however the next day stuff seems to be completely normal, no lags or anything although this tends to happen rarely, i have already called my internet provider, they checked the connection and told me everything was normal and even reset it to make sure, i also tried using the ethernet cable but that didint worked since it didint even let em enter pages (this could have been a problem with the cable itself), also tried looking for an update to my driver on the manufacture?s page but i did not found anything there, i also downloaded a program called driver detective and said i had 40 problems with my drivers but i need to buy it so i was stuck there.

i would like to know if someone could help me out on this.

my modem model is a: thomson dcw725.

A:terrible and weird internet lag spikes on my computer

Welcome to the Seven Forums.

Please make and run the files mentioned in this post...
Computer connected to internet wirelessly but webpages won't load
...and the one below it.

And install inSSIDer mentioned in the post below those two.

When you notice a lag, look at the ping times to your router. Did they go up?

Now look at the ping times to Google. Did they go up?

9 more replies

Hey guys, we have a computer at work hooked up to a fairly sensitive machine [we are a lab and use this machine to test asphalts.] Latley a few in the lab have taken to using this computer despite others being available, and now it is infected and I can't seem to get it clean. Scanned with Ad Aware & Spybot, no luck getting rid of the main problem. Included is the highjack this log as well as the Panda activescan log, respectively. Any help would be much appreciated!==============Logfile of HijackThis v1.99.1Scan saved at 10:33:19 AM, on 1/31/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exeC:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exeC:\Program Files\Sophos\AutoUpdate\ALsvc.exeC:\Program Files\Sophos\Remote Management System\RouterNT.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\Sy... Read more

A:Terrible Infection, Winxp Pro Work Computer

6 more replies

I AM HAVING MAJOR PROBLEMS WITH MY LAPTOP FROM POP UPS TO UNWANTED MESSAGES. MY COMPUTER IS EXTREMELY SLOW AND I CAN BARELY USE IT WITHOUT BEING INTERUPTED BY SOME POPS (SOME INAPPROPRIATE)...IN MY EMAIL I AM GETTING ADULT MESSAGES THAT I SHOULDNT BE GETTING....mANY TIME I HAVE TO RESTART MY COMPUTER IN ORDER FOR IT TO FUNCTION CORRECTLY AND EVEN STILL IT'S EXTREMELY SLOW....PLEASE IF YOU COULD HELP ME IN ANY WAY I WOULD GREATLY APPRECIATE IT....THANKS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:05 AM, on 3/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe

A:Some Thing Is Terrible Wrong With My Computer....pop Ups, Unwanted Messages!!

Hello Angel Watson and welcome to Tech Support Guy.

My name is curlylad and I will be helping you to remove any infection(s) that you may have.

I have to carefully formulate any fixes before I post them so please be patient.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess , simply post back with your query and we will go through it again.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

OK, here's what I need you to do:-

STEP 1

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!

**If the tool fails to launch fr... Read more

1 more replies

A couple of months ago I came into work and was told that the computer was infected. I immediately went to a computer, not linked with inftected computer and came to bleeping computer. Did everything that was suggested and all has been well, until now. Computer is sluggish and just acting strange. Anti-spyware and virus security updated daily and scanned daily. Today I received the following from my daily scan:

7/23/2010 9:59:00 AM: Quarantining All Traces: Troj/Java-H
7/23/2010 9:58:34 AM: Quarantining All Traces: Troj/JavaDl-AA
7/23/2010 9:58:34 AM: Quarantining All Traces: Mal/JavaDeSp-A
7/23/2010 9:58:19 AM: Quarantining All Traces: Mal/JavaCL-A
7/23/2010 9:58:17 AM: Quarantining All Traces: Mal/Jafuzzo-A

Windows Vista

A:Thought the computer was free from porno.org infection (that wounds terrible)

1 more replies

Windows XP SP1
This log is for my other computer here at home, it has been running bad and now is really bad. At first I didn't think anything was wrong cause I ran
Spybot
Ihave Spyblaster
Ran a full McAfee scan I have 9.0
So I don't no what it is but the F2 thing in the log looks suspious to me and a couple of others but I didn't want to mess it up farther so I haven't touched the log, can someone help please?
Logfile of HijackThis v1.99.0
Scan saved at 6:18:25 PM, on 2/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ps2.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\LTMSG.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
C:\Program Files\Presorium\Frontgate MX\frntgate.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HJT 1.99 New\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default... Read more

A:Solved: Windows XP SP1-Has anyone got time to check out my HJT Log? Computer runs terrible

14 more replies

I need help! I'm at the end of the road trying to figure my computer out. I know some about computers, but not enough to figure this thing out. I run Anti-Spyware programs fairly regularly (mostly Norton and Ad-Aware, also have Avast and Malwarebytes' Anti-Malware). Lately whenever I try to boot up in Safe Mode to run these programs, I get a blue screen and I can't get anywhere. I can boot up in normal mode just fine, it is only in Safe Mode that it won't work. I've also tried to do System Restore, and each time I do it, it doesn't work. I have XP by the way.

Norton had been finding Antivirus XP 2008 on my computer and I couldn't get it removed. I started reading up on the virus one day, and I changed some of the registry values associated with it. That worked and Norton didn't find it anymore. I also found Microsoft Security Adviser and seemed to get that taken care of as well. However, I'm still having the same problems with Safe Mode. Apparently I didn't get it fully taken care of. I also have a new problem that started after I thought I fixed those things. Any time I try to open a picture file from My Documents, nothing happens. I can't even see thumbnails. My Desktop background is also weird. When I go to the Display options and look at the different choices for backgrounds, they all look weird and some don't even show up at all (just like the picture files). I don't know what is going on and all the programs I hav... Read more

A:I need help (Malware related)

First off; Hello!

Also, you have posted this in the wrong forum; I believe The Weatherman is changing that.

After that, install it, and complete the procedures the installation requires you. Afterwards, update MBAM.

After the process is complete, do a Quick Scan. Come back to us with a report of it, and let's see what we got here.

7 more replies

Been having some problems recently, files moving, to other folders, then having their contents deleted and i am unable to access them because they say my "Access is denied". I am unable to go to certain anti virus software sites to download free anti spyware to scan my system including kaspersky online scanner. And installers are instantly closing when i open them, i'm pretty sure it's due to a virus, but i just want to make sure that i can't savalge it before i start reformatting it.

I use Windows xp sp 3
Acer 5920g reformatted into Windows SP

This is my HiJack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:41:27 PM, on 5/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE

A:Malware related?

Anyone know anything?

1 more replies

Hi,

I've been having problems now for just over a week. I've had a number of different symptoms and I'll try and list them as best as I can. There may be other problems that I'm unaware of.

Operating System is Windows/XP. Version 5.1.2600 Service Pack 2 Build 2600
Internet Explorer Version 8
I/E Symptoms
I/E Popup window requesting mixed http and https content.

'Rogue' iexplore.exe processes using lots of CPU and memory. Causing performance problems. A constant problem.

'Rogue' iexplore processes only start up when an IE window is open.

iexplore processes killed using Task Manager, but restart after a few minutes.

I/E Popup window "Your last browsing session closed unexpectedly. Would you like to restore your last session or go to your homepage." flashes on/off the screen. Occurs frequently. No extra browser window appears.

Closing IE windows doesn't stop all active iexplore processes. There seems to be two left. But if killed they don't restart unless IE browser is running.

Other Symptoms
Two instances of Outlook express Create new message window opening, randomly. Outgoing addresses were [email protected] and [email protected]. I have never used either of these websites.

Some instances of AVG Resident Shield blocking something, but I don't have comprehensive notes.

Exploit Blackhole Exploit Kit Detection (type 1889). Message has occurred a few times. In one instance the further deta... Read more

A:I/E related malware. Maybe more.

16 more replies

Hello experts and fellow Windows 8 users,

I am running the Windows 8 OS and currently having terrible mouse lag. My mouse will run fine for about 20 seconds-ish and then stall for a good 1-2 seconds. This can be incredibly annoying, especially when I am in my gaming mode (sc2 shout out). Any idea as to how to fix this? I use duel monitors and have tried reverting back to one, didn't fix anything, all drivers are up to date, and I have also searched the internet for numerous answers. None seem to work so far.

Mouse specs:
Wireless USB mouse, Logitech LAZER. I know it is for fact not the batteries as I have replaced them 2x to see if that was the case, and also, buying a new mouse did not resolve my problem.

Any and all help is appreciated and thank you good people for helping out!

PS: How common is this problem w/ w8, im hearing other people have similar problems?

More replies

I went on vacation for a week, came back and my computer is running really weird, mostly when related to mIRC or any other irc based program (such as some games that I play). Over the last three days I've run all sorts of malware removers, registry boosters, anti-virus programs, and spyware removal tools looking for the problem, but yet every time I describe the problem of extreme lag and general slowness, it points to malware. I went through your steps in the stickied topic, and the Kaspersky scan came back clean. Here are the two DSS reports, any and all help would be greatly appreciated.Deckard's System Scanner v20071014.68Run by DJ Brujah on 2008-07-06 18:25:57Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --64: 2008-07-06 23:26:14 UTC - RP625 - Deckard's System Scanner Restore Point63: 2008-07-05 21:55:53 UTC - RP624 - Uniblue RegistryBooster62: 2008-07-05 21:23:40 UTC - RP623 - Software Distribution Service 3.061: 2008-07-05 21:05:33 UTC - RP622 - Software Distribution Service 3.060: 2008-07-05 18:05:58 UTC - RP621 - Today-- First Restore Point -- 1: 2008-05-08 01:05:48 UTC - RP562 - System CheckpointBacked up registry hives.Performed disk cleanup.Total Physical Memory: 511 MiB (512 MiB recommended).-- HijackThis (run as DJ Brujah.exe) ------... Read more

A:Possible Malware, General Lag (irc Related)

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new Deckard's System Scanner which includes the HijackThis log. Please see Preparation Guide for use before posting about your potential Malware problem. Thank you for your patience.If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

5 more replies

I'm playing a game and all of a sudden my computer shuts down. This is happening if I try to play any game now. I updated my drivers and it still hasn't done anything. I doubt it's my video card because my computer has run my games fine for months. Also my computer is freezing and crashing at an alarming rate. Event viewer gives me the following message

The npkcrypt service failed to start due to the following error:
The system cannot find the path specified.

Also when I go to the "hidden devices" section of device manager I see a yellow exclamation mark next to the name npkcrypt. When I click on it I get:
This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Now I've posted this in the Windows XP section of the forum and someone replied saying that it has something to do with malware and I should post it here. I've scanned my computer using norton antivirus and no viruses popped up! So what could the problem be?

A:Apparantly this is related to malware?

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:

Having problems with spyware and pop-ups? First Steps

link at the top of each page.

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies

I cleaned up some malware on this laptop and it looked like I got it all. However, I noticed an issue when trying to install AVG that it said a program was already installing. Troubleshooting revealed between 1-3 msiexec.exe files running. They seem to be legit (located in System32). I can kill them but they re-spawn. I did manage to get them all killed but upon reboot they were back. I should mention that when it respawns it seems to create a process called ISBEW64.exe which points to Windows\Temp folder. I tried deleting everything in there but it just rewrites this exe to a new folder in Windows\temp. I have ran several scans inc. malwarebytes, combofix (sorry, read the instructions after I ran this), Kaspersky. Also some rootkit detectors but at this point nothing is finding anything.

Thank you

As requested here is DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by Steve at 17:34:44 on 2014-05-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6092.3968 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

A:msiexec related malware

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/535235 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies

I only notice two real problems so far, one is that google searches sometimes take me to abcjump sites instead, and the other is that the file "msxhuwohfn.dll" comes up as infected but when it is removed, every application comes up with the error "cannot find file msxhuwohfn.dll" multiple times.

Here's the DDS log. Thanks to anyone for the reply and help.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Poon at 12:41:25.73 on 2009-03-26
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.188 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: McAfee VirusScan *On-access scanning disabled* (Updated)
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall Plus *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
C:\WINDOWS\System32\WLTRYSVC.EXE

A:Abcjump and related Malware

2 more replies

Hello All

Due to various nasty behaviours, my collegue recommended that I run combofix.  Here is the log.  I hope you guys can help me.

***********************************************************************

ComboFix 14-08-31.01 - Magus38 02/09/2014   7:56.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.2.1033.18.8183.6497 [GMT -4:00]
AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\25deed88028dae45c6a776c9a9c4df58_c
c:\programdata\MyNetDashboard.ico
c:\programdata\WDInternetSecurityAndParentalControl.ico
c:\users\Magus38\AppData\Local\assembly\tmp
c:\users\Magus38\AppData\Local\Coupon Server
c:\users\Magus38\AppData\Local\Coupon Server\repair_data.json
c:\users\Magus38\AppData\Roaming\.#
c:\users\Magus38\AppData\Roaming\ACD Systems\ACDSee\ImageDB.ddf
c:\users\Magus38\g2mdlhlpx.exe
c:\windows\system\ComHookMonitor.exe
c:\windows\wininit.ini
.
.

A:Various Malware Related Behaviours

2 more replies

I have the exe containing the trojan in my NOD32 quarantine. I think it might be useful if examined inside a sandbox. Please let me know if uploading it would help.Also, gmer didn't find anything, but I'm not sure it ran correctly either. Attached is a picture of the error it displayed before i ran it.Thank you.________DDS (Ver_10-03-17.01) - NTFSX64 Run by Will at 17:20:13.90 on Mon 06/28/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2936 [GMT -7:00]============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\WUDFHost.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:&#... Read more

A:svchost related malware

2 more replies

Hi.

For the last week or so now, I've been facing various problems due to Malware, alot of which I seem to have cleared up, but some of these problems still persist and my anti-virus programs are no longer picking anything up.

I'm using Windows XP Pro SP2.
Remaining problems include:
- Inability to access certain programs; Such as Spybot Search/Destroy, Sygate personal firewall. They install fine, but will not run on activation. I have tried renaming .exe applications, but to no avail.

- The active window randomly loses focus

- Audio clips and advertisments randomly appear, along with an additional "phantom" iexplore.exe process in the task manager; ending this process cuts present audio stream, but reappears randomly and has no physical window.

Previously, SuperAntiSpyware and Malwarebyte's Anti-Malware were not running, but I found a program that allowed SAS to break through was stopping it, and that in turn allowed MBAM to function. They found a large quantity of malware between them (Including the fake AntiMalware pop-ups) which I was able to remove, but the aforementioned problems still persist with no further threats detected.

I have attempted System Restore, which wouldn't create any changes from the few restore points I had, asking me to restart and try again (also didn't work).

----------------------
HiJackThis! Log:
----------------------
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 19:18:41, on 22/12/2009... Read more

A:Various problems (Malware related?)

-Bump-. Sorry.

2 more replies

Hi!Not sure where to post this problem since identifying its cause should be a part of the solution I?m looking for. Long story short, something on my computer is keeping CPU usage at over 50% with 40+ processes going on at all times. Here?s the long story BTW:http://www.malwareremoval.com/forum/viewto...cc31d794b9bf9a3As you can see, malware is probably not to blame. Could it be related to graphics card drivers or mother board BIOS version? Or something else? Any help will be appreciated!My specs:OS: Windows XP Home SP3CPU: Athlon 64 3200+ (winchester)Motherboard: Gigabyte nForce 3 Ultra (K8NSNXP-939), BIOS version F6Graphics card: Asus AH4650 (AGP), driver version 9.6Memory: 2*1 GB of DDR400 (PC3200)Hard drive: 160 GB (105 GB free)

A:CPU usage problem, non-malware related

do you have alot of programs in your processes? get rid of some programs you dont need and it might lower the CPU usage?

Joe.

38 more replies

hi, i'm on a dell running windows xp. i got a virus last night. i've fixed some things with hijackthis already and gotten rid of the fake program "internet security 2010" by running malwarebytes' anti-malware.but! there's still this zahuzewi.dll thing that shows up in my hijackthis scan. there was also something called kkalf.exe that i deleted, and now upon starting my computer it says "error loading zahuzewi.dll. the specified module could not be found." other symptoms include:- my desktop background being switched to a green color, but when i shut down my background returns briefly.- when I search google sometimes, i get this:'302 MovedThe document has moved here.'with "here" linking to this site, which i haven't clicked just to be safe though it looks normal: hxxp://www.google.de/search?q=yahoo+mail&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&cr=countryUShere's my dds.txt log:QUOTEDDS (Ver_09-12-01.01) - NTFSx86 Run by Liat at 15:25:25.93 on Sun 02/14/2010Internet Explorer: 6.0.2900.5512Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.101 [GMT -8:00]AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exesvc... Read more

A:zahuzewi.dll malware...vundo related?

13 more replies

Hello everybody, and welcome to my first post! I've been unable to figure out what's going on, so I figured I'd turn here. I've used the advice as a lurker at bleepingcomputer.com many many times, so I figured this would be a good place to turn. I'm assuming that this is spyware/virus related, since it seems to be displaying a lot of the signs (slow computer, random restarting, programs that are obvious malware, etc).

On to the story. I'm working on a friend's computer. Apparantely, for the last 6-9 months she's been having an issue with it randomly shutting down, but it doesn't bother her much and she just works around it. She wanted to install Microsoft Office 2007, but whenever we tried the installation would just hang at 0%. I tried the discs on another computer, and I know that they work, so I assumed it was something on her computer. Upon looking closely, I noticed a program called "MalwareRemovalBot", so I assumed that she has spyware.

I installed Malwarebyte's AntiMalware, and did a scan, removing some 200-odd pieces of spyware, including the MalwareRemovalBot. However, the random restart problem has persisted. If I just leave the computer alone, it will stay on without any problems. I can run programs and it may or may not restart. Sometimes I've been able to do a full virus/spyware scan, and other times it restarts while I'm opening up the programs.

The restarts are not resulting in Blue Screens, and I have turned off Window's "Automatic Restar... Read more

A:Random shutdown, probably malware related

2 more replies

G'day
Running Windows Vista on Sony Viao - Graphics card NVIDIA GeForce 8400M GT,
Norton Antivirus 2010 and Webroot Spysweeper on system.

Started seeing funny things - not sure if all are related...

DISPLAY PROBLEM
2 days ago, Text / Icon sizes became big - screen resolution went down.
Device manager - Display adaptor had Yellow exclamation mark on NVIDIA display card
Since then get Blue Screen - with memory dump - says Error in Rundll32.exe in module nvapi.dll

On system restart - get various colour bands on screen and funny text blinking.. at startup

After start up - get wavy blue and yellow lines all around screen - as if display does not refresh

Since then, can't get display to work properly - occasionally - works fine after shutdown and start up but above problems return after a few minutes

6to4
ISATAP
WAN Miniport etc

These network adaptors were not there 2 weeks ago.

ANTIVIRUS/FIREWALL/DEFENDER
Norton AV stopped working on Administrator login - worked on one of the user account login. Since then managed to get it to work on Admin login - Full scan revealed nothing

Unable to turn on Windows Firewall or defender in SAFE mode. (Red shield warning icon displayed next to clock)
THINGS THAT I HAVE TRIED
Norton AV - scan - no issues found

Webroot Spysweeper - scan - no issues found

Checked with Hijackthis - could not recognise...
O10: Unknown file in Winsock LSP C:\windows\... Read more

More replies

I'm running XP Pro Service Pack 3 on a Pentium 4 3.00 GHz with 3GB RAM. NVidia GeForce 7800 GS graphics card. ZoneAlarm Pro firewall up and running. BitDefender 2010 Antivirus installed, but conflicts with ZoneAlarm necessitate that I run it on demand, not real-time. Started getting random system hangs (requiring hard reboots) 8-9 days ago, usually with a few windows open. Happens with Firefox or IE8. Nothing suspicious in Task Manager. I thought it might be related to a recent run of the Registry cleanup tool in CrapCleaner, so I did a System Restore to a date 2-3 weeks prior (none of the intervening points worked). No help.I'd OK'd an Adobe Flash update, too, before the troubles. When it came up again, after the System Restore, I declined it.Several runs with BitDefender 2010 antivirus, Spybot Search & Destroy, and a-squared free (both before and after the System Restore) turned up nothing. A few times, I came back to check on their progress to find another system hang.Then I ran through all the suggestions in jgweed's "Slow Computer" post. A-squared free, running in Safe Mode, found backdoor Sinowal and Trojan Mebroot and cleaned them both. Multiple runs of the above security programs since then, in both Safe and normal modes, have turned up nothing. I've done an online scan or two with Trend Micro--nothing there.The PC innards are clean. Power supply was replaced in early January '10. All Windows Updates (except today&... Read more

A:Hanging XP; Unsure whether malware related

While I waited on a response to my question over on "Am I Infected..," I thought I'd run through the scans needed for this area. Everything's taking longer to do now, since the system (Pentium 4 3GHz running XP Pro SP3) hangs after being up anywhere from 5-30minutes. But Gmer's taking the cake.The first time I ran it, it took off very quickly. I left for awhile and returned to find a system crash, with a message from Microsoft and/or Iomega telling me that the crash involved memory pool corruption and that the IOMDISK.SYS device driver was loaded in memory at the time of the crash. It requested that I install the latest driver version (there was an executable in the package for this) and then to enable driver verifier on the IOMDISK.SYS driver, which I did.The next couple of tries with Gmer ended fairly quickly in system hangs, with much disk churning going on in the background, at first (of course, dead silence as the system ground to a halt).I finally got it to run reliably by disconnecting my network (cable modem) cable. Don't know if that's significant.Anyway, it ran at light speed for a couple of hours, then slowed a bit as I went to bed last night. This morning, coming up on 12 hours later, it's chugging through the \$NtServicePackUninstall$ files at a clip of about 1 per second.Is this normal behavior? Can I terminate the scan at this point and just save what it's already done, or should I wait it out? I fea... Read more

9 more replies

Hi, this is actually a problem on my dad's computer. As of recently, we have not been able to get onto the internet in any way, though all connections have remained the same (I'm using my own computer right now). Instead of making the screechy noises while its connecting, it sounds like a regular phone call with the ringing tone. We took the computer in to Geek Squad and they at first told us that it was a malware problem and that someone has been trying to remotely connect to the internet by using our computer. After a while they changed their story to it being a hard drive problem and wanted to install a new one, but my dad didn't want to since with the amount of money they were charging, he could buy a new computer, so now the computer is back here with us. The anti-adware programs that we are using have not been updated since around March, and I don't think my dad used them much anyway, but he did use the norton anti-virus(that too was last updated in March). Using the Geek Squad detection software which is obviously more updated than anything else on the computer, it shows that we have:

cws_tiny0

The cws thing I was not able to remove with the CWShredder and the other two I wasn't able to find without the location names.

A:Connection problems related to malware?

Hi kimbatheknome

Sorry for the delay in getting to you, the forum has been really busy lately and all our helpers are volunteers. If you still need help then please follow these instructions and I'll be glad to assist you. If your dad's computer is still having problems connecting then you will need to download these programs from another PC and transfer them over on CD, USB Key or other media

Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, 2 text files will open - main.txt and extra.txt
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).

To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box: C:\Deckard\System Scanner\extra.txt

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also ... Read more

1 more replies

I keep getting a BSOD and computer will restart by itself.
I don't know if this is the cause of hardware problems or malware.
Will post whatever logs that are needed.

A:Can't tell if Malware or hardware related issues?

12 more replies

Hello. I have a Gateway M275 TabletPC running Windows XP Tablet PC Edition 2005
- Using a school computer
- Intel Pentium M processor 1.50GHz
504MB of RAM

I was on the net & I think I had a virus install when I extracted a .rar file (which I deleted).

Here ares my problems:
1. My task manager is disabled, or grayed out, and I can't access it.
2. (this part was copied from another poster, as I'm having the same issues) Every two minutes I get a security bubble alert in the taskbar that looks like a Microsoft update alert or warning (yellow triangle with an exclamation mark inside) saying I have spyware, or someone is trying to connect to me. Its has 3-4 different bubble messages. Also, every 10 minutes I get a "Windows Security Center Warning" pop-up saying I have malware and to click here to remove it. Both of the mentioned pop-ups direct me to a page trying to sell me Spy Away and Perfect Cleaner.
3. My desktop picture has been changed to one that has spyware warnings which are also linked to Spy Away and Perfect Cleaner.
4. The desktop icons flash for about a second every two minutes or so
5. New folders in my 'Program Files' folder keep reappearing: stc, seekmo,180search assistant, zango, sysmnt, 180solutions, and 180searchassistant. Within those folders are the following files:
sac.exe
saap.exe
sais.exe
Ssmgr.exe
zango.exe
180sa.exe
sau.exe
seekmohook.dll
csv5p070.exe

I try to delete them but they keep coming back.

6. Also, I have s... Read more

bump

This may have something to do with this being a school laptop, as I am not the owner yet - but will be upon graduation.

1 more replies

The first problem I noticed with my PC is that it was all of a sudden freezing for no apparent reason and not when I was doing anything specific. Happens during games, youtube videos, or just when I am surfing the net. When it freezes like this I can sometimes CTRL-ALT-DEL and get the task manager window to pop up however the mouse then freezes, leaving me without any other option other then to hit the power button to restart. Sometimes I will hear a long beep coming from the mother board right before I hit the button to restart. This happens every few times.

Not long after the freezing issue I noticed that I started getting this weird popup as soon as I got to desktop saying "Either there is no default mail client or the current mail client cannot fullfill the messaging request. Please run Microsoft Outlook and set it as the default mail client." I have never used Outlook to send a message so have no idea where this is coming from but have since stopped it.

My windows live messenger has stopped working and I am getting an error message stating that the image icon is bad and to check it against my installation disk. Sorry didn't take note of exactly what it says but something very similar to that.

I have gotten a black screen with this error about three times in the last two days "81k/154 Hz Frequency is out of Range" This seems to go away if i restart the pc.

If I try running either Combat Arms or Rappelz, the game will run for a brief period of ... Read more

A:PC Problems; I assume malware related

you are being helped at PCpitstop so this is closed

1 more replies

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 02
Ran by Test1 (administrator) on RENZO-PC on 12-02-2015 17:48:00
Loaded Profiles: Test1 (Available profiles: Test1 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

A:Many entries that are malware related in Autoruns log

To the helper going to clean me: i realize you will be doing this during your free time, and i'd sincerely like to thank you in advance. I am looking forward to working out the steps with you! Please take your time. I will wait patiently! =)

32 more replies

hi, after corresponding for help on safer networking, i was told the problems im experiencing are deeper than malware related, so i hope this is the right catagory;

microsoft programs open, two seconds later error message appears saying that it has stopped working and then the program closes; this happens with saved files and new documents; the same also with internet explorer.
occasional freezing of whole pc; only solution is to turn off at wall. occasional blue screen appears with white text and then shuts down with no warning. white text as follows; a problem has been detected and windows has been shtu down to prevent damage. if this is the first time you have seen this error screen then restart your PC. if this screen appears again, run a system diagnostic utility run a memory check and check for faulty or mismatched memory. try changing video adapter.disable or remove any newly installed hardware or software; collecting data for crash dump, beggining dump of physical memory. contact your system administrator or technical support group for further assistance.

problems generally occur most often after shut down, not hibernate. certainly only the blue screen pops up after almost every shut down.

was advised to update current software, so have done so, have also Downloaded ATF (Atribune Temp File) Cleaner© by Atribune and run an Kaspersky Online Scanner.

uninstalled avg, as it was causing considerable problems with both programs, and deleted C:\Users\username\AppData\Lo... Read more

More replies

Hello,I'm attempting to clean a system for a friend who has been infected with a virus which produces 3 system tray icons, randomly popping up alerts of infection on the machine and directing the user to a site to download Malware Crush.I've tried multiple variations of fixes, including automated and manual removal instructions to no avail.In all cases, these fixes did not seem to relate to whatever infection this machine has.wupeng.exe 'MalwareCrush' 'Malware Crush' and e404.dll are all not detected in the suggested places. I've done a system search and registry search for related entries, but nothing.Thank you for your time.-----------------------------------------------------------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:46:13 PM, on 2/27/2008Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\igfxtray.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC: ... Read more

A:Malware Crush Related Infection

Click OKAt the m... Read more

3 more replies

Turned on my computer today to find it infected with something. Would appreciate any help someone could give me.

1. Background doesn't load, it is solid white.
2. Cannot access the Task Manager, claims that it is infected and cannot launch.
3. System restore encounters the same problem.
4. Small red circle with a white X icon in the task bar. Seems to be where the random message that appear from time to time originate. Cannot access this program in any way.
5. DCOM Server Process Launcher error forced my computer to restart after a 1 minute timer.
Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:40 AM, on 1/25/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe

A:Unknown Problem - Likely Malware related HJT Log

Also, noticing that whatever has infected the computer is redirecting me from certain websites.

2 more replies

It started with winspyware2007 popups and adware popups. Sometimes now I can't get into IE6 (endless hourglass). Installed Firefox last night and all was well for awhile, then
got IE6 popups (hadn't opened IE), then finally winspyware and other ad popups in Firefox so I know FF is fully infected. FF when I can get into it is much slower now with frequent window open delays. Have had to crash on occasion, sometimes won't open at all.
I keep running Norton AV, AVG, SpySweeper, Vundofix. Nothing seems to work for more than a few hours.
I am attaching a hijack this log. I am in safe mode with WinXP and IE6.
Anything else you can do would be much appreciated. I am a past monetary contributor.
Thank you. Frank

Logfile of HijackThis v1.99.1
Scan saved at 12:36, on 2007-08-30
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.worldnet.att.net
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD3... Read more

A:Multiple Malware Related Problems

Please be sure to note I am in Safe Mode. Normal mode is very slow/unreliable.

3 more replies

Hi...I hope someone can resolve this one for me: My pc was infected with Conficker in late Jan/ early Feb. I system recovered, disinfected, and scanned with malwarebytes, AVG, Superantispyware, as well as Mcafee til everything came up clean. All I had connected was the router, cable modem, and Dell 720 printer or Brother MFC420CN--I'd alternate. Before the virus was discovered, both printers began printing blank pages, when they were working fine before.

The pc is a dinosaur--a Compaq Presario and it's running on Windows XP SP3. It is connected to my cable modem and router. My daughter's laptop, a Dell Inspiron 1200, also running WinXP SP3, was also infected, disinfected, and scanned til everything read ok.

Early last month, some of the same symptoms crept back--my security programs couldn't be opened/disappeared; ie was gone, etc...i was unable to start in safe mode and shortly after Windows couldn't be read/found at all. When first trying to start in safe mode, hal.dll couldn't be found...then more files...then finally nothing.

Disinfected...Ran all the malware removal tools again; applied all patches; etc...til scans came up clean.

Decided to reinstall printer...updated drivers...same problem...printer "printed" blank pages. Ink is ok; settings ok... That was 2 days ago.

Today my desktop icons are a lot larger and my system is running sooo slowly! I tried starting in Safe mode, but was unable to: hal.dll couldn't be found. I am able to s... Read more

A:Is this virus/malware related??? What's up with my system??

Hello sharoncrunch,

We need something to work with here. Please follow the instructions in our sticky topic New Instructions - Read This Before Posting for Malware Removal Help and post the requested logs in your next reply.

14 more replies

Hi...I hope someone can help me with this one: My pc was infected with Conficker in late Jan/ early Feb. I system recovered, disinfected, and scanned with malwarebytes, AVG, Superantispyware, as well as Mcafee til everything came up clean. All I had connected was the router, cable modem, and Dell 720 printer or Brother MFC420CN--I'd alternate. Before the virus was discovered, both printers began printing blank pages, when they were working fine before.

The pc is a dinosaur--a Compaq Presario and it's running on Windows XP SP3. It is connected to my cable modem and router. My daughter's laptop, a Dell Inspiron 1200, also running WinXP SP3, was also infected, disinfected, and scanned til everything read ok. The pc's browser was ie; my browser of choice is now chrome or Opera. The laptop now browses with Firefox.

Early last month, some of the same symptoms crept back--my security programs couldn't be opened/disappeared; ie was gone, etc...i was unable to start in safe mode and shortly after Windows couldn't be read/found at all. When first trying to start in safe mode, hal.dll couldn't be found...then more files couldn't be found...then finally nothing.

Disinfected...Ran all the malware removal tools again; applied all patches; etc...til scans came up clean.

Decided to reinstall printer...updated drivers...same problem...printer "printed" blank pages. Ink is ok; settings ok... That was 2 days ago.

Today my desktop icons are a lot... Read more

A:WHAT IS UP WITH MY SYSTEM?? IS IT VIRUS/MALWARE RELATED???

I am sorry that your computer is bewitched !!
Do you know how to open the cover of your computer ??
I am suggesting that ;
1. You unplug the computer power from the back .
2. Open the case to expose the main board and the battery.
3.Be carefull and press the little tab on the battery and let it pop-up enough so it doesn't touch the socket .
4.Clean the battery with alcohol and a cotton cloth .
5.Put battery back in the computer BUT dont touch the battery with your fingers,our fingers always have some oil
on them.
Plug the computer back in the wall and turn on.
Press F1 or delete and boot into BIOS.
check that your hard drives are correct and your boot sequence is right and press F10 to save.

Many people get a virous in their BIOS and don'tever know it.
Good Luck

2 more replies

A:Unknown malware related to viruses (?)

Hello  tantryl and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

Please complete all steps in the specified order.
Even if tools don't find malware, I want you to post the logfiles anyway.
Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
Don't install or uninstall software during the cleanup unless you are told to do so.
If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.

Disable your AntiVirus and AntiSpyware applications, as they will  interfere with... Read more

12 more replies

The intense public interest surrounding Usama bin Laden is the perfect vehicle for Internet scams and malware, the FBI warned Tuesday, issuing an official warning to ?exercise? caution online.

One common piece of malware spreading rapidly on the Internet purports to show photos or videos of bin Laden?s killing. Clicking on these links can wreak havoc on some users? machines, the agency warned.

?This malicious software or 'malware' can embed itself in computers and spread to users? contact lists, thereby infecting the systems of associates, friends, and family members,? the FBI said in a statement. ?These viruses are often programmed to steal your personally identifiable information.?

In other words watch what you click.

A:Beware of Malware Related to UBL's Death

That virus is going viral on Facebook

8 more replies

I just can't figgure this one out.
Recently, svchost has been taking up 100 % of the CPU usage. It doesn't always happen, but when it does, its annoying because I my computer gets slow and hot. I don't think its a virus, because in the task manager, its listed as a system process and its in the system32 folder. I have also done online scans. I have also run sfc /scannow. It only seems to happenn when I open Internet Explorer. Any suggestions?

A:svchost 100% CPU usage, not malware related

Possible Automaitc Update problem...has it only started happening since a recent update?

Or have you installed any new software/plug ins/codecs?

5 more replies

I'm using Windows Vista Home Premium - Service Pack 2So this is what happened - I turned my laptop on (Asus M51VSeries), logged in and then left it running for a couple of hours. I suspect during this time a Windows Update may have occurred which may be causing my problems. When I came back to the laptop, I noticed that the nice Vista Aero effect had disappeared and was replaced with the basic Vista theme. I restarted my computer and it was still displaying the Vista basic theme and also an error message appeared:Title: MMLoadDrv: MMLoadDrv.exe - Entry Point Not FoundContents: The procedure entry point OsThunkD3dContextDestroyAll could not be located in the dynamic library d3d8thk.dll.I then attempted to open Mozilla Firefox 3.5.3, which crashed immediately after opening. I tried this a few times which produced the same results. I was able to open up Firefox in it's safe mode though. I then decided to do a system restore as there was next to no information about my problem that I could find. The system restore was to a few minutes after I first switched my laptop on that day (15/09/2009 ) with the note 'Install - Windows Update' next to it. I completed the system restore, and found that the error message still displayed, the basic theme was still there, but I could go on Firefox without it's safe mode.I have run a full Malwarebytes' Anti-Malware scan and it found nothing.So basically I want to know how to remove the error message (which appears every time I re-boot the laptop... Read more

A:Errors occuring, none are malware related...

bump

Still having problems

17 more replies

A:cannot remove malware related to uacinit.dll

Here is a subsequent MBAM log, showing that problems still remain:
Malwarebytes' Anti-Malware 1.40
Database version: 2741
Windows 5.1.2600 Service Pack 2

05/09/2009 14:30:04
malwarebytes_05092009.txt

Scan type: Full Scan (C:\|)
Objects scanned: 209595
Time elapsed: 1 hour(s), 17 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACmsgpcpasga.dll (Rootkit.TDSS) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Malware.Trace) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
\\?\globalroot\systemroot\system32\UACmsgpcpasga.dll (Rootkit.TDSS) -> No action taken.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> No action taken.

3 more replies

Hi. Thanks in advance for any help you can give.I have run Malwarebytes, but this finds nothing.This is a Dell Inspiron 1501, now with 1.5Gb memory, low I know but it is particularly slow to load and respond.Certain IE links sometimes do not work. Hijackthis changes don't seem to sticK and it reports it cannot write to the hosts file.I have attached a log from GMER.

A:Performance possibly related to rootkit/malware

3 more replies

A:Spy Sherif And Related Unremovable Malware/problems!

? Re-name HijackThis.exe to doggy.exe by doing the following:- Navigate to C:\Documents and Settings\Christine\Desktop\hijackthis\HijackThis.exe- Right-click onto HijackThis.exe and select "Rename"- Type doggy.exe and hit Enter.? Now, double-click onto doggy.exe (which is still hijackthis) and post back with the new HijackThis log.

28 more replies

I (not an expert by any means) am helping my mother repair her computer and at the end of my knowlege, and was thus hoping to enlist the help of a kind soul from this forum before we just give up and reformat.

In general, the problems are related to unpredictable performance, such as unexpected freezes and shutdowns, occasionally getting stuck on "working" cursor after clicking on start menu or taskbar, freezing on blank screen when loggin off/shutting down, restarting after loading system files for safe mode (before Windows loads), getting stuck on a black sleep mode-like screen when opening lid of idling computer (sleep mode is supposed to be off), and others I'm sure I'm forgetting.

More specifically:
-Webroot scans in normal mode freeze the computer after a few minutes 100% of the time, often resulting in a physical memory dump
-Upon attempting to uninstall a specific program (I can't remember for sure, but I think it was an iwin games program), the uninstaller started deleting random files unrelated to the program itself (causing Photoshop, webcam software, printer software, and others to not function properly), until I noticed and stopped the uninstall. Curiously the original program disappeared from the programs list at some point afterwards, but not immediately
-Several programs in the programs list get uninstall errors (possibly due to the missing files from the above). These include Trend ... Read more

A:Multiple issues, possibly malware related

Hello and welcome to Tech Support Forum.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:

Disable any script blocker, and then double click dds.scr to run the tool.When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security Analyst

If possible rootkit activity is found... Read more

3 more replies

Hi.
I've been having some problems with my internet lately. Namely it stalls out after a few minutes and says it can't find the default gateway OR that
However, I called the cable company, and it was working fine for an hour after resetting the modem, and now I'm back to problems.

So basically I'm not sure if it's actually a problem with my internet OR if I've got something on my computer that's causing this problem.

Also, I have Micro Trend supposedly installed on my computer but whenver I start my computer it says "starting protection" and then disappears and I can't really get it to open. I never even thought about it until now.

I scanned my computer with the quick scans from Malwarebytes' Anti-Malware and Lavasoft's Ad-aware. Ad-aware found 2 problems, one being the trojan.java.blacole.b and second being backdoor.win32.cycbot.cfg -- Both of these were put into quarantine by Lavasoft's Ad-aware. I don't know if I need to do something more or if these were causing the problem.

I was hoping maybe somebody could take a look at the info and make sure there's not something else out there.

Also, I run Windows 7. (and use Firefox almost exclusively as my internet browser, with a few exceptions with some websites that will ONLY work on IE).
If any other information about my system is needed, please let me know.

Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at &#50724;&a... Read more

A:Problem With Internet possibley related to Malware

13 more replies

I was in another sub-forum but was told to come here so I will copy and paste my information if that's all right. Thank you so much for this forum and help!

Hey guys, I actually came across the forums doing a search a day or so ago and the thread I was looking at was out-of-date so some of the links didn't work. Thought I would write my own thread on my problem. Also, my IE is messing up.. not sure if that's connected to the Blue Screen or not (or part in part of the problem(s)).

I had a look at this thread http://www.bleepingcomputer.com/forums/topic375458.html so I think I've already done a few steps you might ask me to do. Here is the info:

==================================================
Dump File : 012411-25818-01.dmp
Crash Time : 1/24/2011 10:45:19 AM
Bug Check String : SYSTEM_SERVICE_EXCEPTION
Bug Check Code : 0x0000003b
Parameter 1 : 00000000c0000005
Parameter 2 : fffff80002fbac9a
Parameter 3 : fffff88009a7dcf0
Parameter 4 : 0000000000000000
Caused By Driver : ntoskrnl.exe
File Description : NT Kernel & System
Product Name : Microsoft? Windows? Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012411-25818-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 274,920
==================================================

A:Blue Screen of Death (Malware related?)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.

2 more replies

Recently, I've been hearing little beeps out of my computer that sound like something is turned on and another beep after that sounds like it's turning something off. I check my Task Manager every time I hear those sounds and wmplayer.exe or wmpnscfg.exe are the ones taking up resources. I try to end the processes but they keep reappearing a few minutes later. I even tried blocking them from startup through msconfig but that didn't help. My fan goes crazy and I lag a bit every time this happens also. Help would be appreciated!

A:Windows Media Player related malware?

Erm... bump

2 more replies

When I say "slowdown" - I mean everything: even audio and video plays back at what seems like 1/2 speed. The XP Intro music is an interesting stuttering remix.

Malware and rootkit checks are clear. HDD scan and SMART stats are fine as well. Housekeeping has been done... and upon mentioning that, I should note that I began defrag at about midnight last night... at 7AM, it was at 35%, and still churning.

Booting into safe mode takes forever and is painfully slow as well.

I thought the problem might be related to a bad printer driver (I was testing an HP 5150 and Lexmark AIO (I forgot the model now - I did this Friday in another location) So I uninstalled those - no joy. I uninstalled my own HP driver with no luck.

I was getting errors related to my wireless card (WMP54GS ver.1.1) upon shutdown, so I uninstalled it. No change running without the wireless.

I came here before giving up and starting all over - because I HAVE been lax, and my last back up was in March. (Yes, I know - I deserve my virtual smacks)

System Info:

Intel Core 2 (6420) Sitting on a Gigabyte Motherboard (I'll crawl inside the case and get that model if you *really* need it)
2 GB DDR-2
300 GB Western Digital HDD (IDE)
NVidia 7300 GT

--Edit Start--

Running Windows XP, SP 2 (Haven't gotten around to my OWN updates)
System built 3/8/08
Used for just about everything except gaming
McAfee Security 2008 - updated today (8/3/08)

Absolutely NO previous problems until this weekend.

A:Solved: System Slowdown - Not Malware Related

8 more replies

So for a couple of months now i've been experiencing out of the norm behavioral habits on my computer. The first being a couple months back now where my computer for some reason began awaking itself from sleep mode at exactly 11:15pm each day. This was not the case before.

I ran virus scan and also malware scan and malwarebytes detected a few PUMs (attached below). I left these for a while before deciding to remove them around a couple of weeks ago now.

Since removing them i've experienced a couple more strange things. The first being when awaking from sleep mode, on occasions, the resolution is all wrong and i must put it back to sleep and awake it again to sort it out. On most occasions it awakes without a problem but still, an issue born recently.

The third thing happened yesterday when a few folders became hidden without me hiding them myself. These folders had once been hidden by me but not for a long while. There were also desktop.ini files on the desktop. I searched google and found out that i had to tick 'hide protected operating system files' to get rid/hide these.

I've done scans with Essentials, Malwarebytes and most recently F-secureonlinescanner. The latter found a java exploit that it removed and one other (sorry do not remember the name). The other two find nothing.

I've tried using Gmer but on three occasions it failed to finish (i get a 'stopped working' message).

Malwarebytes and dds logs attached. (Malwarebytes log is old but shows the PU... Read more

A:A few issues - Unsure if virus/malware related or not

Just a couple of things that are worth noting.

One is that i recently changed from a DVI cable to a VGA (possibly a reason for the resolution issues from wake?).

I've also recently disabled 'allow wake timers'. Not tested it out yet to see whether it has worked or not.

Also, just a gut feeling, the recent issues i 'm having (ignoring the waking up from sleep problem) i feel may be related to the files i quarantined in malwarebytes. Were the PUMS i quarantined really malware?

11 more replies

I share a computer with the rest of my family, we all have seperate accounts but mine is the admins. On logon the other day I found a whole lot of porn screens popping up, and hogging the processes. The process was "obd.exe", so i stopped the process and ran a search with "malwares: anti-malware", which seemed to find and delete a whole lot of malicious software.

but THEN on restart when I logged in explorer.exe was not running and I couldn't access the control panel...

So yeah, the pc is pretty much useless to my whole family atm and they expect me to fix it posthaste; problem is that I'm not too technically savy so I NEED YOUR HELP!

This is the HijackThis Log;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:06 PM, on 16/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe

A:Severe virus/malware issue (obd.exe related)

bump, my computer is now infected with a load of new viruses...

2 more replies

Hi i was watching a tv show using megavideo last night and loads of popups came up giving the usual crap about needing to install stuff.I thought i closed them but maybe i clicked on them by accident.

Anyway all of a sudden AVG started detecting loads of random threats...mainly .exe files being found all over the place.

I tried healing them but loads more kept coming so i turned my internet off thinking they were being downloaded but they kept coming.

I went into msconfig and found two new programs trying to run on startup so i unchecked them and restarted my computer,thinking this would stop the incessant threat detection. Probably a bad move.

Anyway, now when i turn my computer on i get a big blue screen with the following errors:

0x00000024 (0x001902FE, 0xBA4F34EO, 0xBA4F31DC, 0x8A54C889)

I cannot start my computer in safe mode or restore it to a last known good configuration

How can i get back to my computer so i can at least save some files?

I need some serious help please!

Thank you,
james

A:Blue Screen of Death - malware related

Hi, makihara

You should always post your Operating System, and whether is a 32bit or 64bit system.

Lets give this a try. You will need a flash drive to move information from the sick computer to a working computer, so we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

Here is what you need to do.

First

Second
Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 276.7MB in size so it may take some time to download.
When downloaded double click and this will then open ISOBurner to burn the file to CD
Boot the Non working computer using the boot CD you just created.
In order to do so, the computer must be set to boot from the CD first

Your system should now display a REATOGO-X-PE desktop.
Double-click on the OTLPE icon.
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start. Change the following settings
Change Drivers to All
Change Standart Registry to All
Under the Custom Scan box paste this in

/md5start
eventlog.dll

3 more replies

Hello. I am trying to fix a friend's laptop computer that has Windows 7 installed.

When he gave it to me it was infected with some assorted malware(trojans, etc.). At first, I could not open any applications whatsoever. Every time I would try it would ask me if I wanted to use internet explorer to open it.

I created a few rescue CD's(dr web, avira, avg, etc) and ran those. They cleaned up most of the problems.

Also, I installed AVG free edition and malware bytes. I ran both of those. That removed several more pieces of malware.

At that point, things were mostly good. But I noticed that almost all of the files on the computer had been marked as hidden(the desktop images were all faint, etc). So I went through and manually removed the "hidden" setting from all the PC files.

It seems like I am 99% good. However, when I open firefox browser and enter a google search, and click on a link in the search results, it sometimes redirects me to some other unwanted site. So I guess that there is still some malware lingering in the background that could not be found by AVG and malware bytes.

Any recommendations to fix this?

Thanks!

TC

A:Help needed removing malware(browser related)

A friend of mine had an issue with his browser redirecting search results, and it took me a few days to find a fix, but I found a program called TDSSKiller and that removed the problem. You can try it out for yourself to see if it will also be a fix for you, and hopefully it will.

Anti-rootkit utility TDSSKiller

Edit: Here's a little bit more info about the trojan if you need it. Backdoor.Tidserv | Symantec

9 more replies

Hi all!

I'm having some computer troubles and I need guidance from one or more of you kind people. I have a related thread going in the A/V Am I Infected? forum (http://www.bleepingcomputer.com/forums/topic228133-15.html). It gives some other background information that might be helpful to read in understanding my problem.

So, to give a quick overview - currently I'm trying to rid my desktop (and then later I'll be working on my laptop) of any malware it has - which according to MBAM is quite a few nastys and they seem difficult to remove thus far. I've had my desktop for about 8 years now; never formatted, never backed up (yes stupid, I know). Obviously I want to rescue these files in the (likely) event that I need to format my computer.

I'm not sure if I've accidently set off a payload, am botted, or a hacker is directly and actively messing with my system (I *was* "borrowing" a wireless internet connection for about a week...), but my desktop system stability has gotten substantially worse - to the point that I am now unable to boot my computer. So I need help in making it somewhat usable so that I can at least save some of my 8 years worth of files.

This problem began after I had run an MBAM quickscan in normal mode after disabling my wireless connection and clicked on ok to reboot the computer - because certain files could not be deleted until reboot. It shut down normally but then windows would not load (I couldn't even make... Read more

A:Boot problem - most likely due to malware related activity

If you have an open post in any of the malware forums....you probably should not be posting issues here until your malware situation is resolved.

And you certainly should not be anticipating or making changes to your system...based on what someone other than the malware folks suggest.

Louis

4 more replies

A:Windows Explorer won't boot! Malware-related?

As you have now posted in Malware Removal forum, I will ask for this thread to be closed -

2 more replies

I started having problems with not being able to hibernate with the hibernate button. It was around same time I was trying to get search engines that creeped onto my system like avg search and so on. I tried registry fix apps, Microsoft Security Essentials, Malwarebytes. They didn?t help. Can somebody help me?

A:Couldn’t hibernate? Malware related? Avg search?

Hello ineedhelp2012 and welcome to Seven Forums.

It's dangerous to use registry tools. They can cause more damage than they fix. First thing I'd try is using a system restore point to return my computer to a date/time prior to when the hibernation problem first appeared.

System Restore

If that doesn't work or if you don't have any system restore points I'd run a System File Checker scan from an elevated command prompt (option two, this tutorial.) If any problems are found run the scan 3 times rebooting in between each scan.

SFC /SCANNOW Command - System File Checker

You could also try turning hibernation off, rebooting, then turning it back on. Although if you don't use hibernation you could leave it off and gain some additional hard drive space almost equal to your installed memory.

Hibernate - Enable or Disable

5 more replies