computer problem

By bolun
Mar 23, 2007
Topic Status:
Not open for further replies.
  1. Hello

    Heres the story. I downloaded software using bit comet. After i installed it, a message popped up saying my computer is going to shutdown in a minute, but my computer just froze. Anyways, i uninstalled it, deleted all of it, or so i hope. I don't see that pop up anymore, but now my computer is running really slow at times. In the task manager, theres 2 tasks called scanningprocess.exe. Also, within the past couple hours, my Zone Alarm fire wall blocked 477 intrusions, and 13 of them high rated. I've ran my AVG virus software, the Zone alarm anti virus and spy ware, spy bot, ad aware, and they all came up with nothing but some minor problems.

    When i start up my PC, I click on something, and nothing happens. But after almost a minute, it opens what i clicked on.

    I have no idea whats the problem, and I'd really appreciate if someone could help me out.

    Thanks,
    Bolun

    Oh, and I also made a HJT Log.

    View attachment 15081


    It seems as if my PC has settled down a bit, and a couple more intrusions blocked.
    Also, when I try to end the scanning process in Task manager, it says it cannot be terminated.
  2. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    scanningprocess.exe=beagle.dz trojan.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :)

    This thread is for the use of bolun only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. kchris gayle

    kchris gayle Newcomer, in training Posts: 27

    ahem.....
    check again on your add/remove programs if indeed it has been deleted....
    and if it still slows down all you got to do is optimize the browser settings, check on your firewall...you can temporarily disable it for a while and see what happens... and wow dude you got so many spyware and anti-virus programs running it would tend to really slow down... you can just use one for each the maximum is two...
  4. bolun

    bolun Newcomer, in training Topic Starter Posts: 25

    I completed all the steps in that link you gave me. My anti Virus turned up nothing, but it showed that Shell32.dll and ntoskrnl.exe have been changed. Ad aware turned up nothing. S&D fixed some minor problems. The Anti rook kit turned up nothing.

    Here are the logs you told me to attach.

    View attachment 15100 AVG antispyware log
    View attachment 15101 Combo Fix Log
    View attachment 15102 New HJT Log

    The scanning process.exe is still there.
  5. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Your system looks clean.

    After further research it seems the scanningprocess.exe can also belong to Zonealarm, depending on where it`s running from..

    C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe<This is the legit filepath.

    Where is your ScanningProcess.exe file running from?

    Regards Howard :)

    This thread is for the use of bolun only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  6. bolun

    bolun Newcomer, in training Topic Starter Posts: 25

    I just updated to Zone Alarm Security Suite version 7.0.337.000, and after looking up on the net, the scanning process supposedly belongs to this new version of ZA.

    In my HJT log, it says it is running from:
    C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe

    So it should be fine then I guess.

    Thanks for all the help

    Oh, and also, should I be worried about the constant increase in blocked intrusions by my zonealarm?
  7. wilsonwilson

    wilsonwilson Newcomer, in training

    I "KILLED" scanningprocess.exe

    I used ZAP against itself


    1. Program Control >Programs >Add

    2. "ADD" C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe

    3. In the 'trust' 'access' etc...left click KILL

    4. kill process in task manager (if running HA like it's not)

    5. renamed "scanningprocess" "~scanningprocess.exe"

    Works for me hope this helps
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.