Having issues help quick

Status
Not open for further replies.
K

Katana

Posts: 21   +0
Upon entering my computer, there seemed to be a very large problem, considering my computer which is normally fast was going like a windows 95...

So I brought up the task manager to see wtf was going on and looked at its performance reading...

The graph that it has looks almost identical to a tangent graph, or y=tan x...meaning that it's randomly spiking up to a peak and falling back to 0 at regular intervals consistantly.

So I wanted to see what the hell was making my pc go nuts, and when i watched the processes, I found that there was a problem with the cpu output that the process named "system" was giving.

It is normally very low, actually if i'm not mistaken it's normally at 0. Well at random maybe 4 second intervals it spikes up to 99 and then goes back to 0. This is pissing me off to no end and I dont know what the problem is!

I've run a nod32 virus scan and I have used CCleaner. Idk what to do.
 
www.majorgeeks.com in the Anti-Spyware section. There are many others you can find with a Google search of "HijackThis"
It is free... but it is difficult to use for first timers, so send the dump here for others to analyze
 
Here are some simple guides that may prove to be useful.

Clean out your temporary internet files and temp files.

Go to "Start" -> "Run" and type in the box: "cleanmgr". Let it scan your system for files to remove. Make sure these 3 are checked and then press "Ok" to remove:

* Temporary Files

* Temporary Internet Files
* Recycle Bin

Scan your computer with Ad-Aware and Spybot - Search and Destroy

Download Ad-aware SE and update it (the Globe icon, then Connect). Then click on Perform Full System Scan. Uncheck Search for negligible risk entries and click on Next. Eliminate all that Ad-aware finds. A more thorough tutorial on use Ad-aware can be found here:

Using Ad-Aware SE to remove Spyware & Hijackers from Your Computer


adaware.gif
- Download Ad-Aware SE



Restart your computer after cleaning with Ad-aware and scan again. Repeat the process until no further items are found as bad.

Next,

Download SpyBot - Search and Destroy and install the program. After installing the program, click on Search for Updates and download what the program finds. Click on Search & Destroy and on Check for problems. Delete what it finds.

Using Spybot - Search & Destroy to remove Spyware from Your Computer


index.html
- Download Spybot - Search and Destroy



Scan your computer for malware infections

Before posting the log we would like you to attempt to remove most of the malware on your computer using free anti-virus/anti-trojan products. We have provided a list of our recommended online and free/trial software that we would like you to scan your computer with as part of this step. Most of these applications need Microsoft Internet Explorer in order to function, so do not use Firefox or Opera. The only one that is available for use in these two browsers is Housecall AntiVirus

Housecall Anti Virus

Panda Anti Virus

Bit Defender



If you already have an anti-virus program, update it and let it check as well.


Run McAfee Stinger:

Once the computer has been scanned, we would like you to download the following program:

stinger.gif
http://vil.nai.com/vil/stinger/



This program will scan your computer for the most common worms, trojans, and viruses that are currently in the wild. Instructions for using this program can be found on the McAfee stinger page.

Be sure and put a check in the box by "Auto Clean" before you do the scan. If it finds anything that it cannot clean have it delete it or make a note of the file location, so you can delete it yourself.


Enable or install a firewall

If you do not run a firewall, download one. This also applies to using Microsoft's built-in firewall with Windows XP SP-2. The problem with the built-in firewall is that it only monitors what tries to get in, anything that is already in your system, can dial out. So if you have a Trojan that steals passwords, the passwords can be sent out... Of course this can also happen to your financial data, or social security number, etc. So a, so called, one-way firewall is not good! Use a good firewall like Sygate Personal Firewall or ZoneLabs Zone Alarm.


Using Windows Update to get the latest Windows security updates.

One thing which is often overlooked in getting you computer secure is updating all the security patches that Microsoft has for Windows and Internet Explorer. There is only one caveat... If you are not running Windows XP SP-2, do NOT update to it!!! The update is known to be faulty when there is malware present on your system. This can render your computer system unstartable! So, in short, get all updates you can apart from SP-2!

This can be accessed by going to http://windowsupdate.microsoft.com/ and following the prompts. You may need to do this more than once.


Download HijackThis and create a log

hijackthis.gif
Download HijackThis from the following download location:

HijackThis Download Link


Start HijackThis, and click on the Do a system scan and save a logfile button.

HijackThis will scan your system, and after it is done, Notepad will open with the log in it. In the Notepad window, click on the Edit menu and then click on the Select All menu option. All the text should now be highlighted.

Click again on the Edit menu but this time click on the Copy menu option.

Now click on the following link to start creating a new topic HijackThis forum:

Finally, Post a HijackThis log here.
 
  • Like
Reactions: 2 people
Hi

Important: Please read this thread HERE before you decide whether to clean or reformat your system.

Should you decide to clean your computer, please go ahead to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps to cleaning your computer.
Do follow all the instructions exactly.

Thereafter, please post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread.
The logs will enable us to understand more about the problems on your system.

PS. Gd work Nuradonai. Though, in the future you can shorten your post by using the link in my signature. Its a comprehensive guide in our forums for Viruses/Spyware/Malware, preliminary removal instructions. =)


Regards,
Your friendly Momok =)
 
raybay said:
www.majorgeeks.com in the Anti-Spyware section. There are many others you can find with a Google search of "HijackThis"
It is free... but it is difficult to use for first timers, so send the dump here for others to analyze
Click to expand...

Okay I ran the "Do a system scan and save a logfile" task and here is the text document that was created:
 
You`re running an outdated version of HijackThis and have not renamed it.

Please see the instructions HERE and post a fresh HJT log as an attachment.

Regards Howard :)
 
Sorry about that! I didn't realize that there was such specific rules on the HJT program...I'll follow the rules you sent me!
 
Hi,

Download Vundofix from HERE.

Double click the Vundofix.exe to run it.
Right click in the vundofix window and click add files.

Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do it`s stuff.

These are the following file path's you need to enter:
C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\SYSTEM32\efccbab.dll

Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.


After you are done, please post a fresh HJT, C:\vundofix.txt, AVG Antispyware log from normal mode as an attachment into this thread.

For AVG Antispyware instructions please see HERE.


Regards,
Your friendly Momok =)
 
My thanks x1000 it seems to have worked. My system cpu is staying at 0 now, no more lags. Just in case, I will post the HJT file again like you requested.

Again, my thanks!
 
Well done, your HJT log is now clean.

Have HJT fix these entries.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

O2 - BHO: (no name) - {1D531771-1AD5-4F27-87A2-6980501F9703} - C:\WINDOWS\system32\efccbab.dll (file missing)

O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\uwrrjvtd.dll (file missing)

O2 - BHO: (no name) - {A08E8CF9-1810-412E-A19A-A6BAF1889613} - C:\WINDOWS\system32\sstqp.dll (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

Click on the fix checked button.

Close HJT and reboot your system.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of Katana only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
Blizzard just gave us a hint of how many World of Warcraft subscribers remain (and it's still in the millions)
Replies
14
Views
268
lripplinger
lripplinger
midian182
Farewell, Atlas: Boston Dynamics says goodbye to its iconic robot with highlights and bloopers reel
Replies
7
Views
130
Endymio
Endymio
Cal Jeffrey
This real-world Pokédex identifies pocket monsters using ChatGPT and AI voice cloning
Replies
0
Views
186
Cal Jeffrey
Cal Jeffrey

Latest posts

Back