TechSpot

[Unresolved] Please help me get my computer back to normal

By notevenkodak
Dec 26, 2007
Topic Status:
Not open for further replies.
  1. I recently removed a virus that was on my computer and slot of spyware that came with it. I first used trendmicelro to take off the viruses then I downloaded the free lavasoft ad-aware software to get the rest of the spyware off of my computer. I kinda have norton but it expired a couple weeks ago and it can scan but its been no help. Even after this my CPU is still running extremly slow and takes forever to do certain actions I cannot even run scqndisk because it says setting about needing certain acesess to something and needs to restart but when I restart it of never does, does anyone know a solution and is there any other information I need to provide? Thank you
    -brendan
  2. momok

    momok TS Rookie Posts: 2,272

    Hi notevenkodak and welcome to techspot. =)

    I suggest you do the following before doing anything else

    Important: Please read this thread HERE before deciding if you should CLEAN or FORMAT your system

    Should you decide to that cleaning your system is the best option, please go to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given.
    Do follow all the instructions exactly.

    Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread.
    Do not copy and paste your logs if not they will be removed.

    Our experts here will tend to your queries thereafter.

    Also, please provide the results of the Antirootkit scan


    Regards,
    momok =)

    This thread is for the use of notevenkodak only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.
  3. notevenkodak

    notevenkodak TS Rookie Topic Starter

    ok how do I expect me to do all of that when it takes 10 minutes to even get IE open if I could do all of that I wouldn't have a I really need some assistance on even getting that far

    Im on my iPod touch now which is the only reason I can reply so quickly

    update: suddenly everything sped up but i'm still trying to follow the steps above

    Ok i may have made a mistake but wtf? my norton is GONE, how can i get it back? i PAID for it and i dont haev the Cd box etc? i'm getting ready to post the hijack logs etc in a few but i need Norton back pronto, please anyone help?

    (Moderator edit: Posts merged. Please use the edit button, rather than replying to your previous post where there are no other replies in between. If bumping the thread, please wait at least 24 hours for a reply.)
  4. notevenkodak

    notevenkodak TS Rookie Topic Starter

    here are the symptoms so far: my apllications are still taking longer to load, my norton is GONE,
  5. chesty

    chesty TS Rookie

    Did you ever get this fixed?
  6. notevenkodak

    notevenkodak TS Rookie Topic Starter

    I never got any help with this and my computer is extremely slow please help?
  7. momok

    momok TS Rookie Posts: 2,272

    Hi,

    You may wish to copy and paste these instructions on notepad for easier reference later.

    1. Boot into safe mode under your normal user name. See how HERE
    2. Next turn on "Show all files and folders, including hidden and system". See how HERE

    3. Go to start > run and type msconfig. Press the enter key.
      Search for the following entries. Uncheck them to stop them from starting up. Click Ok but do not restart your system yet.

      HTV Agent
      HTV Agent
      < with 2 spaces between "HTV" and "Agent"
      HuOcWlkFEL

    4. Go to start > run and type services.msc. Press the enter key.
      Search for the following services. Double click to select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

      Viewpoint Manager Service

    5. After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

      F3 - REG:win.ini: load=C:\WINDOWS\system32\awtsp.exe
      O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.5\BitComet_Toolbar.dll (file missing)
      O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV.exe
      O4 - HKLM\..\Run: [HTV Agent] C:\Program Files\HTV\HTV .exe
      O4 - HKLM\..\Policies\Explorer\Run: [HuOcWlkFEL] rundll32.exe "C:\WINDOWS\system32\ndaTqsVqrX.dll",DllCleanServer

      O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
      O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
      O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
      O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim .exe
      O9 - Extra button: Support - {31BB5CDF-C28C-4D58-8E8A-64922B282955} - http://www.comcastsupport.com (file missing) (HKCU)
      O9 - Extra button: Help - {8357B852-EED0-44F4-99FC-DF31033BF265} - http://www.comcast.net/memberservices/ (file missing) (HKCU)
      O9 - Extra button: ComcastHSI - {8DF456E0-46BD-481D-9955-FED9282753FD} - http://www.comcast.net (file missing) (HKCU)
      O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
      O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

      Close HJT.

    6. Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):

    7. Save this as CFScript on the desktop.
    8. Referring to the image below, drag CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe.
      [​IMG]
    9. ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.

      Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang

    Thereafter, please post fresh HJT and AVG Antispyware logs and the resultant ComboFix log from the above instructions as attachments into this thread.


    Regards,
    momok =)

    This thread is for the use of notevenkodak only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.
  8. notevenkodak

    notevenkodak TS Rookie Topic Starter

    I checked repeatedly for the htv agent entry so I unchecked the htv checkmark I also did not find the third one
    dude I am so scared I keep rebooting my pc and its saying object name not found and it restarts I cannot log into my computer I have done everything you told me to do
  9. momok

    momok TS Rookie Posts: 2,272

    - Have you run the ComboFix according to my instructions?
    - Are you able to log in to administrator or safe mode?
  10. notevenkodak

    notevenkodak TS Rookie Topic Starter

    Ho momok I restored the setting to a lter date by pressing f8 and clicking that option I ran a search and found it in qoobox\quarintine and documents and settings but when I click on it it comes up in notepad as jibberish trying to follow ur instructions again but somehow it either does the thing where it says no I object name found or the misconfig does not show up.I really appreciate the help
    - notevenkodak
  11. momok

    momok TS Rookie Posts: 2,272

    Hi,

    Please post the C:\Combofix.txt file as an attachment, as well as HijackThis and AVG Antispyware if possible.
     
  12. notevenkodak

    notevenkodak TS Rookie Topic Starter

    hi momok here they are
    and here are an update on symptoms:
    Stil xtremely slow
    everytime i turn it on lsass.exe -sstem error shows up and i cannot log on, i then press f8 on startup and go to last known configuration, but if i restart my comp it oes the same thing all over again
    i cannot go to misconfig it says it can't find it
    i cannot defrag my comp because it says i ned to do a scandisk but it wont even let me do a scandisk
    thanks momok
  13. momok

    momok TS Rookie Posts: 2,272

    Hi,

    1. Download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

    2. Download the attached avengerscript.txt (from my attachment) and save it to your desktop

    Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

    3. Now, start The Avenger program by double clicking on its icon on your desktop.

    Under "Script file to execute" choose "Load script from file".
    Now click on the folder icon which will open a new window titled "open Script File"
    navigate to the file you have just downloaded, click on it and press open
    Now click on the Green Light to begin execution of the script
    Answer "Yes" twice when prompted.

    4. The Avenger will automatically do the following:

    It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
    On reboot, it will briefly open a black command window on your desktop, this is normal.
    After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
    The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

    5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT and ComboFix log.


    Regards,
    momok =)

    This thread is for the use of notevenkodak only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.
  14. notevenkodak

    notevenkodak TS Rookie Topic Starter

    here u go, the error isn't popping up anymore but apllications and everything else are still realy slow
  15. momok

    momok TS Rookie Posts: 2,272

    Where is the avenger.txt file? Also, I need a HijackThis log from normal mode.
  16. notevenkodak

    notevenkodak TS Rookie Topic Starter

    momok my computer is getting slower and slower the only way that I can really post is from my itouch or another computer' it must be a virus and the other programs are not catching it do u have any thing that I can use to temporarily speed it up?
  17. momok

    momok TS Rookie Posts: 2,272

    I'm afraid there is nothing much I can really do if it is due to the infection. Can you try running the avenger instructions again from safe mode? Use the avengerscript.txt from my attachment below.
  18. momok

    momok TS Rookie Posts: 2,272

    Thread closed due to lack of response. Should the original starter require it to be reopened, please PM a mod.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.