Virus and strange issues

Status
Not open for further replies.
K

krelien

Hey guys,

To start I have been on this site all night reading the posts that seemed to contain my problems, but I have yet to get it fixed, so I'll try my own... thanks in advance guys.

Alright. I just formatted the WD-Raptor, installed Win XP home, threw norton 2003 before I even installed the NIC, and wouldn't you know it, I get sasser immediatly, and that annoying 60 seconds shut down. I ran a few fixes for that, and I think I got her... but that's not the real issue.

Sometimes it takes 1 minute, sometime 10, but what happens is that Task Manager, Internet Explorer, My Computer and other such things REFUSE to open. The computer will proccess something for a second, then do nothing. So fixing the problem on the machine with a reboot every minute or two is kind of hard. Thankfully I've got this laptop to help.

FYI there are 2 other hard drives, they have been scanned with Norton, and I downloaded and ran STINGER. It only found an FTP virus and deleted it. System restore is turned off as well.

Attached is the hijackthis log... any ideas? It's REALLY really frustrating... :/ Thanks for your time in advance...
 
I guess it's too late to tell you to unplug the network cable when you are installing a computer..

Since you are using Norton then any problems with the computer being sluggish can be blamed on that. Install SP2 and turn on the Windows firewall. Get rid of Norton and see if things go faster. If yes, get some products that are not made by Symantec instead.
 
Nic was not plugged into cat5 when windows was installing, and PANDA was also installed prior to Norton. It's not a performance issue, it's the fact that these things WILL NOT OPEN period
 
First Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/R/ unRegister the xxx.DLL in that line
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines!
...................................................................................................
/P/ C:\WINDOWS\System32\spooIsv.exe <<== mind the SPELLING!!
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
/R/ O20 - Winlogon Notify: App Management - C:\WINDOWS\system32\m0640ajqedoe0.dll
...................................................................................................

STOP using that crappy IE (other than for Windows-updates) and install Firefox from www.getfirefox.com
 
RealBlackStuff said:
First Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/R/ unRegister the xxx.DLL in that line
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions in SEQUENCE, and in HiJackThis tick/fix ALL lines!
...................................................................................................
/P/ C:\WINDOWS\System32\spooIsv.exe <<== mind the SPELLING!!
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
/R/ O20 - Winlogon Notify: App Management - C:\WINDOWS\system32\m0640ajqedoe0.dll
...................................................................................................

STOP using that crappy IE (other than for Windows-updates) and install Firefox from www.getfirefox.com
Click to expand...


Thanks for that, though when I popped into safe mode, spooIsv.exe was not running, nor could it find that m0640ajqedoe0.dll. So yeah. but the 20's were taken care of anyway.

Only issue that is happening now is that every hour or so, Panda antivirus pops up with "Network Virus Attempt Block" and says LSASS was the file. I'm the only computer hooked up to the router right now, so it's not an attack from another PC. I'm not sure if sasser is still on my system or if it's just an attempt blocked from the internet somewhere. Thanks anyway though
 
Status
Not open for further replies.

Similar threads

R
Solved Norton blocked attack by: System Infected: Miner.Bitcoinminer Activity #
2
Replies
32
Views
3K
Broni
Broni
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
478
eriksnyman1
E
I
  • Locked
Inactive Virus or rootkit on Windows and Linux
Replies
9
Views
2K
Broni
Broni

Latest posts

Back