TechSpot

Virus/Spyware?

By tea_leaf88
May 19, 2007
  1. My computer's taking a lot longer to boot up and yesterday every 20 seconds the CPU usage would go to 100% for awhile, i dont' know what's wrong with it = (. An HJT log has been attached. Thanks!
     
  2. raybay

    raybay TS Evangelist Posts: 7,241   +9

    One problem is you are overloaded with security, probably some of which are inconflict with each other, and are certainly part of the slowdown. I see elements of

    AVG Free
    McAfee
    Panda ActiveScan
    Spyware Guard (get rid of that)
    Symantec
    Trend Micro
    Windows Defender
    and whatever MSN and Hotmail are trying to make you use.
    Get rid of McAfee, Panda , Spyware Guard, Symantec, and Trend Micro (they don't play nice together) unless you have long subscriptions already paid... in which case, get rid of AVG Free.
    If you are going to use AVG, also include AVG Antispyware and AVG Rootkit.
    Keep Windows Defender.
    Then replace spyware Guard with something good, like Spyware Doctor, ZapZilla, Spyware Sweeper, etc.
    Rethink all your security stuff, or suffer the slow speeds.
     
  3. momok

    momok TS Rookie Posts: 2,265

    Hi,

    Raybay is right. However lets fix some things first.

    You may wish to copy and paste these instructions on notepad for easier reference later.

    Boot into safe mode under your normal user name. See how HERE

    Next turn on "Show all files and folders, including hidden and system". See how HERE

    Go to start > run and type services.msc. Press the enter key.
    Search for the following services(if there) double click to select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

    ie.exe

    Open your task manager by pressing holding ctrl, alt and pressing del. Alternatively, use ctrl + shift + esc. Go to the processes tab, and end the following processes, if found:

    ie.exe

    After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

    O4 - HKCU\..\Policies\Explorer\Run: [ie.exe] C:\WINDOWS\ie.exe

    Close HJT.

    Navigate in Windows Explorer and delete the following files and folders in bold.

    C:\WINDOWS\ie.exe

    Reboot into normal mode and rehide your protected OS files.

    Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread. The utilities can be downloaded from the links in my signature.


    Regards,
    Your friendly Momok =)

    This thread is for the use of tea_leaf88 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  4. tea_leaf88

    tea_leaf88 TS Rookie Topic Starter

    thanks for the reply! after reading the first one i got rid of McAfee, Panda and Spyware Guard...i couldn't find Symantec and Trend Micro. i think trend micro is from HJT 2.0. and i got the two other avg programs raybay suggested.

    from the tips of the second post, i couldnt find ie.exe from the services list, but i did find it in the processes, stopped it and got HJT to fix it. and i couldnt find it under the c:\windows\ie.exe

    here's my new HJT, etc., i hope they're the right logs, it's my first time using combofix and avg anti spyware

    Thanks again!
     
  5. momok

    momok TS Rookie Posts: 2,265

    Hi,

    Your logs look clean now. No worries bout ie.exe it has been fixed.

    Delete all files in AVG Antispyware Quarantine and C:\QooBox folder.

    Turn off system restore (XP/ME only). Learn how to do that HERE.
    This will remove all the remaining nasties from your old restore points.

    After that turn system restore back on.
    This would have created a new safe and clean restore point for your system.

    Often times, an infection can occur again not due to the incompetence of programs, but because of user habits.
    May I recommend you to read this article.
    This can help to prevent future infections.

    With regards to your system security, if you have gotten AVG antivirus please remove norton and other antivirus elements from your system completely. This is because running more than one antivirus is not recommended as it may cause conflicts.
    To completely remove norton is a little tricky. Read HERE.

    I recommend you use another firewall rather than the Windows crap. Here are some suggestions. Please choose to use one and only one.

    Zone Alarm
    Kerio
    Comodo

    Here are two more programs which I highly recommend.
    Spybot Search & Destroy. < use this if you have no other real time monitoring programs such as spyware doctor.
    Ccleaner.

    Should you have any further problems, please post in this thread.


    Regards,
    Your friendly Momok =)

    This thread is for the use of tea_leaf88 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...