Solved:Another whataboutadog/rabbit issue

Status
Not open for further replies.
M

mas21pa

Posts: 6   +0
Hey Howard and the crew. I have been reading alot on this the last couple days and as the usual internet history is showing these and system has significantly slowed down. I am commited to cleaning as this is not used for anything really personal. I had read previously to uncheck system restore so I am also already commited to doing so on that as well! Anyways, downloaded the newest versions of HJT and AWF from what I read of the other threads and have attached the logs for you to review. If there is anything else I should do first or just let me know what to do from here. This forum seems like a great place and had just stumbled acrossed it b/c of this issue.

Thanks in advance for your help!

Mark
 
Hello and welcome to Techspot.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

lsasss.exe<Not to be confused with lsass.exe, which is legit. Note the extra `s`

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKLM\..\Run: [Lexmark_X79-55] C:\WINDOWS\system32\lsasss.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\system32\lsasss.exe<Again, not to be confused with lsass.exe

Reboot into normal mode and rehide your protected OS files.

Double-click FindAWF.exe to start the tool. Then, do the following
Select "option #2 - Restore files from bak folders" by typing 2 and press Enter .
A text file will open up. Please copy/paste the following text from the quote box (all except the word QUOTE) into the text file.
"C:\WINDOWS\system32\bak\ctfmon.exe"
"C:\WINDOWS\system32\bak\NeroCheck.exe"
"C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe"
"C:\Program Files\Dell\AccessDirect\bak\dadapp.exe"
"C:\Program Files\Java\jre1.5.0_08\bin\bak\jusched.exe"
Click to expand...

Close the .txt file and click Yes to save the changes.
When the tool has completed, a report will open up in notepad. Please post the results of the awf.txt in your next reply as an attachment.

Post a fresh HJT log as well.

Regards Howard :wave: :wave:

This thread is for the use of mas21pa only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Howard,
Thank you very much for the guidance. But I have this sense that I am not done and you are going to give me more steps! hahaha I followed all your instructions, here is the attached files.

Ran HJT after the AWS process.

Thanks again! :)

Mark
 
Your HJT log is now clean.

Please double-click the FindAWF icon once again
This time we are going to remove some folders.


Use the following option: Press 3 then Enter to remove bak folders


A text file opens called: folders.txt
Click below the line and paste the following list of folders to be removed:

C:\WINDOWS\system32\bak
C:\WINDOWS\system32\bak
C:\Program Files\ATI Technologies\ATI Control Panel\bak
C:\Program Files\Dell\AccessDirect\bak
C:\Program Files\Java\jre1.5.0_08\bin\bak
Click to expand...


Next, close and click Yes to save the changes.

When done with the above, FindAWF automatically runs a new scan and opens a new log that you need to post.
Please provide the new FindAWF log.

Regards Howard :)

This thread is for the use of mas21pa only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Howard.. Glad the HJT part is taken care of! I saw some of the issues people were having and it seemed to be alot more work for them to get everything removed. I did as you instrructed and here is the new AWF log attached..

What can I do to prevent this? I have mcafee that I update but it didnt pick this up. I just noticed the slowdown and saw it in the history and did a google search to read more. But is there anything else I can do to clean up my start up registry? or is it just this that was slowing my computer down so much when I first turned it on? It takes for ever before I can open an application once the desktop loads.


Thanks again Howard for all your help!

Mark
 
That`s now clean. However, we`re not done yet.

I now want to check your system for any other infections that may be lurking. There`s no point in you going away thinking your system is clean if it isn`t

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the Panda Antirootkit scan.

Regards Howard :)

This thread is for the use of mas21pa only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Still Working on this! As soon as everything is complete I will load the logs for you to take a look!

Thanks Howard

Mark
 
Howard,
After spending the last 6 hours on this I think I am all done. The panda scan came back good with no issues. I have attached the three required logs for you to review. HJT, AVG and Combo. I also wanted to see what processes from the task manager could be stopped and and if there is anything else I can shut off in the start up processes that has made this thing slow up so much recently upon startup.

Thanks again for all your help Howard!:wave:

Let me know if there is anything else I have to do now or if I am FINALLY done! haha

Mark
 
McAfee uninstall.

One of the best things you can do to speed up your system, is to get rid of that resource hogging McAfee and use another antivirus and firewall programme.

Download one antivirus and one firewall programme from the choices below.

AVG free or Avast antivirus programmes.

Zonealarm Kerio or Comodo free firewall programmes.

Download the McAfee removal tool below.

McAfee removal tool.


For instructions read the bottom two paragraphs HERE.

Disconnect from the net and run the McAfee removal tool as per the instructions.

Install whichever firewall programme you chose and reconnect to the net.

Install whichever antivirus programme you chose and run the antivirus updates.

Now your system is free from McAfee, you should see a marked improvement in your systems performance.

To further speed up your system, take a look at this thread HERE.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of mas21pa only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Ok.. got all that taken care off.. Seems a little faster after the defrag and disk cleanup. My thing was it was taking forever to just get started. Once it was running it wasn't bad. But I got rid of that stupid virus and everything seems to be great in that regard. I removed Mcafee and using AVG and comodo firewall. I want to thank you for all your time and effort you put into this and the wonderful advice you have provided.

Thanks again Howard! :)

Mark
 
No problem, it was my pleasure.

This thread is now closed: If you need this thread unlocking, please pm a moderator with a link to the thread.

Only the original thread starter can do this. Anyone else, will be ignored.

Regards Howard :)
 
Status
Not open for further replies.

Similar threads

Jimmy2x
Meet Uncle Rabbit, the AI-powered conversational 3D chatbot
Replies
1
Views
541
Hodor
Hodor
B
Laptop bottleneck internet speed issue
Replies
5
Views
722
Mark Fuller
M
A
Fingerprints are not as unique as we think, study claims
Replies
6
Views
237
FaTaL
FaTaL

Latest posts

Back