problems with everything

[pavement120]

well as we speak i believe my computer is eating itself alive. Lately my windows task manager stopped working and i ignored it for a few day untill my spybot s&d stopped working as well. At this point my norton programs had detected nothing, but things were acting weird so i did a web search and learned of the problem i am facing. Most people say o when confronted with this problem to downoad a series of programs to help deal with the problem. Now i tried this and nothing will download and not for any reason i can find it claims it could not find the download site. So basicly things are slowly going to hell so i've been trying to spend as little time with my computer actually on. Any help would be greatly greatly appriciated as i would rather handle this myself than pay a ton of money for something i've overlooked or do not know.

 

[Rik]

You may be infected with nasties!!!! Read this - https://www.techspot.com/vb/topic50981.html - then post your HJT log as an ATTACHMENT!!!!

 

[pavement120]

i followed the directions in a bunch of theose threads and it cleared out a lot i didn't know was there, but the main problem is still there. The good thing is that now i can use some of my functions i couldn't before so i was able to download hijackthis and have attached the text file

 

[Rik]

First of all, download either the free AVG or Avast antivirus programmes and either the free Zonealarm or Kerio firewall programmes from within this link - https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

Then, disconnect from the net and completely uninstall Symantec/Norton. If you have any problems in uninstalling the programme, take a look at this thread - https://www.techspot.com/vb/topic57112.html

Once you`ve completely uninstalled Symantec/Norton, reboot your system and install whichever firewall programme you chose, followed by whichever antivirus programme you chose. Reboot your system the required number of times and reconnect to the net. Run the antivirus updates.

Once you have done that, post a new HJT log and we will deal with the remaining malware!!!!

 

[howard_hopkinso]

Hello and welcome to Techspot.

Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Click start/run and type services.msc into the run box and press the enter key.

When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

OpenGL Video Drivers

Close the services window.


Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

VideoDrivers.exe
qbupdate.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {5B13B8E4-4BEA-42FC-895C-A05DB83059A0} - C:\WINDOWS\absajva.dll

O4 - HKLM\..\RunServices: [OpenGL Video Drivers] VideoDrivers.exe

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O4 - Global Startup: svchost.exe

Fix all 015-Trusted IP Range entries.

O20 - Winlogon Notify: absajva - C:\WINDOWS\absajva.dll

O20 - Winlogon Notify: awvvu - C:\WINDOWS\system32\awvvu.dll (file missing)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

VideoDrivers.exe<Search your system for this file and delete all instances of it.

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe<Only delete this file from this location and not from anywhere else.

Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.

This is the filepath you need to enter into killbox.

C:\WINDOWS\absajva.dll

Once your system has rebooted, turn system restore back on and rehide your protected OS files.

Post fresh HJT and AVG Antispyware logs. Let me know how your system is running.

Regards Howard :wave: :wave:

This thread is for the use of pavement120 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.