Strange error messages, ultra-slow PC, possible virus/spyware/malware problem

Status
Not open for further replies.
I did Start - Control Panel - Administrative Tools - double click Services. Microsoft cache control (MSControlService) was already stopped when I right-clicked on it. I still did the right click - Properties - chose Manual, then chose disabled.

Booted into Safe Mode, did the Hikack This system scan only. Found and fixed the first three entries, but there was no sign of an entry called O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)

I then followed the rest of the instructions regarding folder views. However, when I went into C drive / Windows/ System 32, there was no sign of either of the following files in there

C:\WINDOWS\system32\mygtsxxd.dll
C:\WINDOWS\system32\jatarwkf.dll


I managed to find and delete the folders C:\Program Files\MyWaySA

My latest Hijack This log is attached. I noticed after trying to go through thiese steps that my comp was already slightly slower again. Don't know if that's just a coincidence but thought I'd mention it in case it is relevant. I have tried it several times to make sure I am reading the instructions right, but still no sign of those two files.
 
Launch Hijackthis and Do a System Scan Only

Put checks next to the following:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)


Select Fix Checked


Click Start then click Search, click all files and folders, and then click more advanced options.

Click the check box to select the Search system folders and Search hidden files and folders check boxes.

Search one at a time for:
jatarwkf.dll
mygtsxxd.dll


If found delete either of them.
--------------------------------------------------------------------------------------------------------
Other than that your logs look clean of infection.

We can work on speeding up your computer. Do you use Norton AV and Firewalls

I noticed they were disabled earlier?

The instructions given in this thread are for the use of Timtrash only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I ran HijackThis and fixed the two files without any problems.
I ran the file search also, but still found no record of either jatarwkf.dll or mygtsxxd.dll

I did have Norton installed originally but the virus checker had expired. However, I used a Norton Removal Tool as instructed by Kritius while I was going through the preliminary removal steps for spyware/malware. I had a problem at step 13 where I couldn't update the AVG antivirus which I had downloaded at step 2. After removing Norton, AVG updated OK. So, the only antivirus I am using now is AVG, and the only firewall as far as I am aware is the Windows one.
 
Good,

AVG is a lot better in my opinion.

You aren't running Firewall Software. Please download and install one of them first!

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. If you use the Windows Firewall you might think that's sufficient but it only controls one way of the traffic (inbound). Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most used:
Comodo
Kerio
Online Armor
Zonealarm
 
Firewall installed

OK thanks, I have now downloaded and installed Zonealarm free firewall, which seems to be working OK. I notice that connecting to the internet is a little slower than without the firewall, but I assume that is how it is meant to be - presumably the slowness is due to the firewall checking a site is OK?

Apart from that, the RUNDLL error messages on startup seem to have disappeared and things seem to be running smoothly. Is there anything more you think I should do to make the PC run faster and prevent future infection, or am I just about done? I'll follow Kritius' advice from the post on 03-08-2008 06:28 PM about continuing to scan with antivirus and running Ccleaner every now and again.

Apart from that, I wanted to thank both of you, Blind Dragon and Kritius, for all your help and support. I honeslty don't know how I would have fixed all this without your advice. I appreciate the time and effort you have both put in. Thank you. Finally, although this has been stressful at times, it has been an excellent learning experience, and I am keen to learn more. I wondered how you guys managed to become so skilled with computers. Is it just experience or do you folks have some sort of training? I would love to be at a level similar to yours but don't know if I would need to a degree in computer programming. Any advice would be appreciated.

Thanks
 
You are very welcome, thats why we volunteer our time. :grinthumb

I have a degree in business studies with computing, but the computing was only a minor side of it. I did some programming and things but honestly, if you put me down in front of a screen and asked me to use the same packages I did then I wouldnt have a clue. I dont know if I am particularly skilled on computers, I just use them a lot and read what I can find, there are lots of guides and solved issues on this site so read what you can and expand from there.

In regards to the computer running slow have you done a full disk cleanup and defrag? Also keeping your startups to a minimum can speed up your pc, Spybot S&D has a function in the advanced options to allow you to change what runs on start up, I would also recommend not installing things onto your computer unless you absolutely need them.

Good luck with everything and stay active in the forum, if you need anything then you know where we are.
 
Run the norton removal tool that is for the product that you had, found here:

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039
this alone should speed you up quite a bit.

------------------------------------------------------------------------------------------------------------

Like kritius just mentioned you should:

In Spybot S&D Go to Mode and select advanced. then expand tools in the left pane, then double click system startup uncheck items that don't need to be started everytime you turn on your computer. If you don't know what something is you can post here or google for it. Don't uncheck anything in green.

----------------------------------------------------------------------------------------------------------

As for learning more, just hanging around the forums you will pick up a lot and lot's of reading.

Good luck
 
Status
Not open for further replies.
Back