Computer in a bad way - need reliable link to hitman pro/free troubleshooting ware
Thanks
Can you post some usefull links for me that might help me clean it up I have AVG on it at the moment thats all! Steve |
What kind of problems you having mate? I work in IT so should be able to help somehow.
|
Originally Posted by GT4Baz
(Post 8437137)
What kind of problems you having mate? I work in IT so should be able to help somehow.
Firefox is taking a long time to load - get server not found for the first few attempts. Once up and running not too bad. It wont let me run disk defragment. Got a false IE security message up - banging on about Trojans and trying to get me to lauch an exe. Generaly got buggy over the past week. Run AVG Run Hitmanpro - just the spyware bit i have at the mo Understand basics ...but not a real techy Hitmanpro - used to run all sorks of anti spyware etc software one after the other and was pretty good. Have you any links to good Freeware that I could run - to try and sort it out What do you think? Thanks again Steve Running XP |
Sounds like your PC's riddled with some nasty Virus/Spyware.
Try these out they are all free: Malwarebytes.org - Very good, free malware/spyware removal tool AVG Free - Download antivirus and antispyware software for Windows XP and Vista - Excellent, free Virus removal tool Free Online Virus Scan - BitDefender Online Scanner - Only an online scanner, but excellent at detecting and removing viruses from your PC. A combination of these 3 should sort your PC out, but if not give me a shout and I could probs post you something out that will help you mate. |
My laptop will allow me to download those exe. files you suggested...
BUT will not run them. No error message nothing. You double click on the desk top icon and nothing! HELP :( |
Google posted this up when i visited Bitdefender
Its like it is fighting an anti virus exe. ____________________________________________ Safe Browsing Diagnostic page for antispyware-pro-scanner.com What is the current listing status for antispyware-pro-scanner.com? Site is listed as suspicious - visiting this website may harm your computer. Part of this site was listed for suspicious activity 1 time(s) over the past 90 days. What happened when Google visited this site? Of the 7 pages that we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time that Google visited this site was on 2009-01-18, and the last time that suspicious content was found on this site was on 2009-01-18. Malicious software includes 2 trojan(s). Successful infection resulted in an average of 0 new processes on the target machine. This site was hosted on 1 network(s) including AS34187 (RENOME). Has this site acted as an intermediary resulting in further distribution of malware? Over the past 90 days, antispyware-pro-scanner.com appeared to function as an intermediary for the infection of 1 site(s) including geocities.com/melbagilmore83/. Has this site hosted malware? Yes, this site has hosted malicious software over the past 90 days. It infected 24 domain(s), including hojiblancaycordoliva.com/, tsdconfection.com/, huitre-bretagne.com/. How did this happen? In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message. Next steps: * Return to the previous page. * If you are the owner of this website, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Centre. Anyway thanks for your help so far Steve |
Try "CTRL/ALT/DELETE and select task manager" or "START->RUN->TASKMGR"
See if the CPU is 100% busy. Normally, it shouldn't be. Sounds like a bit of a battle if it won't let you launch new apps. |
Part of the problem with some of the malware / viruses around is that once you've booted your machine they're already loaded into memory and able to function or in some cases protect themselves. Ideal means to deal with any issue like that is to be disconnected from all networks (so that it can't re-infect itself) and boot into a clean environment (so that it can't load in the first instance) before attempting to attack it. It does mean you need up-to-date software on a cd or flashdisk to deal with it though since obviously you can't troddle off around the internet to find updates etc.
Give this a go and see how you get on - UBCD for Windows (it's a free bootdisk of utilities, virus scanners, malware scanners etc but if there's utilities you're not sure of, don't play with them lol!) :) p.s. if your machine doesn't boot from the cd, check your bios settings to ensure that the boot order places the cd drive prior to the hard-drive :) |
Get a program called ccleaner - run that to remove all the junk off your system and clean up the registry.
Turn off and restart and then run the malwarebytes anti-malware program - this is very good and will find and remove a lot of Trojans and things that could be causing problems. Both of these programs are free, and I've found most problems can be cleared up by using them. |
Thanks
Tried Start - Run - Task Manager Didnt work :( How do check the CPU? Thanks again Steve |
Thanks guys
Will try now! |
Hi
I have PMd GT4 Baz - sending a CD. I am writing this to you from the local libary. Can anyone else also be a good samaritain Has anyone else got a CD they can post to me PC Doctor has identifed some viruses - after I ran cc cleaner. But I need to purchase it. I dont want to put my credit card details into a heavily infected machine. I can now run AVG again. But other anti software wont run. So inserting a CD with some good stuff to zap it - would be far safer I am also now getting random web pages up when I sometimes try to access a specfic site say.... SN. I had this once before...I think it called something like when your domain address is taken over....I did solve it on that machine (windows2000) I am currently running XP Thanks for your help so far all Steve |
Yet another person infected while having AVG installed :(
Get rid of AVG and install something that actually works. Nod32 has a 30 day free trial ESET - Antivirus Software with Spyware and Malware Protection |
The best program you can download that will help others help you, if you don't know more than the basics will be..
"Hijack this" > |MG| HijackThis 1.99.1 then... Close any open browsers Launch the program Hit "do a system scan only" When that finishes, hit "save log" The log will open in Notepad Go to Edit>Select All Then Edit>Copy Come back to this thread Do Edit>Paste All the geeky ones will then be able to tell you the things likely to be causing issues. :D |
This is what appeared in the note pad
Logfile of HijackThis v1.99.1 Scan saved at 14:58:13, on 20/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\btbb_wcm\McciTrayApp.exe C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Messenger\MSMSGS.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BT Broadband Desktop Help\bin\mpbtn.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Documents and Settings\user\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe O4 - HKLM\..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HitmanPro3] "C:\Program Files\Hitman Pro 3\hitmanpro3.exe" -autocheck O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - Global Startup: BT Broadband Desktop Help.lnk = C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1170862853673 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE Thanks Steve |
Originally Posted by Steve Whitehorn
(Post 8437432)
My laptop will allow me to download those exe. files you suggested...
BUT will not run them. No error message nothing. You double click on the desk top icon and nothing! HELP :( The rootkit disables the installing & running of most of the anti malware apps. SuperAntiSpyware has an alternate installer to get round this SUPERAntiSpyware.com - Frequently Asked Questions Once that has run through, install another one - like malwarebytes , and run that through as well. HTH Steve |
Originally Posted by Steve Whitehorn
(Post 8437432)
My laptop will allow me to download those exe. files you suggested...
BUT will not run them. No error message nothing. You double click on the desk top icon and nothing! HELP :( Enter safe mode by pressing F8 on start up. |
Big Thanks
Big Big Thanks to you all - the true spirt of SNet :)
PC now seems to be fixed and running OK Steve I am expecting a CD tomorrow and will also run that too |
Originally Posted by stevem2k
(Post 8440595)
I've just cleaned up one just like this after some donut installed "Antivirus 2009" , it also redirected all google searches ...
The rootkit disables the installing & running of most of the anti malware apps. SuperAntiSpyware has an alternate installer to get round this SUPERAntiSpyware.com - Frequently Asked Questions Once that has run through, install another one - like malwarebytes , and run that through as well. HTH Steve |
Excellent work there then, whoever helped out..
|
All times are GMT +1. The time now is 04:59 AM. |
© 2024 MH Sub I, LLC dba Internet Brands