Very slow pc, multiple processes

[fonziesponzie]

What malware dou you mean? The one i got with Hitman?
I scanned with malwarebytes and deleted everythin i got there, Is this what you mean ?

 

[Bill2]

OK, Good!

Listen, I'll be scooting in a while but two pieces of advice for you.

1) Make 100% sure you are malware free.

2) I noticed even in your last screenie- wmp running, firefox running though you said nothing is running. Now, its your computer to run as you wish but then dont complain. I see some services like wmpnetwork (do you share media?) and Vaio power management (its a memory hog). Pl. sit down and seriously research everything that is running as well what is set to start at boot.

Keep a record of what you disable so you can re-enable if required. Go to Blackviper's website and read about windows services there.

Good luck!

 

[fonziesponzie]

Ok thanks, Yes thats strange indeed I closed al programs before, hmm, and no i dont share media, or does this meean like being able to play my music on other pc ( i dont understand what that means )


I uassully run loads of programs at one time, i keep an eye on Taskmanager, it has never been this high,
So theres probably some thin in there which i dont reconize and that screws up my system, I'll be checking in this issue but i have lots of work to do till monday so maybe it wil lhave to wait, any how, as soon as i found wath i was I'll let you know so it can help other people with sam problem to

Thanks for help

cya

 

[malexous]

Scanned with hitman, showed A rootkit and malware, cant delete them tho cause its not activated -.-

You can activate a trial for thirty days and it will remove anything it finds (if you let it) for those thirty days.

 

[fonziesponzie]

Ok ill scan with hitman again, and look for trial activation. thanks

 

[zzz2496]

IMHO, you need to scan your disk without your OS loaded. If you scan using your infected OS, the scan result is compromised by the malware/virus. Either you plug your disk to another clean computer, or use Live CD to scan your system - AVG has one, check it out.

zzz2496

 

[fonziesponzie]

Ok I'll look in to all these options, never done anything like that before, well see if i succeed,

 

[Jacee]

Looking at your HJT log, you have a "Backdoor Trojan" ...... C:\windows\upd.exe This type of Trojan steals passwords along with critical/personal information.
Win32.Spabot is a backdoor trojan that allows unauthorized access to an affected machine. Its main purpose, however, appears to be to utilize the victim's machine as a Spam Relay.

Payload

Sends Spam/ Backdoor Functionality

The trojan's main purpose is to send spam. Upon being remotely instructed, the affected machine will generate and send spam as specified.


The trojan is capable of sending e-mail from 171 different spoofed domains and 41 different email-agents. The backdoor also allows for the download and execution of files - both from URLs and directly, and the aquisition of information from the compromised machine.


It would be wise of you to use a known 'clean' computer and change all your passwords. Do NOT use the infected computer to do this from!

 

[Jacee]

Are you using a proxy server? I don't see any anti-virus program or firewall running!

 

[seag33k]

Jacee,

Out of curiosity, did you use HijackThis Logfileauswertung to analyze his hijackthis log?

 

[fonziesponzie]

dont even know what proxy servers are, let alone how to use them, Changing all the passwords, will do that, could this be the virus that causes the lag
also

Since it looks like I have a lot of infected things on my pc ( thats what i get from it)
What would be the best way to get rid of all this things? which scanner should i use or just kill them all with Hijack?

AVG is running well i think it is, logo apears in right bottom of taskbar, It says everything is fine tho, which clearly is not the case here, What virus scanner would be the best for Win7 any way , i Download alot, most of it from Warez using Rapidshare account, scan alle my files with AVG before extracting them so i dont know how this got on here, I dont use torrents and I never have, this pc is 9 months old, never had any problems with virusses ever, this is first time, and im using pc for 5 years or so.

 

[joel406]

If your that infected and unfortunate enough to be useing AVG you should just backup all your files and reformat.

You have been useing such poor protection the infections are probably everywhere.

Once you have reinstalled everyting use a good AV. ESET is the best bar none.
You will get a lot of people telling you different but believe me I have been useing it for the last 6 or 7 years and have seen it work miracles.

 

[Jacee]

Jacee,

Out of curiosity, did you use HijackThis Logfileauswertung to analyze his hijackthis log?

Sometimes I use it for a very quick analysis... I do not rely on and never have used it for removing bad entries. Too many 'false' items will be detected on a HJT log.

I can see from the log that this computer is infected. Since fonziesponzie doesn't even know what a proxy server is, ( uInternet Settings,ProxyServer = http=127.0.0.1:5555), we have a definite "Backdoor Trojan" here.

AVG is running well i think it is, logo apears in right bottom of taskbar, It says everything is fine tho, which clearly is not the case here, What virus scanner would be the best for Windows 7 any way , i Download alot, most of it from Warez using Rapidshare account, scan alle my files with AVG before extracting them so i dont know how this got on here, I dont use torrents and I never have, this pc is 9 months old, never had any problems with virusses ever, this is first time, and im using pc for 5 years or so.

Nope, it's not running! It's been disabled by the Trogan Downloader! (Bolded emphasis is mine in the quote)

 

[Jacee]

@fonziesponzie, I would suggest that you go to What the Tech Malware Removal - Virus, Spyware, Rootkit, Search Redirect. Fake Alert - What the Tech
Or
Bleeping Computer BleepingComputer.com -> Virus, Trojan, Spyware, and Malware Removal Logs

Follow either of their 'guidline instructions' and post a new topic to get the help you need!

DO NOT post in both forums

 

[fonziesponzie]

I'll look for ESET, here's the new topic i Created on BleepingComputer

strange problem, Pc running slow

Thanks for help here, Hope they can help me out further in other forum,

Ps, How do i delete the BackdoorTrojan thingy ?

 

[zzz2496]

I'll look for ESET, here's the new topic i Created on BleepingComputer

strange problem, Pc running slow

Thanks for help here, Hope they can help me out further in other forum,

Ps, How do i delete the BackdoorTrojan thingy ?

You need to make sure that it's not running then you can delete it (that is if you can find all the files). It'd be best to test the AVG Live CD, less headache for you.

zzz2496

 

[Jaxryley]

Give Dr Web Cureit a run.
Dr.Web CureIt! — download free anti-virus! Cure viruses, Best free anti-virus scanner!

Get rid of AVG and use one of the free AV's realtime - Avast, Avira or MSE with Malawarebytes as on demand.

If and when you are clean then you may want to look into how to be really secure using decent security apps such as Sandboxie, Defensewall, Returnil, Shadow Defender to name a few.

 

[fonziesponzie]

I'll look for ESET, here's the new topic i Created on BleepingComputer

strange problem, Pc running slow

Thanks for help here, Hope they can help me out further in other forum,

Ps, How do i delete the BackdoorTrojan thingy ?

You need to make sure that it's not running then you can delete it (that is if you can find all the files). It'd be best to test the AVG Live CD, less headache for you.

zzz2496

How do I know its not running ?
and what do I use to delete ?

 

[fonziesponzie]

Give Dr Web Cureit a run.
Dr.Web CureIt! — download free anti-virus! Cure viruses, Best free anti-virus scanner!

Get rid of AVG and use one of the free AV's realtime - Avast, Avira or MSE with Malawarebytes as on demand.

If and when you are clean then you may want to look into how to be really secure using decent security apps such as Sandboxie, Defensewall, Returnil, Shadow Defender to name a few.

I installed ESET smert security and I'm scanning with this, Has found more threads than any of the other AV's I used,
I should probably check the forum bout proctection software, I Thought insatlling a Program Like AVG was more then enough, apperntly not, as i said before, my first encouter with Visrusses

Scanning with ESET came op with these threads, all have been deleted

C:\$Recycle.Bin\S-1-5-21-1651481150-3040766709-3536784569-1001\$RIEMR6W.exe - probably a variant of Win32/Genetik trojan - cleaned by deleting - quarantined [1]
C:\$Recycle.Bin\S-1-5-21-1651481150-3040766709-3536784569-1001\$RJAV0JY.rar » RAR » prevx 3.0.exe - probably a variant of Win32/Genetik trojan - was a part of the deleted object
C:\Program Files (x86)\Adobe_Photoshop_CS3\Plug-Ins\Extensions\MultiProcessor Support.8BX - probably a variant of Win32/Agent trojan - cleaned by deleting - quarantined [1]
C:\Program Files (x86)\Adobe_Photoshop_CS3\Plug-Ins\Filters\Crystallize.8BF - probably a variant of Win32/Agent trojan - cleaned by deleting - quarantined [1]
C:\Program Files (x86)\Adobe_Photoshop_CS3\Plug-Ins\Filters\Twirl.8BF - probably a variant of Win32/Agent trojan - cleaned by deleting - quarantined [1]
C:\Program Files (x86)\Adobe_Photoshop_CS3\Required\plug_ins3d\3dsps.x3d - probably a variant of Win32/Agent trojan - cleaned by deleting - quarantined [1]
C:\Users\Felix\AppData\Local\Temp\pvxinst818.exe - probably a variant of Win32/Genetik trojan - cleaned by deleting - quarantined [1]

 

[kucing13]

my suggestion before you format. Combofix. better to backup all data.

I know it is for advanced user but its worth to try before you plan to reformat your pc

feel free to ask