|
|
 |
|
|
Pages: 1
Some worm/viral problems on XP SP2
(Click here to view the original thread with full colors/images)
Posted by: Huda
Hi all,
I am having some problem on WIN XP with SP2. I have Norton antivirus but my registration expired few days ago. Here is the list
1) There is an svchost.exe file listed in my start up. Pretty sure its something nasty. I've temporarily solved the problem by putting a read-only dummy exe in the start up but I need a permanent solution. Got any suggestion?
1) ENDS
2) Few days ago, a friend used my computer to chceck his mail. Now everytime I log on to the internet, I sign-in to msn messenger as my friend. I terminate the messenger process everytime to close the application but I need a permanent solution. Got any suggestion?
2) ENDS
3) Everytime I search something on google, a browser hijacker changes 3 search result out of 10 to lender-search.com. I have recently found a hint on the net (on this forum) about a registry entry. I want to know if its safe to delete this entry?
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com*
3) ENDS
4) OK, this is the most annoying problem of all.
After I logon to the internet (dialup), a message window appears (takes some time in appearing) that says I've serious problems in windows registry and should go to some registry fixing website. If not, I'll loose critical data. There is only one button that says "OK", which of course I never press. I've noticed two different websites the window recomends. Dont remember correctly but they were similar to regfix.com or eregistry.com (not exact addresses).
Trouble starts after I close the message window. Everything slows down significantly. If I open task manager and click on the Performance graph tab, it shows 100% utilization of processor/CPU. Any useful suggestions?
4) ENDS
I'll be very thankful to you if you solve any of these problems, specially the 4th one.
Regards,
Huda.
Posted by: goranpaa
Hi!
As your Norton Antivirus expired , Uninstall it, and download AVG free antivirus + Zone Alarm ., firewall free. This free antivir and F.W is as good as Norton.
I'm not sure, but you may have to download an "Uninstaller" from Symantec, to be able to uninstall Norton.
Then, Let AVG scan your PC. And after that, let these online virus scan scan it again. This as no antivirus is 100% effective!
http://www.bitdefender.com/scan8/ie.html
http://housecall.trendmicro.com/hou.../start_corp.asp
Also scan with a couple of anti spyware programs.
Ad Aware SE and Spysweeper for instance.
Posted by: redwench
running a couple virus scans and spyware scans should take care of everything but messenger. that you just disable from startup.
Posted by: Huda
Thanks for your responses. I am going to download AVG and Zone Alarm from download.com. I tried ZA before but couldn't get the hang of it. I suppose I'll have to learn if I want to make my computer safe.
I already disabled messenger from startup but didn't help. Spysweeper cost money so I'll probably opt for the other editor's choice spyware remover, Spyware Doctor 3.2.
Thanks again for your suggestions.
Posted by: Huda
Ok, I installed the following set of softwares.
1. AVG antivirus
2. Zone Alarm
3. Spysweeper
After that, I was doing following things on my PC.
1. Watcing a movie on CD
2. Updating AVG using a dialup modem
My PC restarted 3 times last during these tasks. Once I got a one minute countdown saying lvs** system process was terminated. Other 2 times it just restarted suddenly without any warning/freeze/countdown.
Any idea what could be causing this problem?
PC specs:
WinXP with SP2
P4 2400 Mhz
PERL865 Intel board
512 DDR
Icons in system tray:
ATI control center
SOund controls
alcohal 52%
AVG antivirus
Spysweeper
Zonealarm
Posted by: redwench
i do believe sp2 blocks sasser, so thats not it.
probably overheating or overstressing the power supply.
Posted by: hwm54112
malware definitely causing your problems by trying to sell you services by causing 100% proccessor usage, thereby making computer almost useless due to slow speed.
High processor usage during dvd playback causes heat induced issues
you can delete the registry entry specified (ad-ware)
Remove malware:
Turn off system restore (otherwise malware will remain in restoration files)
do all virus scans suggested plus these:
Spybot S&D-www.safer-networking.org/en/download/
Ad-aware Se-www.lavasoftusa.com/software/adaware/
Titanium antivirus (30 day free trial) far better than Norton-www.pandasoftware.com (don't bother with platinum internet security -just extra baggage)
Using all AV/malware scanners suggested is not overkill. every program listed picks up different things. after doing all scans run:
crap-cleaner -www.ccleaner.com/.
be very careful what you delete. This program may pick up hundreds of potential issues. You will be tempted to delete everything. DON'T DO IT. Take the time and check each entry before deleting. Alot of the stuu you may want to keep. Crap cleaner is optional, but it does get rid of a lot of crap and can speed up system.
If you really want to do it right (obsessive compulsive disorder) run the AV programs twice- once in normal mode and once in safemode. normal mode picks up services and processes that don't run under safe mode. Safe mode allows you to delete things that normally can't be deleted because they are running under normal mode. Second scan may find things missed on first scan.
Run HiJackthis-www.spywareinfo.com/~merijn/ (same deletion warning but more so. most of what it lists are good, just look as if they might be bad)
when you are done, be sure to turn on system restore
Afterwards, consider using Opera as a browser. Much like IE but not subject to malware as much. Even if your ISP is hooked into IE, you can leave IE open and on your ISP's home page and open Opera to browse the web. Makes an incredible difference even without a firewall. You can even make it look like IE to those websites requiring IE (banking, microsoft, etc)
Posted by: Huda
Thats alota work! I will try all this tonight. AVG finds viruses but doesn't heal them and yet shows no errors. Thanx for the detailed reply.
|
|
|
|
|
