Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Malware


  • This topic is locked This topic is locked
7 replies to this topic

#1 XML2005

XML2005

  • Members
  • 129 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:51 AM

Posted 18 November 2007 - 04:39 PM

Iím not sure whether I accidentally deleted a necessary file, or I picked up some malware. About 3 times in a row, I got rundll32.exe errors when shutting down. I ran Spybot and PC-cillin scans, but found nothing. Then the rundll32.exe errors stopped popping up (with no intervention from me), but my machine got VERY sluggish, and my Task Manager gave me no clue why. So I shut down. When I booted up again, response time had improved a bit, but my machine was still somewhat slow, and now my Task Manager started looking odd: it only had a partial Processes panel, and did not have the other tabs or a menu bar on top. I found a fix for the Task Manager at http://blogs.msdn.com/oldnewthing/archive/.../30/103379.aspx, but - although my machine is not that slow - my mouse now sometimes takes quite a while to respond.

I ensured I had the latest Microsoft Updates & SpywareBlaster updates, I scanned with Spybot, AdAware & Pc-Cillin; all found nothing. I ran McAfee Stinger v3.8.0 (with system restores off), and ran HijackThis in Safe Mode. I would be most grateful if someone could help me with the attached log, as it is indecipherable to me.

Thank you.

BC AdBot (Login to Remove)

 


m

#2 XML2005

XML2005
  • Topic Starter

  • Members
  • 129 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:51 AM

Posted 20 November 2007 - 03:35 PM

Update: I tried uninstalling and reinstalling Trend Micro PC-cillin, and things look a little better. Is it possible this was just a conflict between Trend Micro & Spybot, or is there actually some red flag in my hijack.this log? Thanks again.

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 AM

Posted 04 December 2007 - 07:55 AM

Hi,

Yes, there could have been a conflict with your Trendmicro since it runs OK now after you reinstalled it.
This happens quite frequently.

For your HijackThislog, check and fix next orphaned entries in it:


R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


The rest looks OK :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#4 XML2005

XML2005
  • Topic Starter

  • Members
  • 129 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:51 AM

Posted 04 December 2007 - 09:36 AM

Thanks, miekiemoes.

I'm relieved to know there was nothing ominous lurking in the HijackThis log.

BTW, I'm not that technically knowledgeable. How do I "check and fix" orphaned entries? Does this involve going into the registry?

Thanks again.

#5 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 AM

Posted 04 December 2007 - 09:42 AM

No, you don't need to go in the Registry for that. You only need HijackThis for this.
So open HijackThis and click "Scan".
Then it will display a lot of entries with checkboxes in front. Only check the ones I mentioned and click the "Fix checked" button below. :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#6 XML2005

XML2005
  • Topic Starter

  • Members
  • 129 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:51 AM

Posted 04 December 2007 - 10:10 AM

Thank you for your help. It's done! :thumbsup:

#7 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 AM

Posted 04 December 2007 - 11:26 AM

You're welcome :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#8 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 AM

Posted 08 December 2007 - 01:51 AM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users