Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer


  • Please log in to reply
7 replies to this topic

#1 joshua600023

joshua600023

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 18 November 2007 - 08:43 PM

Alrite about 3 weeks ago i got rid of the TR/vundo.gen virus that messed up my computer pretty bad. It was working perfect for about 2 weeks, but now my internet is running soooo slow it takes about 2 to 3 min. for every page to download and freezes a lot. I have a lot of cleaners for my computer and virus guards also. When i run them when the internet is on they take forever to finish also, but when they do finish they dont pick up nething. Can anyone give me a hand here to figure out what is wrong.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:32 PM

Posted 19 November 2007 - 02:33 AM

Many internet connection problems are caused by corruption of the Winsock settings. You can reset these by doing the following.

Log on as Administrator.
Go to Start > Run and type: "cmd"
Type: "netsh winsock reset"
When it is finished you should receive the following message: "Successfully reset the Winsock Catalog. You must restart the machine in order to complete the reset."
Close the command box and reboot.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 zbd

zbd

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 19 November 2007 - 06:54 AM

Several areas to look at and try:


http://computercleanup.blogspot.com/

#4 joshua600023

joshua600023
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 19 November 2007 - 11:03 PM

alrite budapest i did what u said. That did not work now when log in under my user name and try to access the internet it just freezes. Im in safe mode with networking now. When my zone alarm and spybot run there always picking up spyware everyday i dunno if maybe they are duplicating thereself or what but im stuck. I have hijack this if you want me to run u a page. Any other thing that it could be. Im thinking another trojan but nothing is showing i have one.

#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:32 PM

Posted 20 November 2007 - 01:56 AM

I would try scanning the SuperAntiSpyware, and if that didn't fix it I would post a HJT Log (post the log in the HJT Forum, not this one otherwise nobody will help you).

Preparation Guide for use before posting a HijackThis Log
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#6 Cyb3r_Ninj@

Cyb3r_Ninj@

  • Members
  • 169 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Silicon Valley
  • Local time:07:32 PM

Posted 21 November 2007 - 02:04 AM

When you were clearing out the Trojan.Vundo malware did you remember to shut off the System Restore feature via the System applet?

Malware of all sorts burrow so deep into your system that simply removing the strings of files, dlls, and other $hitty malware strings that these nasty little buggers implant onto your system in system files and folders as well as your system's registry.

Simply removing the files and strings won't do, if the System Restore functionality is monitoring your hard drives while you are clearing these files out, they simply re-propagate at the next boot because of the Registry settings that get changed during the implant.

I don't know what AV program you run on your system, but if it detected strands of the Trojan.vundo $hitware once, it will probably find traces of it again by running a full system scan. At work we use Symantec AV which is pretty good (not the best out there, but it does a pretty good job for most SMB's {small-med businesses}). Anyway, i mention it because we use it and Symantec's website provides pretty good support and solutions for cleaning out minor security risks.

Sounds like when you removed the trojan files, System Restore was still turned on and not all Registry settings were repaired, thus when you rebooted after removal, the settings saved via the System Restore functionality re-propagated the trojan after rebooting.

Check out the link below for further information on outbreak, security risk factor, and reliable removal instructions:
http://www.symantec.com/security_response/...-112111-3912-99

If you follow the instructions verbatim, it should allow you remove all traces of the malware, repair the Registry keys back to their original state without System Restore pulling the keys from a Restore Point which has saved the implanted BAD registry keys.

Check it out and see if that doesn't get you back up and running good as new. Best of luck and happy hacking!
***********************************************************************
Bill Gates recognizes the skills... so i suggest you start there and recognize them too...
***********************************************************************
:: digital.ronin ::

| MCP - ID 5646435, other certifications pending... |

#7 joshua600023

joshua600023
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 21 November 2007 - 04:19 PM

alrite budapest when i tried downloading the scanner u sent it said that the administrator has set policies to prevent this download.

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:32 PM

Posted 22 November 2007 - 01:30 AM

In that case I would post a HijackThis Log in the HijackThis forum.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users