Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[Help] Not able to play any FPS Shooters/Computer shuts down.


  • Please log in to reply
4 replies to this topic

#1 Randosity

Randosity

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 28 February 2009 - 10:13 AM

I am running Microsoft Windows Media Center Edition 2005.

Ok, so the problem. I have recently encountered a severe virus attack which didn't let me log on, kept crashing my computer, etc. The only choice I had to attempt to stop it [It shut down my internet], was to run ComboFix in SafeMode. I even had to rename it for it to run >.<. Well anyways, that seemed to get rid of most of the virus. I have ran MalwareByte's Anti Malware, CCleaner, and have deleted a few virus executables in C:\WINDOWS\system32 [Using Certified instructions].

However, through all of this, it seems that the virus seriously damaged my computer somehow. Like, occasionally, my computer will just shut down and restart out of random. When it proceeds to start up, I get a message stating: You have just recovered from a serious system failure, send error report, etc. Also, on startup, occasionally I have to manually start explorer.exe, and I always get this one error: init.exe has encountered a problem and needs to close. Init.exe is the User Init Logon Application used in windows classic, which I am confused of because I should not have that. I use the automatic startup that doesn't require a username or password.

Now with the FPS Shooters. I have tried the following 3 games: Soldier Front, Combat Arms, and Crossfire. On each one of them, they always "encounter a problem and need to close". I used to be able to play all of these games easily without any problem. My computer is meant to hold a lot of information, and used to run fluently when I played games. But now, even when I reinstall these games and everything, it gets that error and I am unable to play them.

Could someone assist me with this problem, please? Help would be greatly appreciated.

Thank You,
Randosity

Edited by The weatherman, 28 February 2009 - 10:21 AM.
Moved to a more appropriate forum~TW


BC AdBot (Login to Remove)

 


#2 Randosity

Randosity
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 28 February 2009 - 10:45 AM

Ok, I just ran MalwareByte's Anti Malware, and I got a whopping 52 errors. I'll post a log after it asks for a restart (I know it will).

Here's the MBAM log:

Windows 5.1.2600 Service Pack 2

2/28/2009 10:45:24 AM
mbam-log-2009-02-28 (10-45-24).txt

Scan type: Quick Scan
Objects scanned: 71860
Time elapsed: 9 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 5
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 42

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\restore (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CcEvtSvc (Trojan.MyDoom) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msupdate (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\msupdate (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msupdate (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\freshplay (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\restore (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\restore (Rootkit.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\fkpinit_dlls (Spyware.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ptezifowa (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\temp\init.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\TEMP\init.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\nvtpm32.dll (Spyware.Agent.H) -> Delete on reboot.
C:\Documents and Settings\HP_Administrator\Favorites\Cheap Software.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Start Menu\Cheap Software.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Favorites\MP3 Download.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Start Menu\MP3 Download.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\enevuqadiru.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdbcopy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\reader_s.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\codeblocks.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\deviceemulator.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\makehm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\windres.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\E.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bb1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rc.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\azton.mt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\reader_s.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\dpgjvftm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\init.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN12.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cs.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssrv32.exe (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\services.ex_ (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\restore.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Edited by Randosity, 28 February 2009 - 10:51 AM.


#3 Randosity

Randosity
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 28 February 2009 - 11:00 AM

Just got more infections.

New MBAM log: [Btw, this will be last update until reply, to avoid spam.]

Malwarebytes' Anti-Malware 1.34
Database version: 1812
Windows 5.1.2600 Service Pack 2

2/28/2009 10:58:53 AM
mbam-log-2009-02-28 (10-58-53).txt

Scan type: Quick Scan
Objects scanned: 72011
Time elapsed: 8 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\lmpinit_dlls (Spyware.Agent.H) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\nvtpm32.dll (Spyware.Agent.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\azton.mt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

Edited by Randosity, 28 February 2009 - 11:00 AM.


#4 Randosity

Randosity
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 02 March 2009 - 12:46 PM

Bump... It's been 4 days :thumbsup:

#5 Randosity

Randosity
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 04 March 2009 - 04:57 PM

Sorry that was rude. I have belief to believe this is a virus.

This thread can be closed though.

Thanks

Edited by Randosity, 04 March 2009 - 06:55 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users