Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


You got to be kidding...? AvSP?

  • Please log in to reply
1 reply to this topic

#1 another user

another user

  • Members
  • 1 posts
  • Local time:12:00 PM

Posted 02 December 2009 - 07:36 AM

Randomly searching the web, my RAM suddenly skyrockets and my computer goes massively slow.
I booted up via the power button in the front, got typical blue screen. Went through numerous options and retries.

I am trying to download any tool I can (even the ones posted in these forums), but every program, and download, I try to open is "infected," though I know it is not. Notepad, my Task Manager!. I would give you guys that DDS log, but I cannot even run it! Should I just system restore, or even trash this computer, and get a new one?

o Random loading of IE with porno.com, adult.com, the products website, etc.
o Constant Windows Security Alert bubble in toolbar.
o The AVSP randomly loading up/doing scans.
o My Windows protection center loading up.
o Security Warning dialog box. Application cannot be executed. searchprotocolhost.exe is infected. (Always asks if I want to activate my AV software)
o With random error bubbles coming up, and my AVG shield detecting threats, here is some that popped (that were infected):
- SHeur2.BUAL (in AVG)
- SHeur2.BSIN (in AVG)
- FakeAlert.NU (in AVG)
- (my windows login name)\Local Settings\Temp\system.exe (the computer's main file?)
- ntuser.dll
- rundll32.exe
- Win32/Nuqel.E (may be a g or q?)
- searchfilerhost.exe
- searchprotocolhost.exe
- taskmgr.exe
- mcupdui.exe
- wmiprvse.exe
- dumprep.exe
- avgcsrvx.exe (I can't even run an AVG scan!)
- avgcmgr.exe

I made a random yahoo account to register with this site, in threat of my main yahoo account password being stolen. I am typing this on an alternate account. The account that got infected won't even boot up correctly because one of the processes is "infected." Can't remember which.

There is also an alert on the bottom from AVSP:
Attack from:, port 58215 (keeps changing)
Attacked port: 58487 (keeps changing)
Threat: BankerFox.A (changes back and forth from Win32/Nuqul.E)

That is all the information I can provide.

Thank you for your time, and hope some information is useful.

Edited by another user, 02 December 2009 - 07:38 AM.

BC AdBot (Login to Remove)


#2 ctbylsma


  • Members
  • 1 posts
  • Local time:12:00 PM

Posted 19 February 2010 - 12:07 AM

I have the exact same thing happening to me. Please reply if you found a solution to your this.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users