Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP Antivirus Pro Removal among others.


  • Please log in to reply
10 replies to this topic

#1 Mcguireracing70

Mcguireracing70

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 13 March 2010 - 02:49 AM

Hello, I have read a lot of the rules here but I am new so please forgive me if I do something wrong. I was given this computer that never really ran right from the get go but hey, it worked. I am now getting XP Antivirus Pro pop ups and scans without being initiated. It is telling me that my system has been hijacked. It is also "detecting a stealth intrusion". I assume that this program itself is malware??!! I am at a loss and have no clue even where to begin. This thing runs so slow and I can't view a lot of very simple things like Apps on facebook. It freezes up but only on games. Please help! Let me know what the first steps shall be.. PLEASE! (and THANK YOU!)

Edited by Orange Blossom, 13 March 2010 - 08:47 AM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:55 PM

Posted 14 March 2010 - 03:06 PM

Hi,

Please read the instructions in this tutorial: http://www.bleepingcomputer.com/virus-remo...ntivirus-xp-pro

Let me know if it works,

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 Mcguireracing70

Mcguireracing70
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 15 March 2010 - 07:12 PM

Thanks Casey!

I actually continued to read when I posted this and used MalwareBytes and Super Anti-spyware to get rid of (apparently) 245+16 different "spyware". It worked great. Thanks for the help! Oh, I was wondering if I should add something else that this computer is doing in this thread or start another one, maybe you will know which I should do. It is giving me a message that says, Windows Virtual Memory is low, and it tells me that my computer may be slow while it is increasing the size of my page file. I know it is not a brand new computer but it just shouldn't be this slow. Any ideas on where I should post this or maybe how to fix it??
Thanks again!
Christina*

Edited by Mcguireracing70, 15 March 2010 - 07:12 PM.


#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:55 PM

Posted 16 March 2010 - 05:57 AM

Hi,

This issue is possibly unrelated and would be better posted in a different forum - however, it may also be due to the infection. Did you have this issue before the infection?

Also, how much RAM do you have? Guide

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 Mcguireracing70

Mcguireracing70
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 16 March 2010 - 02:13 PM

It wasn't giving me the message before but it was running slow. Mostly with games. I never thought about the RAM but I bet that is it becasue i believe it only has 256. (weak compared to the new computers huh)

#6 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:55 PM

Posted 16 March 2010 - 05:15 PM

Hi again,

I think that's probably it :thumbsup:

You should try reducing the amount of programs you have open at once (including background processes) and possibly consider upgrading your RAM or increasing your page file (although it sounds as though Windows has done that for you).

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#7 Mcguireracing70

Mcguireracing70
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 22 March 2010 - 02:37 PM

Hi Casey,
Sorry it took so long for a response. I have had trouble getting on the internet. I did as you said and checked the running processes when I logged in and I am super confused now. I looked each process up in the database on BC and are getting conflicting answers. Some of the programs that are running have good entries and bad entries. Example: lsass.exe it says not to get it confused with lsass.exe . How do I know which is which?? I also have ran Malwarebytes and Super Anti-spyware a dozen times and it isnt picking these things up. I am now getting porn pop ups in Internet explorer but I don't even use it. I use Firefox. I am also getting a different "anti-virus" pop-up now. It is Anti-virus soft. These are the files that are running in th background that I am not sure what to do with.

lsass.exe
csrss.exe
alg.exe
winlogon.exe (good or bad??)
services.exe
spoolsv.exe ( I don't have a printer on this computer)


Thanks for your help in healing my crippled computer.
Christina*
I also can no longer turn on yahoo messenger.

Edited by Mcguireracing70, 22 March 2010 - 05:27 PM.


#8 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:55 PM

Posted 22 March 2010 - 06:19 PM

Hi,

Some rogue processes have the same name as legitimate processes - the difference is where the process file is saved. So without seeing detailed logs (which I'm not allowed to do in this forum) I can't advise you on those you list.

A removal tutorial for Antivirus soft is found here.

Let me know how you get on.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#9 Mcguireracing70

Mcguireracing70
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 22 March 2010 - 10:34 PM

ok so.. which forum am I supposed to ask about these in?

#10 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:55 PM

Posted 23 March 2010 - 06:52 AM

For help with logs you need to post in the Virus, Trojan, Spyware, and Malware Removal Logs forum.

If you've tried going through all of the steps outlined in the tutorials and have scanned with MalwareBytes etc. and this still hasn't resolved your issues then, with the information you have provided, I believe that you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. Help is on the way!

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#11 Mcguireracing70

Mcguireracing70
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 23 March 2010 - 09:01 AM

Being patient is one of my best traits. I know you guys get slammed so I will be very happy to wait my turn. Thank you Casey for everything you have helped with. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users