Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems with Host Process stopping working after virus


  • Please log in to reply
1 reply to this topic

#1 BobbyGNo1

BobbyGNo1

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 13 March 2011 - 06:00 AM

Hi,

I recently tried to install some software that i'd downloaded from a dubious source and it was soon apparent there were nasties hiding in it ready to attack my machine. I know this because Mcaffee Total Protection told me as much when i ran the exe. I assumed that McAffee had done it's job. To make matters worse i did this a further two times with similarly dubious software with the same result. duh

Soon after, links in google results (under internet explorer 8.0)have been re-directing me to dodgy looking sites rather than the one it was pointing and this alerted me that something wasn't quite right. Another syptom was mcaffee telling me a couple of processes were trying to make changes or communicate over the internet (can't remember exactly). To rectify this i renamed them (as i was denied the ability to delete them). Another strange occurunce that i noticed was that under the start menu there was an application highlighted as if it had just been installed. Strange thing was that it was 'Remote desktop Connection' under Accessories. I checked Add remove programs (or whatever it's called now) and there was no indication that this had just been installed..

At this point i figured i needed to take action. As an initial step i ran a virus scan which found nothing then attempted to run system recovery only to find that it had been disabled (not by me) and i was unable to start it going again.. After a lot of forced reboots (holding in power button) and safe mode startups i was able to re-enable the system recovery and revert to a point before i installed the software. I then following the advice of a trusted geek.. downloaded and ran Malware antimalware. . This found 6 files and deleted them.. mainly from the windows temp directory.

I had a quick look on forums and followed a post on tech guys or bleeping computer which related to google being hijacked. I downloaded an exe on one of them called otm.exe guy was called old timer or something like that who posted the exe a scrip to paste into it so i followed the instructions and ran it. and the system hung.. I have to admit i don't exactly know at what point i did this.

Since this point in time.. i am still getting re-directed google links and the longer i use the computer the less functional it becomes.. For instance the Host Process has stopped working message pops up a few times and i lose network access from other machines, windows explorer stops working.. the aero theme disappears and windows 2000 styling returns.. if i reboot it hangs with a black screen and pointer but then if i force a reboot and choose a normal boot it boots up ok.. only to go through the same symptoms again..

I've checked windows error logs to see if i can spot anything but i can't see anything occuring.

I'm running Windows Vista Home Premium - Service Pack 2

I was tempted to move all my files to a portable hard drive and reinstall vista but theres a serious amount of stuff and i'm assuming i'll just get a host process message and explorer stopping.

In true cavalier fashion.. i have no backups.

I think i need help!!

BobbyGNo1

Edited by hamluis, 13 March 2011 - 07:16 AM.
Moved from Vista to Am i Infected.


BC AdBot (Login to Remove)

 


#2 BobbyGNo1

BobbyGNo1
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 14 March 2011 - 03:20 PM

Update:

I tried to run RKill on the machine and it immediately causes BSOD and again... and again..

I'm completely out of my depth can someone please help...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users