Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure what's going on.....


  • Please log in to reply
3 replies to this topic

#1 toothscaler

toothscaler

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Southeast Coast
  • Local time:09:43 AM

Posted 04 September 2011 - 06:56 PM

Hi! Not really sure what's happening. I'm getting multiple AVG threat and/or alerts such as Exploit Best Exploit Kit (type 2035), and Exploit Blackhole Exploit Kit (type 1889), Backdoor trojan C:\Windows\temp\0.9608424414260434.exe. I also keep hearing the Windows XP Exclamation sound for no apparent reason. I have gotten process termination boxes like - Generic Host Process for Win 32 Services has encountered a problem ....etc. My computer is running slow and even the appearance of the start button and taskbar changes.....

I have run AVG 2012 3 times in 2 days, each time it detects and cleans many warnings, all tracking cookies. Once it found an infection and cleaned that, but I am still getting the pop-up threat dectects and alerts, and the exclamation sounds and slow computer.

I have also run Malwarebytes 3 times and it did not find anything.

Need some direction ....... Help please!!!

toothscaler :scratchhead:

Windows XP Home
Custom Computer (see profile)

Edited by toothscaler, 04 September 2011 - 06:58 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:43 AM

Posted 04 September 2011 - 09:29 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 toothscaler

toothscaler
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Southeast Coast
  • Local time:09:43 AM

Posted 06 September 2011 - 08:24 PM

Thanks for replying so quickly, but I think the problem may have been with AVG. I uninstalled it and loaded and ran Norton Power Eraser, and MBAM. Then I loaded Comodo internet security and that scan came up clean. So far everything is working fine. Taking a chance on comodo, but read some good reviews and decided to give it a try. Thanks again for getting back so quickly. If I have further problems, I'll repost!

Edited by toothscaler, 06 September 2011 - 08:27 PM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:43 AM

Posted 06 September 2011 - 08:28 PM

No problem :)

Good luck!

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users