Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Still Something Lurking


  • Please log in to reply
3 replies to this topic

#1 Bill R.

Bill R.

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 24 January 2006 - 03:39 PM

Ok, I have done all I know to do. Our power went off yesterday and when it came back on I couldn't get my computer back on. Started up in Safe Mode, ran Adaware and Spybot, then ran Antivirus.com and supposedly had everything clean. Power went back off later the same day and this morning again couldn't get back on. It trys to start, gets to the Cntrl Alt Delete start page but as soon as I hit CAD the computer locks up. So I called our tech guy and took my computer over. He supposedly ran a scan, cleaned it and had it fixed. Brought it back and started it right up. I hit CAD to go to Task Manager and listed all of the running programs. Found lsass.exe, spoolsv.exe, OfcDog.exe and then went to Google and started doing searches which led me to here. Well I went in and deleted lsass and spoolsv.exe from files other than the correct folder listed for the program. Couldn't find any info on OfcDog to know whether it should be deleted. Tried to restart my computer and it still locks up at the CAD page. So how do I find was else is still lurking around that is screwing me up. I have checked my bank account from this computer and am getting antsy about someone mining my info since I am hooked to a network and can't tell what all is running. Any help is greatly appreciated as our tech guy is obviously a little challenged.

Thanks,

Bill R.

Edited by Bill R., 24 January 2006 - 03:42 PM.


BC AdBot (Login to Remove)

 


#2 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:18 PM

Posted 24 January 2006 - 03:57 PM

From here:

ofcdog.exe belongs to the Trend Micro Internet security suite, and provides assistance to the OfficeScan client. This program is important for the stable and secure running of your computer and should not be terminated.


Try running Ewido. Setup instructions are here.

Having said that, I don't see the connection between crashing when the power goes out and the fact that you think you have a virus. Crashing in that manner can corrupt system files and drivers though.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#3 Bill R.

Bill R.
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 24 January 2006 - 04:07 PM

I was thinking that there must be some kind of exe file still in my computer that when I have to reboot allows it to start again. Read some more and trying a scan at Panda. Already found 27 spyware files so maybe that is my problem. Does Panda seem to catch more than Adaware?

Bill R.

#4 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:18 PM

Posted 25 January 2006 - 07:36 AM

The Panda Active scan "seems" to find more spyware items than the others, but I would tale those with a grain of salt.

Since you have Spybot, open that and go to the Mode menu at the top and choose Advanced. Select System Startup on the left and you will have a list of programs that run when you boot. If you feel there is malware present it should be shown there. If you click the blue tab on the right you will see info on the highlighted item.

You can compare these entries with our Statup Database at the top of this page. Let us know if you find any questionable entries.

What is your operating system?

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users