Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

4DSWeH7S.com processes??


  • Please log in to reply
2 replies to this topic

#1 Modulus

Modulus

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:07:57 AM

Posted 17 December 2011 - 08:54 PM

Recently, I had to look up and execute some advice found via google in order to remove something someone had installed on my system called Cloud AV. I booted into safemode, ran rkill and installed / updated / scanned with Malwarebytes. The annoying popups have stopped, but everytime I log into my computer after several hours / days of inactivity, the task manager shows a slew of processes I don't recognize, each one taking up 2-5% of the available processor cycles. I've included a picture of the task manager situation I'm speaking about.

I'm sure I've followed the instructions for removal of Cloud AV correctly, and once upon a time, I was a student of bleepingcomputers malware removal training program, so needless to say, this isn't my first rodeo. And yet, I find myself stumped here... Any help would be appreciated.

Posted Image

Running Windows 7
All applicable updates for Firefox, Flash, etc., have been applied. IE is not installed.
I have run SpybotS&D and rkill + malwarebytes with limited success. Spybot finds nothing, and although Malwarebytes does find issues and quarantines them successfully, it seems as though it's not completely cleaning my system.

Thank you,

Modulus
I'm not a vegetarian because I dislike meat, I'm a vegetarian because I hate plants!

BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:08:57 AM

Posted 17 December 2011 - 09:00 PM

That looks very odd to me. I can't see what you are showing because I'm as blind as a bat, but I can tell you that you should post a malware bytes log here for us to see and maybe we can get something out of it that will tell us what the issue is here. From what you described, it looks like that rogue (they're so infamous for this) left a remnant that needs to be handled.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#3 Modulus

Modulus
  • Topic Starter

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:07:57 AM

Posted 17 December 2011 - 09:37 PM

That looks very odd to me. I can't see what you are showing because I'm as blind as a bat...


I think that if you click the image it will resize. It's standard size is waaaay too small, I agree.

OK Chromebuster, thanks. I'll edit this post and post the log when it's done running. Thank you.

p.s. In case you still can't see the image, there are about 30 processes of 4DS2WeH7S.com running from the win32 folder. Very weird.
I'm not a vegetarian because I dislike meat, I'm a vegetarian because I hate plants!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users