Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP


  • This topic is locked This topic is locked
23 replies to this topic

#1 yoancewhite

yoancewhite

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 05 March 2012 - 07:34 PM

help, my PC is running very slow, why i dont know. I have a hijack this log, can u please check it out for me?

I attached the log, dont know how ti fix this pcAttached File  hijackthis.log   7.17KB   2 downloads

BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 11 March 2012 - 03:56 PM

Hello and welcome to BleepingComputer! :)



I am Blind Faith and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are destined to idetifying the possible threats present on your system so I will analyze the results they produce.


As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that step. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us.

If you will encounter a delay of over 2 days from me, please don't hesitate and private message me.
Do not forget to check your topic periodically and subscribe to the topic so that you can receive notifications regarding my replies.



Please generate another DDS log (download it from here if you haven't already) and post it in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link: GMER download link.



Thank you very much for your patience.




Regards,

Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 31 March 2012 - 10:43 AM

Hello Blind Faith, I just saw your response to my post and more than 2 days has past since then, please instruct me as in what next steps to take, thank you for your help in advance.

#4 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 31 March 2012 - 10:45 AM

Please generate the logs requested in my previous reply. :)


Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#5 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 31 March 2012 - 12:19 PM

ok here goes, thanks

Attached Files



#6 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 01 April 2012 - 04:42 AM

Please re-run DDS.exe, there is a missing log. This time it should produce the missing log. :)


Elle

Edited by Blind Faith, 01 April 2012 - 04:42 AM.

Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#7 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 02 April 2012 - 11:11 AM

just scanned with dds

Attached Files



#8 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 02 April 2012 - 11:15 AM

this is another log as well , not sure if this is needed

Attached Files



#9 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 03 April 2012 - 07:48 PM

so, no problem i guess?

#10 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 04 April 2012 - 03:57 AM

I am still waiting for a reply from my coach. I will come back with an answer as soon as possible. :)



Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#11 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 05 April 2012 - 03:36 PM

Hi there,

Going over your logs I noticed that you have µTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

===================================================================================================================================

Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.







Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#12 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 06 April 2012 - 08:48 AM

this is the combo fix log, i also deleted utorrent

Attached Files



#13 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 08 April 2012 - 06:56 AM

Could you please give some feedback on how the system is working now? :)



Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#14 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 08 April 2012 - 02:49 PM

It is behaving the same, just wondering if there is more to this than meets the eye.

#15 yoancewhite

yoancewhite
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 09 April 2012 - 08:57 AM

same as before




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users