Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

3 computers invected by several viruses


  • Please log in to reply
7 replies to this topic

#1 trazzer

trazzer

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 29 June 2013 - 04:40 PM

Can any one pls help me with 2 desk top computers and 1 laptop. I think iam invected by iexplorer wich is hidden in super hidden files as wel with Ravbg64.exe/maxx4 and maybe more. Myn system's are pacerdbell up graded to w7 32bit 2gig memory and 8 months old dell xps 8500 wich was w7 64 bit 8 gig raam but after traying to remove viruse lost the main system and hade to reboot it with a upgrading cd w7 polish version. And a 2 weeks old asus wich lost myn syst as wel after trying to get the viruse deleting. The asus laptop went in to never ending loop when i tryd to reboot it with myn recovery cd and i was fors to use same upgrade cd to reboot. Was also fors to change regedit setings. But after 2 houers it deleted windows explorer and fabric setings. Now he dont even reboot in safe mode. Ale computers were conected with network. At this moment i tryd every thing to solf this problem. Iam desperate and ask for any help. Thank u

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:50 PM

Posted 30 June 2013 - 02:06 AM

Please split your issues with the computers up so we can help you better:

 

For example

 

Packard bell Desktop:

Issue 1

Issue 2

etc

 

Asus Laptop:

Can not boot into safe mode

etc

 

Laptop 2

Issue 1

Issue 2

etc


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 trazzer

trazzer
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 30 June 2013 - 04:35 AM

Wel it quit simpel, 3 computers conected with same network. The issu wich i notice was that myn sound get very craky and glithy after a while. I was using computers to stream life, using program as traktor pro. So i went and tryd finde on the web what it could be and after few months of difrent setings to the system i end up at task manager. I see ther and it in al 3 computers same, i see like 5 iexplorers  open and working in proces and i hade all windows closed, 3 of them dident have any path, also noticed severl aplication of windows 32 map are  workings also together at once like csrss.exe, 2 of them, one no path also 3 taskhost.exe at same time and 2 of them no path, and ,amy ,amy svchost also working consuming cpu.  Myn main issu is that i cant play normal music or stream cus the sound gets so bad at home that i cant even hear any high tones at all. it like a dark blanked is placed over tracks and it just like only low tones coming out. I think some houw the viruse either consuming all cpu or invected also sound files. Strange is this that cpu meter always shouws low  0 in progres but than again myn anti viruse softwer were also shutdown or pretending to work cus for several months i did get scan logs and it always was everything 0, not even 1 cooki was removed and after i tryd to open antiviruse Mc and norton i couldend. Devender was also down. Every time is somthing alse like changing in files in task or somthing stops working, iam for sure invected only by what is the main quastion. I lost almost 3 systems by  finding it out and reboot myn computers with bored upgrading cd. So pls any ideas would be welcome. Thank u



#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:50 PM

Posted 30 June 2013 - 05:32 AM

Sorry I'm finding it difficult to help you with you writing in the current way you are. Please use my format suggested in my previous post.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 trazzer

trazzer
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 30 June 2013 - 07:32 AM

Iam sy i try to explain

Dell xps 8500
Windows 7
8 gig raam
Multicore
Issue invected by several viruse (I think)
Cpu always minimal in use
Noticed in task manager several iexplorer process in use even all windows close. Double csrss.exe activited in task manager. Several random proces like taskhost.exe aper in task manager at same time and only one proces out of them is suported by a service. When I pres to chek the location of the process nathing hapends.
The computer is used to stream life audio and is empty of any ather programs but yet after a while I notice that the sound start to change. It get disturbed and glithy. When I chek task manager I see many process working wich dont supost to. Most of those process are conected to svhost. Still cpu is 0 in use. Antiviruse program and windows devender shutdown and cant fire up.

Hope this is more clear. Iam sy for myn english.

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:50 PM

Posted 30 June 2013 - 11:02 AM

Ok we'll work with the Dell laptop only in this topic. Please start new topics for the Packard bell Desktop, and the Asus Laptop.

 

--------------

 

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text. 
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.    
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.  
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.



:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.



:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.



:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Edited by dev00790, 30 June 2013 - 11:03 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 trazzer

trazzer
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 30 June 2013 - 03:18 PM

Oke sir I will start as soon as I come home from work. Thanks

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:50 PM

Posted 30 June 2013 - 03:27 PM

oK :)


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users