Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Don't know what to call it, but I have something.


  • Please log in to reply
7 replies to this topic

#1 Cyclops62

Cyclops62

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wilmington, NC USA
  • Local time:05:46 AM

Posted 14 November 2014 - 03:35 PM

  When starting up, a DOS box flashes quickly- C\system32\command. Opening the browser, I cannot get online. The screen says my proxy server is refusing connections. I do not use a proxy. I have a new suspicious folder on my system. It is  C\a. In it is 2 MS-DOS batch files, #'s  47119478 and 87567881, 2 zip files  - 47119478.zip and 1060180.zip, one that says  Loading.gif and Fiddler Core.dll  2.4.5.6. I have opened the 1060180.zip file to get the Fiddler.dll file and  Internetport3.exe. After I doubleclick the Internetport file, I am able to get online. MBAM will remove the Internetport file which leaves me unable to get online so I repeat opening the 1060180 file to get Internetport3 back. 

  AVG (free) has found something called Adware Generic5.CGKS in C\SystemVolumeInformation|_restore{78A41278-3896-4F9C-ECE1BC510662}\RP919\A0655304.exe. It was quarantined. Something else called  C\a\tXVh2mzJRm.exe  also quarantined.

  My PC also seems to be using much more memory than usual. The fan will increase its' speed alot and then it will crash. 

  Any and all help will be greatly appreciated by me.

 



BC AdBot (Login to Remove)

 


#2 Cyclops62

Cyclops62
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wilmington, NC USA
  • Local time:05:46 AM

Posted 14 November 2014 - 03:45 PM

  I forgot to mention that My firewall has detected the Internetport3.exe file trying to "call home" - so to speak. I ignore it.



#3 xAnti_HerOx

xAnti_HerOx

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:03:46 AM

Posted 14 November 2014 - 04:08 PM

Have you checked your Resource Monitor , How does this the Memory and/or Process Percentage look? 

Are they being maxed at a constant 100% ?


4mKMIUp.jpg

 

"The human spirit must prevail over technology". -Albert Einstein 


#4 Cyclops62

Cyclops62
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wilmington, NC USA
  • Local time:05:46 AM

Posted 14 November 2014 - 05:03 PM

  I do not know how to do that. It was an uneducated guess.



#5 xAnti_HerOx

xAnti_HerOx

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Los Angeles
  • Local time:03:46 AM

Posted 14 November 2014 - 05:36 PM

1. Press Ctrl-Shift-Esc) to open Task Manager.

2. Click the Performance tab.

3. Click the Resource Monitor button in the bottom right of the screen.

Resource Monitor looks slightly different in Windows 7 from how it looks in Windows Vista, but its basic functions are unchanged.

 

resource1-5225113.png

 

 

 

resource2-5225117.png


Edited by xAnti_HerOx, 14 November 2014 - 05:36 PM.

4mKMIUp.jpg

 

"The human spirit must prevail over technology". -Albert Einstein 


#6 Cyclops62

Cyclops62
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wilmington, NC USA
  • Local time:05:46 AM

Posted 14 November 2014 - 05:57 PM

OK. I have the task mgr. I run XP3 and yes it is different yet. The Resource Monitor button is not to be found.



#7 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,952 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 14 November 2014 - 07:50 PM

  I forgot to mention that My firewall has detected the Internetport3.exe file trying to "call home" - so to speak. I ignore it.

 

 

Internetport3 etc appears to be a Trojan downloader.

 

 

 

Please follow the instructions in the Preparation Guide For Requesting Help  starting at Step #6.

 

When you have done that, start a new topic and post the required logs to  Virus, Trojan, Spyware, and Malware Removal Logs   forum, NOT here, for assistance by the Malware Response Team Experts.

NOTE :If you are unable to complete any step, please just post the topic and leave a good description of your problems

Best of Luck !


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#8 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:05:46 AM

Posted 14 November 2014 - 08:17 PM

I strongly advise that you do as Condobloke suggeseted and post the logs requested in the Prep Guide in Malware Removal Logs forum.

Your first priority should be getting rid of the malware. If issues remain after the computer is clean they can be addressed.

After you post in that forum please return to this topic and reply with the link to the NEW topic in MRL so this one can be closed.

Edited by Queen-Evie, 14 November 2014 - 08:22 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users