Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer, Internet Explorer Won't Open


  • Please log in to reply
12 replies to this topic

#1 ranger-007

ranger-007

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 10:23 AM

Hey everyone.

So my computer has been acting strange for a few of days now. I know about a week ago it got infected with Spy Sheriff (tricky little program) but I'm pretty sure I got it off. And I'm running Spybot right now and it's about half done and it hasn't found anything.

As for the symptoms,

1) I've been trying since I got infected with Spy Sheriff to run disk cleanup. And I know in the forum it said it could take minutes to hours but I ran it all last night (a total of approx. 10 hours I think) and it still doesn't go anywhere.

2) My computer has been "freezing" alot. I'll only have two Internet programs open and they will both freeze, so I do the ctrl-alt-dlt thing and my CPU usage has gone from 3% to a 100% even though nothing has changed. And it's normally when I have something simple open like Yahoo and Google.

3) The last time my computer "froze" I shut down the Internet window that wasn't responding and eventually the CPU usage went back down and I could use the other window again. But now I can't open another window of Internet Explorer at all. (which is why I'm doing this now. I'm going to try to restart my computer but it would be pretty tragic if I.E didn't open at all after that)


I'm thinking more strange stuff has happened but now for the life of me I cant remember. Any ideas anyone? Oh and Im operating on Windows 2000 Professional.

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 AM

Posted 21 February 2007 - 10:37 AM

What did you do or use to get rid of SpySheriff? Below is a link to instructions for removing SpySheriff. If you haven't run the Smitfraudfix I would suggest doing that.
You probably have other infections, too.
http://www.bleepingcomputer.com/forums/t/52345/how-to-remove-spyware-sheriff-and-antispylab/
Also, install Super Antispyware. Run it in safe mode and let it remove whatever it finds.
http://www.superantispyware.com/

Please post back with what worked--what didn't

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 ranger-007

ranger-007
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 10:53 AM

I think I ended up using Spybot to get rid of Spy Sheriff. I tried the Smitfraudfix thing but the first step was the disk clean or w/e and it wont do it. it just sits there at like 3 bars. I left it on all night. I restarted my computer and it seems to have fixed the IE not opening but it's still slow. Im going to dl super anti spyware now. (oh and when I finished running spybot all it found new was a tracking cookie)

#4 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 AM

Posted 21 February 2007 - 11:27 AM

Sounds like you may have a lot of temp files and logs that need cleaning. Install Ccleaner and allow it to clean your temp files, logs, cookies. Use the default settings. Do not use the advanced settings or "Issues" button. All browsers should be closed before running the program. It should only take seconds.
Immediately after cleaning, run the Smitfraudfix again.
http://www.ccleaner.com/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 ranger-007

ranger-007
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 11:31 AM

I just ran the Super AntiSpyware and it found a whole crapload of stuff that it quarantined. But when I looked at the files esp. for one of the trojans it found, it's files like yahoo messenger, mcafee, our printer software a lot of things like that. Should I still delete them? And why are they there?

#6 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 AM

Posted 21 February 2007 - 11:37 AM

Do not delete the quarantine files. The reason for quarantine instead of deleting is so you have a chance to reverse the file removal in case of a false positive or other reason. After using the programs in question for a period of time and there is no problem with them, then it will be safe to delete the files in quarantine. Please look at my previous post in case you missed it.

In some cases, it is not possible to repair the infected files or remove the infection from the infected file. In that case, the only solution is to reinstall the infected program files.

Edited by buddy215, 21 February 2007 - 11:40 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 ranger-007

ranger-007
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 12:13 PM

In regards to the files, so I have to try all the programs that there are files related to to make sure that they are ok w/o them?

And in regards to Smitfraudfix,
So I tried the Smitfraudfix thing again after I ran the ccleaner and deleted the stuff you told me to. Once again the disk cleanup just sat there so I hit cancel because it doesn't work (is that even possible?) and then hit y to clean the registry and I got a message popup that said:

cannot import cleanup.reg
error accessing the registry

#8 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 AM

Posted 21 February 2007 - 12:21 PM

Please post a Hijack This log in the proper forum by following the instructions in the link below. It is ok to leave the files in quarantine. It is also probably ok to delete them. I prefer to wait a few days after using the different programs then delete them. It is up to you.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 ranger-007

ranger-007
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 12:24 PM

I know one of the files is related to either my printer or camera. I don't think it likes not having it I guess? It's tellin me to reinstall it from cd.

Thank you. I will post a log.

#10 ranger-007

ranger-007
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 12:42 PM

Feelin kinda stupid here. Im followin the instructions for hijackthis and saved to my desktop. I unzipped files and it did it successfully. but Im not seein the option to scan and create log or whatever. if I click on hijackthis again I get the same unzip options. Am I doing something totally wrong?

#11 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 AM

Posted 21 February 2007 - 01:00 PM

was there a shortcut created on your desktop?

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#12 buddy215

buddy215

  • BC Advisor
  • 12,989 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 AM

Posted 21 February 2007 - 01:06 PM

Scroll down to instruction #9 in the link below. It will install in the proper location and is self extracting.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
If you have a problem getting HijackThis to run, try renaming it to something else like "myscan". If needed you can also change the .EXE to .BAT, .COM, .PIF, or .SCR. All all are valid for renaming it.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#13 ranger-007

ranger-007
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:38 AM

Posted 21 February 2007 - 01:18 PM

yea. the shortcut is there. and so I click on it to unzip and it does it and then I click close. and I open it again and its the same thing giving me the option to unzip. Ill try to rename it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users