Internet very sluggish - Avira finds TR/ATRAPS.Gen - Hidden Processes? grawr!

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by zelda2727, Apr 28, 2009.

  1. zelda2727

    zelda2727 Private E-2

    Hi,

    so for the past couple of weeks my PC has been running very poorly. I notice it mostly while browsing the net. For instance if I am typing in a form the pc will frequently freeze up for several moments and sometimes I keep typing anyway and when the browser has control of the cursor again what I was typing while it froze will appear in the text box. It also freezes just during general browsing. I will try to click on a link, scroll bar or enter an address into the web browser and I simply cannot click on anything or activate any links or buttons. I can move the mouse but it won't let me click on anything. It is like there are hidden processes running or something that keep taking precedence over what I am doing. (my browser/pc froze so many things just while typing this I cannot count them all!)

    I have not experienced any insidious popups or having my desktop hijacked or even having mysterious things show up in my system tray so this problem is really difficult for me to pinpoint.

    Also Saturday or Sunday, Avira popped up with a possible trojan infestation TR/ATRAPS.Gen was found in 28 locations including my recovery drive (D).

    I believe that I have done all the prerequisite steps prior to posting to the best of my ability. The only step I did not do was emptying the quarantine folders of my Antivir. I was concerned there might be a few false positives in there and I've had bad luck with that in the past. So since my quarantined items were relatively few I let them be.

    Thanks very much for all your time,
    Zelda

    system info: Windows XP Home, Avira Antivir
     

    Attached Files:

    zelda2727, Apr 28, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean. Perhaps you should tell me exactly what Avira is reporting.
     
    TimW, May 1, 2009
    #2
  3. zelda2727

    zelda2727 Private E-2

    Well that's good news at least. Here is the report from when Avira found the TR/ATRAPS.Gen viruses I believe it was April 25th. They are currently all in the quarantine folder. Let me know if I should delete them from quarantine or leave them there.

    Sorry for the late reply I was out of town for a few days. The pc is still having the same problems as before. Though Avira has not found any other bugs. All scans since have come back clean and I update definitions regularly.

    thanks,
    Zelda
     

    Attached Files:

    zelda2727, May 5, 2009
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Other than the items in the system recovery folders, most of the rest appear to be false positives. You can remove the system recovery items by toggling system restore, but I would not remove the other items as you may need to restore them to make some of those programs run properly.
     
    TimW, May 9, 2009
    #4
  5. zelda2727

    zelda2727 Private E-2

    Ok, how do I toggle system restore? And do I need to back anything up first?

    thanks,
    Zelda
     
    Last edited: May 12, 2009
    zelda2727, May 12, 2009
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Explained here:

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

      • Delete the C:\combofix folder from combofix (if it exists)

    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    8. After doing the above, you should work thru the below link:

     
    TimW, May 12, 2009
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds