Persistent infection

Discussion in 'Malware Help (A Specialist Will Reply)' started by Phaedrus182, Sep 24, 2008.

  1. Phaedrus182

    Phaedrus182 Private E-2

    Hi. I have a persistent infection that I can't seem to get rid of. I clicked on a link to update my flash macromedia player on a bad website. (I'll never do that again!) It immediately changed my wallpaper to a 'virus warning' added porn links to my desktop and slowed my system to a crawl. It tricked me into downloading MSAgent anti-spyware (which is really a troajn I think.) I downloaded Spybot, Hijack this and a slew of other anti spyware programs. I ran them all multiple times, but I'm still experiencing some slowdowns. Please help me. My Western Digital MyBook external HDD runs non-stop, and my hard drive runs more than I think it should. I have slowdowns running old games that my computer should scream on. I seem to have a lot of slowdowns when loading or saving files. Please help! Spybot found a Smitfraud infection, so I ran SmitFraudFix (downloaded from Majorgeeks link). The SmitFraud infection disappeared, but I still have slowdowns.

    I followed Majorgeeks read me first and cleaning guidelines, but I'm still having slowdowns.
     

    Attached Files:

    Phaedrus182, Sep 24, 2008
    #1
  2. Phaedrus182

    Phaedrus182 Private E-2

    Here's my MGTools log.
     

    Attached Files:

    Phaedrus182, Sep 24, 2008
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The only thing I am seeing at the moment is this:
    C:\Documents and Settings\All Users\Application Data\nwhwhqzc ---> remove it.

    Go to Bitscan link: agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files. Once Bitdefender completes the scan:

    Click-on the Detected Problems tab. Then select Click here to export the scan report

    When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.
     
    TimW, Sep 25, 2008
    #3
  4. Phaedrus182

    Phaedrus182 Private E-2

    1. I deleted C:\Documents and Settings\All Users\Application Data\nwhwhqzc sucessfully. BTW, the creation date for that file was exactly the day I started having problems.

    2. I had no .txt choice when I saved, but I changed the extension to .txt
     

    Attached Files:

    Phaedrus182, Sep 25, 2008
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    And all Bitdefender found was in your system restore files.....are you still having problems?

    If not I will give you the final cleanup instructions. :)
     
    TimW, Sep 26, 2008
    #5
  6. Phaedrus182

    Phaedrus182 Private E-2

    Hi Tim,
    I'm still having problems. Whenever I hear the HDD spin up, things slow to a standstill. I have an external disk drive so I'm thinking about moving all my files to that and reformatting the hard drive. If that doesn't work, then I guess I'll go out and buy a new one.
     
    Phaedrus182, Sep 26, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    There is the possibility that you only need to do a defrag...but then you could also be having hardware issues with the hard drive. You may wish to post in the software section and run some diagnostics on that drive.
     
    TimW, Sep 26, 2008
    #7
  8. Phaedrus182

    Phaedrus182 Private E-2

    Okay, I'll post to the software section. Is there anything more I need to do to clean the infection? :banghead
     
    Phaedrus182, Sep 27, 2008
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs and the bitdefender scan shows you are clean.....we just have to remove your restore points which are infected, but I would not do that until you know what is causing your other issues, just in case. It would be better to be able to do a system restore if you run into problems ( as we can go back an get you clean again), than to have no restore point at all.

    NOw to clean from the scans:
    Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    If you get a success message, then it is time to do our final steps:
     
    TimW, Sep 27, 2008
    #9
  10. Phaedrus182

    Phaedrus182 Private E-2

    I got the success message. All other steps followed successfully. Other programs seem to be working fine, so I think I have a software compatibility issue with that one game program. Thanks for all your help!:clap
     
    Phaedrus182, Oct 1, 2008
    #10
  11. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are quite welcome....safe surfing. :)
     
    TimW, Oct 2, 2008
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds