Spoolsv.exe occupying 99% of my comp, help!

Discussion in 'Malware Help (A Specialist Will Reply)' started by csianz, Mar 10, 2006.

  1. csianz

    csianz Private E-2

    need help with Rontkbr.gen (urgent)

    hi, i refer to http://forums.majorgeeks.com/showthread.php?p=746515 and perform all the procedures instructed.

    Perform process explorer and comp restart

    splint files cant be deleted in the temp folder

    Perform hijackthis and comp restart

    Perform stemrem and "registery editing has been disabled by your administrator" msg appears and then comp restart

    Then i went on to use bruteforce and then went on to perform hijackthis, and comp restart agains

    Every process was done in safe mode

    how can i solve this problem?
     
    csianz, Mar 10, 2006
    #1
  2. csianz

    csianz Private E-2

    .shd files keep appearing in my c:\windows\system32\spool\printers even after i delete numerous times

    Logfile of HijackThis v1.99.1
    Scan saved at 5:03:21 PM, on 3/10/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    C:\DOCUME~1\CHINSH~1\LOCALS~1\Temp\Rar$EX00.609\HijackThis.exe

    EDIT: inline log removed as first steps guide to removing malware not followed

    this is my hijackthis log file, are there any problems with my comp? thanks
     
    Last edited by a moderator: Mar 10, 2006
    csianz, Mar 10, 2006
    #2
  3. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Do you have software called Arcview on your PC as .SHD file extentions link to that app?

    But if you feel you have malware then...........

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

    Downloading, Installing, and Running HijackThis


    When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
    • Bitdefender
    • Panda Scan
    • HijackThis
    .
     
    DavidGP, Mar 10, 2006
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds