Jump to content

Internet problem I don't understand


supersteven

Recommended Posts

ya wont get very far deleting those... off the top of my head I know svchost and spoolsv are both printer services.... explorer is well, the explorer(task bar etc...) rundll is a critical DLL needed(if there is a problem most AV's can clean this file.), so dont look to delete those all lol.

Link to comment
Share on other sites

I've decided to surrender and reformat my computer Saturday. Thank you all for the help, especially FallowEarth, it's been an honor. I will continue to post here. I love this place.

i agree this site is great......but,im sorry to hear that you had to reformat you're pc.

In the future,if you're not sure what processes are what and ya need to check out if ya have trojans/spyware/ad-ware,this site here

http://hjt.iamnotageek.com/ will definitly help you out.it checks out you're Hijackthis logfile and tells ya what's safe and what's not...etc......

It definitly helped me out......

Link to comment
Share on other sites

Removing those processes wasn't really where I was headed.  Obviously you cannot delete explorer.exe.  What I was illustrating is that there are trojans and worms that utilize these processes, as opposed to creating there own.

It seems to me that that is exactly what was happening on supersteven's machine, as the problem was not evident in safe mode where some of these processes may not have been loaded.

In situations like this, formatting and reinstalling the OS is definitely your best bet.  We have exhausted many methods of removing the infection that did not work.  It is likely a kernal-level virus that cannot be picked up by conventional means, if by any at all.  Many people are scared of a rip and reinstall of the OS, but it's not that hard.  Just back up your files externally, scan them before putting them back on the HD after the reinstall, and you're good to go.  Nice, healthy PC.

Link to comment
Share on other sites

YELLOW ALERT:

http://www.processlibrary.com/directory/files/smss/index.php

http://www.processlibrary.com/directory/files/csrss/index.php

http://www.processlibrary.com/directory/files/services/index.php

http://www.processlibrary.com/directory/files/lsass/index.php

http://www.processlibrary.com/directory/files/svchost/index.php

http://www.processlibrary.com/directory/files/spoolsv/index.php

http://www.processlibrary.com/directory/files/explorer/index.php

http://www.processlibrary.com/directory/files/rundll32/index.php

http://www.processlibrary.com/directory/files/winlogon/index.php

Removing those processes wasn't really where I was headed.  Obviously you cannot delete explorer.exe. What I was illustrating is that there are trojans and worms that utilize these processes, as opposed to creating there own.

It seems to me that that is exactly what was happening on supersteven's machine, as the problem was not evident in safe mode where some of these processes may not have been loaded.

In situations like this, formatting and reinstalling the OS is definitely your best bet.  We have exhausted many methods of removing the infection that did not work.  It is likely a kernal-level virus that cannot be picked up by conventional means, if by any at all.  Many people are scared of a rip and reinstall of the OS, but it's not that hard.  Just back up your files externally, scan them before putting them back on the HD after the reinstall, and you're good to go.  Nice, healthy PC.

I never suggested that he actually remove these processes which in fact you can't because some of them  are windows processes.What i was tryin to say is that if you go to that site i posted, http://hjt.iamnotageek.com/ it analyzes and parses your hijack this logfile....

hijackthisanalyzer13qb.th.jpg]hijackthisanalyzer13qb.th.jpg

hijackthisanalyzer26ss.th.jpg]hijackthisanalyzer26ss.th.jpg

It explains what could be a possible threat,what's safe and what's unknown.

Don't tell me you guyz actually re-format????There's always a solution........Maybe im just lucky out of a 3 year span,i reformated once,reason,i had way to much crap on my HD,needed a fresh re-install.

Personally,my best friend always re-format's his pc when something goes wrong,he never takes the time or paitence to actually figure out what's wrong.I actually find it redundant that he actually downloads whatever or put's any games or apps on his pc when he just re-format's his pc in a month or so,sound pointless right?

And what i find ironic is that he also use's a ripped OS of windows 2000...hehe...i can definitly recall witnessing his pc reboot by itself after it's been idle for a couple of minutes.This is a guy who doesn't even use any anti-virus programs or even a firewall.....to funny....

You guyz definitly have to post ur Hijackthis logfile,im curious to see how many processes you are runnin,the most processes i run are about 16/17,my pc runs alot faster since i disabled alot of the useless windows processes and my connection seems to be alot faster too...check it out,it may work for ya...... :evil6:

Link to comment
Share on other sites

good man steven........all im sayin is that maybe that's the only option...if nothing else works...reformat...and remember,stay on top of that sh*it......scan for spyware/trojan's/ad-ware...etc.....maybe as much as possible.

Lastweek,i had fix my friend tanya's pc......p2 400MHZ 128Mb RAM Windows 98 SE......

I've never worked on or seen a pc that had so many virus's/spyware/adware in my entire life..it's was the worst.

I ran spy-bot,CWShredder,AVG,Registry fix,regcleaner.....problem after problem...even her TCP/IP STACK was damaged and she just got hooked up to the www and she couldn't do sh*t..and to top it all off,she didn't even have the windows 98 SE disk,it was a major pain,but, i got the disc for her,got rid of all of the virus's and finally earlier today i totally cleaned up her pc,she likes to download screensavers,she uses smileycentral,mywebsearch...all that crap.....etc

So good luck,i know it's a major pain in the arse tryin to get to the root of the problem......later...........

Link to comment
Share on other sites

Just to make it clear, I have not reformatted yet. I will continue to do all I can but if it hits Saturday and it isn't fixed I will. I don't want to quit.

just bite the bullet and reformat the sucker. even if you do manage to remove whatever it is, you will still have leftover stuff and screwed up settings in there. backup your data, scan it on a clean comp for any malware that tries to piggyback (hope you have a burner and access to a 2nd comp) and do a clean install, making sure that after you get the os up you first dl one or more antivirus/spyware progs and lock the box down before starting to install stuff, that way you avoid getting reinfected. (hopefully) good luck.

Link to comment
Share on other sites

Khronic, I'll get you to notice that we did try hijackthis, and that the processes running were posted in a screenshot using the wmic command.

I agree with Reso here.  Unless you can rewrite the registry, you risk residual infection when you just put a bandaid on the sore.  Reinstalling the OS is your only real bet in beating it.  I find that it is not a cop-out, but a regular maintenance duty.  I perform a rip/reinstall on a regular basis.  Rooting out an infection like this, you may do more damage than good.

Link to comment
Share on other sites

×
×
  • Create New...