Build Your Own Arcade Controls Forum
Main => Everything Else => Topic started by: tommy on August 03, 2005, 02:41:36 pm
-
It seems i have a virus or some spyware that always comes up upon reboot, any good free programs out there.
Google comes up with many programs and who can tell if it would work or they end up wanting you to buy it.
I have about 10 programs and none seem to see the problem or it would get deleted and then still come back on a reboot. ???
Your truly, tommy in crash land.
-
Try Spybot. Works for me.
http://www.safer-networking.org/en/index.html
Or try rubbing bacon on the hard drive. (is this getting a little old by now?)
If you decide to install it, go into advanced settings, where you can control what starts up on ... startup. When I first ran it, I found about 20 unneccesary processes which were slowing me down.
-
toast?
-
No, the Strawberry Speedbags jokes are just beginning.
-
This is a real problem guys, no more toast on this one or i'll be not able to come here anylonger due to PC not workie so good. Maybe you would not want me here anymore anyway. ;)
-
Use AdAware and get it done.
-
Get
AVG anti-virus (http://free.grisoft.com/doc/1) (free)
Spy-bot search and destroy (http://www.safer-networking.org/en/index.html) (free)
and
AdAware (http://www.lavasoftusa.com/software/adaware/) from lavasoft (free)
also quit looking at those bacon and toast porn sites
-
Got them all already.
-
Keep in mind that often, you have to scan several times.
-
Spybot S&D takes care of bidness for me.
Bacon
-S
-
Keep in mind that often, you have to scan several times. Scan, reboot, scan, reboot, scan... that's how you get it all when it's really in there.
I'll be back.
-
Use AdAware and get it done.
make sure it's the one through lavasoft, there's an imitation out there that's loaded with spyware
Keep in mind that often, you have to scan several times.
-
If you can stay online long enough you can check for viruii at housecall.trendmicro.com
I usually use that when people call me and they don't have a virus checker. Good luck.
J_K_M_A_N
-
Got them all already.
make sure they are the current versions and they are updated
it's funny how manny people don't understand they need to be updated weekly.........
Spybot S&D takes care of bidness for me.
Bacon
-S
Spybot hasn't been updating lately........
-
I'll be bacon
-
I've had spybot not catch some before.
-
I'll be bacon
You beat me to my joke. :(
-S
-
Yours is better. :( :( :(
-
oh and tommy
we need your BYOAC password to check it against the bacon databanks to insure it isn't toasted or fried egged...........
;)
o.k. guys if he gives it out swap his avatar to the shortcake one
-
I have a feeling i'm getting these problems from the Half-life 2 servers i have been playing on, they make you download the maps to play on there servers and it seems when i get off of there and back to windows i have a bunch of crap installed.
Password is chads a geek.
-
If you're getting problems like that, maybe you should think about making a second windows partition for games so you can use the other one for things like internet and some bacon related activities.
-
I use spybot and the free version of winpatrol
http://www.winpatrol.com/
Win patrol lets you know every time a program it trying to add to your start up, registry and stuff like that. I can't tell you how many times I go to download music or a game and the alarm goes off. And I don't do any peer to peer to begin with.
It also is a quick easy way to use some of the msconfig type I don't do a whole lot to protect myself but I haven't had any problems in quite some time and I think it's because of winpatrol.
-
Format and reload. Works every time.
-
Format and reload. Works every time.
I agree
-
- What OS are you using
- What have you tried ALREADY that "didn't work"
- What error messages are you getting (if any) when it crashes?
- Have you considered changing your password to "Strawberry Speedbags?
-
- What OS are you using
- What have you tried ALREADY that "didn't work"
- What error messages are you getting (if any) when it crashes?
- Have you considered changing your password to "Strawberry Speedbags?
Win XP
AVG virus, ad aware, spybot, spyware blaster, many reg cleaners.
None, just crash.
No.
-
How do you know it's a virus? If none of those programs are finding anything then maybe it's something else causing the crash - ie hardware fault. Does it crash or reboot? What does the event viewer say is happening? How does it crash - blue screen or have you set the option to Automatically Restart (under Advanced tab, Startup and Recovery in the System settings) upon System Failure?
-
No.
Sounds you've isolated your problem.
Seriously, are you sure it's software related. That's a pretty powerful arsenal of software to be having no affect. Is Spybot/Adaware finding things, but not removing them or are they giving you a clean bill of health?
If they are finding, but not removing you'll have to resort to Hijack This, but you'll need to go to one of many forums where experts will analyze your Hijack This log (for free) and tell you how to remove the offendors. Hijack This can remove anything, but it's difficult to make heads or tales out of the log for about 99.9% of the population.
It could be hardware, though. Maybe you've got a stick of RAM going bad. If you have multiple sticks of RAM try removing one and see if the computer works. Heat issues could be a problem -- especially a failing CPU fan. It might be spinning half as fast as it should and still look like it's working fine. Try opening up the case and see if your computer quits freezing/crashing -- especially if you can point a fan directly into the box.
Aside from that a bad power supply, bad motherboard, stting on the floor when there's a lot of static electricity in there air, or being plugged into the same circuit as some other appliance, e.g., a computer might freeze every time someone makes a copy because of the power surge on the circuit made by the copier. Put that microwave oven somewhere else!!!
-
If RAM or mobo wen't bad, I'd think the computer wouldn't even boot. Check out the device manager and see if there are any conflicts. You wouldn't believe how many problems can be caused by a bad mouse driver.
-
Also try to get something like motherboard monitor to see what the voltages are from the PSU. If it's a slightly dodgey PSU it will create an unstable system, causing reboots when the mobo, cpu, drives draw more power than can be provided. Bad RAM doesn't necessarily mean it won't boot - but this can be tested by running memtest86 for a long time (all day if possible)
-
This is probably a dumb question... do you have any peer-to-peer file-sharing software?
-
The main problem is when i'm playing an online game, after sometime it will just reboot, also everytime i scan for virus etc it will be erased but upon a reboot the same virus/spyware will be there again many many times, i have had the same number of problems after a reboot and it's obvious that it is the same exact named problem in the scan.
-
Does this occur while you're playing the game? Are you sure it's not an overheating video card? I used to have a PC that only crashed when I played Zinc emulated games. The problem was an overheating video card. There was no blue screen, either - just performance hits that made the machine unusable or locked.
-
I reckon Tommy may have been frequenting a few too many of those sites where you have to click the button that say "I am over 18".
-
The main problem is when i'm playing an online game, after sometime it will just reboot, also everytime i scan for virus etc it will be erased but upon a reboot the same virus/spyware will be there again many many times, i have had the same number of problems after a reboot and it's obvious that it is the same exact named problem in the scan.
This tells me two important things. One, it's overheating. Alan is right. Do the trick with a desk fan or box fan with the case open. You'll see.
The other thing it tells me is if thing-one is wrong, and it's not a heat issue, why haven't you told us what virus/spyware is being repeatedly reported by your scans. That sentence doesn't make much sense, but tell us....immediately.
-
Also, check to see that your CPU fan is working and your PSU fan. I actually fixed an overheating problem by opening up a PSU and blowing a lot of dust out with compressed air.
-
No one has asked the big question yet:
What type of firewall do you have?
-
and then the next question would be
Does this so called wall of fire create enough heat to cook bacon?
-
The problem that keeps comming up is called "booked space" and i'm useing windows firewall (i know i know)
I have taken one of my old processor fans and built a stand to reach the video card and now the video card has some freash air.
All other fans are new and working.
-
So has the additional cooling fixed your problem?
-S
-
Just finished making it, I'll report later.
-
when all else fails:
format c:
-
also everytime i scan for virus etc it will be erased but upon a reboot the same virus/spyware will be there again many many times, i have had the same number of problems after a reboot and it's obvious that it is the same exact named problem in the scan.
The other thing it tells me is if thing-one is wrong, and it's not a heat issue, why haven't you told us what virus/spyware is being repeatedly reported by your scans.
Perhaps it's just me not being COMPLETELY elaborate, but like shmokes, I'm wondering why you didn't make with THAT info long ago....even before I asked
- What have you tried ALREADY that "didn't work"
I was kinda thinking that after it "didn't work", you might have included why you THOUGHT it wasn't working :(
-
when all else fails:
format c: find a box big enough to put everything inside it, and leave it by the curb for trash pickup
Mission, I fixed that typo for you ;)
-
His problem is his firewall. He has several issues:
1) he's using a software firewall
2) his firewall resides on the same box he's trying to protect
3) he's using a microsoft firewall
And a very probable issue:
1) his firewall is improperly configured.
Basically, he's out there butt naked on the internet and the spyware bots know he's there. No amount of scanning or repair will do any good until he has a proper firewall in place. I remember last year when I finally got broadband, I thought a firewall was foolish. It took 5 minutes, I actually watched the stuff pop onto my machine, for the bots to find my machine and riddle it with spyware. I would clean it and it would be back in an hour.
He needs to fix the root cause, then he can repair the damage.
-
when all else fails:
format c: find a box big enough to put everything inside it, and leave it by the curb for trash pickup
yes that sounds much better
Mission, I fixed that typo for you ;)
-
Chad, i see what you're saying but the thing is after i reboot and get rid of the spyware it's gone and will not be there until i reboot. Something is hiding in the boot sequence that gets killed and reborn again, probably before i had my firewall in place.
Anyway it SEEMS that I'm not crashing anymore due to the fan i just installed but we will see.
Either way obviously the fan did not remove the spyware.
-
You're not understanding. You get rid of the spyware, then whatever bot got you last time, gets you again, puts it into your registry to be reborn upon reboot. That's how it works.
The problem will never go away until you have a proper firewall.
-
I just wanted to thank you guys who mentioned the overheating problem, the fan i installed worked great and i haven't had a crash since.
-
Tommy,
Check this tread. It looks like it will walk you through clearing Booked Space off your system (http://www.geekstogo.com/forum/Booked_Space_Flashenhancer_Browers_Aid_Peopleon-t40354.html)
As far as the firewall goes, hardware is absolutely better, but at the very least go download a free copy of ZoneAlarm. Software firewalls can still be pretty powerful.
At home I've got a Cisco PIX 501 between my network at the outside world.
But then I've got a wide-open 802.11g access point sitting on my network. I should be ashamed of myself. I had it locked down for a while cos of abuse, but I've replaced the access-point since then and haven't got around to locking it down.
-
Thanks shmokes, yikes thats alot of things to go through but the person in the thread had the same problem so i'll give it a go.
-
It is a lot to go through. But if it were me I'd either go through it or wipe my hard drive clean. There's not a chance in hell I'd knowingly let spyware or adware sit on my system. Causing system instability and using up precious CPU cycles is bad enough, but it's the principle of the thing that wouldn't let me rest until it was gone.
What I really recommend is a copy of Symantec/Norton Ghost. Partition your hard drive and take regular snapshots of your system partition, saving the image to another disk/partition. It takes a few minutes to make the image and it will clone your drive from that image in just a few minutes -- absolutely exactly the way it was the day it was imaged. If you're the type to install a game and play it exclusively until you beat it and then uninstall it you can just install it, play it, beat it, then reimage your hard drive and it's like you never installed it. That'll dramatically cut back on all the residue and leftovers in your registry and all over your hard drive from the programs you've installed over the months.
Ghost is seriously a great program. I say, make an image once every couple weeks and always hang on to at least the last two images, so at any time you can take your computer back in time at least one-month. And, of course, always make an image before doing anything that you know is particularly risky.
-
Format and reload. Works every time.
I agree
Only until you're reinfected. Good practive and avoiding certain software helps alot in avoiding infection.
-
Format and reload.
-
You're not understanding.
-
Hijack this log.
Logfile of HijackThis v1.99.1
Scan saved at 1:57:01 AM, on 8/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\riai.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tommy\Desktop\Mame32.exe
C:\Documents and Settings\Tommy\Desktop\mame 0.98\mame32p.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Tommy\LOCALS~1\Temp\Rar$EX00.047\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .WAV: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119745242093
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: App Paths - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
-
Ugh....don't post that here. Post it at a forum with Hijack This masters.
And did you go through the processes from the link I gave you to another guy who had your same problem?
-
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\wanmpsvc.exe
Those all look like candidates, especially given this:
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
That /STARTUP runs the Grisoft exe avgcc.exe every time you reboot your machine. If you can't ID Grisoft, we may have a winner.
-
Hrm, a google shows Grisoft as a free firewall/antivirus... so maybe not, but sure as hell never use a freeware security product.
-
Grisoft makes a free anti-virus program that's really effective. I think that's what he has....
-
Chad, never used AVG, huh?
FYI, SOUNDMAN.EXE is his onboard sound, probably a Realtek chipset if I remember.
C:\WINDOWS\system32\riai.exe
What is that! I did a search on microsoft and google. I can not find what that exe is.
Otherwise I can identify everything else
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
Windows stuff
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
ATI stuff
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Grisoft AVG
C:\WINDOWS\SOUNDMAN.EXE
Realtek sound manager
C:\Program Files\BroadJump\Client Foundation\CFD.exe
Broadjump cable modem dohickey. You actually installed the software that came with your cable modem? heh.
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tommy\Desktop\Mame32.exe
C:\Documents and Settings\Tommy\Desktop\mame 0.98\mame32p.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Tommy\LOCALS~1\Temp\Rar$EX00.047\HijackThis.exe
obvious stuff
C:\WINDOWS\wanmpsvc.exe
Using AOL, huh?
C:\Program Files\Support.com\bin\tgcmd.exe
This one is odd.
http://www.liutilities.com/products/wintaskspro/processlibrary/tgcmd/
Must hav ea Sony or Toshiba monitor and you installed the software that came with it?
Not harmful since it is a support tool, but you might want to get rid of it from the sounds of it
http://www.experts-exchange.com/Security/Win_Security/Q_20417487.html
http://www.neuber.com/taskmanager/process/tgcmd.exe.html
-
Looking back through the thread, what's the problem? I don;t see details of the problem, just "it crashed!" type statements. When does it crash, does it say anything, etc...
-
Ugh....don't post that here. Post it at a forum with Hijack This masters.
And did you go through the processes from the link I gave you to another guy who had your same problem?
Dave wanted to look at the log. Working on it
C:\WINDOWS\system32\riai.exe
NO idea what that is, could be the problem.
Zone alarm is telling me this is trying to access the internet all the time.
C:\Program Files\Support.com\bin\tgcmd.exe
I don't have AOL anymore, that's my DSL help center.
Looking back through the thread, what's the problem? I don;t see details of the problem, just "it crashed!" type statements. When does it crash, does it say anything, etc...
It doesn't say anything. It was crashing on video game play and it seems the fan i installed fixed that. The other thing was upon a reboot i would have the same spyware/virus i just deleted on the prior roboot. Reoccurring problems. Did you not read that part?
-
Chad, never used AVG, huh?
No, I have always used McAfee. Never had one virus problem.
-
It doesn't say anything. It was crashing on video game play and it seems the fan i installed fixed that. The other thing was upon a reboot i would have the same spyware/virus i just deleted on the prior roboot. Reoccurring problems. Did you not read that part?
Always in a video game? When you say crash you mean the display freezes and doesn;t appear there is an human interaction?
What video card?
Sounds like
1) driver problem, my ati driver crashes once and awhile :(
2) more likely card is overheating
-
It doesn't say anything. It was crashing on video game play and it seems the fan i installed fixed that. The other thing was upon a reboot i would have the same spyware/virus i just deleted on the prior roboot. Reoccurring problems. Did you not read that part?
Always in a video game? When you say crash you mean the display freezes and doesn;t appear there is an human interaction?
What video card?
Sounds like
1) driver problem, my ati driver crashes once and awhile :(
2) more likely card is overheating
Sometimes my system would just reboot, other times it would freeze, but that SEEMS to be fixed now.(Radeon 9200 pci card)
I was thinking the crashing had something to do with the virus. (could still be but hasn't since the fan was put in place) The video card was fine with no fan for along time before.
-
Did you recently make any changed, move the PC, load new drivers?
It probably was just over heating. Which will cause that. Either a driver call will fail and cause the reboot as Windows will bail or the overheat will cause the videocard to stop functioning, hence the freeze.
-
Dave wanted to look at the log.
-
I see you like my virus, Tommy... :-* enjoy! :D
-
I see you like my virus, Tommy...
Got your IP punk, i see you vist the scat sites often. :police: :-*
-
I think AVG is better than McAfee. The fact that it's free is also a bonus.
That said, I use McAfee cos I got a free 2 year license from my work. So when that's up maybe I'll switch to AVG.
-
I see you like my virus, Tommy...
Got your IP punk, i see you vist the scat sites often. :police: :-*
I see by your admission that you also visit 'em often. Perhaps you shouldn't beat him up for it, but ask him for tips to better sites ;D
-
I see by your admission that you also visit 'em often.
[/quote
???
Don't twist words. ..and stop twisting my speedbags. Hormo!! :laugh: