|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#1
May 14th, 2004, 11:48 AM
|
|||
|
|||
|
ACK!! HELP! system in atrocious state (sasser related?)
Ok first lsass.exe terminates whenever I start my comp, the sshutdown thing comes up, then the system runs really badly.
I ran sasser removal tool 1.03 from symantec - it said it found no traces of sasser. I reinstalled windows - didn't help And now, my internet runs REALLY slow - about 500 bytes a second - it took about 20 mins to load this page. I'm sure this is not ISP related. Help plz 
|
|
#2
May 14th, 2004, 08:46 PM
|
||||
|
||||
|
download, install in own folder, run and post the log from hijackthis and someone will look at it and see if there is anything there.
Also post your computers information, cpu, ram, harddrive size/free space.
|
|
#3
May 14th, 2004, 09:15 PM
|
||||
|
||||
|
Reinstalling windows would not help because it backs up all your files, you would have had to reformat to get rid of it, but don't do that. Do as renegade suggested and you could also try this http://help.sbcglobal.net/article.php?item=3890 read thru the material and follow the links. Also if you are using windows XP you will have to dump the system restore files. I know that when I don't dump them, my AVG keeps picking up the virus. But that will be after you get this all sorted out.
|
|
#4
May 15th, 2004, 01:27 AM
|
|||
|
|||
|
Logfile of HijackThis v1.97.2
Scan saved at 9:59:21 AM, on 24/08/2001 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\atiphexx.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Feng\Appz\HijackThis.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [AtiCpanel] atiphexx.exe O4 - HKLM\..\Run: [Microsoft Update] wuamgrd.exe O4 - HKLM\..\Run: [scvhost] scvhost.exe O4 - HKLM\..\RunServices: [AtiCpanel] atiphexx.exe O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe O4 - HKLM\..\RunServices: [scvhost] scvhost.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...121.1172569444 O17 - HKLM\System\CCS\Services\Tcpip\..\{8CB771C7-779B-43A7-83CE-AB4A6C809038}: NameServer = 203.12.160.35 203.12.160.36
|
|
#6
May 15th, 2004, 04:50 AM
|
|||
|
|||
|
Remove these and post another log to see if they are also in your directory
O4 - HKLM\..\Run: [scvhost] scvhost.exe O4 - HKLM\..\RunServices: [scvhost] scvhost.exe O4 - HKLM\..\Run: [Microsoft Update] wuamgrd.exe O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| System State | Windrider | Windows 7 | 1 | January 25th, 2013 06:27 PM |
| System state restore on server -- now can't log on locally & domain not found. | InTheCloset | Networking | 1 | February 25th, 2011 07:18 PM |
| System If Running In Fail-safe State | Mickmodel | Hardware | 1 | July 7th, 2006 02:59 PM |
| Lsass eating system resources, NOT Sasser. | Veritas777 | Malware Removal | 1 | February 7th, 2005 04:44 AM |
| lsass.exe-system error / Sasser?? | linuxrevolt | Windows XP | 3 | May 17th, 2004 02:43 PM |
All times are GMT +1. The time now is 12:37 AM.