Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I need some help, was attacked by something

Started by Atamu , Mar 18 2012 05:44 PM

  • Please log in to reply

#1
Atamu
Posted 18 March 2012 - 05:44 PM

Atamu

    New Member

  • Member
  • Pip
  • 1 posts
While surfing the web ( www.stumbleupon.com ) , around 2:30 pm today, a threat was blocked by AVG, it says in my AVG event history:

"3/18/2012, 2:32:14 PM";"NT AUTHORITY\SYSTEM";"IDP";"Process 0.7382187341458569H7I.EXE was detected."
"3/18/2012, 2:32:23 PM";"NT AUTHORITY\SYSTEM";"IDP";"Process 0.7382187341458569H7I.EXE was quarantined."

Then the desktop refreshed on its own and I noticed some desktop icons were missing and the taskbar properties had been changed to never combine my taskbar buttons. I realized something was wrong, so I opened the task manager to look through the services/processes, nothing stuck out as out of the ordinary at that time. Then a window popped up saying something was missing in the registry. Also, i realized that my Start menu was missing a lot of buttons (control panel, my computer, etc. But the list of programs and 'all programs' buttons were still there. So I googled a few processes that kinda looked weird from the task manager, but found out they were benign. After that I opened my AVG user interface from the system tray and started a scan. It came up with no threats.

So I downloaded AVG PC-Tuneup and did a full registry scan. It came up with a bunch of errors, and it said that all fixes were successful. That took about 30 minutes.

I did ANOTHER registry scan, as things were still not back to normal, then I looked for a system restore point (there wasn't - my negligence).

My next thought was that maybe some of those 'critical' windows updates that I hate so much might actually be critical, so I did a full windows update. and rebooted the computer. Things are still not back to normal.

Then I ran a scan with hijackthis, noticed some weird ones that were pretty obviously bad and cleaned them up. Still not back to normal. So I ran another hijackthis and am attaching the logfile. This time, I got a message from Hijackthis: "For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijackthis may NOT be able to fix this...."

I don't know what else to do...

Any and all help would be awesome...





And later on:

"3/18/2012, 2:57:21 PM";"Doebringer-PC\Doebringer";"Components";"Ignoring the LinkScanner component state was enabled." <--------not sure what this means
  • 0

Advertisements

#2
Ztruker
Posted 18 March 2012 - 07:30 PM

Ztruker

    Member 5k

  • Technician
  • 7,091 posts
Go to the Virus, Spyware, Malware Removal forum, read the first post and follow instructions.

Come back here once you get a clean bill of health if you still have problems.
  • 0
Back to Windows Vista and Windows 7 · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows Vista and Windows 7

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP