05-07-2010, 04:33 PM | #1 | ||
Join Date: May 2008
Location: Swan River, Canada
Posts: 842
|
'Puter Problem.
So far today I have had to Restart my computer TWICE.
not once, TWICE! Why? Because of this; On start up, everything runs fine, i can open stuff, etc etc, but once I end up closing everything, eg im bored and go to do something else so i close Firefox, etc so the tray has no programs opened on it, if I try and open something again, nothing happens. The cursor has the little hour glass icon, but nothing loads (I can't even ctrl-alt-delete) Any solutions? I checked all my process's that are on right now, the only ones using CPU are; System Idle Process; 96-99 cpu FireFox.exe 1-3 but its a 0 now Plugin Container 1-3 but it's at 0 now. NOW do any of these other processes sound familiar or strange to you? Vid.exe spoolsv.exe smss.exe (I think thats a normal one though) jqs.exe RTHPCPL.exe rundll32.exe jusched.exe hpweSchd2.exe iyxotlutssd.exe wmiprvse.exe wkcalrem.exe Im only putting them down because well, i don't even know where to being to look for a solution, and right now im blaming a virus. Malware Bytes and CCCleaner'd yesterday and got rid of stuff, but it didn't seem to solve the problem...
__________________
Kugarfang: o hai guiz im trying to find this techno song from the radio and it goes like this: DUN duuuunnnn dudududududun SPLOOSH duuunnnnn We ate the horse. Last edited by Fubb; 05-07-2010 at 04:41 PM. |
||
|
|
05-07-2010, 04:46 PM | #2 | ||
Join Date: Dec 2004
Location: Zagreb, Croatia
Posts: 1,867
|
System idle processes take 99% of your CPU? There's something wrong right there.
Also, knowing your OS and specs would be nice.
__________________
[14-12, 16:08] TotalAnarchy: but the greatest crime porn has done is the fact that it's all fake and emotionless, that's why I prefer anime hentai frankly |
||
|
|
05-07-2010, 04:48 PM | #3 | ||
Join Date: Jul 2008
Location: Stockholm, Sweden
Posts: 1,242
|
I'm suspicious of iyxotlutssd.exe and wkcalrem.exe.
One or both of these may be a virus. Besides those two Vid.exe might be something, but then again maybe you were running a program. All other processes look normal (unless they were also infected). |
||
|
|
05-07-2010, 04:57 PM | #4 | ||
Join Date: May 2008
Location: Swan River, Canada
Posts: 842
|
Intel Core 2 Quad CPU Q8300 @ 2.5Ghz, 2.5Ghz, 3.5GB RAM
Hardrive; 464 GB FreeSpace 146GB (Thinking of running a disk defrag and deleting a ton of stuff Recently downloaded thing gummies that I can THINK of. Dev C++ Package Mananger DC++ CC Cleaner Malwarebytes Anti-Malware Notrium Havn't been browsing suspicious sites or anything like that (no porn for Fubbles!) Thought Norton was coming up with 'intrusion blocked' whenever i searched google, that problem first arose (atleast i noticed it) when i was on Deviant Art.
__________________
Kugarfang: o hai guiz im trying to find this techno song from the radio and it goes like this: DUN duuuunnnn dudududududun SPLOOSH duuunnnnn We ate the horse. |
||
|
|
05-07-2010, 05:17 PM | #5 | ||
Join Date: May 2008
Location: Swan River, Canada
Posts: 842
|
Kai
So after a quick Scan with Malware bytes, it found 14 little thing gummies, so i had them fixed (come to think of it, i wish they were quarantined to i coulda seen there paths) so now of the list of processes, these are what i haz. Vid.exe spoolsv.exe smss.exe (I think thats a normal one though) jqs.exe RTHPCPL.exe rundll32.exe jusched.exe hpwuSchd2.exe wmiprvse.exe wkcalrem.exe So the iyxotlutssd.exe has disappeared it seems. Also it appears malware does quarantining the trojans, etc, i have, ill see if i can copy and paste the log file it created from the scan.
__________________
Kugarfang: o hai guiz im trying to find this techno song from the radio and it goes like this: DUN duuuunnnn dudududududun SPLOOSH duuunnnnn We ate the horse. |
||
|
|
05-07-2010, 05:18 PM | #6 | ||
Join Date: May 2005
Location: Nitra, Slovakia
Posts: 6,533
|
rundll32 shouldn't be running on an idle pc in background, did you have some system panel shown up?
btw Quote:
also, it sounds like your pc frozen when you were idle because your screensaver popped up.. because it's the only thing that `happens` when you're idle. don't you have some ultra super 3d screen saver which deadlocks your pc?
__________________
|
||
|
|
05-07-2010, 05:23 PM | #7 | ||
Join Date: May 2008
Location: Swan River, Canada
Posts: 842
|
So here are the bits and pieces from the scan log
****** Scan type: Quick scan Objects scanned: 134447 Time elapsed: 11 minute(s), 23 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 7 Memory Processes Infected: C:\Documents and Settings\Heely\Local Settings\Application Data\umqpneoce\iyxotlutssd.exe (Trojan.Downloader) -> Unloaded process successfully. ******** So thats that i guess, but i fear my pc may still be funky. **** HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\rblbauik (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\rblbauik (Trojan.Downloader) -> Quarantined and deleted successfully. Files Infected: C:\Documents and Settings\Heely\Local Settings\Application Data\umqpneoce\iyxotlutssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Heely\Local Settings\Temp\sUTA.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\iMiE.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\MUwR.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\DRlP.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3LPC7GF7\n002106201304r0409J1100 0601R30892d84W8501b9ecXd68e55cdY9abed613Z0100f0801[1] (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3LPC7GF7\n002106201304r0409J1100 0601R8ff7fa9cW8501b9ecX98155d0fYd424feadZ0100f0800[1] (Trojan.Downloader) -> Quarantined and deleted successfully. ********** System Idle is still at 99 and rundl32 is also on. What do you mean by system panel russle sprouts??
__________________
Kugarfang: o hai guiz im trying to find this techno song from the radio and it goes like this: DUN duuuunnnn dudududududun SPLOOSH duuunnnnn We ate the horse. |
||
|
|
05-07-2010, 07:26 PM | #8 | ||
Join Date: May 2005
Location: Nitra, Slovakia
Posts: 6,533
|
rundll32 usually shows up when you invoke something from windows, for example like services window or i don't know, mouse settings window (but it can be something else too, this is just one common thing)
try ctrl-alt deleting rundll32 and see what happens also, type msconfig, then click "run" tab and see what else may bring rundll32 up but if you want to remove something you better do it other way, let me know if you want to also, get this wonderful tool and see what actually calls that rundll32
__________________
|
||
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Problem | Fubb | Tech Corner | 6 | 11-02-2010 07:11 PM |
.exe problem | jonahjuice | Troubleshooting | 7 | 13-06-2009 02:41 PM |
Problem | Dark Piedone | Tech Corner | 12 | 02-01-2006 07:22 PM |
Sim Problem | Xin | Troubleshooting | 6 | 25-06-2005 10:16 AM |
|
|
||
  |