!Virus ? [Help]!

08/29/2012 23:28 lalalilo#1

Hello epvp,
Since 2 weeks I have a huge problem.
My firefox kept crashing and is slow as shit (even if i just want to write something in the chat O.o) and overall nothing is really working.
My Anti-Virus programm is "Panda-cloud-antivir free".

So,What I have noticed is that I have 67 processes on when I'm just surfing on the internet ....
I found some suspicious ones and there names are:
mn.exe
svhost.exe
2x PURctuQR.exe
taskung.exe
14x svchost.exe
2x Akami net sesseion
2x Nvidia driver helper
2x bot1.exe
cmd.exe (after startup) and it costs 15% of my CPU permanently.
Windowsdefender.exe (I TURNED IT OFF IN STARTUP MENU AND IT NEVER APPEARED B4)
In addition windows asks me for admin rights for a programm called "Data transfer" directly after startup.Never agreed to that.

Another problem is/was that I uninstalled FF and tried to download it new with IE BUT if i wanted to connect to a website that has downloads in it,it says "could not connect (...)"

Till now i tried the following programs to kill this shit:
Combofix
Panda cloud anti virus
Malwarebytes

Note:I am NEVER in my Admin account i always surf and play without admin rights.

thanks in advance
lalalilo

08/30/2012 00:55 Kraim#2

mhm lets see what i can do to help you:

at first svhost/svchost is nothing bad, dont worry about it.

if you cant to find out about a specific process, you can simply google that.

cmd.exe shouldnt be running at startup, you can cancel it.

tl;dr thats what i do if i were you:

go start->run->type "msconfig" and press enter.

then you see a window with a few tabs. the tabs "startup" and "services" are important here:

go to the startup tab and uncheck all boxes.(that means no extra processes will run when the computer starts)

then go to services and first check the box "hide all windows services"
screen for help:

Spoiler

then uncheck all boxes that are left.

after that go to start>all programs>autostart(its a folder) and delete everything thats inside it

then restart your pc and look if anything changed.

if not/yes go to msconfig again and turn on the processes in startup which you know you can trust(like your av)

i hope it helps

08/30/2012 02:54 lalalilo#3

Well, thanks for ur help :)
Anyway I'm not a newb and i know msconfig/services.msc/dxdiag and all these standard programs.
Also svhost.exe was the virus/worm/keylogger its done for now and I deleted it with succes :)
For now my Computer seems to be safe again.
But the cmd.exe is still there and very suspicious becuase its open twice.
Anyway I tried to cancel some of the services from windows to close the fucking falg in the tray and i canceled the wrong one :/
Now I dont have any sound... I checked the boxes in the services again but they wont startup.
I also went in services.msc with admin rights and tried to start all the services again but one of them and thats one of the important services wont start and its kinda impossible to start it again.
It says that one of the required services for it isnt running but it is.
So I just need to wait till i get my new computer on January so IO have sound again

Thanks for ur help

lalalilo