I was on the internet today when suddenly my computer started
chittering like mad. Then it started freezing up. Then, the browser
(I.E.) went down (after an "illegal operation" message). After all
this, I found that there were around ten new items on my desktop. I
managed to delete (don't know if for real, they SEEMED to be deleted)
everything but one. It is called CS4P028.exe. This one says the
following when I attempt to delete it:
"Cannot delete CS4P028: The specified file is being used by Windows."
I ran my old version of Ad Aware which found a bunch of stuff. I
deleted what Ad Aware found, but CS4P028.exe is still there. I've
right clicked it. The file was created today right around the time of
all the chittering. Under origial file name, it says "Loader.exe". Can
someone please tell me what this is? What does "being used by Windows"
mean? Should I get rid of it? If so, how? Also, is there a way of
updating my Ad Aware, or should I just download a newer version? Thank
you. |
Request for Question Clarification by
hummer-ga
on
24 Sep 2004 18:48 PDT
Hi alexandraroman,
I think you should run the following, in the order given.
1) Run HouseCall, a very thorough online virus scan:
http://housecall.trendmicro.com/
Download and "check for updates" before scanning:
2) CWShredder:
http://www.spychecker.com/program/coolwebshredder.htmls
2) Adaware
http://lavasoft.element5.com/default.shtml.en
4) SpyBot
http://www.safer-networking.org/en/index.html
You'll find an excellent tutorial at the following website. It would
be best to download a new Adaware (but you will still have to "check
for updates" before running it.
KRC Anti-Spyware Tutorial
http://www.greyknight17.com/spyware.htm
Please let me know if this solves your problem so I can post this as
an answer or if you need further assistance.
Thank you,
hummer
|
Clarification of Question by
alexandraroman-ga
on
24 Sep 2004 20:45 PDT
To hummer-ga:
Thanks for your posting. I will certainly try your recommendations. It
might take a couple of days if these are downloads & scans that take a
long time. Please don't think that I've forgotten about you if you
don't hear from me right away. I've been doing my regular Norton virus
scan and it seems to be taking MUCH longer than is usual. Meanwhile,
after I posted my question, I had to restart my computer because
things were freezing up. Actually, I had to just click it off & go
through the whole blue screen/improperly shut down thing. When I was
finally back to my desktop I got a message from my Norton Clean Sweep
that something was installing itself and did I want to monitor. (I
said yes, but to tell the truth, I don't really understand this
feature.) I believe I got this same message when the whole problem
started. After this, I saw the file in question (CS4P028.exe) on my
desktop and tried to delete it. This time it worked. It just warned me
that it was a program, that I wouldn't be able to run it if I deleted
it, yada yada. So, it seems to be gone. But now my desktop keeps
blinking on & off. And the computer is really slow. Also, normally if
I put my cursor on my Norton Clean Sweep icon which is located on the
toolbar at the bottom of my screen the three options pop-up as little
icons above the toolbar: a)clean sweep internet sweep b) clean sweep
smart sweep c)norton anti-virus. Well, they still pop up, but the one
for clean sweep smart sweep is blinking on & off. I mention this
because I wonder if it might be connected to my winking desktop.
Anyway, thanks again for posting. I hope my response is not too
incoherent. I am sure that you can tell that I'm not exactly a
computer whiz. I thought that you might find some of these weird
details suggestive. Thanks.
|
Clarification of Question by
alexandraroman-ga
on
24 Sep 2004 21:09 PDT
To Hummer-ga:
After I posted my clarification, I checked my yahoo e-mail. I've
always been pleased that I don't get some of the junk e-mail that a
lot of people I know are subjected to. Even my bulk mail folder has
had only things whose provenance is traceable. This evening, I look in
my bulk mail folder and it has one of those junk e-mails. (Something
like "HI FRIEND! GET YOUR FREE INTERNET VIAGRA!!") I've never had one
of these before, and wonder if this could be related to the whole
other problem. Hope it doesn't mean dozens of them every day.
|
Request for Question Clarification by
hummer-ga
on
25 Sep 2004 08:43 PDT
Hi alexandraroman,
Thank you for your fine clarification - don't be afraid of giving
researchers too many details, the more the better. You've done a good
job in describing your situation and hopefully all will be well soon.
I really think you should follow the directions of the tutorial that I
sent you (word for word - it tells you what settings to set for
Adaware, for example, and when to boot into Safe Mode, etc) as you may
have more than one problem to solve. Norton is fine for the day-to-day
duties but HouseCall (TrendMicro Online Scan) virus scan often finds
things the others miss (it's a good idea to use it once per month as a
preventative).
Take your time - good luck,
hummer
|
Clarification of Question by
alexandraroman-ga
on
26 Sep 2004 18:22 PDT
To hummer-ga:
Hi. I've been following the tutorial instructions & have completed the
TrendMicro scan, the CW Shredder, The Ad-aware SE, and the Spybot S&D.
So far, so good. My computer has actually been running well since the
TrendMicro. The Ad-aware turned up an awful lot of stuff. Anyway, I've
reached step #4 of the tutorial. Did you mean for me to do this one
when you wrote that I should follow the tutorial instructions? I
really think that this one might be too much for someone like myself,
i.e., not very computer savvy. I realize that it might sound very
simple-minded to many but, unfortunately, it does not to me. I have to
say that it makes me kind of nervous to be changing default settings.
Also, how do I know who is posting to the forum to tell me what to
delete? Please let me know if you think this step is important. If you
do, maybe I will try to soldier through. If not, please let me know if
I should go back & change back the items which I changed pursuant to
instructions in #4, item A. Thanks.
|
Request for Question Clarification by
hummer-ga
on
26 Sep 2004 20:01 PDT
Hi, alexandraroman, it's good to hear from you. No, I think you've
done enough for now, it's time to see how things are going. HijackThis
is a terrific program and you can always do it if needed at a later
date or after you've had a rest and you feel up to it. It will make a
log of your computer but you will need help to interpret the results -
it's good to do just to make sure you've gotten every little last bit.
If you run HijackThis first before the other programs, the log is too
long and too much work to figure out, that's why it is listed last,
after you have deleted a bunch of stuff. For now, see how things are
going - if all is well, give yourself a pat on the back!
Yes, you can change your startup menu (& any other changes you made)
back to the way they were if you're not going to do HijackThis yet.
What you could do is go to the forum and read some of the posts about
the logs - you'll be able to see other people's logs and how they are
helped with it. Here are two more forums:
Castle Cops: Hijackthis - Spyware, Viruses, Worms, Trojans Oh My!
http://computercops.biz/forums.html
Tech Support Forums: Security Anti-virus HiJackThis:
http://www.techsupportforum.com/index.php?
I'm sure after you browse through the posts, you'll feel more
confident about doing it. Pick whichever forum you like the best.
Will look forward to hearing from you again - I don't want to post
this as an answer until I'm sure your problem is solved.
hummer
|
Clarification of Question by
alexandraroman-ga
on
26 Sep 2004 20:38 PDT
To hummer-ga:
Okay - thanks for all your help. Please post your last comment as an
answer (or however one goes about it) & I'll put through the payment.
|
Hi alexandraroman,
Thank you for giving me the opportunity to answer your question, I'm
glad everything worked out for you. Here is my answer again to make it
official, followed by an additional note.
>>>>>>>>>>>>
I think you should run the following, in the order given.
1) Run HouseCall, a very thorough online virus scan:
http://housecall.trendmicro.com/
Download and "check for updates" before scanning:
2) CWShredder:
http://www.spychecker.com/program/coolwebshredder.htmls
2) Adaware
http://lavasoft.element5.com/default.shtml.en
4) SpyBot
http://www.safer-networking.org/en/index.html
You'll find an excellent tutorial at the following website. It would
be best to download a new Adaware (but you will still have to "check
for updates" before running it.
KRC Anti-Spyware Tutorial
http://www.greyknight17.com/spyware.htm
>>>>>>>>>>>
Now your next job is to figure out how this stuff ended up on your
computer and to try and take steps to prevent similar situations in
the future. At the least, plan on running HouseCall (monthly) and
Adaware (weekly) as part of your routine maintenance.
Understanding, Cleaning And Preventing Spyware (Updated 9\06\04)
http://forums.majorgeeks.com/showthread.php?t=25834
Thank you,
hummer |
Clarification of Answer by
hummer-ga
on
28 Sep 2004 06:23 PDT
Dear alexandraroman,
How nice of you, thank you. You know, noone should ever put you down
for not knowing something about your computer - we've all started out
in the same boat, we're just at different ports. Take heart that the
next time your computer starts acting alittle weird, you'll know what
to do.
I found another good tutorial - it would be a good one for you to look
at and bookmark.
How to: Spyware, Trojan And Virus Removal
http://forums.majorgeeks.com/showthread.php?t=35407
Take care,
hummer
|
