WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GAMES

Get your PC tech problems solved here. Quick response time.

Moderator: The Mod Squad

User avatar
DJmandrevski
Green Belt
Green Belt
Posts: 114
Joined: Fri Mar 26, 2004 2:58 pm
Location: MELBOURNE, AUSTRALIA
Contact:

WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GAMES

Post by DJmandrevski »

I got a old pc running windows 7 OS 64 bit E6500 something on the CPU or motherboard

recently i had a program self installed that come up with Trojans, and stuff like that

now my windows is jumping from one window to another or like ghostly clicking things around on the desktop

i think i still have virus or my windows gone too corrupt

also my firefox plays up on my adobe player for my facebook games and keeps closing the browser all the time


help me i dont want to reformat or back up that not an option at the moment


PS SORRY IF THIS BEING MENTION IN PASSED THREADS I HAVE NOT LOOKED YET JUST LOGGED ON AND WROTE THIS UP FOR HELP :)
User avatar
evasive
Mobo-fu Master
Mobo-fu Master
Posts: 37629
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands
Contact:

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by evasive »

http://www.bleepingcomputer.com/

they have a few specialists and their own toolset for removing stuff like that.

You already looked inside your computer, did you see signs of bad capacitors?
http://www.badcaps.net

That could be a reason too.

Other than that, I would try another mouse and keyboard first. Sounds weird but it happened to a client of me a long time ago.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
User avatar
Karlsweldt
Mobo-fu Master
Mobo-fu Master
Posts: 20868
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by Karlsweldt »

Be wary of any sites that offer "free" games or programs! Not all, but many, may contain malware or tracking cookies. And some can infect your system with a Trojan or virus.
A good way to check your system for malware is to start in 'safe' mode, do a scan with a quality antivirus program. But first turn off the 'restore' feature of Windows, or it may undo all your efforts on the next normal boot!
[email protected] to solve mankind's maladies.. in our lifetimes!
User avatar
rascard2007
Black Belt
Black Belt
Posts: 725
Joined: Tue Jun 12, 2007 10:47 am
Location: Havana, Cuba

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by rascard2007 »

U can download some free bootable discs like "Kaspersky Rescue Disk" or "AVG Rescue CD" boot with them and clean the system then U can repair ur windows install and reinstall the software that were removed by the antivirus

I recently had a serious virus infection used both for clean the PC and dont have even to repair the win7 install
"I have only come here seeking knowledge,
Things they would not teach me of in college"
-Wrapped Around Your Fingers-
-The Police-
User avatar
DJmandrevski
Green Belt
Green Belt
Posts: 114
Joined: Fri Mar 26, 2004 2:58 pm
Location: MELBOURNE, AUSTRALIA
Contact:

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by DJmandrevski »

i would not think it's hardware or bad caps it's software, the tabs on the task bar on win7 like expand and contract or split kind of animation also it looks like someone really taking control sort of. windows briefly flicker from one window opened to another and back making it hard to type i believe it might be an error in explorer.exe file or other file
User avatar
Karlsweldt
Mobo-fu Master
Mobo-fu Master
Posts: 20868
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by Karlsweldt »

There have been instances of a 'browser virus" that plays bad tricks. May be worth a try with Hijack This at finding what should not be on your system. Do only a scan, post results here so a pro can recommend what to delete or is suspicious.
There is a freeware version. http://www.hijackthis.com/hijackthis
[email protected] to solve mankind's maladies.. in our lifetimes!
User avatar
DJmandrevski
Green Belt
Green Belt
Posts: 114
Joined: Fri Mar 26, 2004 2:58 pm
Location: MELBOURNE, AUSTRALIA
Contact:

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by DJmandrevski »

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:45:09 AM, on 13-Oct-15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)

FIREFOX: 41.0.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Users\lele\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\RunOnce: [delshell] cmd.exe /c del /q "C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.bak"
O4 - HKLM\..\RunOnce: [delshelltmp] cmd.exe /c del /q "C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64tmp.bak"
O4 - HKLM\..\RunOnce: [rdshafolder12485] cmd.exe /c if not exist "C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe" rd /s /q "C:\Program Files (x86)\Lenovo\SHAREit"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\lele\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7797 bytes

i think this was the result you after sorry i might have some < umm umm > programs non legit but oh well this the result of hijackthis result
i deleted only shareit but it still come up so i del it on highjack only, done nothing else i could see few more entries i can delete but since i don't know 100% what these files do i better leave them in even if might be a trojan entry


also i should mention sometimes it like flickers the window either a browser or program window many many times a second and then stops for like 1/4 to 1/2 sec later and goes normal and does it again maybe half min again later also sometimes a window disappears that dont appear when click and sometimes a window pops in for a split sec and disappears. that all i could describe further window flickering probs
User avatar
rascard2007
Black Belt
Black Belt
Posts: 725
Joined: Tue Jun 12, 2007 10:47 am
Location: Havana, Cuba

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by rascard2007 »

U have a lot of file missing issues, perhaps they were erased by the antivirus to stop the infection and all do u experience now is just the computer post-infection "hangover"

Try booting the win7 DVD and do a system repair to roll everything back
"I have only come here seeking knowledge,
Things they would not teach me of in college"
-Wrapped Around Your Fingers-
-The Police-
User avatar
evasive
Mobo-fu Master
Mobo-fu Master
Posts: 37629
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands
Contact:

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by evasive »

Looks like "System Check" malware leftovers or similar. Indeed, do a SFC repair with the DVD. After that post another hijackthis log, we'll see what needs to be taken out.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
User avatar
Karlsweldt
Mobo-fu Master
Mobo-fu Master
Posts: 20868
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Post by Karlsweldt »

As to your flickering monitor images.. is this a CRT model or LCD model?
The older CRT models were susceptible to stray EMF (electrical magnetic fields) near the screen. Even a power transformer on a utility pole 10 feet away might cause flickering. LCD screens are almost immune to the effect.
[email protected] to solve mankind's maladies.. in our lifetimes!
Post Reply