locked
crud in my core affecting performance RRS feed

  • Question

  • Have vista. Recently surfing using google or yahoo, probably google. About a month ago I started getting redirected to other sites and ended up on a ____ site. Not happy about this, not happy at all. Well, finally got my brother to come over and he recovered my system somewhat. Performance is slow and choppy and explorer keeps freezing up. He put AVG9.0 on my desktop and I ran their scan came up with 6 files, 3 of which were labled healed and the other 3 are in my core and inaccesible. They are as follows:

    Object Name  C:\windows\System32\smss.exe(456):\memory_00110000

    Definition name Trojan horse Adload_r.AKO

    Object Type  file

    SDK Type   core

    Result  Object is inaccessible

    Also the following files were found: all the same except the end (576):\memory00100000

    524:\memory_00100000

    The following three files were said to be healed:

    C:\Windows\Systen32\smss.exe (456) object type  process

    same as above with (576) and (524) respectively

    The shorter versions were said to be healed and the longer versions are in the core and inaccessible. So how do i restore my core and protect it with out spending money I do not have?

    Friday, October 1, 2010 7:50 PM

Answers

  • Hi,

    Thanks for posting in Microsoft TechNet forums.

     

    As AVG is installed, I suggest we perform the following steps to protect the system:

     

    Step 1: Update the definition file for the antivirus program.

     

    If you do not have an antivirus program installed, I would suggest install Microsoft Security Essentials to protect the system from being infected with virus.

     

    Step 2: Disable and Enable System Restore to clear the virus permanently.

     

    Many viruses infect restore points. In order to clear the infected files permanently, we should clear the restore points. Please use the steps below to do so:

     

    1. Click "Start, input "SYSDM.CPL" (without quotation marks) and press "Enter".

    2. On the "System Protection" tab, click to turn off System Restore on all drives, and click "OK".

    3. Please repeat the above steps to enable System Restore again.

     

     

    Step 3:Boot your computer into Safe Mode and then run your antivirus software on your computer to scan for and remove any possible Virus and Malware infections.

     

    1. Restart the computer.

    2. Keep pressing the F8 key until the Windows Startup menu appears.

    3. Choose "Safe Mode", and press "Enter".

    4. Run the computer in Safe Mode.

    5. Start your antivirus program and scan the system in Safe Mode.

     

    Step 4: Scan for virus in Safe Mode with Networking

     

    Note: If you are using a cable modem or home LAN connection, please start from item 1 below. If not, please skip items 1~3 and go to item 4 directly.

     

    1. Restart the computer.

     

    2. After "POST" (the Power On Self Test usually has a text mode screen at the beginning when a system boots up), keep pressing the F8 key until the Windows Startup menu appears.

     

    3. Choose "Safe Mode with Networking" and press Enter.

     

    4. Please open Internet Explorer and visit http://safety.live.com

     

    5. Please click the "Full Service Scan" button and follow the instructions on screen to scan for viruses on the computer.

     

    Please check if you can remove the Trojan now.

     

    Best Regards,

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    Wednesday, October 6, 2010 8:30 AM
    Moderator