New Virus ?

[ChuckP]

I have a customers machine on my bench here (Compaq S4000X1T, 2.4 Gb Celeron, 128Mb Ramm, 40 Gb HDD, etc) that seems to have a new virus. It boots to XP home at the usual speed, then slows to a crawl. It took five minutes to open "My Computer" from the start button (I timed it). If I can get it to open Task Manager, and click on "processes", it includes multiple copies of a program listed as "ynbzd1o4rz.exe". It starts out with about 20 copies, and replicates so fast that I never can close all of them. If I leave the system running for awhile, it finally runs out of memory and locks up. I have contacted Compaq for a system restore disk (this is one of those that requires the customer to make their own, and I felt that it would take several days at the rate this machine runs). Norton and Mcafee don't seem to know anything about it. Anyone seen this before?
Chuck!

 

[John]

Those aren't viruses, they are spyware/adware TSR's that are known to replicate. Please read thru this thread carefully. Let me forewarn you that even after you remove all of the foreign items that the computer may still run slow. I've had at least 5 systems within the past month that cannot be fixed without a clean O/S install.

I'd suggest running the cleaners in safe mode, or slave the HDD to another system.

 

[Saist]

I'm going to have to agree with John. I ran across that particular device before as well. While I've only had one, while I was able to remove the program itself... the system never did run right again until after I up and reinstalled the OS. (win2k pro if your wondering)

I also have to strongly suggest doing the cleaning on a slaved drive. I have run across a few programs that can embed themselves within the system that will not remove even if you are in safe mode...

kinda scary actually.

Anyways, best of luck to you.

 

[Gamingphreek]

Also another culprit of slow speeds is that 128mb of RAM. That isn't enough to do anything but type in. And even then its sometimes stil S-L-O-W. Advise them to upgrade to 512mb of RAM. Also dld adaware from www.ad-aware.com after that download spybot search and destroy. Those should clear up that pesky spyware.
Good Luck
-Kevin

 

[Saist]

Gamingphreek : i was trying not to comment on the system specs, but there is another major issue there:

2.4 Ghz Celeron

I mean... common. a 1.4ghz Duron outruns this thing.

 

[Gamingphreek]

I understand that but that slowness isn't because of a CPU. 128MB of RAM is simply BARELY enough for XP and 2000. The CPU is fine, yes slow but not the culprit.

 

[compudog]

AdAware is actually Lavasoft and can be downloaded from here. Get Spybot S&D here. Good luck in your cleaning, though I suspect you will need to do a fresh install of the OS.

 

[OZEE]

Here are the instructions you need for fixing your hijack.



... I can't believe nobody has suggested this yet...

 

[GregANDTCH]

Hey OZEE

... I can't believe nobody has suggested this yet...

Actually John did up above:

Please read thru this thread carefully

Just click on the word "this" and you'll see it.

BUMP

 

[imported_Phil]

Originally posted by: ChuckP
I have a customers machine on my bench here (Compaq S4000X1T, 2.4 Gb Celeron, 128Mb Ramm, 40 Gb HDD, etc) that seems to have a new virus. It boots to XP home at the usual speed, then slows to a crawl. It took five minutes to open "My Computer" from the start button (I timed it). If I can get it to open Task Manager, and click on "processes", it includes multiple copies of a program listed as "ynbzd1o4rz.exe". It starts out with about 20 copies, and replicates so fast that I never can close all of them. If I leave the system running for awhile, it finally runs out of memory and locks up. I have contacted Compaq for a system restore disk (this is one of those that requires the customer to make their own, and I felt that it would take several days at the rate this machine runs). Norton and Mcafee don't seem to know anything about it. Anyone seen this before?

Chuck!

You can restore a Compaq without restore CDs by pressing F10 a few times on bootup, when you see the screen with "COMPAQ" in big red letters. Follow the instructions, and it'll restore the machine.