Jump to content

Virus hiding program buttons


Recommended Posts

Hello and Welcome to Malwarebytes

 

We are not permitted to work on possible malware-related issues here in this section of the forum.

Such work is conducted in a special forum area reserved for that purpose, or at the help desk.

So, for expert assistance, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.

It explains the options for free, expert help -->>AND<<-- the suggested, preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue.

Thank you

Link to post
Share on other sites

This sounds like a GDI issue where Windows is running out of the memory it uses for drawing things like buttons on the screen (I've seen it happen occasionally myself, especially on systems with lower amounts of graphics memory and/or underpowered video cards (especially integrated graphics such as those from Intel which use shared system memory and tend to have less or no dedicated graphics memory).  There are a few things you can try, but probably the most surefire way to correct it, assuming it only happens to one program (such as Malwarebytes Anti-Malware) is to restart that program.  To restart Malwarebytes Anti-Malware simply right-click on the Malwarebytes tray icon in the lower-right of your taskbar and choose 'Exit' and click 'Yes' when asked if you're sure, then launch Malwarebytes Anti-Malware again by opening it from the shortcut on your desktop or in your START menu (START>All Programs>Malwarebytes Anti-Malware>Malwarebytes Anti-Malware).  If it happens to all or several programs then your best bet might be to try closing any programs you aren't using that you don't need running at the moment such as browser windows you're no longer using/reading.  If none of that helps then the most surefire solution when this occurs is to simply restart the computer and it should function normally again until enough items are rendered/drawn on the screen that it once again runs out of GDI allocated memory at which point you'll see the same behavior again and will need to once more restart the PC to refresh everything.

 

It's definitely an annoying issue but the only absolute 100% effective means of totally eliminating it that I know of is upgrading your graphics card which can be a bit pricey and isn't possible on all systems (for example, it's not possible or at least extremely pricey and difficult to upgrade the graphics card on a laptop or other portable device).

Link to post
Share on other sites

By the way, if you wish to dig into the technical details of what I'm talking about above you may refer to the following pages and resources:
http://weblogs.asp.net/mikedopp/increasing-user-handle-and-gdi-handle-limits - Note: this one specifically applies to Windows XP and older operating systems but most if not all of the info is still valid for newer systems (I checked on that registry setting and it's still valid for Vista+) and chances are the registry setting mentioned either will work on or will have absolutely no effect (positive or negative) on your system, but do backup your registry just in case as recommended in the article
http://stackoverflow.com/questions/9723470/whats-the-upper-limit-on-gdi-objects-for-one-process-in-windows-7
 

Link to post
Share on other sites

One thing to remember with laptops is that they have a very limited airspace when dealing with cooling, and collection of dust in the air vents can lead to processor overheating.  Your graphics card has its own graphics processor, and normally it is passively cooled.  A brand new laptop will have its vents cleared of obstructions to air flow, but over time, normal use of the laptop will ingest dust and other particles into the vents, which will cause the air flow to be reduced, and thus lead to overheating.

Again, just because the issue has never manifested before does not mean it won't start to happen now.  I would advise reading into the topics that @exile360 has posted, as well as reading these two other topics I found on the internet regarding overheating that may be applicable to your situation as well.

http://www.tomsguide.com/forum/83001-35-sony-vaio-overheating

http://www.techsupportforum.com/forums/f108/solved-problems-with-f-series-sony-vaio-cpu-overheating-572198.html

With regards to the second post, unless you have absolutely no way to get a hold of canned air, as that poster was, I highly recommend that you go the compressed air route and not the disassembly and vacuum route, as the possible dangers to your laptop are mentioned in that post.  If you cannot use the compressed air yourself, I would highly recommend taking it to a local computer repair shop.

However, feel free to exhaust all of the resources mentioned by Firefox in ascertaining that your machine is not, in fact, infected in any way or manner first before option ot explore other alternatives.

Link to post
Share on other sites

  • Root Admin

The very first log shows the computer is infected.

http://www.bleepingcomputer.com/startups/clbdriver.sys-23372.html

The logs also show a proxy which is not normal, alternate data streams that are not normal, failed networking services which is often a sign of infection or damage from a previous infection never fixed up.

uTorrent illegal content downloaded. If you wish to obtain further assistance please remove said pirated content and then seek further help as directed by Firefox in the malware removal section.

Thank you

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.