Believed to be a heavily infected computer

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by dell1705user, Jun 1, 2007.

  1. dell1705user

    dell1705user Corporal

    This is a friend's computer that is slow as molasses and has been reported to have been infected with spyware and trojans.
     

    Attached Files:

  2. dell1705user

    dell1705user Corporal

    other logs...
     

    Attached Files:

  3. dell1705user

    dell1705user Corporal

    Additionally, new anti-virus software is going to be installed as soon as it is cleaned up here. Thanks ahead of time.
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Slow PCs are not always cause by malware. And that is the case here too.

    Uninstall CounterSpy now which will just slow you down more.

    You can have HJT fix the below items. Some of them have nothing to do with malware. They are just not necessary.
    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    O2 - BHO: (no name) - {130f5d27-c902-4607-a06c-a87b750b136b} - (no file)
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O20 - Winlogon Notify: KBDPOS - KBDPOS.dll (file missing)

    After clicking Fix, exit HJT.

    Now reboot in normal mode
    See if there is any improvement! If not, then look into what you are running (like Symantec for one) since your problems are not malware.
     
  5. dell1705user

    dell1705user Corporal

    OK, I performed the fixes that you recommended in HiJackThis.

    Now, I cannot seem to disable the Verizon Help Center on startup and I can't figure out how to delete Dell MusicMatch Jukebox on here. I have tried through Add/Remove unsuccessfully.

    Also... Are all Symantec/Norton anti-virus software resource hogs? I noticed in the keeping yourself from getting infected section, you mention to use on of the free anti-virus programs as they are quite good and are FREE... yet, are they better than symantec/norton in their performance? If they are then I will not install the Symantec anti-virus I was originally going to install on this comuter? Your thoughts please.
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    These are not malware issues and both of them appear in your uninstall list based on your ShowNew log. Uninstall anything you don't need! If they will not uninstall, via Add/Remove programs then try this: Your Uninstaller! 2006 Otherwise post about these in the Software Forum since they are not issues for this forum.


    Basically yes! Some vintages/version are just worse than others.

    Much better and in many cases they are better at detection and removal too.
     
  7. dell1705user

    dell1705user Corporal

    ok... thanks.

    I still feel like I'm left in the dark about this computer.
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I don't know what you mean! What little malware you had was removed by the standard cleaning procedures and I gave you a few other things to do to remove a few other items and to improve performance. I don't know what else you are looking for or what problems you are having. If you are having performance/speed problems, then uninstall Symantec as already stated.
     
  9. dell1705user

    dell1705user Corporal

    I meant from the owner's standpoint. Sorry for the misunderstanding. Thanks for all your help.
     
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I still don't know what you mean! What is the owner's standpoint? If it is that the PC is slow, I already told you what to do.
     
  11. dell1705user

    dell1705user Corporal

    Only that the owner has programs on here that if it were my computer I would remove, but she is very hesitant to take them off. So I will only leave them for her peace of mind. She says the computer was great and much faster right after we did all the fixes to it, but that it is beginning to run slow again. When asked what exactly was "slow" about it, she mentioned web pages. I tried telling her that isn't necessarily her computer, but also could be the internet connection, the web page she's trying to load, server problems/bog down, etc.

    Additionally, I told her about running another AV other than Symantec and she is against it, so fine, I will let her be with it.
     
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay then on to the final steps!

    If you are not having any other malware problems, it is time to do our final steps:
    1. If we used Pocket Killbox during your cleanup, do the below
      • Run Pocket Killbox and select File, Cleanup, Delete All Backups
    2. If we used ComboFix, you can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, and the C:\combofix.txt log that was created.
    3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
    4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
    5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
    6. If we had you run Avenger, you can delete all files related to Avenger now.
    7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    8. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
    9. If you are running Windows XP or Windows ME, do the below:
      • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds