conhook.aa, and other stuff I'm sure - please help kind geeks!

Hi all.

I've been putting this off for a little while, but some new problems have forced the issue.

I've had a trojan (i think) that's made iexplorer go batty for a while now - I've avoided it by using firefox, but lately I've been having regular sound issues (breaking up, digitizing, etc), my hp laptop hasn't been able to stay in a hibernate or stand-by state, and often when it boots up the desktop doesn't appear - I have to logoff w/ task manager and then re-login.

um...so here are my logs (more to come)

Thanks in advance,

-pm

 

thanks again guys , here are the other logs:

 

Download
- Pocket Killbox

Copy the contents of the below quote box to Notepad; Save As FixReg.reg to your Desktop. DO NOT run it as this time we will do that later in Safe Mode.

Close Notepad.

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 6 available from Sun Microsystems. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files
Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Locate FixReg.reg on your Desktop. Double-click on it and answer 'Yes' when asked if you want to merge with the registry.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:

Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Posat a fresh HijackThis log along with fresh ShowNew and GetRunKey logs.
Now boot into SAFE MODE

 

Thanks!

Ok, I've done the following, and attached are my logs.

I'm still having some audio corruption, the pc seems to be booting quicker, and something I forgot to mention before - I wasn't able to burn a cd with multiple programs recently - kept getting an error message asking to reduce the speed of the burner (I'd reduced as much as possible).

Thanks again for your help,

-pm

 

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Reboot

Post a fresh HijackThis log.

Sometimes you may need to reduce the burn speed. Usually isn't malware related.

 

Ok, done.

Here's the hjt log

Also, successful burn - must've been something causing problems that session.

Unfortunately I'm still having some audio glitches. No hardware or driver problems. Just using the stock Conexant AC-link card. I use the laptop for audio recording and this issue is giving me fits. I'm guessing now that the audio issues aren't malware related. If you have any insight into what to do to unravel that problem I'd be REALLY stoked.

Thanks,

-pm

 

Your HijackThis log is clean.

From the Device Manaer, delete your audio card and then reboot. This will force windows to reload the hardware and drivers for the sound card.

 

Thanks again for everything.

So I'm still having the audio problem. It's been happening with all types of audio (from windows sounds to audio recording and editing), and with my internal soundcard as well as firewire/usb ASIO cards.

My hunch was that there's something interfering with the audio, but I really don't know. I'd thought it was the malware, but apparently not...Maybe it's hardware...well, let me know if I should take this to another forum.

Seriously though, thanks for the help.

-pm

 

Let's look for rootkits.

Download Blacklight Beta from here:
http://www.majorgeeks.com/F-Secure_BlackLight_d5156.html

• Download blbeta.exe and save it to the Desktop.
• Once saved... double click blbeta.exe to install the program.
• Click accept agreement and Click scan
  This app too may fire off a warning from antivirus. Let the driver load.
  Wait for it to finish.
• If it displays any items...don't do anything with them yet. Just hit exit (close)
• It will drop a log on Desktop that starts with fsbl....big number

Please post contents of log.

 

Ok. I ran the scan, nothing found.

Here are the contents of the fsbl file

 

No Rootkit in the log.

This sounds like a software issue. Start a thread in software about the sound issue. They should get it sorted for you.

 

Alright, thanks again.