Help me please.

Welcome to Major Geeks!

Most people are under the very mistaken misconception that HijackThis is a scanning and detection tool. It is not! HijackThis is simply a tool that is used to identify browser hijackers and in some cases it will show entries for some malware that is for instance running at startup. A HijackThis log shows the following:

• a running process list with no reference to good or bad
• it lists the contents of a selected group of registry keys that is an an extremely small subset of the tens of thousands of keys that may exist. Again no reference to good or bad.
• and some of the above keys that are shown may show some non-Microsoft system services that are running. Again with no reference to good or bad.

The decision on what is good or bad is left a person with significant Windows and malware cleaning experience.

HijackThis does not come close to showing all malware that could be hiding on a PC. Anyone who has an infected computer and is relying on HijackThis without the benefit of running other scans such as Spybot, Windows Defender, BitDefender & Panda, CCleaner, etc. are more than likely still infected. In most cases, where there is one virus/trojan there are more.

The goal of this forum is to remove all malware, and this cannot be done properly by just seeing a HijackThis log.

If you wish to know whether your PC is free of malware, run the READ & RUN ME FIRST Before Asking for Support sticky thread and also make sure your properly installed and renamed HijackThis.

 

Unless you attach all the logs requested in the READ ME, we cannot tell you anything about your malware status.

What problems did you have with running BitDefender?
What browser did you use?
Does PandaActiveScan run?

Even without the above two logs from the online scans, there are 4 other requested logs.

 

You HijackThis log is of no use for several reasons:

• you did not install it in the proper folder as requested
• you did not rename the executable file as requested
• it needs to be the last thing run.

We don't need or want CCleaner logs. They are not useful.

What slowdown? This is the first time you mentioned it.

 

No you have to follow the directions in step 7 of the READ ME. It tells you exactly what to do.

However you never said what malware problems you are having.

 

But you have not said what the problem is other than " i start up is much slower, sounds are distorted and choppy." which more than likely not malware as stated in the begining of the READ ME. However we will not know for sure until all logs are posted.

 

Okay when you attach the below list of logs requested in the READ ME, we will know if you have malware problems or not:

• CounterSpy - only for Windows XP, 2K, & NT users
• AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
• Bitdefender - from step 6
• Panda Scan - from step 6
• runkeys.txt - the log from GetRunKey.bat
• newfiles.txt - the log from ShowNew.bat
• HijackThis

Right now my guess would be that eTrust EZ Armor is slowing you down.

 

It is not a matter of reliable. It is a matter of how much of your system resources it is using up which will make your system slow. All internet security suites are resource hogs.

Absolutely not. As stated in the READ ME, Panda is to be run after BitDefender. In addition running them at the same time will cause each to run much much slower and they could interfere with each other.

Where is your CounterSpy log which should already have been run?

 

Don't bother with rerunning CounterSpy or with Panda. I don't believe you have malware problems. Just attach the GetRunKey and ShowNew logs. Then uninstall CounterSpy immediately.


You can uninstall your security suite and replace it with some free tools from the below link:

How to Protect yourself from malware!


I suggest you try AVG Antivirus, Comodo Personal Firewall, and Comodo BOClean Antimalware.

 

Uninstall A-Squared. Also stop automatically running CCleaner at startup which is adding to your slow startup. Then reboot and tell me if there is any improvement.

Attach new logs from ShowNew and HJT.


General comment: All protection software is going to have an impact on system performance. There is no way to avoid this. It is just a matter of how much of an impact the software has. Some are worse than others.


What are your PC specs?

• Processor type & speed?
• how much RAM

 

You did not say what the impact or uninstalling A-squared and not running CCleaner at startup had.

Compared to what? What reference point are you referring to? Are you saying it is slower now then when you had all of those processes and service from eTrust?

Yes this is always the case for all PCs.

What do you mean by Windows Startup Theme?

Do you have a hi-resolution desktop image for wallpaper? Get rid of it and use no wallpaper. Just use a plain desktop with a solid color.

If you feel that Comodo's Firewall and BOClean are slowing you down too much then uninstall them and use one of the other programs from the how to protect yourself link. However you are going to find that ALL programs like this will have an impact on startup time. It is required for the programs to hook into your system to protect you. Also to provide active protection, they will also have an effect on normal system performance. It is a necessary evil. You can either sacrifice startup time and system performance or you can spend lots of time trying to recover from malware issues and some of them that could occur without proper protectionm, may result in loss of data.

In reality your PC is a little on the slow side in the current day and age and how demanding various security applications have become.

You should delete the below folders which are left over from various uninstalls:

Code:

C:\Documents and Settings\All Users.WINDOWS\Application Data\
CA            Jul 12 2007              "CA"
VIEWPO~1      Jul 13 2007              "Viewpoint"
 
"C:\Program Files\"
A-SQUA~1      Sep 10 2007              "a-squared Free"
CA            Jul 12 2007              "CA"

Also you should delete the below file wasting over 1.3 Gigabyte of disk space. Do you know what this is from?

Code:

"C:\"
228.tmp       Sep 10 2007  1348685824  "228.tmp"

 

Okay, if you are not having any other malware problems, it is time to do our final steps:

1. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
2. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
3. After doing the above, you should work thru the below link which you have already started looking at but make sure you work thru all of it:
   • How to Protect yourself from malware!

.

 

You're welcome. Surf safely!