Hijack This Log

Discussion in 'Malware Help (A Specialist Will Reply)' started by lhanna, Jan 6, 2007.

  1. lhanna

    lhanna Private E-2

    Hi,

    My computer has been running slow for about two weeks now. My browsers lock up and stop working for no reason, along with any other programs I am running.

    I have run through all of the following steps:

    Uninstall malaware via add/remove programs. There was one logitech program there which I removed.

    I made sure that MSCONFIG was not controlling the startup of my computer.

    I downloaded and installed CC Cleaner.

    Enabled viewing of all file extensions.

    Made sure I was only running one virus protection program and one firewall.

    Downloaded getrunkey and shownew.

    Downloaded spybot, made sure that it was updated and ensured that no programs were being ignored.

    Downloaded counterspy.

    Downloaded hijackthis.

    Rebooted into safe mode and ran CC Cleaner, Spybot and Counterspy.

    Did the bitdefender scan.

    Did the panda scan.

    Ran getrunkey and shownew.

    Renamed hijackthis and ran it.

    I will now attach my logs.

    Thanks for any help you can give me. This is driving me batty.

    Counterspy did not find anything so I have not got a log, let me know if I need to make a log.

    Lurline
     

    Attached Files:

    lhanna, Jan 6, 2007
    #1
  2. lhanna

    lhanna Private E-2

    Hope this helps.

    Lurline
     

    Attached Files:

    lhanna, Jan 6, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    Based on you logs you don't appear to be having any major malware issues. I will give you a few things below to do (most non-malware related) but you major problems are more than likely due to what you are running and also what you have been installing and uninstalling. I see left overs from Symantec Antivirus, Avast Antivirus and possibly AVG.

    Right now I would suggest uninstall the CounterSpy trial since it is only a trial and found nothing anyway. Also it will slow you down even more.

    Then delete the below:
    C:\Documents and Settings\All Users\Desktop\CounterSpy.lnk <--- may be gone after the uninstall
    C:\Documents and Settings\user\Local Settings\Application Data\Sunbelt Software
    C:\Program Files\Alwil Software
    C:\Program Files\Grisoft
    C:\Program Files\Sunbelt Software


    Uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9


    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
    O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
    Also fix the below 2 lines which you do not need to load at startup.
    O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    After clicking Fix, exit HJT.

    Now do some research and decide whether you really need the below to be installed and do you really need them to always load at startup.
    O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [AtariBanner] "C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Banner.exe" /0
    O4 - HKLM\..\Run: [Atari Launcher 2] C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [MSGTAG] "C:\Program Files\MSGTAG\MSGTAG.exe" /startup
    O4 - HKCU\..\Run: [Screen Calendar] "C:\Program Files\Screen Calendar\scrcal.exe" -m
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
     
    chaslang, Jan 7, 2007
    #3
  4. lhanna

    lhanna Private E-2

    Ok, I have done everything that you said. Thanks so much for your help. Is there anything else I should be doing? Posting logs so you can check that I have done ok? Deleting restore points? Just run away and behave myself from now on? *grin*

    Thanks again,
    Lurline
     
    lhanna, Jan 7, 2007
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Well you could attach new logs from ShowNew and HJT so I can see what you have done. You don't need to delete any restore points, we did not remove any malware.

    You also did not say whether you are still having problems.
     
    chaslang, Jan 7, 2007
    #5
  6. lhanna

    lhanna Private E-2

    Here you go, logs as requested. It does seem to be running better, but I haven't rebooted yet. I will do that shortly.
     

    Attached Files:

    lhanna, Jan 7, 2007
    #6
  7. lhanna

    lhanna Private E-2

    Ok, there still seem to be problems. First time I rebooted, I could not get any connection to the internet at all, except through my zmud client. My thunderbird, firefox and ie all could not connect. Kapersky was running a scan of startup objects and that slowed the system down heaps too. I have set that to run at 5am, when I am invariably asleep, and all the other scans to run in the wee small hours too.

    I rebooted again, and had no problems connecting to the internet with any of those programs. However, my cpu seems to be running at 100% all of the time, and I know that isn't right. My hard drive is making a lot of whirring like it is working hard too. scrcal.exe is taking up to 98% of the cpu. I am not sure what this is or if it is normal.
     
    lhanna, Jan 7, 2007
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That was one of the items I asked you to consider whether you need it to load and run all the time. Try uninstalling it (at least just to test what happens). The reboot and see how things look. You are outside the realm of the malware forum now. This is not malware. It is something you installed and if it is causing you problems then it is up to you to fix it.
     
    chaslang, Jan 8, 2007
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds