routine checkup? tons of malware

i noticed my computer was going slow again. i dont download too much, anymore, and when i do, its usually bittorrenting a song. tuesday morning, i ran my computer, it seemed fine, maybe just a little bit of a slow startup screen, but i went off to work, and came back 6 hours later, and turned on my computer. i cant recall everything that happened, but i do remember that i had a few pop-ups, and self-installing malware stoppers that i stopped before installing

i went through chaslang's support page that tells you how to download good things for your computer like HJT, and Spybot, and CCleaner, etc.

so i guess the symptoms are:
-slow computer start up
-pop ups
-viruses


haha, im sure you guys are sick and tired of helping people with their computers, but help is appreciated

 

i never posted the logs?

okay, yea, i wont bittorrent, then, easy enough, right?
or limewire

thanks for pointing that out to me, i had no idea you coudl get malware from BT

i have all 6 logs and ill post them here

 

sorry about that

 

Download
- Pocket Killbox

You are using MsConfig to prevent several items from running, this is not the proper way to disable unwanted programs. MsConfig is a diagnotic tool, it was not intended for use as anything else. Enable everything you have diasbled. If some of these disabled porgrams are generating error messages at system start, then we can correct this without using MsConfig.

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 8 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Copy the contents of the below quote box to Notepad; Save As FixReg.reg to your Desktop. DO NOT run it as this time we will do that later in Safe Mode.

Close Notepad.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files

Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Locate FixReg.reg on your Desktop. Double-click on it and answer 'Yes' when asked if you want to merge with the registry.

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

thank you for your help, so far

i enabled all of the things on "MSConfig" that were on before. unfortunately, that was everything. i just dont like everything running as soon as my computer boots up. could i just go into each start up program and configure it so it doesnt start with boot-up?

 

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process. Exit HjackThis

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files

Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

MsConfig is simply a diagnostic tool, it is used to troubshoot startup processes. MsConfig was never intended to be used as a tool to disable startup items. If there are unwanted items loading at sytem start then you disable those items by using the tools own configuration menu or delete the Registry Key responsible for starting the program when Windows starts.

By the looks of your log you had F-Prot installed at one time and parts of it are still on the system. This needs to be fixed. Which items do you want to prevent from loading at Windows start?

 

c:\5838fdfc128d7a60bd\mrtstub.exe was not found on HJT

pocket killbox could not locate c:\5838fdfc128d7a60bd\mrtstub.exe

Also, c:\5838fdfc128d7a60bd could not be found



would you like me to uninstall F-Prot?



the things that i dont want to start on bootup are things like AVG virus update, and Counter Spy, and D-Link, and HP Digital Imaging Monitor

i know those arent bad to have on start up, but i dont use those at all when i first start my computer. i can live with those starting up, though

 

There should never be more than 1 resident Antivirus application installed on a computer; even if one or more are disabled. They will creat conflicts. and often they will report each others signature files as infections.

AVG is the better of the 2 programs you have installed. Uninstall F-Prot. You also have processes from Symantec loading at Windows start.

It is not wise to prevent your Antivirus application from starting at system start. There are many forms of malware that will load before you manually start AVG.

Post a new GetRunKeys log. The run key responsible for loading HP Digital Imaging Monitor doesn't show in HijackThis.

 

i got rid of the symantec stuff, and the F-Prot

 

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

HP Digital Imaging Monitor isn't being loaded by the registry, look in your Startup Folder, in the Start Menu, for a shortcut. If there isn't one, you will have to look in the scanner configuration options, to turn this off.

 

okay, i ran HJT and got rid of those paths


You have been extremely helpful, and I'd like to thank you for your help. so, Thank you very much for your help.

If theres anything else I should know, please let me know.

 

Flush all your restore points and create a new clean one for your system.

Disable And Enable System Restore
How to Protect yourself from malware!

Safe surfing.