Some help for a PC newb

Welcome to Majorgeeks!

Not sure if you have a malware issue or not. Let's be sure by doing the below.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis

.

 

Okay! Be sure to attach the requested logs (see steps 6 & 7) if still having problems. Make sure you follow step 7 and the link given in it to get HijackThis installed correctly.

 

Yes! It can take a very long time. A few things have an effect on the speed:

- the number of drives in the PC being scanned
- the number of files on the drives
- the speed of your internet connection
- the number of files that are actually found to be infected

 

One other thing that I did not mention will impact the time it takes.

If you continue doing other things on the PC like surfing (coming here to post or reading threads) or running other processes. This will all increase the time it takes to run.

Panda will quite awhile too when you run it next.

 

Please read step 3 of the READ & RUN ME again. You have both AntiVir and Symantec installed. Pick one and uninstall the other.

 

Did you install Safe-Share ? This contains malware. See: http://www.bleepingcomputer.com/startups/Unshare-7133.html

Goto Add/Remove Programs and uninstall it. Let me know if you find it and it uninstalls.

 

It could be! It may have come bundled with malware. But even if it was not, P2P applications are one of the largest spreaders of malware. Some malware removal programs will detect SafeShare and remove it automatically.

When did you problems being? Was it around the time this was installed? (you did say "Computer freezing up late last week")

Did you uininstall one of the antivirus programs yet?

 

Which may also be ruffly around the time of installed Photshop CS2. Did you download this using SafeShare? If so, perhaps this is the root of your problems.

Uninstall one now!

 

None of the antivirus programs I'm referring to were part of the READ & RUN ME.

 

Did you miss message # 11?

 

Okay! You really only show minor issue in your HJT log. None of which would be causes of your problems with your PC freezing.

Is it still happening? When does it freeze? What are you running when it freezes (want to see if it is related to any program in particular)?

I'll be offline for an hour or so now!

 

Adding memory can do this if it is bad or if it is not up to spec with what your PC requires.

I would suggest leaving the memory out or at a minimum verifying they are the correct type and speed for your PC and running a memory test on them too. None of this; however, is a topic for this forum.

 

Alrighty then! Good luck!

 

It could be from malware but your previous logs did not reveal anything.

Do you actually know when it was turned off? Could it have been off for awhile and you are just noticing now?

 

So what is your are your current problems? Is there only an issue with getting your Symantec firewall enabled?

By the way is your WinXP SP2 firewall disabled? It should be if you are using a 3rd party firewall.

 

Perhaps you need to consider dumping Symantec (all of it) and getting something better.

Is your Symantec firewall enabled now?

 

Sometimes but sometimes not! There are many new stealth programs (some called rootkits) that hide themselves from normal scans. Part of the reason we run the READ ME and keep telling people to do that before HJT is because in reality HJT does not show that much and it does not indicate bad from good. It just shows a the contents of a few registry locations and shows running processes. And even using it to fix a particular line (which just removes a registry key) is not a comprehensive as the cleanup performed by the scanning tools.

There are a bunch more tools that we can run if you desire to dig in deeper.

 

Run the steps in the below and attach the logs:

• Running Spy Sweeper...
• Running Ewido Security Suite ...

Also download Blacklight Beta

• Hit I accept. It will take you to download page.
• Download blbeta.exe and save it to the Desktop.
• Once saved... double click blbeta.exe to install the program.
• Click accept agreement and Click scan
  This app too may fire off a warning from antivirus. Let the driver load.
  Wait for it to finish.
• If it displays any items...don't do anything with them yet. Just hit exit (close)
• It will drop a log on Desktop that starts with fsbl....big number

Please post contents of log.

You can also run the below tools if desired:

avast! Virus Cleaner Tool No installation required! Ready to run as is
McAfee AVERT Stinger..... No installation required! Ready to run as is.

 

Okay when finished, just attach the three logs and also tell me the results of the Avast and Stinger scans.

 

Your logs show no indications of any real malware issues. Just the same minor items in your HJT log I mentioned early which have nothing to do with your problems. Have HJT fix the below lines so at least we have them out of the way:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

I suggest you pursue this further in the Software Forum. You may have a hardware or software conflict. Somethings I would try are:
- check if you ever have crashes in safe mode
- possibly disable certain software from loading (maybe even uninstall it) to see if this helps. I would start with uninstalling Symantec.
- running a memory tester. This directory has a bunch of them: http://www.majorgeeks.com/downloads26.html this one may be a good start: Memtest86+

- I would also recommend looking at your Event log for additional information that may be given on the crashes. You may have to enable event logging! The guys in the Software Forum can help with this.

You should put a link in your thread in the Software Forum to this one so they can reference it to see what we have done.

 

You're welcome!