Suspected Malware Problem

Discussion in 'Malware Help (A Specialist Will Reply)' started by garrad, Feb 25, 2007.

  1. garrad

    garrad Private E-2

    Hi

    My computer has recently started behaving strangely. I first noticed that it was taking a long time to start up. More recently I have noticed that my Windows Installer msiexec.exe will hang when trying to install or uninstall any programme; Internet Explorer will hang upon opening (although not in safe mode); Foxfire would not open at all, yet when I looked in the Task Manager it was in the list (although in the list of Task Manager there was no Username next to most of the items) - incidentally Foxfire is now opening OK; my Norton Internet Security started complaining a month ago that the subscription had expired, yet I had only upgraded to 2007 version in December 2006 - now Norton Internet Security doesn't start up at all and it hangs when I try to open it manually; Quicken hangs when trying to connect to the internet to download stock prices (although not in safe mode).

    Because of the nature of the problems it has been difficult to run all of the steps in the Malware Removal Guide, however I have tried to follow the steps as closely as possible.

    Initially I uninstalled a programme called Viewpoint Media Player, then I did all the downloading for the various programmes, although I couldn't install CounterSpy because of the Windows Installer issue. I restarted the computer in safe mode, ran CCleaner on the Administrator and my own account, ran Spybot, AVG Anti-Spyware, BitDefender, Panda Active Scan etc.

    I am now at the stage where I have collected all of the logs and I would be interested if someone has a suggestion as to what I can do to return my computer to its normal state.

    I have attached all of my log files in a zipped file attachment.

    I look forward to a response to my request.

    Thanks

    Garrad
     

    Attached Files:

    garrad, Feb 25, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majrogeeks!

    You don't really have any malware issues! You do have other issues to fix though!

    You have 12 outdated versions of Sun Java installed. We need to get them all uninstalled and get you updated.
    Uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 4
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 8
    J2SE Runtime Environment 5.0 Update 9
    Java 2 Runtime Environment, SE v1.4.0_03
    Java 2 Runtime Environment, SE v1.4.2_05
    Java 2 Runtime Environment, SE v1.4.2_06
    Java 2 SDK, SE v1.4.2_03
    Java 2 SDK, SE v1.4.2_05

    Make sure you reboot after uninstalling the above!

    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

    If you need the Sun Java Development kit you can get it here: http://java.sun.com/javase/downloads/index.jsp



    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    After clicking Fix, exit HJT.
    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Now Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

    NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.
    • Double-click ATF-Cleaner.exe to run the program.
    • Under Main choose: Select All
    • Click the Empty Selected button.
    If you use Firefox browser
    • Click Firefox at the top and choose: Select All
    • Click the Empty Selected button.
      • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser
    • Click Opera at the top and choose: Select All
    • Click the Empty Selected button.
      • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main ATF Cleaner menu to close the program.




    Now attach the below new logs and tell me how the above steps went.
    1. GetRunKey
    2. ShowNew
    3. HJT


    Make sure you tell me how things are working now!

    If you are still having problems with Norton, you may need to completely uninstall it, reboot, and then reinstall!
     
    chaslang, Mar 1, 2007
    #2
  3. garrad

    garrad Private E-2

    Hey, thanks for the reply.

    I tried to uninstall all the Java applications in both normal and safe modes but it didn't work. When I try to uninstall something which uses Windows Installer it just stops at the Preparing Installation step for about 20 minutes and then gives an error Server is not Responding.

    I have therefore left it installed for the moment, hoping that you might have a recommendation to force an uninstall of this programme.

    I have otherwise done everything that you suggest. Unfortunately, when I start the computer in normal mode, I still have intermittent problems with Firefox sometimes not appearing (even though it appears in the list of processes in Task Manager), Internet Explorer doesn't ever open to a web page, and as I've just mentioned, Windows Installer just hangs.

    Any further assistance would really be appreciated. I've attached my latest logs.
     

    Attached Files:

    garrad, Mar 2, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Sounds like you have non-malware problems with Windows Installer. You will have to address these issues in the Software Forum. Until you get them fixed you will have problems installing and uninstalling anything.
     
    chaslang, Mar 2, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds