monitor control pops-up & adjusts randomly by itself, is this a virus?

[lenguadegato]

   i'm using Windows XP, downloaded a malware once that triggered a trojan-outbreak ...  had to reformat my PC. while Windows was already installing the monitor's brightness option kept popping-out and adjusts itself. i even deleted, created, & reformatted the partitions...it's still there, during start-ups til i shut down!

  then i installed AVG, while pressing the monitor button down- it somehow stops it. however it proceeds whenever i leave it alone. it became worse, toying with all the monitor controls?!? i also had to install SP2, then it stopped from selecting all of the controls and only the "brightness/contrast" options were manipulated. i scanned the whole computer with  AVG, but it didn't detect anything unusual!

  Now the 'brightness' control's the only one that pops-out, from start-ups til shut-down, and avg still doesn't detect anything... please help ASAP, am an out-of-school-youngster and i have to study a lot even just online and all... i don't know if this sort of malfunction would infect my tablet, this hinders me from my drawing/animating practices... badly... please help.

[evilfantasy]

Welcome to CH.

Download and rename TrendMicro HijackThis.exe (HJT)

• Double-click on HJTInstall.
• Click on the Install button.
  
• It will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe.
  
• Upon install, HijackThis should open for you.

• Close HijackThis and rename it.
  
• Go to C:\Program Files\Trend Micro\HijackThis.exe
  
• Right click on HijackThis.exe and select Rename.
  
• Type in sniper.exe and press Enter.
  
• Right-click on sniper.exe and select Send To > Desktop (create shortcut)

• From the desktop open HijackThis.
• If using Windows Vista, Right-click and Run As Administrator.
  
• Click on the Do a system scan and save a log file button
  
• HijackThis will scan and then a log will open in notepad.
• Copy and then paste the entire contents of the log in your post.
  
• Do not have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

Although we have renamed HijackThis to sniper, we will still refer to it as HijackThis or HJT.

[lenguadegato]

ok, done. what next?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:01 PM, on 7/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

--
End of file - 4351 bytes

[evilfantasy]

I don't see any malware and the symptoms you describe don't sound like it either.

I see you have SUPERAntiSpyware installed, have you done a scan with it?

Now the 'brightness' control's the only one that pops-out, from start-ups til shut-down

I don't understand what you mean by this.

[lenguadegato]

Now the 'brightness' control's the only one that pops-out, from start-ups til shut-down

i took pics from the PC next to it...

am still scanning SUPERAntiSpyware ... so far it's detected 8 Adware.Tracking Cookies ...

[recovering disk space -- attachment deleted by admin]

[evilfantasy]

I'm not sure that this is malware related. Let's see if Superantispyware finds anything.

[CBMatt]

Cookies are nothing to worry about.

I'm with evilfantasy on this one...it doesn't sound like a malware issue.  By the looks of it, your monitor is probably on the fritz.  Your graphics card could also be the culprit, but I think that's not as likely.  Do you have another monitor you can try?  And can you hook your monitor up to a different computer?  This is always the first thing you want to try when having significant monitor problems.

[evilfantasy]

I found some information on this in the links below. Sounds like it may just be a dust problem.

Why does my brightness control on my monitor keep coming up

Monitor Problems

If the menu keeps coming up the monitor thinks you pressed a button. A button is just a way of completing an electrical circuit. If dust accumulates on a circuit it can cause the circuit to act strangely. Purchasing some canned air from your local office supply store can solve this problem in most cases. Just blow the air in all the vent holes of the monitor to blow the dust out. Be sure to follow the directions on the can.[/qoute]

[lenguadegato]

Cookies are nothing to worry about.

I'm with evilfantasy on this one...it doesn't sound like a malware issue.  By the looks of it, your monitor is probably on the fritz.  Your graphics card could also be the culprit, but I think that's not as likely.  Do you have another monitor you can try?  And can you hook your monitor up to a different computer?  This is always the first thing you want to try when having significant monitor problems.

yes, i know the cookies are less of a threat...but...uhm, sure, once i get someone to lift the monitors for me ^^; everyone's busy... the video card's new, GeForce... i may try that though

[lenguadegato]

If the menu keeps coming up the monitor thinks you pressed a button. A button is just a way of completing an electrical circuit. If dust accumulates on a circuit it can cause the circuit to act strangely. Purchasing some canned air from your local office supply store can solve this problem in most cases. Just blow the air in all the vent holes of the monitor to blow the dust out. Be sure to follow the directions on the can.[/qoute]

I remembered something like that! only they taught me the exact opposite.. anyway, it's proven that dust can be that kind of conductor. somebody dusted the fans on this PC, last month... is it likely? (canned air isn't available here)

and Spyware's done:

[recovering disk space -- attachment deleted by admin]

[evilfantasy]

Yes I think you need to get inside of the monitor and clean it out.

Don't worry about the cookies, they are just .txt files so they can't do anything malicious.

[lenguadegato]

Yes I think you need to get inside of the monitor and clean it out.

Don't worry about the cookies, they are just .txt files so they can't do anything malicious.

K, i'll update you when am done... brb...

[lenguadegato]

   i almost forgot, the same thing happens even if the screen-saver's already on, and even when i'm in safe-mode. I dusted the monitor carefully but i may have to do it again, it's still in the middle of the screen. does that mean i can use my tablet on this computer? it's the only one i could borrow. we're short on cash, can't replace it at the moment.

  I also want to ask about preventing hardware-hacking, is AVG & SUPERAntiSpyware enough?