Malware Help (HIJACKTHIS)

[hq_axid]

hey all

i followed all the steps provided in this thread: http://www.computerhope.com/forum/index.php/topic,46313.0.html

and now i need help with the hijackthis .. what files should i check to fix?

here are the logs requested..

thanks in advance

Haroon

[recovering disk space -- attachment deleted by admin]

[evilfantasy]

Welcome to CH.

Download Trend Micro CWShredder.exe to the Desktop.

1. Double click the CWShredder.exe to open the Program and Click on I AGREE to accept the license agreement.
2. Checkmark the option Move CWS files found to the Recycle Bin instead of deleting them as a precaution. We can empty the Recycle Bin later once the infection is cured.
3. Click on Update to ensure the latest updates are installed.
4. Click Fix to let the CWShredder look for and fix any CWS infection it finds.
5. Click OK in the confirmation screen to continue.

) CWShredder will scan your system for known variants of CWS infections.
) The scan results are shown.

6. Click Next to continue.
7. Click Exit to exit the program.

----------

Now run a new HijackThis scan and post the log.

[hq_axid]

thanks,

i did as you asked and here is the new log:

and btw, there are no items in the recycle bin..



[recovering disk space -- attachment deleted by admin]

[evilfantasy]

If you do not use it I suggest going to Add or Remove Programs and uninstall Ask Toolbar

----------

Open HijackThis and select Do a system scan only.

Place a check mark next to the following entries: (if there)

- O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
- O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - (no file)
- O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)

Important: Close all windows except for HijackThis and then click Fix checked.

Exit HijackThis and restart the computer to register the changes made by HijackThis.


Are there still any problems?

[hq_axid]

hello
thanks again..

well i did that .. and before that i did all the steps in the thread i referred to and i deleted all kinds of malware .. i deleted all the viruses .. spyware..

BUT .. my biggest problem is still there: windows takes ages till it loads .. but when it loads it works so fine and fast and perfect .. no delays nothing .. perfect .. and one more thing .. there is this annoying alert sound that pops up when i want to close a program .. its really annoying .. its even there when i put the speakers on mute!

any idea how to fix these two things?

[evilfantasy]

Download ComboFix by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note:  It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
 
Double click combofix.exe & follow the prompts.
When finished ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

[hq_axid]

done ..
and i think the problem is solved

thanks a lot!!!
here are the log files

but ZONEALARM is not enabling again after i finished the combofix.. any idea?



[recovering disk space -- attachment deleted by admin]

[evilfantasy]

You may need to reinstall Zone Alarm.

Open HijackThis and select Do a system scan only.

Place a check mark next to the following entries: (if there)

O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

Click Fix checked and exit HijackThis.

----------

Go to Start > Run and type combofix /u
Note the space between combofix and /u

----------

Run the Kaspersky Online Scanner

In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.

• Click on SCAN NOW
  
• Click Accept.
  
• The program will then begin downloading the latest definition files.
• Once the files have been downloaded locate the Scan Settings and have it scan My Computer.
  
• The scan will take a while, so be patient and let it finish.

When the scan is done, in the Scan is complete window, any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.

To obtain the report:
Click on: Save Report As

• Next, in the Save as prompt, Save in area, select: Desktop.
  
• In the File name area use KScan, or something similar.
  
• In Save as type: click the drop arrow and select: Text file [*.txt]
  
• Then, click: Save

Copy and paste the Kaspersky Online Scanner Report in your next reply.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.