[Kieran]

Hi guys, I was wondering if I could get a little help here.
I’ve had a problem for a while now where my system takes extremely log periods of start-up times and other things. Including freezing while on a webpage. Now I’ve had an issue it the past where I accidentally left my laptop powered up for the day on my bed whilst I was out which offered the laptop now ventilation. (Stupid me) Due to that my laptop has overheated a lot quite recently but I don’t think that is the whole problem, I am using zone alarms anti-virus that comes with there security package as every anti-virus I have used in the past has sucked CPU resources no end! (Except sophos which I can no longer afford). Just recently I had a warning from zone alarm informing me that programs such as MSN Messenger was trying to log keystrokes ECT. This immediately brought to my mind that I could have been infected with a key logger, Also I had a scan result of the two following infections (Troj.Win32.Dialer.qn) and (Troj-Clicker.HTML.iframe.back) Which I think seem to be coming back no matter how many times I try to clean/delete or quarantine them. Also I have had another virus called (Backdoor.Win32.Netbus170) which has come back on most occasions.

I also have the following Anti-Spy ware apps but the never seem to pick anything up
Spybot S+D
CCleaner
Zone alarm security suite
And
Adaware SE.
If anyone has any other recommendations that would be highly appreciated!

I have included a Hi-Jack This log to be checked out!

Cheers guys and ill be happy for any responces recieved!
Kieran!

[evilfantasy]

Do me a favor and don't use any formatting in these posts.

It's too hard to read

[Kieran]

Sorry, I was typing up my post in MS Word and i think it put formatting code in without me knowing, I have edited the post and taken the formatting code out.

[evilfantasy]

Originally Posted by Kieran Sorry, I was typing up my post in MS Word and i think it put formatting code in without me knowing, I have edited the post and taken the formatting code out.

Thanks!!!

Why is your antivirus turned off?

Slow computer? You have way too much running at startup. Also Zone Alarm is not friendly when it comes to resources. Do you mind getting rid of it for something better, and free?
If so, will take care of that after we are sure there is no malware. And we will clean up the startups.The log isn't showing any malware, but hijackthis doesn't show everything that might be there. The trojans you have mentioned (if still there) need to be looked into.

Please download Combofix by sUBs from either here or here

Save Combofix.exe to your your Desktop.

1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter)
2. When finished, it will produce a log for you.
3. Attach that log in your next reply.

Note:
Do not mouseclick combofix's window while it's running. That may cause your computer to stall

[Kieran]

Originally Posted by evilfantasy Thanks!!! Why is your antivirus turned off? Slow computer? You have way too much running at startup. Also Zone Alarm is not friendly when it comes to resources. Do you mind getting rid of it for something better, and free? If so, will take care of that after we are sure there is no malware. And we will clean up the startups.The log isn't showing any malware, but hijackthis doesn't show everything that might be there. The trojans you have mentioned (if still there) need to be looked into. Please download Combofix by sUBs from either here or here Save Combofix.exe to your your Desktop. 1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter) 2. When finished, it will produce a log for you. 3. Attach that log in your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause your computer to stall

ATLONG LAST! - Here is the combofix log.

And in regards to your post...

I don’t think my anti-virus is switched off, Its due to the process being bundled with the zone alarm security centre and windows XP could not pick up that it was there so I chose to monitor it myself.

I don’t mind getting rid of zone alarm if it means my computer becoming more healthy.

Cheers!
Kieran.

Ps. I also forgot to mention that I have being having problems with the date and time recently too, The date to start with always seems to be resetting to a really early year e.g. 1906 or something no matter how many times I reset it, Also the time seems to be going from 12.00AM to 1.00PM and then resetting again, Does anyone know why?
Sometimes is does work correct but when I restart my computer the problem returns.

[evilfantasy]

XP could not pick up that it was there so I chose to monitor it myself

???? It isn't on. I can see in the HijackThis log that it is turned off. Don't worry we will have you set up in no time with something that works the right way.

Download these two programs but do not install them yet, just keep them on the desktop.

Avast 4 Home Edition.exe

PC Tools Free Firewall Plus.exe

Now boot into Safe Mode
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, begin tapping F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
5. Press enter.

It is important to do this in safe mode.
Go to add/remove programs and uninstall Zone Alarm Security Suite and anything else that has to do with Zone Alarm.

Now reboot into normal mode and install the antivirus and firewall before going online.

Then run SAS

Please read carefully in order to clean and save the log properly

Download SUPERAntispyware Free Edition

Install it and double-click the icon on your desktop to run it.
* It will ask if you want to Update the program definitions, click Yes.
* Under Configuration and Preferences, click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked:
+ Close browsers before scanning
+ Scan for tracking cookies
+ Terminate memory threats before quarantining.
+ Please leave the others unchecked.
+ Click the Close button to leave the control center screen.
* On the main screen, under Scan for Harmful Software click Scan your computer.
* On the left check C:\Fixed Drive.
* On the right, under Complete Scan, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK.
* Make sure everything in the white box has a check next to it, then click Next.
* It will quarantine what it found and if it asks if you want to reboot, click Yes.
* To retrieve the removal information please do the following:
+ After reboot, double-click the SUPERAntiSpyware icon on your desktop.
+ Click Preferences. Click the Statistics/Logs tab.
+ Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
+ It will open in your default text editor (such as Notepad/Wordpad).
+ Save the notepad file to your desktop by clicking (in notepad) "File" "Save As"
* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
* Please add the log as an attachment in your post.

Add the SAS log as an attachment in the next post.

Also let me know how things are now.

[Kieran]

Ok so heres my scan results, Ive got avast running and the firewall, Ive also removed zonelarm.

[evilfantasy]

Attach a new HijackThis log please.

Also attach the combofix log again. I accidentally deleted it in the double post from earlier.

[Kieran]

Ok, Here they are.

[evilfantasy]

Open HijackThis and select "do a system scan only"

Place a check mark next to

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Now click "Fix checked"

=====

Your Java is out of date
Older versions have vulnerabilities that malware can use to infect your system. It is possible that you may be running Java code in your applications that absolutely require a specific version of the JRE to run. Please follow these steps to remove older version of Java components and update

Updating Java:
* Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
* Check for any item with Java Runtime Environment (JRE or J2SE) in the name.
** The latest version is Java 6 Update 3. Remove all other entries.
* Click the Remove or Change/Remove button.
* Repeat as many times as necessary to remove each of the Java versions.
* Reboot your computer once all Java components are removed.
* Download the latest version of Java Runtime Environment (JRE) 6
* Click the Free Java Download button.
* Click the Download Now button.
* When the Software Installation dialog box opens. Click on the Install Now button.
* Follow the prompts to complete installation.

=====

Go to Start > Run and copy and paste next command in the field:

ComboFix /u



Make sure there's a space between Combofix and /
Then hit Enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again

=====

Let me know how things are now.