Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT Log -- Multiple Start-up Problems


  • This topic is locked This topic is locked
4 replies to this topic

#1 tjmino

tjmino

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 17 April 2009 - 06:42 PM

Hi everyone,

For some background information, I'm running Vista SP1 on a Dell Inspiron laptop. Normally, I'm really good about keeping my computer cleaned out of spyware/adware/viruses, but for the past few months I've just been too busy to take care of the problems and it's just gotten out of hand. As I'm sure you'll be able to tell from the HiJackThis log, I'm running CA Antivirus, and for a few months my startup has taken a lot longer because CA needs to update and then give me a message that 42 threats have been detected and removed -- once again, this happens every single time I start the computer. Then, in the last couple weeks when Windows boots up I get one to two Windows messages saying "***** has stopped working." Typically, the services are the Windows Scheduler, Desktop Window Manager, Windows Defender, and if I close one, it just moves to a new service like my ALPS Pointing Device, or my Audio Device, etc.

Last weekend, when I got a bit of free time, I tried to address the problem. I ran both Spybot and CA in safe mode (unfortunately, since Ad-Aware started charging I can't find a good free adware program anymore) -- Spybot found a trojan, and CA found nothing (multiple times). This really didn't help anything.

So I just don't really know what to do now. Besides starting a bit slower, I'm not really hindered too much by this (hence why it has taken me so long to address it), but it worries me that it just keeps growing. I really hope someone can find something in the log -- a few things seem fishy to me, but I'm not quite good enough to pick them out right away.

Thanks in advance!

-Trevor

Attached File  hijackthis.log   9.6KB   4 downloads

BC AdBot (Login to Remove)

 


#2 tjmino

tjmino
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 19 April 2009 - 04:26 PM

Just thought I should add that I've found that the main problem is/was ntos.exe. I used Malwarebytes' Anti-Malware based on advice someone was given in another forum and it seems to have taken care of the ntos problem -- at least I don't have the incessant Windows popups on startup.

However, about 20 minutes after startup, CA still gave me the popup that 47 threats were detected and removed. Does anyone see anything else in my HJT log that CA may be finding every day?

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:35 PM

Posted 02 May 2009 - 04:06 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.
If you still require assistance post a new set of DDS Logs and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log please refer to this page and in step #6 there is instructions on downloading and running DDS. IF you have any problems just let me know in your next reply or simply post a Hijackthis log.

Thanks again and we apologzie for the delay.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:35 PM

Posted 05 May 2009 - 03:38 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5-7 from the day I replied, the topic will need to be closed.

Thanks for understanding. :thumbup2:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:35 PM

Posted 07 May 2009 - 03:33 PM

Hello.

Due to Lack of feedback, this topic is now Closed.

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic in the Hijackthis-Malware Removal forum.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users