Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware Removal results in graphic problems [CLOSED]

Started by Fiend7383 , Sep 20 2005 01:32 PM

  • This topic is locked This topic is locked

#1
Fiend7383
Posted 20 September 2005 - 01:32 PM

Fiend7383

    New Member

  • Member
  • Pip
  • 1 posts
I had problems for quite some time with hclean.exe and security2k. I finally got rid of them last night, but apparently at the cost of most of the tabs in my display properties (I got these back through regedit), and some very jerky scrolling on webpages, word, and any other programs where there is text scrolling. Right click option menus were also fading in very slowly, I switched to nofade popup menus, which fixed it, but i know the root problem is still there. This whole problem seems to have started after I finally managed to get rid of hclean and security 2k, I used a combonation of pandascan, hijack this and killbox, in the end copying down the files that pandascan identified as malware and using killbox to delete them. After this my desktop and graphic settings seemed to revert to some previous stage and I lost most of the tabs in my display properties. Using security task manager and hijack this I can see no programs running which would cause a slowdown like this, and no extra memory is being used. Also, programs which need large amounts of memory and graphical rendering seem to run fine (ie Halflife 2, or any video file). It just seems that when I scroll down a webpage the scrolling is very jerky/slow. I've uninstalled/reinstalled ati catalyst (I have an radeon 9200SE) twice now, with no effect, and I'm out of ideas. Here is a list of files I killed before this problem started, and my current hijack this log, please help!!


Files killed by killbox while removing hclean and security2k:
:\WINDOWS\System32\hpF6D9.tmp
C:\WINDOWS\System32\shnlog.exe
C:\WINDOWS\System32\intmon.exe
C:\WINDOWS\System32\msole32.exe
C:\WINDOWS\System32\intmonp.exe
C:\WINDOWS\popuper.exe
C:\WINDOWS\System32\intell.exe
C:\WINDOWS\System32\loadctr.ext
C:\WINDOWS\System32\msexnpfi.exe
C:\WINDOWS\System32\msmsgs.exe
C:\WINDOWS\System32\intell32.exe
C:\WINDOWS\System32\ole32vbs.exe
C:\WINDOWS\System32\cfgrbkrend.exe
C:\WINDOWS\System32\LogFiles\A7272100.so
C:\WINDOWS\System32\hhk.dll
C:\WINDOWS\System32\rdsndin.exe
C:\WINDOWS\System32\ntfsnlpa.exe
C:\WINDOWS\System32\wppp.html
C:\WINDOWS\System32\uninstIU.exe
C:\WINDOWS\System32\adlsldpbc.dll
C:\Documents and Settings\All Users\Application Data\SecTaskMan\rdsndin.exe.q_8040_q
C:\Documents and Settings\All Users\Application Data\SecTaskMan\ntfsnlpa.exe.q_8040_q
C:\Documents and Settings\All Users\Application Data\SecTaskMan\intell32.exe.q_8041800.q
C:\Documents and Settings\All Users\Application Data\SecTaskMan\intmonp.exe.q_804A00_q
C:\Documents and Settings\All Users\Application Data\SecTaskMan\A7272100.so.q_F6B9E00_q
C:\Documents and Settings\All Users\Application Data\SecTaskMan\intmon.exe.q_804A00_q
C:\!Submit\intmonp.exe
C:\!Submit\intmon.exe
C:\!Submit\shnlog.exe
C:\!Submit\hpF6D9.tmp

Logfile of HijackThis v1.99.1
Scan saved at 4:33:44 PM, on 9/20/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Grisoft\AVG Free\avgwb.dat
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Jon\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O20 - Winlogon Notify: style32 - C:\WINDOWS\q955343_disk.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
  • 0

Advertisements

#2
skate_punk_21
Posted 25 September 2005 - 08:41 AM

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...&DisplayLang=en
Apply the update, reboot, and post a fresh Hijack This log.
  • 0

#3
skate_punk_21
Posted 13 October 2005 - 07:56 AM

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP