|
|
|
virus? help!
|
|
|
mel86
Junior Member
|
3. December 2009 @ 02:53 |
Link to this message
|
Hi
Lately my computer has been acting strange. Always sluggish and slow. Today whilst browsing the internet I got the Blue Screen error. Unfortunately it disappeared to quickly for me to actually read it! I've scanned with my anti virus (avast!), run ccleaner, malwarebytes, spybot and ad-aware. nothing major has been found.
This is my hijackthis log, if anyone can see anything suspicious thatd be great. thanks!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:32:15 PM, on 3/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iiUsage\iiNet Usage.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\Pessina Family\Desktop\PC cleaning tools\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R3 - URLSearchHook: Yahoo!7 Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo!7 Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [iiNet Usage] "C:\Program Files\iiUsage\iiNet Usage.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/do...llerControl.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://supportapj.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008...toUploader5.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com/reader/dbplugin.cab
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/con...vex/TmHcmsX.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2D72C39D-53F6-4AEA-A9DB-1298429DA975} (3DVista Viewer Control) - http://www.3dvista.com/downloads/viewer3dv2.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3.0.228.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resourc...lscbase5483.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1182052933265
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/fl...ent/swflash.cab
O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} (Surround Video V3.0 Control Object) - http://www.trinitylinks.com/vr/svideo3.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://128.173.200.174/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Update Service (gupdate1c9bf1f2d22a48a) (gupdate1c9bf1f2d22a48a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O24 - Desktop Component 0: Warning homepage - C:\WINDOWS\warnhp.html
--
End of file - 8169 bytes
|
|
Advertisement
|
|
|
|
|
mel86
Junior Member
|
3. December 2009 @ 14:25 |
Link to this message
|
Wanted to add that I can't open IE. When I click on the icon, nothing happens. Even creating a new shortcut doesn't help.
Also, when using firefox, when I start to download a file from a website, the page will freeze and the file is corrupted.
HELP!!
|
Member
|
3. December 2009 @ 14:59 |
Link to this message
|
|
Time to backup format and reinstall it looks like.
Kindle Fire 1st Gen running Jelly Bean
Nexus S 4G running 4.1.1 Jelly Bean
PS3 Slim 3000 Model 4.3.1
PS3 ID: killbarney1123
|
|
mel86
Junior Member
|
4. December 2009 @ 00:46 |
Link to this message
|
|
As in re-format the entire computer? I was hoping I wouldn't have to do that.
If that is the general consensus then I guess I'll have to. Anyone know where I can find a step-by step guide as to how to do this? I wouldnt know where to begin!
|
|
jony218
Suspended due to non-functional email address
|
4. December 2009 @ 23:53 |
Link to this message
|
I would delete all the unnecessary software. Especially the ones that start on windows startup. Sometimes 1 insignificant program can be the cause of all your problems.
You might also want to try a different security arrangement to see if that will speed you up. But keep it simple, stay away from the all-in-one security suites. Many times the free software is just as good as the paid versions.
My security on windows xp sp3
1. zone alarm pro firewall (not the suite) (free version available)
2. avira free antivirus
3. firefox browser
4. returnil virtual system (free) enabled everytime I'm on the internet. (used instead of bloated antispyware software)
This basic security is rock solid and fast, nothing has ever penetrated this defense. Normal Antispyware software is not needed, it will slowdown your computer too much.
The bsod can be cause by either hardware or software problem. I recently was getting BSOD on my computer. This was caused by me using the avg free antivirus (which I've use for 3 years). Just a simple upgrade from avg 8.5 to 9.0, slowdown my computer and introduced instabilty (bsod). I decided to remove avg antivirus and installed avira antivirus. This fixed the problem. Luckily I didn't reformat, now my computer is running as fast as usual.
If it's still slow run ccleaner, do a scandisk (with boxes to fix errors on all your drives). Also a defrag won't hurt.
If that doesn't fix it, and you have a situation where your cpu is always at 100 percent (even with no programs running), you might have a hardware problem, either video card or onboard sound. Installing a $10.00 pci soundcard can speed you up in those situations. Make sure the cpu temp is not too high. The wrong cpu fan can make your cpu run hot, which can result in bsod.
Before you even think of reformat, make an image backup of your c: drive (using the free macrium reflect or other such software). This is insurance in case you have problems installing windows. Worst case scenario this image backup can restore your hard drive back to where you started.
A reinstallation of windows should be your last resort, especially if you havent ruled out other factors. The new windows might run faster in the beginning, but as soon as you install the "wrong" software your problem will return.
|
|
mel86
Junior Member
|
5. December 2009 @ 03:24 |
Link to this message
|
Thanks for taking the time to reply.
Originally posted by jony218:
I would delete all the unnecessary software. Especially the ones that start on windows startup. Sometimes 1 insignificant program can be the cause of all your problems.
I have very few programs that load on start up. I've uninstalled a few more useless programs as well.
Quote:
You might also want to try a different security arrangement to see if that will speed you up. But keep it simple, stay away from the all-in-one security suites. Many times the free software is just as good as the paid versions.
My security on windows xp sp3
1. zone alarm pro firewall (not the suite) (free version available)
2. avira free antivirus
3. firefox browser
4. returnil virtual system (free) enabled everytime I'm on the internet. (used instead of bloated antispyware software)
This basic security is rock solid and fast, nothing has ever penetrated this defense. Normal Antispyware software is not needed, it will slowdown your computer too much.
I have been using avast antivirus for a while now. I've also been regularly using ad-aware, spybot, malwarebytes, ccleaner and defrag.
Up until now, I've used IE as my browser (which I've since found out is really susceptible to hijacks/threats etc). Right now (and from this point on) I'm using firefox. Its working and IE isnt. Its difficult though as I'm not able to download or save anything from the web as it causes firefox to crash
Quote:
If that doesn't fix it, and you have a situation where your cpu is always at 100 percent (even with no programs running), you might have a hardware problem, either video card or onboard sound. Installing a $10.00 pci soundcard can speed you up in those situations. Make sure the cpu temp is not too high. The wrong cpu fan can make your cpu run hot, which can result in bsod.
My CPU percentage is generally low.
Quote:
Before you even think of reformat, make an image backup of your c: drive (using the free macrium reflect or other such software). This is insurance in case you have problems installing windows. Worst case scenario this image backup can restore your hard drive back to where you started.
A reinstallation of windows should be your last resort, especially if you havent ruled out other factors. The new windows might run faster in the beginning, but as soon as you install the "wrong" software your problem will return.
The whole reformatting process seems daunting, but I'm thinking it may have to be done as I'm not having much luck with anything else at the moment.
|
|
jony218
Suspended due to non-functional email address
|
5. December 2009 @ 13:13 |
Link to this message
|
You have nothing to loose by removing all your current security software.(just make sure the internet cable plug is disconnected from the internet)
Next just install a different antivirus/firewall. Use a software like free "revo uninstaller" to uninstall firefox. After you install your new antivirus/firewall reinstall firefox.
In the past I encountered problems with some of the security software preventing me from accessing the internet, that's why I recommend removing what you are currently using and trying something different.
If you do a reinstallation of windows. Make sure you install "returnil" that is the software that when enabled will prevent any malware/virus from doing permanent damage to your computer. It's the most important piece of software in my computer.
|
|
Advertisement
|
|
|
|
mel86
Junior Member
|
5. December 2009 @ 15:55 |
Link to this message
|
Originally posted by jony218:
You have nothing to loose by removing all your current security software.(just make sure the internet cable plug is disconnected from the internet)
Next just install a different antivirus/firewall. Use a software like free "revo uninstaller" to uninstall firefox. After you install your new antivirus/firewall reinstall firefox.
In the past I encountered problems with some of the security software preventing me from accessing the internet, that's why I recommend removing what you are currently using and trying something different.
If you do a reinstallation of windows. Make sure you install "returnil" that is the software that when enabled will prevent any malware/virus from doing permanent damage to your computer. It's the most important piece of software in my computer.
I'd like to follow the steps youve mentioned here, but I'm unable to download anything from the internet.
|
|
