Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Drwatson Postmortem Debugger problem


  • This topic is locked This topic is locked

#1
bluefireangel2

bluefireangel2

    New Member

  • Member
  • Pip
  • 5 posts
Hello to all of you wonderful people whose computers actually work! I have no such luck. My computer has been acting up for the past month or so, going slower and slower and sometimes needing a restart or some good well placed kick. But my problems were not complete until the dear ol' Drwatson started acting up. I can not open any folders, I can open the start menu but I cannot open anything in it, I can run things on my desktop and ctrl/alt/del always works, which is a good things because since my comuter freezes up when ever I try to run anything.... I have Zone alarm and have run it over and over, I just installed Panda and ran that several times, I just downloaded Hijackthis and I will post my file at the end of my cry for help. I search the web for like hours (Since I have a shortcut to IE on my desktop I can thankfully access my web... :tazz: And I noticed that there are lots of poor saps out there like me with the same problem, but I couldn't find anyone with a clear answer on how to fix this. So if anyone would be kind enough to help me out I would greatly appreciate it. Thanks!~
  • 0

Advertisements


#2
bluefireangel2

bluefireangel2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Forgot my log file lol


Logfile of HijackThis v1.99.1
Scan saved at 11:32:37 PM, on 2/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\apvxdwin.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\sbhri.dll/sp.html#29836
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {34597DBE-1705-86A7-50E9-42869E4F8567} - C:\WINDOWS\system32\javayi.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ntse32.exe] C:\WINDOWS\system32\ntse32.exe
O4 - HKLM\..\Run: [ktcxwk] C:\WINDOWS\System32\gwfvafw.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [sysip32.exe] C:\WINDOWS\system32\sysip32.exe
O4 - HKLM\..\Run: [ipfx32.exe] C:\WINDOWS\system32\ipfx32.exe
O4 - HKLM\..\Run: [mfcgw32.exe] C:\WINDOWS\system32\mfcgw32.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [sysba.exe] C:\WINDOWS\system32\sysba.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Owner\Application Data\hgv?e.exe
O4 - HKCU\..\Run: [Fevyr] C:\WINDOWS\System32\??rss.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: ChatSpace Full Java Client 4.0.0.301 - http://chat.goarmy.c...va/cfs40301.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Network Security Service (NSS) (%AF) - Unknown owner - C:\WINDOWS\sdkpv32.exe (file missing)
  • 0

#3
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi bluefireangel2 and welcome,
If your still looking to resolve this issue,

First:
Download AboutBuster
Then Unzip it to your desktop.. Dont run it yet
Check it for updates if any are found please download them then close out the program

Download and install Cleanup

Also
Dowload the following program
CWShredder
It should be the current version, but check for updates
Dont run it yet

Please download and install Ad-aware.
Setting up Ad-aware- please make sure you update it first


Download and unzip cwsserviceremove to your desktop from the link below:
cwsserviceremove.zip (save this to your desk top dont do anything with it till told to do so)


Sorry for the late reply, Post back a fresh HJT log as well please,
Have the above tools on desk top and ready to go


"Edit,
As there has been no reply from the original poster this topic is now closed,
Should you have any further problems please create a new Topic,

Thanks "

Edited by don77, 09 April 2005 - 11:14 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP