Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows XP - Freezing

Started by eguerrier , Mar 27 2005 05:43 AM

  • This topic is locked This topic is locked

#1
eguerrier
Posted 27 March 2005 - 05:43 AM

eguerrier

    New Member

  • Member
  • Pip
  • 6 posts
Hi:

My PC was working wonderful until a few days ago it started freezing when doing any types of scanning
such as antivirus,synchronization, etc. It seems to happen on the OS drive. I have an OS disk, a
program disk, and a backup disk separately. I was using Norton Security 2005 and kept getting an
the windows installer so I uninstall it thinking it may solve the problem. I installed ETrust
Antivirus and Firewall to test it out. The same problem occurs when scanning in Antivirus.
I'm sending my "HijackThis" log for any suggestions. Thank you in advance.






Logfile of HijackThis v1.98.2
Scan saved at 5:56:07 AM, on 3/27/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Miramar\PC MACLAN\ATMsg.exe
d:\CFusionMX7\runtime\bin\jrunsvc.exe
d:\CFusionMX7\runtime\bin\jrun.exe
D:\CFusionMX7\db\slserver54\bin\swagent.exe
D:\CFusionMX7\db\slserver54\bin\swstrtr.exe
D:\CFusionMX7\db\slserver54\bin\swsoc.exe
d:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\crypserv.exe
d:\Program Files\Digidesign\Drivers\MMERefresh.exe
D:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\hkcmd.exe
D:\Program Files\Paragon Software\Paragon CD-ROM Emulator\tray.exe
C:\Program Files\HHVcdV7Sys\VC7Play.exe
d:\Program Files\Norton GoBack\GBPoll.exe
D:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\DeltTray.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
d:\iFtpSvc\iFtpSvc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
D:\Program Files\ScanSoft\PaperPort\PPScheduler.exe
d:\iNtfySvc\intfysvc.exe
C:\WINDOWS\system32\msg32.exe
D:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
d:\Program Files\Virtual CD v7\System\VC7Tray.exe
d:\Program Files\Virtual CD v7\System\vc7abar.exe
D:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
D:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE
C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE
C:\WINDOWS\System32\msiexec.exe
D:\Program Files\Dantz\Retrospect 7.0\retrorun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HHVcdV7Sys\VC7SecS.exe
d:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetMsg.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\EGuerrier\Application Data\Microsoft\Internet Explorer\Quick Launch\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://zone.msn.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Miramar Systems, Inc.] C:\Program Files\Miramar\PC MACLAN\atmsg.exe
O4 - HKLM\..\Run: [tray.exe] "d:\Program Files\Paragon Software\Paragon CD-ROM Emulator\tray.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VC7Player] C:\Program Files\HHVcdV7Sys\VC7Play.exe
O4 - HKLM\..\Run: [Acronis True Image Monitor] "D:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [Acronis Popup Blocker] RunDll32.exe C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL,Run
O4 - HKLM\..\Run: [iTunesHelper] D:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [DigidesignMMERefresh] d:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [MediaFace Integration] D:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "D:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPScheduler] "D:\Program Files\ScanSoft\PaperPort\PPScheduler.exe"
O4 - HKLM\..\Run: [PPort10reminder] "D:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\10\Config\Ereg\ereg.ini"
O4 - HKLM\..\Run: [EW Message Server] msg32.exe
O4 - HKLM\..\Run: [VetTray] d:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: Diskeeper 9 Professional Edition Registration.lnk = D:\Program Files\Executive Software\Diskeeper\ESIRegister.exe
O4 - Global Startup: EZ Firewall.lnk = D:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O4 - Global Startup: Norton GoBack.lnk = D:\Program Files\Norton GoBack\GBTray.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\Acronis\PRIVAC~1\POP-UP~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A548D21-94AB-4D26-9FC2-6557DDEF98BC}: NameServer = 167.206.3.140,167.206.3.141
O17 - HKLM\System\CCS\Services\Tcpip\..\{795CA09F-FA7C-421F-9054-5B2DBAD255B8}: NameServer = 167.206.3.140,167.206.3.141
  • 0

Advertisements

#2
kidnova
Posted 27 March 2005 - 10:24 AM

kidnova

    Member

  • Member
  • PipPipPip
  • 424 posts
I doubt you will get much help posting this HJT log in the Comments and Suggestions forum. You need to go to the Malware forum and follow the directions pinned at the top of the forum. Make sure you download the newest version of Hijack This before posting.


Good luck. :tazz:
  • 0

#3
Resident_Blonde
Posted 27 March 2005 - 07:05 PM

Resident_Blonde

    Formerly known as "Crafty_Girl"

  • Member
  • PipPipPip
  • 558 posts
eguerrier,

Hi hun and Welcome to GTG.

I will be moving your topic to the HJT/Malware subject.

So you dont have to redo and repost...



:tazz:
  • 0

#4
eguerrier
Posted 28 March 2005 - 02:14 AM

eguerrier

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi Resident_Blonde:
Thank you very much for your help. I managed to enter my question in the wrong place twice.
Thanks for the help again. I love the quote you have in your signature.

EGuerrier

Duplicate topic
Posted Here
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP