Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer isn't running right

Started by Retta , Mar 20 2007 09:11 PM

  • Please log in to reply

#1
Retta
Posted 20 March 2007 - 09:11 PM

Retta

    Member

  • Member
  • PipPip
  • 33 posts
My computer has been runing fairly smoothly, but recently it has been running very slowly and has been crashing periodically. Also, the internet (msn) has been crashing almost daily. We haven't been able to download microsoft updates for quite some time, and I was hoping there may be some way to fix that.

Logfile of HijackThis v1.99.1
Scan saved at 5:42:04 PM, on 3/20/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\WINDOWS\SYSTEM32\spider.exe
C:\Documents and Settings\Nancy Surma\My Documents\AIMLogger\download\sunkensoul\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.msn.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\System32\ipv6mons.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{996C239D-142F-408A-97A1-850F19271E6C}: NameServer = 205.171.3.65,205.171.2.65
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)




(Panda: Active Scan)

Incident Status Location

Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\INF\BI9.INF
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\INF\BIINI.INF
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.20060819-193744.backup
Spyware:Spyware/LZIO-Media Not disinfected C:\WINDOWS\SYSTEM32\IELREG.EXE
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\BISYS.EXE[bischk.exe]
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\SYSTEM32\BISYS.EXE[bdl14177.exe]
Adware:Adware/Alexa-Toolbar Not disinfected C:\WINDOWS\SYSTEM32\WinExplore.exe
Virus:Trj/Downloader.ATO Disinfected C:\WINDOWS\SYSTEM32\kzc.exe.tcf
Potentially unwanted tool:Application/MyWay Not disinfected C:\WINDOWS\SYSTEM32\Xcite.dll.tcf
Virus:W32/Sober.G.worm Disinfected C:\WINDOWS\SYSTEM32\DATSOBEX.WWR
Virus:W32/Sober.G.worm Disinfected C:\WINDOWS\SYSTEM32\XDATXZAP.ZXP[C:\WINDOWS\SYSTEM32\XDATXZAP.zip][p-zipped_file_data .pif]
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\SAHSYS.EXE[sahschk.exe]
Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\SYSTEM32\SAHSYS.EXE[sahagent-skyhorn.exe][bundle.exe]
Spyware:Spyware/CommonName Not disinfected C:\WINDOWS\SYSTEM32\INETKW.EXE
Virus:Trj/Downloader.AVJ Not disinfected C:\WINDOWS\SYSTEM32\SQSYSNEW.EXE[SQ2schk.exe]
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\inetkwsys.exe[inetkwschk.exe]
Spyware:Spyware/CommonName Not disinfected C:\WINDOWS\SYSTEM32\inetkwsys.exe[inetkw.exe]
Spyware:Spyware/CommonName Not disinfected C:\WINDOWS\SYSTEM32\inetkwsys.exe[inetkw.exe][inetsvc.exe]
Spyware:Spyware/CommonName Not disinfected C:\WINDOWS\SYSTEM32\inetkwsys.exe[inetkw.exe][inetmgr.exe]
Spyware:Spyware/CommonName Not disinfected C:\WINDOWS\SYSTEM32\inetkwsys.exe[inetkw.exe][² =]
Virus:Trj/Downloader.APN Not disinfected C:\WINDOWS\SYSTEM32\aisysUS.exe[aischk.exe]
Spyware:Spyware/Apropos Not disinfected C:\WINDOWS\SYSTEM32\aisysUS.exe[ai_loader.exe]
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\inetkwschk.exe.tcf
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\SYSTEM32\Process.exe
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\bischk.exe.tcf
Virus:Trj/Downloader.ATO Disinfected C:\WINDOWS\SYSTEM32\ezschk.exe.tcf
Adware:Adware/nCase Not disinfected C:\WINDOWS\SYSTEM32\ezStub3.dll.tcf
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\sahschk.exe.tcf
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\sbcschk.exe.tcf
Virus:W32/Sober.E.worm Disinfected C:\WINDOWS\SYSTEM32\MsHelp32.dat
Virus:W32/Sober.E.worm Disinfected C:\WINDOWS\SYSTEM32\msWord.wrd[C:\WINDOWS\SYSTEM32\msWord.zip][Graphic_Textdocument.pif]
Virus:W32/Sober.F.worm Disinfected C:\WINDOWS\SYSTEM32\winhex32xx.wrm
Virus:Trj/Downloader.ATO Not disinfected C:\WINDOWS\SYSTEM32\EZSYS.EXE[ezschk.exe]
Adware:Adware/eZula Not disinfected C:\WINDOWS\SYSTEM32\EZSYS.EXE[ez032304.exe]
Spyware:Spyware/Whistle Not disinfected C:\WINDOWS\SYSTEM32\whistlesys.exe
Spyware:Spyware/Systemcheck Not disinfected C:\WINDOWS\SYSTEM32\whistleschk.exe.tcf
Spyware:Spyware/Whistle Not disinfected C:\WINDOWS\SYSTEM32\whistle040104.exe
Spyware:Spyware/LZIO-Media Not disinfected C:\WINDOWS\SYSTEM32\scrsaverold.exe.tcf
Spyware:Spyware/LZIO-Media Not disinfected C:\WINDOWS\SYSTEM32\LZREG.EXE
Adware:adware/webattaker Not disinfected C:\WINDOWS\UNIQ
Spyware:spyware/media-motor Not disinfected C:\WINDOWS\UBBER60.INI
Adware:adware program Not disinfected C:\WINDOWS\X.EXE
Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.5.inf
Virus:Trj/Downloader.ITV Disinfected C:\WINDOWS\Downloaded Program Files\r64loader.dll
Adware:Adware/Look2Me Not disinfected C:\WINDOWS\Installer.exe.tcf
Adware:Adware/Adtomi Not disinfected C:\WINDOWS\kkqo064x.exe
Spyware:Spyware/7r7t Not disinfected C:\Program Files\PSLister\Uninstall.exe
Spyware:Spyware/BetterInet Not disinfected C:\UNDO\BACKUP.CAB[C:\WINDOWS\INF\BIINI.INF]
Adware:Adware/SAHAgent Not disinfected C:\UNDO\BACKUP.CAB[C:\WINDOWS\INF\BIL.INF]
Adware:Adware/IPInsight Not disinfected C:\UNDO\BACKUP.CAB[C:\WINDOWS\TEMP\Belt.ini]
Adware:Adware/IST.ISTBar Not disinfected C:\Documents and Settings\Nancy Surma\Shared\(Better Version) walking in a winnter wonderlan 41.wma
Virus:trj/jupillites.a Disinfected C:\Documents and Settings\Nancy Surma\DOMAINS
Virus:Trj/PayClicker.EC Not disinfected C:\!KillBox\Eim03.exe[²íÇ]
Spyware:Spyware/7r7t Not disinfected C:\!KillBox\srvifhtukd.exe
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP