Jump to content




Photo

Malware Thread


  • Please log in to reply
176 replies to this topic

#121 Real Deal

Real Deal

    Legend

  • 14,877 posts
  • Joined: Jun 29, 2008
  • Location:Kansas
  • Name:Brandon
  • Fav. Laker:Kobe

Posted June 18, 2011 - 08:35 PM

Click to download HijackThis: http://www.trendmicr.../HijackThis.exe

Once you get it, install the program, run it, and post the results here.



#122 Windu

Windu

    Shatterpoint

  • 43,113 posts
  • Joined: Apr 24, 2009
  • Name:Will
  • Fan Since:1999
  • Fav. Laker:Kobe

Posted June 18, 2011 - 09:14 PM

This is getting seriously ridiculous...like seriously. Internet is working great, virus scans showed nothing bad is present...yet I still can't seem to open folders and such on my PC without things freezing up and crashing like hell like there's no tomorrow. I couldn't empty the Recycle Bin without things freezng like hell. I can't access my external drive without it not...opening. I did all I could...uninstalled iTunes....ended 358934534 processes I don't need running. I dunno what's going on anymore. :facepalm: I give up for the night.

Things keep saying "(NOT RESPONDING)"...and I'm not even gonna bother with Photoshop right now..so glad I'm done with major design work before this crap happened.

May have to reformat this crap


hmmm, thats crazy.

go RD's route

real, you think it's some kind of malware affecting jen's pc?

Pau Gasol is GONE


#123 Draztik

Draztik

    Illmatic

  • 8,230 posts
  • Joined: Jul 08, 2009
  • Fan Since:1986 - Birth!
  • Fav. Laker:Kobe, Gasol, Artest

Posted June 18, 2011 - 09:39 PM

Jen if you have your windows vista disk you can boot from it and have it repair instead of fresh install.

Honestly if you've done anything with registries the program might have messed something up caused you to not be able to do simple functions like open folders.

I've seen "registry cleaners" do harm just a much as I've seen em remove corrupt registries.


21lsbya.jpg
Peep my music at my youtube page here: MUSIC!


#124 Notorious Arab

Notorious Arab

    Starter

  • 4,853 posts
  • Joined: Feb 06, 2009
  • Location:OC
  • Fan Since:When I came to the USA
  • Fav. Laker:Kobe Bryant

Posted June 18, 2011 - 11:58 PM

I'd just say just copy all the data u need to a flash drive then write down all the programs u plan on reinstalling (or email them to urself) and format ur PC clean. It's good to do it once every year or year and a half

Posted Image


#125 JEN

JEN

    Legend

  • 27,073 posts
  • Joined: Sep 20, 2008
  • Location:714

Posted June 19, 2011 - 06:57 AM

I'd just say just copy all the data u need to a flash drive then write down all the programs u plan on reinstalling (or email them to urself) and format ur PC clean. It's good to do it once every year or year and a half


Yah I've had this PC since 2007 or something, and I never had to really reformat the thing before since this thing been worked beautifully for 3 yrs or so and now it's all acting psycho lol. so it's best to reformat then. I'm going to do so right after RD replies to the HijackThis.

Things seem to work normally this morning but I'm going to reformat later on anyway just to let things start clean and fresh.

Click to download HijackThis: http://www.trendmicr.../HijackThis.exe

Once you get it, install the program, run it, and post the results here.


Here you go:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:41:59 AM, on 6/19/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\D-Link\DWA-131 revA\wirelesscm.exe
C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jennifer\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jennifer\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [P1370Cfg.exe] P1370Cfg.exe /d:4
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jennifer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E0EEBAC-0D36-4E5D-BF33-AA6DE20D9DD7}: NameServer = 208.67.222.222,208.67.220.220
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\D-Link\DWA-131 revA\WlanWpsSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 6963 bytes


Edited by JEN, June 19, 2011 - 07:20 AM.


#126 Real Deal

Real Deal

    Legend

  • 14,877 posts
  • Joined: Jun 29, 2008
  • Location:Kansas
  • Name:Brandon
  • Fav. Laker:Kobe

Posted June 19, 2011 - 08:52 PM

First of all, you have a lot of anti-virus software running. What all do you have installed on your computer? I would go to Add/Remove and get rid of everything but Malwarebytes (everything as far as the malware protection is concerned, not all of your programs...but you know that, lol). Then, you can choose a program that offers real-time protection after we figure out the "past due time" problem.

Do that, restart, and see what happens.

----------

If there's no increase, then we'll disable indexing.

Go to Windows Explorer and to your hard drive icon. Right-click it and go to Properties, and go through the tabs to find an option to disable the indexing (should say something about being able to allow indexing to search for files quicker...you don't want that checked).

Give it a bit, until the hard drive activity stops...then, go to your admin tools and Services (in your Control Panel). Look for the Indexing Service, open it up and look for the STOP button. Hit that, then go to Start-up Type and choose Disabled.

Restart, and see where you're at then.

Let me know what goes on.

#127 JEN

JEN

    Legend

  • 27,073 posts
  • Joined: Sep 20, 2008
  • Location:714

Posted June 19, 2011 - 08:59 PM

First of all, you have a lot of anti-virus software running. What all do you have installed on your computer? I would go to Add/Remove and get rid of everything but Malwarebytes (everything as far as the malware protection is concerned, not all of your programs...but you know that, lol). Then, you can choose a program that offers real-time protection after we figure out the "past due time" problem.

Do that, restart, and see what happens.

----------

If there's no increase, then we'll disable indexing.

Go to Windows Explorer and to your hard drive icon. Right-click it and go to Properties, and go through the tabs to find an option to disable the indexing (should say something about being able to allow indexing to search for files quicker...you don't want that checked).

Give it a bit, until the hard drive activity stops...then, go to your admin tools and Services (in your Control Panel). Look for the Indexing Service, open it up and look for the STOP button. Hit that, then go to Start-up Type and choose Disabled.

Restart, and see where you're at then.

Let me know what goes on.


Well I only have Avira and MalwareBytes installed :hmm: I uninstalled MS Essentials yesterday.

Also, I was looking at the Event Viewer in the Admin Tools earlier today and saw this:
http://i55.tinypic.com/25almjm.jpg

Looked more into it, and got this: http://www.microsoft...=disk&LCID=1033

But anywho, so I should just uninstall Avira then..?

Things been running okay since I last posted in this thread this morning. I just can't access my external drive now. And a few things are eh..but I'll do what you suggest

Edited by JEN, June 19, 2011 - 09:00 PM.


#128 Real Deal

Real Deal

    Legend

  • 14,877 posts
  • Joined: Jun 29, 2008
  • Location:Kansas
  • Name:Brandon
  • Fav. Laker:Kobe

Posted June 19, 2011 - 09:18 PM

Hmm.

Start Menu, Computer button, right-click your hard drive and click Properties, then go to the Tools tab.

You should see Error Checking. Click "Check Now" and then Continue at the UAC prompt. There should be options to fix errors and to fix bad sectors. Have both checked.

Hit the Start button, then you'll probably get a prompt saying it won't check with the drive in use. You'll be able to schedule on start-up from there...then restart your computer after you make that choice.

Get back to me when your computer runs the chkdsk at start-up. It may take a bit...just be patient.

#129 Draztik

Draztik

    Illmatic

  • 8,230 posts
  • Joined: Jul 08, 2009
  • Fan Since:1986 - Birth!
  • Fav. Laker:Kobe, Gasol, Artest

Posted June 19, 2011 - 09:43 PM

If all else fails, run a GUI-less OS :rock:


21lsbya.jpg
Peep my music at my youtube page here: MUSIC!


#130 pkflyers

pkflyers

  • 8,814 posts
  • Joined: Aug 04, 2008
  • Location:714/562

Posted June 19, 2011 - 10:18 PM

If all else fails, run a GUI-less OS :rock:

haha or you can use this: http://www.ubuntu.com/

to quote GP1_KB24 "it has no viruses" :laughing:


13z8pc6.jpg


#131 Draztik

Draztik

    Illmatic

  • 8,230 posts
  • Joined: Jul 08, 2009
  • Fan Since:1986 - Birth!
  • Fav. Laker:Kobe, Gasol, Artest

Posted June 19, 2011 - 10:30 PM

haha or you can use this: http://www.ubuntu.com/

to quote GP1_KB24 "it has no viruses" :laughing:


Lmao @ the GP quote. But on the real Linux is illie


21lsbya.jpg
Peep my music at my youtube page here: MUSIC!


#132 Game

Game

    Your Daddy

  • 10,729 posts
  • Joined: Sep 13, 2008
  • Location:Santa Barbara, Cali
  • Fan Since:Late '80s
  • Fav. Laker:Kobe Bryant

Posted June 20, 2011 - 05:04 AM

since everyone's doing it:

notice anything w/ mine? never used "hijack this" before, don't know much about it or what to look for. no real computer problems (everything runs great) but i have a dual boot, and this is the one i don't care as much about so i do a lot of downloading and stuff on it...wouldn't be surprised if something fishy was going on..whats all the "file missing" crap towards the bottom?

usually use a combination of CCleaner, malwarebytes, and avg internet security suite 8 for firewall and virus protection, haven't run any scans on any of them in a long time

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:46:56 AM, on 6/20/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Starscream5\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Starscream5\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Starscream5\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Starscream5\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Starscream5\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Downloading\Unsorted\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Starscream5\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O4 - Global Startup: SetPointII.lnk = ?
O4 - Global Startup: Status Monitor.lnk = C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creat...15111/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgfws8.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2010.SP1a\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11787 bytes


Posted Image


#133 Windu

Windu

    Shatterpoint

  • 43,113 posts
  • Joined: Apr 24, 2009
  • Name:Will
  • Fan Since:1999
  • Fav. Laker:Kobe

Posted June 20, 2011 - 05:05 AM

this is going to be a very useful thread

Pau Gasol is GONE


#134 JEN

JEN

    Legend

  • 27,073 posts
  • Joined: Sep 20, 2008
  • Location:714

Posted June 20, 2011 - 07:37 AM

Hmm.

Start Menu, Computer button, right-click your hard drive and click Properties, then go to the Tools tab.

You should see Error Checking. Click "Check Now" and then Continue at the UAC prompt. There should be options to fix errors and to fix bad sectors. Have both checked.

Hit the Start button, then you'll probably get a prompt saying it won't check with the drive in use. You'll be able to schedule on start-up from there...then restart your computer after you make that choice.

Get back to me when your computer runs the chkdsk at start-up. It may take a bit...just be patient.

So I already did the chkdsk, it's done. So what now...?

#135 Draztik

Draztik

    Illmatic

  • 8,230 posts
  • Joined: Jul 08, 2009
  • Fan Since:1986 - Birth!
  • Fav. Laker:Kobe, Gasol, Artest

Posted June 20, 2011 - 08:08 AM

So I already did the chkdsk, it's done. So what now...?


If it ran successfully just means your hd file structure integrity is good. I would still use your windows install disk and have it do a repair. Bit only if your comp starts acting up again cuz u said it's ok now right?


21lsbya.jpg
Peep my music at my youtube page here: MUSIC!


#136 JEN

JEN

    Legend

  • 27,073 posts
  • Joined: Sep 20, 2008
  • Location:714

Posted June 20, 2011 - 09:14 AM

If it ran successfully just means your hd file structure integrity is good. I would still use your windows install disk and have it do a repair. Bit only if your comp starts acting up again cuz u said it's ok now right?

Hmm alrighty then yah everything is running just fine at the moment. External drive is still being a butthead so I'll probably do the same error check on it right now as well...

If the PC alone goes dumb again then I'm definitely reformatting this thing.

haha or you can use this: http://www.ubuntu.com/

to quote GP1_KB24 "it has no viruses" :laughing:

:laughing:

#137 Real Deal

Real Deal

    Legend

  • 14,877 posts
  • Joined: Jun 29, 2008
  • Location:Kansas
  • Name:Brandon
  • Fav. Laker:Kobe

Posted June 20, 2011 - 09:46 AM

Alright Jen...now go to your Windows folder, find the Prefetch folder, and delete everything out of it.

Then, CTRL+ATL+DEL to bring up your Task Manager, go to your Performance tab, and take a screenshot and post it on here. Make sure all windows and programs are closed when you take the screenshot.

#138 JEN

JEN

    Legend

  • 27,073 posts
  • Joined: Sep 20, 2008
  • Location:714

Posted June 20, 2011 - 10:34 AM

Alright Jen...now go to your Windows folder, find the Prefetch folder, and delete everything out of it.

Then, CTRL+ATL+DEL to bring up your Task Manager, go to your Performance tab, and take a screenshot and post it on here. Make sure all windows and programs are closed when you take the screenshot.

Thing was working okay until I tried clicking "Computer" to get to "WINDOWS" ..everything ended up freezing so I had to restart the damn thing.

The PC wouldn't start up correctly though, so a start-up repair appeared.

Went on to delete the stuff from the Prefetch folder, here's the screenshot of the Task Manager:

Posted Image

#139 Real Deal

Real Deal

    Legend

  • 14,877 posts
  • Joined: Jun 29, 2008
  • Location:Kansas
  • Name:Brandon
  • Fav. Laker:Kobe

Posted June 20, 2011 - 02:11 PM

I'll give you something else to do in a bit, just got home and I need to go pick up my girl. We'll see if this next thing works...could be for the best.

#140 Real Deal

Real Deal

    Legend

  • 14,877 posts
  • Joined: Jun 29, 2008
  • Location:Kansas
  • Name:Brandon
  • Fav. Laker:Kobe

Posted June 20, 2011 - 03:05 PM

Alright, remember where Services was (in the Control Panel)? Go back to that, then search for Superfetch. Double-click it, hit the STOP button, then use the drop-down menu to disable it.

Restart your comp, then just use your computer normally for a while and see what happens.




2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users