| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 103885 | 2009-10-09 14:23:00 | Please help - "End Program - n" on Shut Down | skelseyc (15318) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 818577 | 2009-10-11 21:58:00 | Speedy ~ I did as you said. I disabled System Restore then shut all browsers then ran HJT and removed the items you said. Should I enable System Restore after doing this? Or should it stay disabled? I opened HJT and ran a scan and saved a log. Copied everything and I am pasting below. This is exactly what I did before so I don't know what it is you're looking for that is not there. There is one 04 item that I can see (ctfmon??). Thanks! |
skelseyc (15318) | ||
| 818578 | 2009-10-11 21:59:00 | Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:51:56 PM, on 10/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ie.redirect.hp.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - a1540.g.akamai.net O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - lads.myspace.com O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - support.rexplorer.net O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - download.divx.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - www.adobe.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- End of file - 5332 bytes |
skelseyc (15318) | ||
| 818579 | 2009-10-28 20:32:00 | hey guys, im not really a member of pc world but this problem is a BIG issue for me. Im experiencing the same symptoms as skelseyc which include, slow/no internet activity, no matter which browser i use. my connection is fine, and all my other computers function normally. I am however able to use third party programs, such as aol instant messenger while my browser does not function. Also, if i log off and/or restart the system, my internet works momentarily for about 5-10 minutes, but it is still VERY SLOW. if i open more than one tab, the internet stops working. PLEASE i would greatly appreciate some help. the "end program-n" command shows up as well, whenever i shut down and mozilla firefox has crashed. i am almost positive that this is a virus, however, i have ran scans on both malwarebytes and avg free, both of which have not resolved the issue. also, i registered on this site solely because of looking at this thread, because it matches my problem the most, so any help at all would be immensely appreciated. i will check back from time to time. i hope i can get this resolved. note*- i have also noticed that occasionally, whenever the "end program - n" error displays, another error "end program - quicktime windows handler" displays as well. this may be pure coincidence or a correlation, but i do not know as of yet. I attempted uninstalling quicktime to see if it was the root of the problem, but that didnt work because my internet still froze. Also, i needed quicktime to have itunes work as well, so i reinstalled it. |
h4rsheys (15319) | ||
| 818580 | 2009-10-28 20:35:00 | Post a HJT log as well. So, we can see whats in it. If you cant do in in normal windiows, boot into safe mode / networking | Speedy Gonzales (78) | ||
| 818581 | 2009-10-29 02:41:00 | ok here it is . also i think it'd be important to say that, within the past couple of months, i have encountered numerous (20+) blue screen of deaths in what seemed to be a lack of physical memory (?) . they only occurred when i used the internet, and im positive that they weren't caused by some kind of virus of any kind . the bsod performed a minidump of the memory cache i believe, however, another one occured about two days ago- some time before this problem arised . the desktop itself is a brand new dell optiplex 760 with 4 gb of ram and MORE than enough disk space (300 gb) . i dont know why in the world i received the errors and what caused them . . . maybe it's connected to this new problem? heres the HJT log: Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 7:25:37 PM, on 10/28/2009 Platform: Windows XP SP3 (WinNT 5 . 01 . 2600) MSIE: Internet Explorer v8 . 00 (8 . 00 . 6001 . 18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss . exe C:\WINDOWS\system32\winlogon . exe C:\WINDOWS\system32\services . exe C:\WINDOWS\system32\lsass . exe C:\WINDOWS\system32\svchost . exe C:\Program Files\Windows Defender\MsMpEng . exe C:\WINDOWS\System32\svchost . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\system32\spoolsv . exe C:\Program Files\AVG\AVG9\avgchsvx . exe C:\Program Files\AVG\AVG9\avgrsx . exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService . exe C:\Program Files\Intel\ASF Agent\ASFAgent . exe C:\Program Files\AVG\AVG9\avgwdsvc . exe C:\Program Files\AVG\AVG9\avgcsrvx . exe C:\Program Files\Bonjour\mDNSResponder . exe C:\Program Files\AVG\AVG9\avgnsx . exe C:\WINDOWS\System32\svchost . exe C:\Program Files\Java\jre6\bin\jqs . exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\system32\SearchIndexer . exe C:\WINDOWS\Explorer . EXE C:\Program Files\Analog Devices\Core\smax4pnp . exe C:\WINDOWS\system32\hkcmd . exe C:\WINDOWS\system32\igfxpers . exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv . exe C:\WINDOWS\system32\igfxsrvc . exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor . exe C:\Program Files\Windows Defender\MSASCui . exe C:\Program Files\Java\jre6\bin\jusched . exe C:\Program Files\iTunes\iTunesHelper . exe C:\PROGRA~1\AVG\AVG9\avgtray . exe C:\WINDOWS\system32\ctfmon . exe C:\Program Files\Hawking\Common\RaUI . exe C:\Program Files\iPod\bin\iPodService . exe C:\Program Files\AIM\aim . exe C:\WINDOWS\system32\SearchProtocolHost . exe C:\Program Files\Trend Micro\HijackThis\HijackThis . exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = . msn . com/USREL/1" target="_blank">g . msn . com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = * . local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim . dll O2 - BHO: WormRadar . com IESiteBlocker . NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie . dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie . dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions . dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin . dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5 . 1 . 1309 . 3572\s wg . dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv . dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore . dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin . dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore . dll O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\Harsh . DESKTOP\Application Data\Mozilla\Firefox\Profiles\kxvknnit . default\ext ensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0 . 78 . dll (file missing) O4 - HKLM\ . . \Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp . exe O4 - HKLM\ . . \Run: [IgfxTray] C:\WINDOWS\system32\igfxtray . exe O4 - HKLM\ . . \Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd . exe O4 - HKLM\ . . \Run: [Persistence] C:\WINDOWS\system32\igfxpers . exe O4 - HKLM\ . . \Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv . exe" O4 - HKLM\ . . \Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor . exe" O4 - HKLM\ . . \Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui . exe" -hide O4 - HKLM\ . . \Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant . exe" O4 - HKLM\ . . \Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam . exe" /runcleanupscript O4 - HKLM\ . . \Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched . exe" O4 - HKLM\ . . \Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper . exe" O4 - HKLM\ . . \Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9 . 0\Reader\Reader_sl . exe" O4 - HKLM\ . . \Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1 . 0\AdobeARM . exe" O4 - HKLM\ . . \Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray . exe O4 - HKLM\ . . \Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask . exe" -atboottime O4 - HKCU\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe O4 - HKCU\ . . \Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier . exe O4 - HKUS\S-1-5-18\ . . \Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20 . exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\ . . \Run: [comsys60] rundll32 . exe "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\comsys60\comsys60 . dll", DllInit (User 'SYSTEM') O4 - HKUS\ . DEFAULT\ . . \Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20 . exe" -t (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher . lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM . EXE O4 - Global Startup: Hawking Wireless Utility . lnk = C:\Program Files\Hawking\Common\RaUI . exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL . EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension . dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension . dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE . dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE . dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel . exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel . exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR . DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra 'Tools' menuitem: @xpsp3res . dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - . bitdefender . com/resources/scanner/sources/en/scan8/oscan8 . cab" target="_blank">download . bitdefender . com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices . dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp . dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx . dll O23 - Service: Apple Mobile Device - Apple Inc . - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService . exe O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent . exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s . r . o . - C:\Program Files\AVG\AVG9\avgwdsvc . exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Unknown owner - C:\Program Files\Blue Coat K9 Web Protection\k9filter . exe O23 - Service: Bonjour Service - Apple Inc . - C:\Program Files\Bonjour\mDNSResponder . exe O23 - Service: Google Update Service (gupdate1ca09c2f715cf2c) (gupdate1ca09c2f715cf2c) - Google Inc . - C:\Program Files\Google\Update\GoogleUpdate . exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService . exe O23 - Service: iPod Service - Apple Inc . - C:\Program Files\iPod\bin\iPodService . exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc . - C:\Program Files\Java\jre6\bin\jqs . exe O23 - Service: stllssvr - MicroVision Development, Inc . - C:\Program Files\Common Files\SureThing Shared\stllssvr . exe -- End of file - 9621 bytes note*- my internet was not functioning at the time during which this log was taken |
h4rsheys (15319) | ||
| 818582 | 2009-10-29 03:03:00 | You can tick these then tick fix checked H4rsheys. Disable system restore Close browsers O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) Dont know what this is. Its some kind of addon is it working? O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\Harsh.DESKTOP\Application Data\Mozilla\Firefox\Profiles\kxvknnit.default\ext ensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll (file missing) O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime This looks like malware O4 - HKUS\S-1-5-18\..\Run: [comsys60] rundll32.exe "C:\WINDOWS\system32\config\systemprofile\Loca l Settings\Application Data\comsys60\comsys60.dll", DllInit (User 'SYSTEM') Then reboot, then get malwarebytes below, update it then do a full scan. WHAT did the BSOD say? Whats the stop error?? Does it show the name of a file or driver? |
Speedy Gonzales (78) | ||
| 818583 | 2009-10-29 03:07:00 | Hmm your last log looks OK Skelseyc | Speedy Gonzales (78) | ||
| 818584 | 2009-10-29 21:00:00 | You can tick these then tick fix checked H4rsheys. Disable system restore Close browsers O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) Dont know what this is. Its some kind of addon is it working? O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\Harsh.DESKTOP\Application Data\Mozilla\Firefox\Profiles\kxvknnit.default\ext ensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll (file missing) O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime This looks like malware O4 - HKUS\S-1-5-18\..\Run: [comsys60] rundll32.exe "C:\WINDOWS\system32\config\systemprofile\Loca l Settings\Application Data\comsys60\comsys60.dll", DllInit (User 'SYSTEM') Then reboot, then get malwarebytes below, update it then do a full scan. WHAT did the BSOD say? Whats the stop error?? Does it show the name of a file or driver? i dont really get what you want me to do... can you please clarify on what actions you want me to take? im not that experienced when it comes to fighting viruses :/ .... fireshot is indeed an addon, but i have uninstalled it because i no longer need it. the file suspucious of being malware is nothing i recognize so it very well could be a virus of some sort... the bsod's said that it was dumping the memory or something, because they only came up when i used the internet, and that too when i loaded big pages like blog sites or networking sites... the screen just froze and the error screen popped up. the bsod did however mention a filename... tcpip.sys. i dont know what kind of system file that is, but its name was on the bsod. so yea, clarify please upon the action required and inform me on whether or not anything can be done to fix my physical memory issue as well, on top of the internet problem... as for malwarebytes, i already ran scans with it beforehand, and it detected nothing. man im really starting to lean towards mac's with all these problems, this desktop was purchased NEW from dell about two months ago and it has so many difficulties for an xp pro os... windows 7? :] |
h4rsheys (15319) | ||
| 818585 | 2009-10-29 21:19:00 | Double post | Speedy Gonzales (78) | ||
| 818586 | 2009-10-29 21:19:00 | Tick the entries I posted, then tick fix checked Close browsers, when you do it. Then reboot, after you've done that |
Speedy Gonzales (78) | ||
| 1 2 3 4 5 6 7 8 9 10 11 12 | |||||