|
|
||
03-23-2008, 10:58 PM
|
#1 (permalink) |
|
Diamond Member
 
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
Slow bootup, wierd sounds: HiJackThis Log
Ok i reinstalled my os, reformatted and stuff a week ago because my comp wasnt booting up. and for about 5-6 days, i was using the comp without any security software installed. my soundcard in sig is what i use as my sound device. My sound is coming all wierd and watery and my speakers start to crackle. this happens many,many,many times. It happened before. but i just reinstalled the drivers and everything was fixed.
not this time though. i did a scan: AVG found nothing. Im also getting wayyyyy slower bootups then before. now on the xp loading screen, nmy comp stays here for atleast 10-11 seconds. it used to be 3-5 last time. i posted a HJT log. thnx guys. LOG: ---------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:55:36 PM, on 3/23/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupda...5035/CTPID.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 5552 bytes
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
03-25-2008, 01:50 AM
|
#2 (permalink) |
|
Diamond Member
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
Bump Bump Bump Like B2k
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
|
03-25-2008, 05:08 AM
|
#3 (permalink) |
|
Diamond Member
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
bump this- ll cool j ft. 50 cent
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
|
03-25-2008, 08:42 AM
|
#4 (permalink) |
|
Platinum Member
 Join Date: Dec 2007
Location: california
Age: 28
Posts: 572
|
just format again and this time have some protection
__________________
ANTEC 900 COOLERMASTER EXTREME 500w MSI NEO-F p35 INTEL E4500 EVGA geforce 7300gs 2gb CORSAIR XMS2 SAMSUNG SH-203N SATA SEAGATE BARRACUDA 1Tb SATA AIRLINK 101 300n pci XP PRO 32 bit |
|
|
|
03-25-2008, 09:43 AM
|
#5 (permalink) |
|
Moderator
 
Join Date: Dec 2005
Location: Melbourne, Australia
Age: 21
Posts: 5,280
|
I don't see any malware in that log, I'd like to see another log.
Please download Deckard's System Scanner (DSS) and save it to your Desktop.
__________________
CPU: Core 2 Duo E6600 / MOBO: Gigabyte 965P-DS3 / GPU: Gigabyte HD4870 RAM: 2GB G.Skill F2-6400CL4D-2GBPK / HDD: 2TB Total HDD / PSU: Antec NeoPower 480W Cheap PSUs - 2% of system costs, responsible for 28% of system deaths As Sealed Stick was removed, lost or damaged, it shall be out of warranty validity. - The "Warranty void if removed" sticker on numerous CoolerMaster PSUs. |
|
|
|
|
03-25-2008, 11:23 PM
|
#6 (permalink) | |
|
Diamond Member
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
Quote:
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
|
|
03-26-2008, 12:49 AM
|
#7 (permalink) |
|
Diamond Member
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
i get the 'dss has encountered an error and needs to close down' while it is backing up my registy 'hives'. thats not good is it?
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
|
03-26-2008, 12:55 AM
|
#8 (permalink) |
|
Diamond Member
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
ok guys, i redownloaded and i got the same thing:
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
|
03-26-2008, 07:33 AM
|
#9 (permalink) |
|
Moderator
Join Date: Dec 2005
Location: Melbourne, Australia
Age: 21
Posts: 5,280
|
OK, try this instead:
Please visit this webpage for instructions for downloading and running ComboFix: http://www.bleepingcomputer.com/comb...o-use-combofix Post the log from ComboFix when you've accomplished that.
__________________
CPU: Core 2 Duo E6600 / MOBO: Gigabyte 965P-DS3 / GPU: Gigabyte HD4870 RAM: 2GB G.Skill F2-6400CL4D-2GBPK / HDD: 2TB Total HDD / PSU: Antec NeoPower 480W Cheap PSUs - 2% of system costs, responsible for 28% of system deaths As Sealed Stick was removed, lost or damaged, it shall be out of warranty validity. - The "Warranty void if removed" sticker on numerous CoolerMaster PSUs. |
|
|
|
|
03-27-2008, 03:06 AM
|
#10 (permalink) | |
|
Diamond Member
Join Date: Dec 2007
Location: The Angels
Age: 15
Posts: 2,666
|
Quote:
__________________
http://www.computerforum.com/6663-funniest-joke-world.html "75% of all statistics are made up, including this one. 62.481% of people who read that believe it is true. And if you're one of the 37.519% who don't, copy and paste this into your signature." - tlarkin, Cromewell, and Rambo. |
|
|
|
|
 |
| Bookmarks |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Tons of adware and virus's (Hijackthis log) | MrBucket | Computer Security | 1 | 02-05-2006 06:54 PM |
| HijackThis log | Fuzz | Computer Security | 8 | 01-23-2006 07:00 PM |
| HijackThis Log | Charlie7940 | Computer Security | 13 | 08-18-2005 01:10 AM |
| HiJackThis Log | DanLatimer | Computer Security | 8 | 08-12-2005 01:52 PM |
| Hijackthis Log | hello45044 | General Software | 14 | 05-30-2005 12:43 AM |
Linear Mode
