Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"My Computer" won't load - HijackThis Log


  • Please log in to reply
2 replies to this topic

#1 Subblue586

Subblue586

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 16 April 2005 - 03:55 PM

Well, here's the situation:

Yesterday, for no apparent reason (I had previously installed some software, but it had been working fine for quite a while), windows would take forever to load random items. Upon restart, at random (though most of the time), I cannot load My Computer. When I attempt to do so it completely freezes. The same occurs in Windows Explorer, and Disc Degfragmenter. I'm lead to believe that there may be some hardware issue because of the types of apps that freeze. I have run Spybot, Adaware, NOD 32, and done my own Hijacking (I've had lots of expirience with the program at home and at work), but I am really stumped here.

Here's the log:

Logfile of HijackThis v1.99.1
Scan saved at 1:53:10 PM, on 4/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Anti-Spy\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunOnce: [HcTSC] C:\WINDOWS\TSC.EXE
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Spy Sweeper Fix.lnk = C:\Program Files\Webroot\Spy Sweeper\SpySweeperFix.bat
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O23 - Service: Abicudi2a - - (no file)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

The files that concern me are "O23 - Abicudi2a" and "O4 - C:\WINDOWS\TSC.EXE" The former recently appeared, after I had hijacked in the last couple of days. The latter is new to this time.

Thank you!
-Josh

BC AdBot (Login to Remove)

 


m

#2 Subblue586

Subblue586
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 16 April 2005 - 03:58 PM

Oh, and I also have Spyware Blaster. I have run a Trend Micro and a NOD 32 scan, both of which removed a few trojans. I have also run RegCleaner.

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:05:35 AM

Posted 17 April 2005 - 12:21 AM

Hi Subblue586. Is this log either being run from Safe Mode or with MsConfig? The log is so minimal it isn't normal. If so, can you supply a log that was scanned from a normal bootup with MsConfig disabled

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users