Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown problem, seems like a virus, extreme slowdown of computer, other methods have had no effect


  • Please log in to reply
1 reply to this topic

#1 george12

george12

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:36 PM

Posted 20 October 2009 - 05:22 PM

Computer has been behaving extremely slow for a few days, usual methods to speed it up have had no effect. Some particular errors seem to keep appearing, making me think it may be a virus. In particular, an error saying 'incd.exe failed to initialize properly' this is something to do with nero cd burning software. Icons have disappeared from the quicklaunch bar, internet explorer and firefox both crash and do not run. another error 'avgnt.exe failed to initialize properly' comes up on start up, as well as an error saying that 'raid service U.S. English resources has encountered a problem'. The hard disk seems to be constantly running while the computer is doing nothing, and the desktop hangs for many minutes at a time constantly. The most consistent strange occurance is the installation of something called 'status.msi'. We tried using the windows disk to revert back to a previous time, but this has had no effect. We have tried virus/spyware checking software including Avira which has had no effect. We would be very grateful for any help, I hope I have posted correctly, please inform me if otherwise. The log is as follows.

DDS (Ver_09-10-13.01) - NTFSx86 NETWORK
Run by Administrator at 23:11:30.89 on 20/10/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16

============== Running Processes ===============


============== Pseudo HJT Report ===============

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232292733531
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232292715937
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\34bcnxxq.default\
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npBBCPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-10-20 20:45 <DIR> --d----- c:\windows\system32\CatRoot_bak
2009-10-20 18:25 <DIR> --d----- C:\NV12641268.TMP
2009-10-20 18:25 <DIR> --d----- C:\NV12561260.TMP
2009-10-20 18:25 <DIR> --d----- C:\NV12361240.TMP
2009-10-20 18:25 18,432 a----r-- c:\windows\system32\SET21.tmp
2009-10-20 18:24 <DIR> --d----- C:\NV11401144.TMP
2009-10-20 18:24 <DIR> --d----- C:\NV11321136.TMP
2009-10-20 18:24 <DIR> --d----- C:\NV11001104.TMP
2009-10-20 18:24 <DIR> --d----- C:\NV10921096.TMP
2009-10-20 11:21 455,168 ac------ c:\windows\system32\dllcache\tintsetp.exe
2009-10-20 11:20 92,416 ac------ c:\windows\system32\dllcache\mga.sys
2009-10-20 11:19 78,848 ac------ c:\windows\system32\dllcache\dayi.ime
2009-10-20 11:17 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-10-20 11:17 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-10-20 11:17 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-10-20 11:17 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-10-20 11:17 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-10-20 11:17 16,384 ac------ c:\windows\system32\dllcache\isignup.exe
2009-10-20 11:16 32,768 ac------ c:\windows\system32\dllcache\icwdl.dll
2009-10-20 11:16 214,528 ac------ c:\windows\system32\dllcache\icwconn1.exe
2009-10-20 11:16 86,016 ac------ c:\windows\system32\dllcache\icwconn2.exe
2009-10-20 11:16 20,480 ac------ c:\windows\system32\dllcache\inetwiz.exe
2009-10-20 10:53 24,661 ac------ c:\windows\system32\dllcache\spxcoins.dll
2009-10-20 10:53 13,312 ac------ c:\windows\system32\dllcache\irclass.dll
2009-10-20 10:53 24,661 a------- c:\windows\system32\spxcoins.dll
2009-10-20 10:53 13,312 a------- c:\windows\system32\irclass.dll
2009-10-19 20:29 81,920 a------- c:\windows\_detmp.2
2009-10-19 20:29 114,763 a------- c:\windows\_detmp.1
2009-09-28 12:10 <DIR> --d----- c:\temp\Nikon_Capture_Nx.cape
2009-09-25 23:10 <DIR> --d----- c:\program files\pdfsam
2009-09-25 22:37 <DIR> --d----- c:\program files\AskBarDis
2009-09-25 22:37 <DIR> --d----- c:\program files\Foxit Software
2009-09-25 17:21 <DIR> --d----- C:\Chas Correspondence
2009-09-23 10:39 54,156 a---h--- c:\windows\QTFont.qfn
2009-09-23 10:39 1,409 a------- c:\windows\QTFont.for

==================== Find3M ====================

2009-10-15 12:43 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLbx.DAT
2009-09-10 12:12 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdw.DAT
2009-08-23 13:13 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-20 14:37 143,476 a------- c:\windows\hpqins00.dat
2009-08-07 15:12 164,891 a------- c:\windows\hpoins21.dat
2008-07-16 21:06 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2008-07-06 16:39 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLck.DAT
2008-07-06 10:40 54,528 a------- c:\docume~1\alluse~1\applic~1\firstlsp.reg.dat
2004-10-01 15:00 40,960 a------- c:\program files\Uninstall_CDS.exe

============= FINISH: 23:11:51.78 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:03:36 PM

Posted 31 October 2009 - 06:07 AM

Hello george12

Welcome to BleepingComputer :(
==========================
Sounds like a hard drive going bad to me with all of the random errors and the random freezing.

Do the following to get the model number of the hard drive and you can download and run a diagnostic program to check it for bad sectors.
You will need to know the manufacturer's name of the hard drive you have installed.
To get that go to Start then right click on the C:\drive and choose properties.
Then click on the hardware tab.

Then you can write down what you see there under Disk Drives and post that info here for me to see then I will be able to help you further.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users