Unknown problem, seems like a virus, extreme slowdown of computer, other methods have had no effect

#1 george12


  Members
  • 1 posts
  • Local time:04:06 PM

Posted 20 October 2009 - 05:22 PM

Computer has been behaving extremely slow for a few days, usual methods to speed it up have had no effect. Some particular errors seem to keep appearing, making me think it may be a virus. In particular, an error saying 'incd.exe failed to initialize properly' this is something to do with nero cd burning software. Icons have disappeared from the quicklaunch bar, internet explorer and firefox both crash and do not run. another error 'avgnt.exe failed to initialize properly' comes up on start up, as well as an error saying that 'raid service U.S. English resources has encountered a problem'. The hard disk seems to be constantly running while the computer is doing nothing, and the desktop hangs for many minutes at a time constantly. The most consistent strange occurance is the installation of something called 'status.msi'. We tried using the windows disk to revert back to a previous time, but this has had no effect. We have tried virus/spyware checking software including Avira which has had no effect. We would be very grateful for any help, I hope I have posted correctly, please inform me if otherwise. The log is as follows.

DDS (Ver_09-10-13.01) - NTFSx86 NETWORK
Run by Administrator at 23:11:30.89 on 20/10/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16

============== Running Processes ===============

============== Pseudo HJT Report ===============

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232292733531
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232292715937
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\34bcnxxq.default\
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npBBCPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2009-10-20 20:45 <DIR> --d----- c:\windows\system32\CatRoot_bak
2009-10-20 18:25 <DIR> --d----- C:\NV12641268.TMP
2009-10-20 18:25 <DIR> --d----- C:\NV12561260.TMP
2009-10-20 18:25 <DIR> --d----- C:\NV12361240.TMP
2009-10-20 18:25 18,432 a----r-- c:\windows\system32\SET21.tmp
2009-10-20 18:24 <DIR> --d----- C:\NV11401144.TMP
2009-10-20 18:24 <DIR> --d----- C:\NV11321136.TMP
2009-10-20 18:24 <DIR> --d----- C:\NV11001104.TMP
2009-10-20 18:24 <DIR> --d----- C:\NV10921096.TMP
2009-10-20 11:21 455,168 ac------ c:\windows\system32\dllcache\tintsetp.exe
2009-10-20 11:20 92,416 ac------ c:\windows\system32\dllcache\mga.sys
2009-10-20 11:19 78,848 ac------ c:\windows\system32\dllcache\dayi.ime
2009-10-20 11:17 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-10-20 11:17 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-10-20 11:17 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-10-20 11:17 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-10-20 11:17 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-10-20 11:17 16,384 ac------ c:\windows\system32\dllcache\isignup.exe
2009-10-20 11:16 32,768 ac------ c:\windows\system32\dllcache\icwdl.dll
2009-10-20 11:16 214,528 ac------ c:\windows\system32\dllcache\icwconn1.exe
2009-10-20 11:16 86,016 ac------ c:\windows\system32\dllcache\icwconn2.exe
2009-10-20 11:16 20,480 ac------ c:\windows\system32\dllcache\inetwiz.exe
2009-10-20 10:53 24,661 ac------ c:\windows\system32\dllcache\spxcoins.dll
2009-10-20 10:53 13,312 ac------ c:\windows\system32\dllcache\irclass.dll
2009-10-20 10:53 24,661 a------- c:\windows\system32\spxcoins.dll
2009-10-20 10:53 13,312 a------- c:\windows\system32\irclass.dll
2009-10-19 20:29 81,920 a------- c:\windows\_detmp.2
2009-10-19 20:29 114,763 a------- c:\windows\_detmp.1
2009-09-28 12:10 <DIR> --d----- c:\temp\Nikon_Capture_Nx.cape
2009-09-25 23:10 <DIR> --d----- c:\program files\pdfsam
2009-09-25 22:37 <DIR> --d----- c:\program files\AskBarDis
2009-09-25 22:37 <DIR> --d----- c:\program files\Foxit Software
2009-09-25 17:21 <DIR> --d----- C:\Chas Correspondence
2009-09-23 10:39 54,156 a---h--- c:\windows\QTFont.qfn
2009-09-23 10:39 1,409 a------- c:\windows\QTFont.for

==================== Find3M ====================

2009-10-15 12:43 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLbx.DAT
2009-09-10 12:12 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdw.DAT
2009-08-23 13:13 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-20 14:37 143,476 a------- c:\windows\hpqins00.dat
2009-08-07 15:12 164,891 a------- c:\windows\hpoins21.dat
2008-07-16 21:06 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2008-07-06 16:39 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLck.DAT
2008-07-06 10:40 54,528 a------- c:\docume~1\alluse~1\applic~1\firstlsp.reg.dat
2004-10-01 15:00 40,960 a------- c:\program files\Uninstall_CDS.exe

============= FINISH: 23:11:51.78 ===============

#2 kahdah


  Security Colleague
  • 11,138 posts
  • Gender:Male
  • Location:Florida
  • Local time:11:06 AM

Posted 31 October 2009 - 06:07 AM

Hello george12

Welcome to BleepingComputer :(
Sounds like a hard drive going bad to me with all of the random errors and the random freezing.

Do the following to get the model number of the hard drive and you can download and run a diagnostic program to check it for bad sectors.
You will need to know the manufacturer's name of the hard drive you have installed.
To get that go to Start then right click on the C:\drive and choose properties.
Then click on the hardware tab.

Then you can write down what you see there under Disk Drives and post that info here for me to see then I will be able to help you further.
