Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer All Mesed Up


  • This topic is locked This topic is locked
3 replies to this topic

#1 brooklyn11218

brooklyn11218

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Location:Brooklyn, NY
  • Local time:05:45 PM

Posted 09 November 2006 - 09:56 PM

Hi,

Having huge problems with my computer. I tried to install Roxio easy cd/dvd creator 6 and then my PC rebooted and said it was "installing generic disk drive" afterwards it would say it needs to reboot to save the changes..did this in an endless loop.

I used Go back hoping it would fix it...made it worse, my computer wouldnt boot up at all not even into safe mode.So i tried goback 1 more time going as far back as I could (way before I installed the roxio).

I cannot boot into normal mode. when i try it gives me a BSOD error: 0x0000008e (0xc0000005, 0x8056e2a2, 0xba6fc96c, 0x00000000)

I can boot it into safe mode though... but when it is in safe mode a process called services.exe maxes out the resources. Making it impossible to do anything.

I've tried so many things, I have no idea what it could be. so ive decided to post a hijack this log here. I'm hoping the geniuses on here can help. thank you.



Logfile of HijackThis v1.99.1
Scan saved at 3:25:10 PM, on 11/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Ralph\My Documents\Programs\HijackThis1991.exe
C:\WINDOWS\explorer.exe

O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKLM\..\RunOnce: [ddvd.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\dvd.dll"
O4 - HKLM\..\RunOnce: [DVideoCD.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\VideoCD.dll"
O4 - HKLM\..\RunOnce: [DRMT.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\RMT.dll"
O4 - HKLM\..\RunOnce: [DCapture.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\Capture.dll"
O4 - HKLM\..\RunOnce: [DDVDDump.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\DVDDump.ax"
O4 - HKLM\..\RunOnce: [DDVFrameDet.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\DVFrameDet.ax"
O4 - HKLM\..\RunOnce: [DPreview.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\Preview.dll"
O4 - HKLM\..\RunOnce: [Dvergb24.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\vergb24.ax"
O4 - HKLM\..\RunOnce: [DVideoTransition.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\VideoTransition.ax"
O4 - HKLM\..\RunOnce: [DMultiFileReade] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\MultiFileReader.ax"
O4 - HKLM\..\RunOnce: [DRxDump.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\RxDump.ax"
O4 - HKLM\..\RunOnce: [ACMWrapperV2.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\ACMWrapperV2.dll"
O4 - HKLM\..\RunOnce: [MediaPlayerV2.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\MediaPlayerV2.dll"
O4 - HKLM\..\RunOnce: [driversV2.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\driversV2.dll"
O4 - HKLM\..\RunOnce: [Cdbootable.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Cdbootable.dll"
O4 - HKLM\..\RunOnce: [cdDataPS.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\cdDataPS.dll"
O4 - HKLM\..\RunOnce: [cdExtra.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\cdExtra.dll"
O4 - HKLM\..\RunOnce: [cdmp3.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\cdmp3.dll"
O4 - HKLM\..\RunOnce: [database.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\database.dll"
O4 - HKLM\..\RunOnce: [ISO9660.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\ISO9660.dll"
O4 - HKLM\..\RunOnce: [Joliet.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Joliet.dll"
O4 - HKLM\..\RunOnce: [Udf.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Udf.dll"
O4 - HKLM\..\RunOnce: [creator.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\creator.dll"
O4 - HKLM\..\RunOnce: [Translator.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Translator.dll"
O4 - HKLM\..\RunOnce: [CDEngine.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\CDEngine.dll"
O4 - HKLM\..\RunOnce: [dvd.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\dvd.dll"
O4 - HKLM\..\RunOnce: [DvdVR.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\DvdVR.dll"
O4 - HKLM\..\RunOnce: [rmt.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\RMT.dll"
O4 - HKLM\..\RunOnce: [dragondll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\Dragon\dragon.dll"
O4 - HKLM\..\RunOnce: [dragonrs] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\Dragon\dragonrs.dll"
O4 - HKLM\..\RunOnce: [CDLabel.exe] "C:\Program Files\Common Files\Roxio Shared\Label Creator\CDLabel.exe" /register
O4 - HKLM\..\RunOnce: [VideoCD.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\VideoCD.dll"
O4 - HKLM\..\RunOnce: [DVR.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\DVR.dll"
O4 - HKLM\..\RunOnce: [zDvFrameDectectorax] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\dvframedetector.ax"
O4 - HKLM\..\RunOnce: [zvergb24ax] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\vergb24.ax"
O4 - HKLM\..\RunOnce: [zRoxPrvwdll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\VideoTransition.ax"
O4 - HKLM\..\RunOnce: [zPreviewdll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\Preview.dll"
O4 - HKLM\..\RunOnce: [RxDumpax] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\RxDump.ax"
O4 - HKLM\..\RunOnce: [MultiFileReader] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\MultiFileReader.ax"
O4 - HKLM\..\RunOnce: [RxQuicktime] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\RXQuicktime.ax"
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145661933765
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/...p/TLIEFlash.CAB
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_...tupv2.0.0.9.cab?
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1145666101\ee\services\safetyCore\ver2_5_4_1\aolavupd.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

BC AdBot (Login to Remove)

 


#2 brooklyn11218

brooklyn11218
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Location:Brooklyn, NY
  • Local time:05:45 PM

Posted 09 November 2006 - 10:01 PM

Forgot to add that even though I used goback to go back to before I installed roxio, it is still on the computer. not in the program files folder or the add/remove programs but in the start up programs and the registry.

I tried to delete everything I can find related to roxio in the registry but that didn't help.

#3 brooklyn11218

brooklyn11218
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Location:Brooklyn, NY
  • Local time:05:45 PM

Posted 10 November 2006 - 02:39 PM

anyone? anyone at all?

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:45 PM

Posted 18 November 2006 - 12:32 PM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:
I apologize for the delay getting to your log, the helpers here are very busy.

I don't see any indication of malware in your log. I suggest that you post a new thread in the XP forum here.

http://www.bleepingcomputer.com/forums/ind...amp;s=&f=56
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users