Hijack this log file

  • FEQX
  • Born
  • Born
  • FEQX
  • Posts: 3

Post 3+ Months Ago

HI all

Comp keeps blue screening, any one see any problems here I don't know what im looking for and comp doesnt stay on long enough to google it properly and resolve my self. please email ans to lukemalone@ live co uk as I can check this when in work. cheers. If it helps the stop command is 0x00000077 (0x000000011, 0x00000000, 0x00000000, 0x8a4f3d24)

Thanks in advanced

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:46, on 20/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\savedump.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\AVG\AVG9\avgchsvx.exe
E:\Program Files\AVG\AVG9\avgrsx.exe
E:\Program Files\AVG\AVG9\avgcsrvx.exe
E:\WINDOWS\System32\WLTRYSVC.EXE
E:\WINDOWS\System32\bcmwltry.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\WLTRAY.exe
E:\WINDOWS\stsystra.exe
E:\WINDOWS\system32\igfxtray.exe
E:\WINDOWS\system32\hkcmd.exe
E:\WINDOWS\system32\igfxpers.exe
E:\WINDOWS\system32\igfxsrvc.exe
E:\Program Files\Winamp\winampa.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
E:\PROGRA~1\AVG\AVG9\avgtray.exe
E:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
E:\PROGRA~1\SPYWAR~1\SpywareTerminatorUpdate.exe
E:\Program Files\AVG\AVG9\avgwdsvc.exe
E:\WINDOWS\system32\FsUsbExService.Exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\AVG\AVG9\avgnsx.exe
E:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
E:\Program Files\WinPcap\rpcapd.exe
E:\Program Files\Spyware Terminator\sp_rsser.exe
E:\Program Files\AVG\AVG9\avgemc.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\AVG\AVG9\avgcsrvx.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: flvdirect - {507d34b8-5a1a-41c0-4bcd-7affd3684800} - E:\WINDOWS\system32\0_DA_s.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] E:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] E:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] E:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "E:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\XP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AutoStartNPSAgent] E:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "E:\PROGRA~1\SPYWAR~1\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &Search - ?p=ZUfox000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - E:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - E:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - E:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - E:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler com - E:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - E:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 6936 bytes
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

You can delete that ^^ but it's not causing the blue screen.


O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

The fault check doesn't need to be running from HKLM. At least it's not running on my machine.
  • Mr OBrien
  • Graduate
  • Graduate
  • User avatar
  • Posts: 182
  • Loc: down a creek without a paddle

Post 3+ Months Ago

just a suggestion if that doesn't solve your problem run Chkdsk on the system partition because if its a bad block problem it can map the bad sector to prevent it from being used. or your ram cards may not be seated properly and that usually occurs if your computer has been dropped or the rams been messed with.
  • FEQX
  • Born
  • Born
  • FEQX
  • Posts: 3

Post 3+ Months Ago

Thanks guys I will try sorting it if it doesnt die to quick lol. cheers ill let you know if it worked <3
  • FEQX
  • Born
  • Born
  • FEQX
  • Posts: 3

Post 3+ Months Ago

soz it took so long to get back to you. It was the ram in the end one of my clips to hold it in had broken so i just used an elastic band to hold it in place and all is fine. <3
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

ok

Post Information

  • Total Posts in this topic: 6 posts
  • Users browsing this forum: No registered users and 39 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.