Net running slow, hijackthis log

Led-Zeppelin · August 6, 2007

Ok my nets running a bit slower then normal, and after 5 days I have already used 1gig on a 12gig cap, but all I have been doing is just general browsing..

Also, a few little probs I've been having;

Ok, over the last few weeks, I've had two problems;

My Command and Conquer 3 game keeps on crashing right after the splash screen. I've uninstalled, reinstalled, updated all driver to no avail. Still yet to install it on someone elses PC to make sure disk isn't corrupted in which case will have to return it.

Secondly, my DVD writer program from Nero, Cyberlink DVD Suite - PowerProducer keeps on crashing either right before the writing process begins with a message;

or it crashes half way through the checking phase, and on rare occasions, actually burns a disk!? I have burnt MP3 CD's since as to rule out a problem with the hardware. I have uninstalled and reinstalled drivers. I have even tried another DVD writing program, but get the same errors.

Thanks for your time.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 6:27:08 p.m., on 5/08/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss[Caution: Executable File]

C:\WINDOWS\system32\winlogon[Caution: Executable File]

C:\WINDOWS\system32\services[Caution: Executable File]

C:\WINDOWS\system32\lsass[Caution: Executable File]

C:\WINDOWS\system32\svchost[Caution: Executable File]

C:\Program Files\Windows Defender\MsMpEng[Caution: Executable File]

C:\WINDOWS\System32\svchost[Caution: Executable File]

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgemc[Caution: Executable File]

C:\Program Files\Common Files\LightScribe\LSSrvc[Caution: Executable File]

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

C:\Program Files\CyberLink\Shared Files\RichVideo[Caution: Executable File]

C:\WINDOWS\Explorer[Caution: Executable File]

C:\WINDOWS\system32\RunDll32[Caution: Executable File]

C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]

C:\Program Files\Java\jre1.6.0_02\bin\jusched[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File]

C:\Program Files\Common Files\AOL\1182066806\ee\AOLSoftware[Caution: Executable File]

C:\WINDOWS\system32\RUNDLL32[Caution: Executable File]

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

C:\Program Files\Logitech\G-series Software\LGDCore[Caution: Executable File]

C:\Program Files\Logitech\G-series Software\LCDMon[Caution: Executable File]

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

C:\Program Files\Logitech\G-series Software\Applets\LCDMedia[Caution: Executable File]

C:\Program Files\Logitech\G-series Software\Applets\LCDClock[Caution: Executable File]

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor[Caution: Executable File]

C:\Program Files\MSN Messenger\MsnMsgr[Caution: Executable File]

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService[Caution: Executable File]

C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr[Caution: Executable File]

C:\Program Files\Steam\Steam[Caution: Executable File]

C:\Program Files\MagicTune Premium\MagicTune[Caution: Executable File]

C:\Program Files\MagicTune Premium\GammaTray[Caution: Executable File]

C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File]

C:\Program Files\SEC\Natural Color Pro\NCProTray[Caution: Executable File]

C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR[Caution: Executable File]

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

C:\Program Files\MSN Messenger\usnsvc[Caution: Executable File]

C:\Program Files\Windows Media Player\wmplayer[Caution: Executable File]

C:\WINDOWS\system32\wisptis[Caution: Executable File]

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG[Caution: Executable File]" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP[Caution: Executable File] /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP[Caution: Executable File] /IMEName

O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]" -hide

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language[Caution: Executable File]"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched[Caution: Executable File]"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File] /STARTUP

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1182066806\ee\AOLSoftware[Caution: Executable File]

O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend[Caution: Executable File]

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl[Caution: Executable File]"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck[Caution: Executable File]

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask[Caution: Executable File]" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore[Caution: Executable File]" /SHOWHIDE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon[Caution: Executable File]"

O4 - HKCU\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor[Caution: Executable File]"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: Executable File]" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]" -lang 1033

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam[Caution: Executable File]" -silent

O4 - HKUS\S-1-5-19\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\System32\CTFMON[Caution: Executable File] (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\System32\CTFMON[Caution: Executable File] (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\System32\CTFMON[Caution: Executable File] (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\System32\CTFMON[Caution: Executable File] (User 'Default user')

O4 - Global Startup: GammaTray.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = ?

O4 - Global Startup: NCProTray.lnk = ?

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1185076423015

O17 - HKLM\System\CCS\Services\Tcpip\..\{84653997-E0EE-47E3-AB7D-A73EBF222042}: NameServer = 58.28.4.2,58.28.6.2

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService[Caution: Executable File]

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File]

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File]

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc[Caution: Executable File]

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc[Caution: Executable File]

O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine[Caution: Executable File]

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService[Caution: Executable File]

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService[Caution: Executable File]

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo[Caution: Executable File]

--

End of file - 7820 bytes

blade995 · August 6, 2007

Well doing a quick glance I don't see anything that noticeably sticks out that is nasty.

I do notice you have a ton of unnecessary things starting up when you boot your computer. I suggest you go into msconfig and disable some. To get there type in "msconfig" into run (start>run) and click the start up tab.

Have you tried scanning for spyware with ad-aware and spybot? Scan with them in safe mode.

weezcake · August 6, 2007

Well doing a quick glance I don't see anything that noticeably sticks out that is nasty.

I do notice you have a ton of unnecessary things starting up when you boot your computer. I suggest you go into msconfig and disable some. To get there type in "msconfig" into run (start>run) and click the start up tab.

Have you tried scanning for spyware with ad-aware and spybot? Scan with them in safe mode.

Ditto.

And are you running on wireless or ethernet?

Led-Zeppelin · August 6, 2007

Erm double post, I have no idea how it happened either. Didn't needa re-submit or anything.

Led-Zeppelin · August 6, 2007

I run on a router with a built in four port hub. Usually on CS when I ping for servers I get around 300 - 400 servers, and my ping usually sits between 5 - 20. Last few days only get 70 servers pinged, and my ping sits at 30, and [bleep]es up to 300+ occasionally.

Sweet I'll do that, I did a big scan about two weeks ago, downloaded all the different spyware programs (windows defender blows by the way, found nothing, the others found 70+ adware and spyware...).

adi · August 19, 2007

From what i can see youve got a RunDll32[Caution: Executable File] and also a RUNDLL32[Caution: Executable File] - possible a virus ?

Stragomagus · August 20, 2007

From what i can see youve got a RunDll32[Caution] and also a RUNDLL32[Caution] - possible a virus ?

Adi, runDll32 is a legitimate windows process. Now if there was a second one running then I would be a little worried as it would more than likely be a trojan.

Sign In

Net running slow, hijackthis log

Recommended Posts

Led-Zeppelin

Link to comment

Share on other sites

blade995

Link to comment

Share on other sites

weezcake

Link to comment

Share on other sites

Led-Zeppelin

Link to comment

Share on other sites

Led-Zeppelin

Link to comment

Share on other sites

adi

Link to comment

Share on other sites

Stragomagus

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Browse

Activity

Important Information