1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijack log; computer hangs, scan disk failure

Discussion in 'Virus & Other Malware Removal' started by kozmob, Sep 6, 2009.

Thread Status:
Not open for further replies.
  1. kozmob

    kozmob Thread Starter

    Joined:
    Sep 6, 2009
    Messages:
    2
    Any help with a slug computer and errors would be much appreciated. I'm running XP with McAfee and run SpyBod and AdAware periodically. The problem is on another machine, not this one.

    I have a number of symptoms; not sure if they're related or not.

    For some time, the computer is reeeeeal slow to do anything. I can hear the hard drive cranking but nothing seems to happen. I often get a message that the machine is out of virtual memory.

    Several months ago I bought a new wireless router. I set it up secure (WEP?) but that security disappeared after a while so the router has been unsecured.

    Now the computer seems to freeze regardless of what program or any program running. Today I booted it a number of times. I got an error; something to do with allocation failed and something truncated. I had to cold boot when it froze and when it went through scan disk, it would stall at 99% complete. Right now it seems to

    I frequently get a McAfee3 "your computer is not secure" message and I have to go to McAfee to "fix" the problem.

    Here and attached are a HijackThis log for that machine that I got between freezes:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:34:53 AM, on 9/6/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Mixer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Hardware\iTouch\iTouch.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
    C:\WINDOWS\MXOALDR.EXE
    C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    C:\Program Files\Genie-Soft\GBM7Home\GBMAgent.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Quicken\bagent.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cidaemon.exe
    c:\PROGRA~1\mcafee\msc\mcupdui.exe
    c:\program files\mcafee\virusscan\mcinsupd.exe
    C:\Documents and Settings\Preferred Customer\My Documents\hijack 2-0-2\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
    O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
    O2 - BHO: PT_CancelPopups.clsPopups - {30C4957C-A15E-48E2-99ED-7623B8EF4182} - C:\Program Files\Picture Tools\PT_CancelPopups.dll
    O2 - BHO: PT_FilterLinks.clsBypass - {3C84954D-23A1-4D71-9185-6BE2BB312C24} - C:\Program Files\Picture Tools\PT_FilterLinks.dll
    O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
    O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
    O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Hardware\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
    O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    O4 - HKLM\..\Run: [GBMHome7Agent] C:\Program Files\Genie-Soft\GBM7Home\GBMAgent.exe
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [GBMHome7Agent] C:\Program Files\Genie-Soft\GBM7Home\GBMAgent.exe
    O4 - HKCU\..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\System32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\System32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
    O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
    O8 - Extra context menu item: Vie&w All Pics - file:///C:\Program Files\Picture Tools\ViewAllPics.htm
    O8 - Extra context menu item: View A&ll Pics in New Win - file:///C:\Program Files\Picture Tools\ViewAllPicsOpen.htm
    O9 - Extra button: View All Pics - {011D31E2-52A7-4703-8923-585EE67C112B} - C:\Program Files\Picture Tools\Ext_ViewAllPics.exe
    O9 - Extra 'Tools' menuitem: View All Pics - {011D31E2-52A7-4703-8923-585EE67C112B} - C:\Program Files\Picture Tools\Ext_ViewAllPics.exe
    O9 - Extra button: Download Pics - {0229FA56-9A3D-4018-9017-1918F8EC2C93} - C:\Program Files\Picture Tools\Ext_DownloadPics.exe
    O9 - Extra 'Tools' menuitem: Download Pics - {0229FA56-9A3D-4018-9017-1918F8EC2C93} - C:\Program Files\Picture Tools\Ext_DownloadPics.exe
    O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
    O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {02587AFF-D0A5-11D2-9BB5-00A0CC3AD9E7} (Infragistics OutlookBar) - http://cygext01.bv.com/Portal/pvoutlookbar.ocx
    O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} - http://download.mcafee.com/molbin/shared/comctl32.cab
    O16 - DPF: {1416D7C8-8A28-11CF-9236-444553540000} (Infragistics Data Explorer Control) - http://cygext01.bv.com/Tree/controls/pvxplore8.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {275E2FE0-7486-11D0-89D6-00A0C90C9B67} (MCSiMenuCtl Class) - http://cygext01.bv.com/Tree/controls/mcsimenu.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...apple.com/qt505/us/win/QuickTimeInstaller.exe
    O16 - DPF: {41F841C1-AE16-11D5-8817-0050DA6EF5E5} (FarPoint Spread 6.0) - http://cygext01.bv.com/shared/controls/FarPointSpread/SPR32X60.ocx
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1097543860221
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166318496729
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
    O16 - DPF: {CA6383EA-0D63-490B-88A0-13BFCE4A9A6F} (bvsgCTeam.UtilsControl) - http://cygext01.bv.com/shared/Controls/bvsgCTeamUtils.CAB
    O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) -
    O16 - DPF: {D646F29F-8B3F-11D4-BBB6-000629AE06EB} (BatchPrintingControl Control) - http://cygext01.bv.com/BatchPrint/BatchPrintingControl.ocx
    O16 - DPF: {DA28C54E-D95C-11D3-9A01-005004677EF4} - http://download.mcafee.com/molbin/clinic/CDM/McCDM.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://mwmus.webex.com/client/v_mywebex-mwm/mywebex/ieatgpc.cab
    O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup144.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O24 - Desktop Component 0: (no name) - http://weather.yahoo.com/graphics/satellite//west_usa_movie.gif
    O24 - Desktop Component 1: (no name) - http://imagery.wunderground.com/cgi...1&lon=-122.956284&width=450&height=225&zoom=6
    O24 - Desktop Component 2: (no name) - http://www.studyspanish.com/images/background.gif
    O24 - Desktop Component 3: (no name) - http://www.fs.fed.us/gpnf/volcanocams/msh/images/mshvolcanocam.jpg
    --
    End of file - 14607 bytes
     

    Attached Files:

  2. kozmob

    kozmob Thread Starter

    Joined:
    Sep 6, 2009
    Messages:
    2
    here's a better description of one of the errors I was getting while booting. It is referenced to application data/sun/java/deployment/cache/6.0/24

    I got this:
    "First allocation unit is not valid. The entry wilil be truncated."

    I'm not getting that now. Now all that happens is after a boot and about 20 minutes or less, it freezes. It freezes even though I do nothing with it.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/858739

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice