1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

minimized everything!

Discussion in 'Virus & Other Malware Removal' started by nickkindel, Sep 22, 2008.

Thread Status:
Not open for further replies.
  1. nickkindel

    nickkindel Thread Starter

    Joined:
    Sep 22, 2008
    Messages:
    3
    All my games (rise of nations,FSX,black and white) are minimizing on me every 2-15 min. Even when I try to watch a you tube video in full screen it will minimize the full screen window down to a full screen firefox but small vid veiw. As I type this I continue to have to click on the window every so often just to keep the blinking cursor so I can type (very frustruating!! as I type aprox 0.2/wpm!!!)

    recently I have been getting those annoying adds that say "Congratulations, you have been selected to recieve a new laptop(or Wii (like they could find one!!))", while flying on FSX. I quickly hit the windows key to see if something poped up but there is nothing there. Just today I have been getting bits of music while playing a game and I still cant see anything.

    I borrowed a ext hdd from a friend (that may have used some illegal methods of downloading) and copied some music, videos and programs to my computer. This was some time before the problem started but i figured i could have been infected from this

    I have searched and tried many different things to fix this issue. here is what Ive done...
    - Installed Spybot and ran the scan. Found 61 spyware apps. I clicked remove and 60 were sucsessfully removed while one was unable to be removed. It asked me to restart the computer. I did and it spybot ran a 30 min scan but didnt tell me if it had removed it.
    - Installed Ad-Aware and ran the scan. Adaware found 140+ (walked away) infections. when it finished it had listed 1 trojan and 3 malware problems which I removed. Again one was unable to be removed until I restarted the computer. so I restarted and have no Idea if its gone.

    Im running XP btw.

    heres my hijackthis log





    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:05:30 PM, on 9/22/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UStorSrv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\mscdexntx.exe_.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\DOCUME~1\WILLIA~1\LOCALS~1\Temp\win725.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\TEMP\csrssc.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\explorer.exe
    C:\DOCUME~1\WILLIA~1\LOCALS~1\Temp\csrssc.exe
    C:\WINDOWS\system32\X7BbuGIw.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Mirar - {A5CB5816-7788-41D6-A30E-2A05D4445F52} - C:\WINDOWS\system32\winai75.dll
    O4 - HKLM\..\Run: [inrhcjf0j0eedv] C:\Documents and Settings\william wainman\Local Settings\Temp\.tt72E.tmp.exe /CR=680878EE29CC1ECF949CE82229B5D0E14FA523496E61F6FDFDC56DC94A06BA0ECA266D7947E614E8A8B3CC75CB3D87291455E38792C551AE76B08B3E8D6098D8AAB7D15C4E29F0EB9511E69B96A7E4C6DA4BD1
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [lphcnf0j0eedv] C:\WINDOWS\system32\lphcnf0j0eedv.exe
    O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\WILLIA~1\LOCALS~1\Temp\csrssc.exe
    O4 - HKUS\S-1-5-18\..\Run: [Jnskdfmf9eldfd] C:\WINDOWS\TEMP\csrssc.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Jnskdfmf9eldfd] C:\WINDOWS\TEMP\csrssc.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe (User 'Default user')
    O4 - Startup: userinit.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O22 - SharedTaskScheduler: lksdfj98w3rmsekfnaui3rgfdgf - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\gks834t.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Schedule - Unknown owner - C:\WINDOWS\system32\drivers\services.exe
    O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

    --
    End of file - 6698 bytes



    Thanks in advance!!!!!
     
  2. nickkindel

    nickkindel Thread Starter

    Joined:
    Sep 22, 2008
    Messages:
    3
    Updated the hijack log above, after another failed attempt. I think I'm loosing this battle, More pop up sounds and strange behavior of my computer. After running a prevx scan my background picture went blank and just for a second my task bar went away. My heart sank for a second but the task bar came back instantly, the background pic did not. Similar to a normal start up a few icons appeared in the right of the task bar. these icons are normal (i think) when I start the computer, just a camera icon and a printer icon which i usually close.
    Can someone please help?
     
  3. nickkindel

    nickkindel Thread Starter

    Joined:
    Sep 22, 2008
    Messages:
    3
    Well about an hour after my last post the computer crashed hard. Im not too sure what happened since I had started a Ad-Aware scan again and left it to do its thing. When i came back to it a couple hours later the computer was running thtough a loop of trying to restart. I had a off colored blue screen saying something about a error with sofware/hardware. I attempted to start in safe mode but it went right back to the same loop of trying to start over and over again. A friend of mine has the computer now and is going to format the hard drive and re-install the os for me. once again I loose all my music and pictures, last time was because I knocked over my ext hard drive. This time I may never know. The thought crossed my mind to simply haul the tower monitor and speakers out to the dumpster and never have anything to do with computers again, but seeing how I work in the semi conductor feild I fear I have no choice...
    This is beggining to feel like a diary of my computer issues....
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/752186

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice