Solved: Random .dll's, internet slowing/failing, computer can't get through start up

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Lax2006

Thread Starter
Joined
Aug 23, 2007
Messages
18
Since I got home from school yesterday I've been getting some pop ups and random crap and also half the time my internet doesn't even work. Today I experienced my computer not even being able to get through the start ups and it would just restart after I got this error (it went too fast for me to read). Also when my computer is able to start I get these random prompts from my StartUp Monitor asking if I want to allow these random .dll files being able to be able to start on start up. I did a System Restore to a few days back to see if it would help and it barely did so I'm seeking help here now.
 

Lax2006

Thread Starter
Joined
Aug 23, 2007
Messages
18
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:22:27 PM, on 10/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Gizmo Project\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\ColdFusion\cfam\program\ccmgr.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\ColdFusion\Bin\cfserver.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\ColdFusion\Bin\cfexec.exe
C:\Program Files\Winamp\winampa.exe
C:\ColdFusion\cfam\Program\dfp.exe
C:\ColdFusion\cfam\Program\wsm.exe
C:\ColdFusion\cfam\Program\wsprobe.exe
C:\ColdFusion\Bin\cfrdsservice.exe
C:\ColdFusion\JRun\bin\JRun.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\COLDFU~1\jrun\bin\jrun.exe
C:\ColdFusion\jre\bin\ntConsoleJava.exe
C:\ColdFusion\cfam\bin\CANamingAdapter.exe
C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\COLDFU~1\jre\bin\ntConsoleJava.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\Zune\ZuneNss.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\Last.fm\LastFM.exe
J:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.37.6:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - J:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [Gizmo Project] C:\Program Files\Gizmo Project\Gizmo.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [BM93cb09ae] Rundll32.exe "C:\WINDOWS\system32\tpkoukrh.dll",s
O4 - HKLM\..\Run: [90f83a32] rundll32.exe "C:\WINDOWS\system32\mejqpopp.dll",b
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SightSpeed] "C:\Program Files\SightSpeed\SightSpeed.exe" -minimized
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "J:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [SightSpeed] "C:\Program Files\SightSpeed\SightSpeed.exe" -minimized (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [P2kAutostart] (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [Veoh] "J:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide (User '?')
O4 - HKUS\S-1-5-21-746137067-1202660629-839522115-1003\..\Run: [] (User '?')
O4 - S-1-5-21-746137067-1202660629-839522115-1003 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User '?')
O4 - S-1-5-21-746137067-1202660629-839522115-1003 Startup: Hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe (User '?')
O4 - S-1-5-21-746137067-1202660629-839522115-1003 Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (User '?')
O4 - S-1-5-21-746137067-1202660629-839522115-1003 Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe (User '?')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Beyond TV Express.lnk = C:\Program Files\SnapStream Media\Beyond TV\BTVD3DShell.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SnapDetect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.savewealth.com
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - file://C:\Documents and Settings\Bryan\Local Settings\Application Data\Oberon Media\Oberon Games Host\swflash.cab
O20 - AppInit_DLLs: wbsys.dll rafahv.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ascssicsor - ATI Technologies Inc. - C:\WINDOWS\system32\drivers\atinpdxx.sys
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Gizmo Project\mDNSResponder.exe
O23 - Service: ColdFusion Monitoring Service (ClusterCATS Service) - Unknown owner - C:\ColdFusion\cfam\program\ccmgr.exe
O23 - Service: Cold Fusion Application Server - Macromedia Inc. - C:\ColdFusion\Bin\cfserver.exe
O23 - Service: ColdFusion Executive (Cold Fusion Executive) - Macromedia Inc. - C:\ColdFusion\Bin\cfexec.exe
O23 - Service: ColdFusion RDS (Cold Fusion RDS) - Macromedia Inc. - C:\ColdFusion\Bin\cfrdsservice.exe
O23 - Service: ColdFusion Graphing Server - Unknown owner - C:\ColdFusion\JRun\bin\JRun.exe
O23 - Service: ColdFusion Management Repository Server (ColdFusion Management Repository) - Unknown owner - C:\COLDFU~1\jrun\bin\jrun.exe
O23 - Service: ColdFusion Management Service - Unknown owner - C:\ColdFusion\cfam\bin\CANamingAdapter.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

--
End of file - 15961 bytes
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top