Lyorna
2008-06-18, 10:47
Hi! This is my first time here but my best friend adviced me to give the pc a last chance before formatting it, which I loved since I should backup around 120 gigas...
Anyway, thing a while ago many of the programs I use began to fail for example the bs player would begin to jump after half an hour running or the winamp would skip the first two or three seconds of every song only to play them after it, before the next one. Also firefox keeps on refreshing the webpages every darn second if there's an image in it such as flickr or google images or I'm just looking at a .jpg file with it. I thought I might have some spyware or such, so I tried to run ccleaner, but after I double clicked it (either the direct access or the exe file) it wouldn't react, just as if I wouldn't have done anything at all. It worried me so I tried to run my antivirus (nod32) but it reacted the exact same way as it did with the ccleaner before. Even more worried, I tried reinstalling both prorgrammes but they said I couldn't do that because there was a previous version installed, so I uninstalled them and downloaded the latest versions and tried again... this time it said that it couldn't write the folder 'insert folder created by the antivirus while installing here' because I didn't have permission to do that. It was quite weired since I was logged in with the admin session... actually that's the only session I can log in to because even though I've got other two users in the computer there is no way to log in to them... I mean when I first turn the pc on and it enters windows there are no icons with users, it just automatically logs into the admin as if it were old win 98 with only one user.
Besides, it won't let me start the computer in safe mode... it's driving me completely insane, especially the fact that there seems to be some hidden processes runing in the background all the time consuming all my ram memory even when I'm not doing anything... it's always 60~80% busy (the processor I mean).
On top of that, the sound card drivers began to fail too and now every time I'm playing any game (such as the nostradamus, sims, whatever) the sound keeps on jumping and looping and it sounds terrible... the same happens when I try to start a net meeting with my webcam and mike and somebody else's over the net, the sound just keeps on jumping and repeating itself, but otherwise I can normally listen to music... except for the 3 first second skipping thing.
Weired thing is, I can install silly programs such as games with no problem, but winamp, firefox, ccleaner, antiviruses and such just won't install. In firefox's case it says the file's corrupted but I downloaded around 7 different versions of the file from different pages (including the original of course, that was my first option) and it always said the same thing...
I don't know what other information I can provide besides this, but it's all I can think of at the time.
Thank you in advanced
Lyorna
PS: This is the log from Hijack This v 2.0.2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:02:43 a.m., on 19/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\csrcs.exe
C:\WINDOWS\878RMTMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ARCHIV~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ATKKBService.exe
C:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\WINDOWS\878RMT.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Archivos de programa\Nero\Core\nero.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\net.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\878RMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Archivos de programa\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\ARCHIV~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel -
res://C:\ARCHIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\ARCHIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\ARCHIV~1\ARCHIV~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. -
C:\WINDOWS\ATKKBService.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION -
C:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® -
C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\archivos de programa\archivos
comunes\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Archivos de programa\Archivos
comunes\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5313 bytes
Anyway, thing a while ago many of the programs I use began to fail for example the bs player would begin to jump after half an hour running or the winamp would skip the first two or three seconds of every song only to play them after it, before the next one. Also firefox keeps on refreshing the webpages every darn second if there's an image in it such as flickr or google images or I'm just looking at a .jpg file with it. I thought I might have some spyware or such, so I tried to run ccleaner, but after I double clicked it (either the direct access or the exe file) it wouldn't react, just as if I wouldn't have done anything at all. It worried me so I tried to run my antivirus (nod32) but it reacted the exact same way as it did with the ccleaner before. Even more worried, I tried reinstalling both prorgrammes but they said I couldn't do that because there was a previous version installed, so I uninstalled them and downloaded the latest versions and tried again... this time it said that it couldn't write the folder 'insert folder created by the antivirus while installing here' because I didn't have permission to do that. It was quite weired since I was logged in with the admin session... actually that's the only session I can log in to because even though I've got other two users in the computer there is no way to log in to them... I mean when I first turn the pc on and it enters windows there are no icons with users, it just automatically logs into the admin as if it were old win 98 with only one user.
Besides, it won't let me start the computer in safe mode... it's driving me completely insane, especially the fact that there seems to be some hidden processes runing in the background all the time consuming all my ram memory even when I'm not doing anything... it's always 60~80% busy (the processor I mean).
On top of that, the sound card drivers began to fail too and now every time I'm playing any game (such as the nostradamus, sims, whatever) the sound keeps on jumping and looping and it sounds terrible... the same happens when I try to start a net meeting with my webcam and mike and somebody else's over the net, the sound just keeps on jumping and repeating itself, but otherwise I can normally listen to music... except for the 3 first second skipping thing.
Weired thing is, I can install silly programs such as games with no problem, but winamp, firefox, ccleaner, antiviruses and such just won't install. In firefox's case it says the file's corrupted but I downloaded around 7 different versions of the file from different pages (including the original of course, that was my first option) and it always said the same thing...
I don't know what other information I can provide besides this, but it's all I can think of at the time.
Thank you in advanced
Lyorna
PS: This is the log from Hijack This v 2.0.2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:02:43 a.m., on 19/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\csrcs.exe
C:\WINDOWS\878RMTMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ARCHIV~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ATKKBService.exe
C:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\WINDOWS\878RMT.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Archivos de programa\Nero\Core\nero.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\net.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\878RMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Archivos de programa\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\ARCHIV~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel -
res://C:\ARCHIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\ARCHIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\ARCHIV~1\ARCHIV~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. -
C:\WINDOWS\ATKKBService.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION -
C:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® -
C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\archivos de programa\archivos
comunes\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Archivos de programa\Archivos
comunes\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5313 bytes