|
| Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free! |
Help! Computer shut-down!
|
Original Message
|
Name: Lora_lost
Date: September 30, 2003 at 02:41:48 Pacific
Subject: Help! Computer shut-down!
OS: Windows 98
CPU/Ram: ?
|
Comment: I think my computer may have a virus but I can't be sure. Last week I installed the Kazaa Mp3 desktop and I noticed my computer completely slowed down. I removed Kazaa and all of its components after just one day but now my computer keeps shutting down on its own. When it happens it makes a 'ticking' noise for a while before the monitor shuts down and eventually the entire computer. When it comes back on it sometimes does it again offline so it can't just be the internet. I was about to do a virus scan on norton but then I read snowman's query on here. I really don't know where to start. Can anyone help please?
Report Offensive Message For Removal
|
|
Response Number 1
|
Name: Tom41
Date: September 30, 2003 at 03:12:52 Pacific
|
Reply: (edit)The ticking sound could mean it's a hardware problem and not a virus...Your HDD may be dying.
Let's look to see if there is a virus..
Download 'Hijack This!'. Unzip, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, click "Save Log", and copy and paste it in a reply. HijackThis!
 Report Offensive Follow Up For Removal
|
|
Response Number 2
|
Name: Lora_lost
Date: September 30, 2003 at 03:50:33 Pacific
|
Reply: (edit)Thanks alot. Here it is:
Logfile of HijackThis v1.97.2
Scan saved at 11:48:10, on 30/09/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.50 (5.50.4134.0600) Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\NORMAN\NVC\BIN\ZANDA.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\NORMAN\NVC\BIN\CCLAW.EXE
C:\NORMAN\NVC\BIN\NVCSCHED.EXE
C:\NORMAN\NVC\BIN\NJEEVES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
C:\PROGRAM FILES\WINAMP3\WINAMPA.EXE
C:\FREESERVE\FREESERVECONNECTIONKIT\ATDIALLER1.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\OPISTAT\OPISTAT\OPISTAT.EXE
C:\NORMAN\NVC\BIN\ZLH.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\NORMAN\NVC\BIN\NYMSE.EXE
C:\NORMAN\NVC\BIN\NIP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\PRECISIONTIME\PRECISIONTIME.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\DATE MANAGER\DATEMANAGER.EXE
C:\PROGRAM FILES\OLYMPUS\DEVICEDETECTOR\DEVDTCT2.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\AOL 7.0A\WAOL.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchbar.findthewebsiteyouneed.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.freeserve.com/iesearch/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freeserve.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.wish7.com/search/frame.py
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://files.cc.cometsystems.com/assist/cc/1.0/assist_ct.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve
O2 - BHO: CSBHO - {D14D6793-9B65-11D3-80B6-00500487BDBA} - C:\PROGRAM FILES\COMET\BIN\CSBHO.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Mini Jeeves - {4E7D0B40-F575-4A29-9710-4675EAF4686A} - C:\WINDOWS\SYSTEM\MINIJVAB.DLL
O3 - Toolbar: Comet Toolbar - {FE6BC4EF-5676-484B-88AE-883323913256} - C:\PROGRAM FILES\COMET\BIN\CSIETB.DLL
O3 - Toolbar: Freeserve - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\FREESE~1\FSBAR\FSBAR.DLL
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [Matrox Diagnostic] C:\Program Files\Matrox MGA PowerDesk\diag\mgadiag.exe -s
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CMESys] "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [MicroDialler] C:\Freeserve\FreeserveConnectionKit\atdialler1.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [OpiStat] C:\PROGRA~1\OPISTAT\OPISTAT\OPISTAT.EXE
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\NVC\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Norman ZANDA] C:\NORMAN\NVC\BIN\ZANDA.EXE /LOAD
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Startup: AOL 7.0 Tray Icon.lnk = C:\Program Files\AOL 7.0a\aoltray.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Search with Freeserve - res://C:\PROGRA~1\FREESE~1\FSBAR\FSBAR.DLL/VSearch.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Freeserve (HKCU)
O10 - Broken Internet access because of LSP provider 'nmtracer.dll' missing
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: {8522F9B3-38C5-4AA4-AE40-7401F1BBC851} - http://www.terra.es/personal5/bomb-mp3/mp3plugin.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {A45F39DC-3608-4237-8F0E-139F1BC49464} - http://www.sexyplugin.com/diallerfiles/011259.exe
O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://195.124.234.138/install/StarInstall.ocx
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} (loader Class) - http://dload.ipbill.com/del/loader.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {4C2C81B4-91DA-494D-8DBF-A7846BA07073} (Mini Jeeves Installer Control) - http://www.ask.co.uk/toolbar/download/MiniJv-inst.cab
O16 - DPF: {D14D6793-9B65-11D3-80B6-00500487BDBA} (CSBHO Class) - http://files.cc.cometsystems.com/cc2/release/bin/plat-4-3-333-ccct.cab
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (OPInstall Control) - http://a14.g.akamai.net/f/14/7141/144000s/download.opistat.com/opistat/activex/opinstall_en_4.1.0.18.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://66.48.68.135/save/makeover.cab
Report Offensive Follow Up For Removal
|
|
Response Number 3
|
Name: Tom41
Date: September 30, 2003 at 10:45:05 Pacific
|
Reply: (edit)No sign of a virus just some 'spyware'.
Install, update and run Spybot-S&D. Have Spybot fix all red entries it lists. Spybot Do you know the make & model of your hard drive? If so, go the mfg's website and download and run their diagnostics utility.
Report Offensive Follow Up For Removal
|
|
Response Number 4
|
Name: Lora_lost
Date: September 30, 2003 at 13:56:33 Pacific
|
Reply: (edit)Thanks alot - that seems to have done the trick! I don't know the make of my hard-drive but it seems to be fine now anyway. Thanks Again! :)
Report Offensive Follow Up For Removal
|
Post Locked
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
Go to Security and Virus Forum Home
|
|
|
