Jump to content

System is constantly stuck at 99%


Recommended Posts

Makes it so its very hard to use. I can often close explorer.exe and run it again to get some work done. Here is the log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:04:21 PM, on 4/25/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Solidcore\S3\scsrvc.exe

C:\Windows\system32\spoolsv.exe

C:\Program Files\sal\instore\bin\cms.exe

C:\Windows\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Powerware\LanSafe\Bin\PowerMonitor.exe

C:\Program Files\Powerware\LanSafe\Bin\LSTrayAgent.exe

c:\Program Files\MATRA Systems\FREEDOM-Link\NTTCP_Fl.exe

C:\Program Files\RemotelyAnywhere\x86\RaMaint.exe

C:\Program Files\RemotelyAnywhere\x86\RemotelyAnywhere.exe

C:\Program Files\RemotelyAnywhere\x86\LMIGuardian.exe

C:\Program Files\Snare\SnareCore.EXE

C:\Windows\System32\snmp.exe

C:\Program Files\Solidcore\S3\SNSCSVC.exe

C:\Program Files\RemotelyAnywhere\x86\RAGui.exe

C:\WINDOWS\system32\tlntsvr.exe

C:\Windows\System32\vssvc.exe

C:\Windows\RTHDCPL.EXE

C:\Windows\system32\mqsvc.exe

C:\Program Files\RemotelyAnywhere\x86\LMIGuardian.exe

C:\Windows\system32\cmd.exe

C:\PCMASTER\DRV32\POSSVMON.EXE

C:\PCMASTER\CS\StartASP.exe

C:\Windows\system32\ntvdm.exe

C:\Windows\system32\mqtgsvc.exe

C:\Program Files\Powerware\LanSafe\bin\xyntservice.exe

C:\Program Files\Powerware\LanSafe\bin\httpserver.exe

C:\Program Files\Powerware\LanSafe\bin\status_glance.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\explorer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\HijackThis.exe

C:\Program Files\RemotelyAnywhere\x86\RemotelyAnywhere.exe

C:\Program Files\RemotelyAnywhere\x86\LMIGuardian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,%windir%\system32\userinit.exe,

O1 - Hosts: 169.155.40.100 www.svharbor.com

O1 - Hosts: 169.155.40.101 portal.svharbor.com

O1 - Hosts: 169.155.40.144 wfc.svharbor.com

O1 - Hosts: 169.155.40.96 myaccount.svharbor.com

O1 - Hosts: 169.155.40.110 www.supervalu.com

O1 - Hosts: 255.255.255.0 SUBNETMASK

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [sALDeskProt] c:\program files\sal\instore\bin\saldeskprot.exe

O4 - HKLM\..\Run: [RemotelyAnywhere GUI] "C:\Program Files\RemotelyAnywhere\x86\RAGui.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe (User 'Default user')

O4 - Startup: printmap2.bat

O4 - Global Startup: BackOffice.lnk = ?

O4 - Global Startup: POS Service Monitoring.lnk = C:\PCMASTER\DRV32\POSSVMON.EXE

O4 - Global Startup: printmap2.bat

O4 - Global Startup: Start ASP.lnk = C:\PCMASTER\CS\StartASP.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O10 - Broken Internet access because of LSP provider 'c:\windows\system32\rsvpsp.dll' missing

O16 - DPF: {0D221D00-A6ED-477C-8A91-41F3B660A832} (RSClientPrint 2005 Class) - https://www.servereps.com/ConnectedPayments/Reserved.ReportViewerWebControl.axd?ReportSession=xkq22555ouaqpu55lhkwg0nk&ControlID=eba04310700e40e3ada12c4923a1657c&Culture=1033&UICulture=1033&ReportStack=1&OpType=PrintCab

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.22.0.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://localhost:2000/activex/RACtrl.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7B37E356-B290-4200-A8D5-65FE48C7BDA2}: NameServer = 192.168.1.254

O20 - Winlogon Notify: SSOExec - C:\Windows\temp\sso\ssoexec.dll (file missing)

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\Windows\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: cms - Alexandria Software Consulting - C:\Program Files\sal\instore\bin\cms.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LanSafe Power Monitor (LanSafe PM) - Eaton Corporation - C:\Program Files\Powerware\LanSafe\Bin\PowerMonitor.exe

O23 - Service: LanSafe Process Manager - Powerware - C:\Program Files\Powerware\LanSafe\bin\xyntservice.exe

O23 - Service: MATRA Freedom-Link Server (NTTCP_Fl) - Unknown owner - c:\Program Files\MATRA Systems\FREEDOM-Link\NTTCP_Fl.exe

O23 - Service: POS_Srv_Manager - Unknown owner - c:\PCMASTER\drv32\POS_SRV.exe

O23 - Service: RemotelyAnywhere Maintenance Service (RAMaint) - LogMeIn, Inc. - C:\Program Files\RemotelyAnywhere\x86\RaMaint.exe

O23 - Service: RemotelyAnywhere - LogMeIn, Inc. - C:\Program Files\RemotelyAnywhere\x86\RemotelyAnywhere.exe

O23 - Service: Solidcore Solidifier Service (scsrvc) - Unknown owner - C:\Program Files\Solidcore\S3\scsrvc.exe

O23 - Service: SNARE - InterSect Alliance Pty Ltd - C:\Program Files\Snare\SnareCore.EXE

O23 - Service: StoreNext SolidCore Service - Retalix USA - C:\Program Files\Solidcore\S3\SNSCSVC.exe

--

End of file - 6965 bytes

Link to post
Share on other sites

Hello and :welcome:

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.