what's going on inside??

Status
Not open for further replies.
club_pranay

club_pranay

Nokia 7110 to iPhone 5
Problem1
*img66.exs.cx/img66/5158/shot182.th.jpg
click to open larger..

what's this systen idle process??? it's idle and taking 99% CPU??


Problem2

i am getting this error. what's wrong??
*img66.exs.cx/img66/3039/shot183.th.jpg
click to open larger..

-----------------------
System Information
-----------------------
Operating System: Windows XP Professional (5.1, Build 2600) (2600.xpclnt_qfe.021108-2107)
Language: English (Regional Setting: English)
System Manufacturer: KOBIAN
System Model: 865GV/G
BIOS: Default System BIOS
Processor: Intel(R) Pentium(R) 4 CPU 1.80GHz
Memory: 222MB RAM
Page File: 99MB used, 447MB available
Windows Dir: D:\WINDOWS
DirectX Version: DirectX 9.0b (4.09.0000.0902)
DX Setup Parameters: Not found
DxDiag Version: 5.03.0001.0902 32bit Unicode
 
G

game_dev

Broken In
system idle process does not comsume any resources by itself. The number 99 indicates that the CPU is 99% idle. If other tasks use more CPU, the system idle process will drop down. This is normal.
 
T

Tech&ME

Banned
4ur problem no.2 do the following:
clear the temp directory.
clear IE history and cookies.
restart ur computer. if this doesn't work. This may be due to a corrupt cookies / temporary internet files might have corrupted. So this should work if not.... lets see.
 
OP
club_pranay

club_pranay

Nokia 7110 to iPhone 5
Logfile of HijackThis v1.98.2
Scan saved at 12:25:52 AM, on 11/18/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\myCIO\VScan\McShield.exe
D:\WINDOWS\myCIO\Agent\myAgtSvc.Exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\igfxtray.exe
D:\WINDOWS\System32\hkcmd.exe
D:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
D:\WINDOWS\myCIO\Agent\myagttry.exe
D:\WINDOWS\System32\ctakfr.exe
D:\Program Files\SEC\Magic Tune 2.5\GammaTray.exe
D:\Program Files\Screenshot Utility\ScreenshotUtility.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Sify Broadband\BBClient.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\DOCUME~1\PRANAY~1\LOCALS~1\Temp\iela.dat
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Documents and Settings\Pranay(admin)\Desktop\data\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = *www.holley.com/nosnitrous/index.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = *www.macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Samsung LBP SM] "D:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [myCIO.com ASaP] D:\WINDOWS\myCIO\Agent\myagttry.exe
O4 - HKLM\..\Run: [myCIO.com Splash] D:\WINDOWS\myCIO\VScan\Splash.exe
O4 - HKLM\..\Run: [zmxauon] D:\WINDOWS\System32\ctakfr.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Screenshot Utility.lnk = D:\Program Files\Screenshot Utility\ScreenshotUtility.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file) (HKCU)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - *public.windupdates.com/get_file.ph...6e12f85fd528:199ee2fabb487c2f7632a3c55842ae1b
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - *chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2620A9-62A4-4575-88E9-0B28F5E6FEB1}: NameServer = 202.144.115.4,202.144.66.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA481ACD-72D5-4A54-806C-0E284770CAA1}: NameServer = 192.168.1.1
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - D:\WINDOWS\myCIO\Agent\myRmProt2.8.1.119.dll
 
it_waaznt_me

it_waaznt_me

Coming back to life ..
Pranay .. You got virus ...
club_pranay said:
D:\WINDOWS\System32\ctakfr.exe
D:\DOCUME~1\PRANAY~1\LOCALS~1\Temp\iela.dat
Click to expand...
Kill those process before proceeding ...

To proceed with your HijackThis log, Run HijackThis again and put a CheckMark next to these entries and Click on Fix Checked.
Please make sure that all Internet Explorer and Windows Explorer windows are closed.
O4 - HKLM\..\Run: [zmxauon] D:\WINDOWS\System32\ctakfr.exe
O4 - Startup: Screenshot Utility.lnk = D:\Program Files\Screenshot Utility\ScreenshotUtility.exe
O9 - Extra button: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file)
O9 - Extra button: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {B369EC33-C9D1-4573-A6F5-4E6E5C1AB566} - (no file) (HKCU)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - *public.windupdates.com/get_file.ph...6e12f85fd528:199ee2fabb487c2f7632a3c55842ae1b
Click to expand...

You will need a virus scan too.. MyCio sux ...Scan your system with updated virus definitions:
Panda ActiveScan
Stinger
Symantec System Check
Kaspersky
 
OP
club_pranay

club_pranay

Nokia 7110 to iPhone 5
it_waaznt_me too cool!!
i'll tell you if this thing is fixed.... for antivirus, i have a sify connection and therefore have Viruscan ASaP -secuersynergy(detects no virus) is it ok?
or should i install NAV04 on other OS?
 
OP
club_pranay

club_pranay

Nokia 7110 to iPhone 5
here's the logfile after cleaning it
Logfile of HijackThis v1.98.2
Scan saved at 9:38:37 AM, on 11/20/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\myCIO\VScan\McShield.exe
D:\WINDOWS\myCIO\Agent\myAgtSvc.Exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\igfxtray.exe
D:\WINDOWS\System32\hkcmd.exe
D:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\SEC\Magic Tune 2.5\GammaTray.exe
D:\Program Files\Screenshot Utility\ScreenshotUtility.exe
D:\Program Files\Sify Broadband\BBClient.exe
D:\WINDOWS\myCIO\Agent\myAgttry.exe
D:\Documents and Settings\Pranay(admin)\Desktop\data\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = *www.holley.com/nosnitrous/index.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = *www.macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
O2 - BHO: MultiMPPObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - D:\WINDOWS\multimpp.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Samsung LBP SM] "D:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [myCIO.com ASaP] D:\WINDOWS\myCIO\Agent\myagttry.exe
O4 - HKLM\..\Run: [myCIO.com Splash] D:\WINDOWS\myCIO\VScan\Splash.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - *chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2620A9-62A4-4575-88E9-0B28F5E6FEB1}: NameServer = 202.144.115.4,202.144.66.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA481ACD-72D5-4A54-806C-0E284770CAA1}: NameServer = 192.168.1.1
O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - D:\WINDOWS\myCIO\Agent\myRmProt2.8.1.119.dll
Click to expand...
 
it_waaznt_me

it_waaznt_me

Coming back to life ..
Okay.. The log is clean .. I will suggest you to get some respectable antivirus and install a firewall too ..
 
tuxfan

tuxfan

Technomancer
Sorry for spamming here. But please show everyone what a HijackThis log can do. So that people use it more often for solving problems :). BTW, batty, you can delete this post of mine ;)
 
OP
club_pranay

club_pranay

Nokia 7110 to iPhone 5
i got nav2003 pro free with my monitor, but theze sify ppl are forcing me to use their own antivirus(secure synergy).

i have XoftSpy installed
 
it_waaznt_me

it_waaznt_me

Coming back to life ..
Bah ...I can then only pity Secure Synergy users :p .. there was a virus in the system and it didnt detected it .. doest it contains hueristic scan ...? I m sure it wont be having ...

My advice is still to use Norton if you have the licensed version .. or try Kaspersky ...
 
Status
Not open for further replies.
Top Bottom