KTY LOAWK DIS

Leon. · **on:** April 30, 2010, 10:55:35 pm

LAEFWOFREWHAFRI

Hidduh · **Reply #1 on:** April 30, 2010, 11:01:57 pm

Sounds like a virus to me..

Leon. · **Reply #2 on:** April 30, 2010, 11:02:44 pm

Oh, and...

Checking file system on C:
The type of the file system is NTFS.

One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.
Index entry shared.xml of index $I30 in file 0x15a4f points to unused file 0x21b57.
Deleting index entry shared.xml in index $I30 of file 88655.
Cleaning up minor inconsistencies on the drive.
Cleaning up 75 unused index entries from index $SII of file 0x9.
Cleaning up 75 unused index entries from index $SDH of file 0x9.
Cleaning up 75 unused security descriptors.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

39079085 KB total disk space.
27262660 KB in 123682 files.
51888 KB in 15450 indexes.
0 KB in bad sectors.
208949 KB in use by the system.
65536 KB occupied by the log file.
11555588 KB available on disk.

4096 bytes in each allocation unit.
9769771 total allocation units on disk.
2888897 allocation units available on disk.

Internal Info:
10 29 02 00 82 1f 02 00 a2 8b 03 00 00 00 00 00 .)..............
40 04 00 00 02 00 00 00 8b 01 00 00 00 00 00 00 @...............
88 f9 8c 05 00 00 00 00 d4 ba 96 75 00 00 00 00 ...........u....
18 94 22 04 00 00 00 00 00 00 00 00 00 00 00 00 ..".............
00 00 00 00 00 00 00 00 3a 56 c7 84 00 00 00 00 ........:V......
99 9e 36 00 00 00 00 00 78 38 07 00 22 e3 01 00 ..6.....x8.."...
00 00 00 00 00 10 fb 7f 06 00 00 00 5a 3c 00 00 ............Z<..

Windows has finished checking your disk.
Please wait while your computer restarts.

Faulting application gta_sa.exe, version 0.0.0.0, faulting module gta_sa.exe, version 0.0.0.0, fault address 0x000c8f24.

Data (Bytes)
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 67 74 61 ure gta
0018: 5f 73 61 2e 65 78 65 20 _sa.exe
0020: 30 2e 30 2e 30 2e 30 20 0.0.0.0
0028: 69 6e 20 67 74 61 5f 73 in gta_s
0030: 61 2e 65 78 65 20 30 2e a.exe 0.
0038: 30 2e 30 2e 30 20 61 74 0.0.0 at
0040: 20 6f 66 66 73 65 74 20 offset
0048: 30 30 30 63 38 66 32 34 000c8f24
0050: 0d 0a ..

Note: This likely has to do with an add-on to GTA:SA called SA Studios. This can obviously be easily fixed if that is the case.

Hidduh · **Reply #3 on:** April 30, 2010, 11:14:16 pm

Alright, try it out, or post a HijackThis log.

Leon. · **Reply #4 on:** April 30, 2010, 11:50:02 pm

Quote from: Hidduh on April 30, 2010, 11:14:16 pm

Alright, try it out, or post a HijackThis log.

According to my knowledge, this is completely clean. I know of every file I looked at here.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:44:53 PM, on 4/30/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\The Skins Factory\Hyperdesk\Common\HdThemeEnabler.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\SuperF4\SuperF4.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
E:\G\samp.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2384137
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb1.dll
O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb1.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperF4] "C:\Program Files\SuperF4\SuperF4.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hyperdesk Theme Enabler (HdThemeEnabler) - The Skins Factory, Inc. - C:\Program Files\The Skins Factory\Hyperdesk\Common\HdThemeEnabler.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8700 bytes

Hidduh · **Reply #5 on:** May 01, 2010, 12:01:34 am

Weird, spotted nothing strange in your log..

Leon. · **Reply #6 on:** May 01, 2010, 12:03:41 am

Going to run a rootkit scan...

Rain · **Reply #7 on:** May 01, 2010, 01:05:11 am

No point of running all that freeware. Check RAM usage under Task Manager, see what is taking up so much CPU usage, usually its some stupid virus.

Make sure to uncheck all the unneeded programs in MSCONFIG (Go to Run>Msconfig). Usually stupid programs take up CPU usage causing your PC to lag.

Leon. · **Reply #8 on:** May 01, 2010, 05:45:14 am

Quote from: Rain on May 01, 2010, 01:05:11 am

No point of running all that freeware. Check RAM usage under Task Manager, see what is taking up so much CPU usage, usually its some stupid virus.

Make sure to uncheck all the unneeded programs in MSCONFIG (Go to Run>Msconfig). Usually stupid programs take up CPU usage causing your PC to lag.

Processes never exceeded 30, and all processes at the time were clean.

Firefox had like, a major memory leak though >_>. Right now it's at 75k memory. Before, it exceeded 200k.

Any-hoo, I reformatted because continuous BSoD's occurred, and literally there was no way to fix it.

Official Websites	Roleplay Services	Official Clans	Community Gaming	Partner Websites	Social Media Services
Argonath RPG Wiki	Argonath RPG Police Department	Rock Stars Clan	Facebook Community	Azellus Games	Facebook Group Page
Argonath Club	Argonath RPG Fire Department	Team MTA	Steam Community	Venture Code	LinkedIn Group Page
	Federal Bureau Of Investigation	White Shadows	Social Club Community	YouTube Channel
	Citizenship & Migration Board	Argonath Veterans
	Emergency Medical Services	The Crimson Legacy
	Argonath RPG Armed Forces

News

User Info

Recent Posts

Who's Online

Birthday Calender

KTY LOAWK DIS

Leon.

KTY LOAWK DIS

Hidduh

Re: Windows XP turned retarded on me...

Leon.

Re: Windows XP turned retarded on me...

Hidduh

Re: Windows XP turned retarded on me...

Leon.

Re: Windows XP turned retarded on me...

Hidduh

Re: Windows XP turned retarded on me...

Leon.

Re: Windows XP turned retarded on me...

Rain

Re: Windows XP turned retarded on me...

Leon.

Re: Windows XP turned retarded on me...