Win32 encountered a problem & needs to be shut down : svchost.exe

Posted 11/11/2009 4:34 AM
#79442
User avatar

cellclinic Valued member

Date Joined Nov 2016
Total Posts: 13
hello <br/> <br/> <br/>i am facing this problem even after reinstalling new windows xp ( sp2 ) <br/> <br/> <br/> <br/>win32 encountered a problem & needs to be shut down : svchost.exe <br/> <br/> <br/> <br/>& then all pc slowed down to nearly non operational & also internet . <br/> <br/> <br/> <br/>please get me rid out of this . <br/> <br/> <br/> <br/>Thanks -n - Regards <br/> <br/>Sumit Lama
Posted 11/11/2009 5:46 AM
#79443
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello :smile: <br/> <br/> <br/> <br/> <br/> <br/><SPAN class=spnmessagetext><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 10pt; mso-ansi-language: EN-GB" lang=EN-GB>Please follow this guide:<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN class=apple-style-span><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB>Before-posting-a-log<o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB> <br/><SPAN class=apple-style-span>Follow the instructions and copy the logs here, <SPAN class=apple-style-span><SPAN style="FONT-FAMILY: Verdana; COLOR: red; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB>in this Topic.<SPAN class=apple-style-span><SPAN style="COLOR: red; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB><o:p></o:p> <br/> <br/><SPAN class=apple-style-span><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt" lang=EN-GB> <o:p></o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 11/11/2009 3:49 PM
#79461
User avatar

cellclinic Valued member

Date Joined Nov 2016
Total Posts: 13
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|) <br/>Objects scanned: 122600 <br/>Time elapsed: 15 minute(s), 1 second(s) <br/> <br/>Memory Processes Infected: 0 <br/>Memory Modules Infected: 0 <br/>Registry Keys Infected: 0 <br/>Registry Values Infected: 0 <br/>Registry Data Items Infected: 0 <br/>Folders Infected: 0 <br/>Files Infected: 2 <br/> <br/>Memory Processes Infected: <br/>(No malicious items detected) <br/> <br/>Memory Modules Infected: <br/>(No malicious items detected) <br/> <br/>Registry Keys Infected: <br/>(No malicious items detected) <br/> <br/>Registry Values Infected: <br/>(No malicious items detected) <br/> <br/>Registry Data Items Infected: <br/>(No malicious items detected) <br/> <br/>Folders Infected: <br/>(No malicious items detected) <br/> <br/>Files Infected: <br/>F:\Sumit\Books\PC\RAR_Password_Cracker_v4.12__PHORUM.WS_HAD_IT_1st_SUCKERZ\rpc.exe (Trojan.Dropper) -> Quarantined and deleted successfully. <br/>F:\Sumit\Books\Hardware\All Nokia\Nokia_Local_Mode_Solution.exe (Rogue.Installer) -> Quarantined and deleted successfully. <br/> <br/> <br/> <br/>DDS (Ver_09-10-26.01) - NTFSx86 <br/>Run by Administrator at 16:06:26.73 on Wed 11/11/2009 <br/>Internet Explorer: 6.0.2900.2180 <br/>Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.294 [GMT 5.5:30] <br/> <br/>AV: avast! antivirus 4.8.1356 [VPS 091110-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} <br/> <br/>============== Running Processes =============== <br/> <br/>E:\WINDOWS\system32\svchost -k DcomLaunch <br/>svchost.exe <br/>E:\WINDOWS\System32\svchost.exe -k netsvcs <br/>svchost.exe <br/>svchost.exe <br/>E:\WINDOWS\Explorer.EXE <br/>E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe <br/>E:\Program Files\Alwil Software\Avast4\ashServ.exe <br/>E:\WINDOWS\system32\spoolsv.exe <br/>E:\WINDOWS\system32\ChgService.exe <br/>E:\Program Files\Java\jre6\bin\jqs.exe <br/>E:\WINDOWS\system32\igfxtray.exe <br/>E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe <br/>E:\Program Files\Java\jre6\bin\jusched.exe <br/>E:\Program Files\IObit\Advanced SystemCare 3\AWC.exe <br/>E:\WINDOWS\system32\wscntfy.exe <br/>E:\Program Files\MMX300G 3G USB Manager\USB Modem.exe <br/>E:\WINDOWS\system32\wuauclt.exe <br/>E:\Program Files\Internet Explorer\iexplore.exe <br/>E:\Documents and Settings\Administrator\Desktop\dds.scr <br/> <br/>============== Pseudo HJT Report =============== <br/> <br/>uStart Page = about:blank <br/>uInternet Connection Wizard,ShellNext = hxxp://iobitcom.ourtoolbar.com/SetupFinish <br/>uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - e:\program files\yahoo!\companion\installs\cpn\yt.dll <br/>uURLSearchHooks: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - e:\program files\iobitcom\tbIObi.dll <br/>BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - e:\program files\yahoo!\companion\installs\cpn\yt.dll <br/>BHO: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - e:\program files\iobitcom\tbIObi.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\program files\java\jre6\bin\jp2ssv.dll <br/>BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - e:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll <br/>TB: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - e:\program files\iobitcom\tbIObi.dll <br/>uRun: [Advanced SystemCare 3] "e:\program files\iobit\advanced systemcare 3\AWC.exe" /startup <br/>mRun: [IgfxTray] e:\windows\system32\igfxtray.exe <br/>mRun: [HotKeysCmds] e:\windows\system32\hkcmd.exe <br/>mRun: [avast!] e:\progra~1\alwils~1\avast4\ashDisp.exe <br/>mRun: [SunJavaUpdateSched] "e:\program files\java\jre6\bin\jusched.exe" <br/>mRun: [Malwarebytes Anti-Malware (reboot)] "e:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript <br/>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab <br/>TCP: {FB160178-0F96-4718-A80E-8D0F76876ED9} = 218.248.255.193 218.248.240.181 <br/>Notify: igfxcui - igfxsrvc.dll <br/> <br/>================= FIREFOX =================== <br/> <br/>FF - ProfilePath - e:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\0t9dlvjv.default\ <br/> <br/>---- FIREFOX POLICIES ---- <br/>e:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); <br/> <br/>============= SERVICES / DRIVERS =============== <br/> <br/> <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/> <br/>DDS (Ver_09-10-26.01) <br/> <br/>Microsoft Windows XP Professional <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 11/11/2009 12:22:38 PM <br/>System Uptime: 11/11/2009 4:00:37 PM (0 hours ago) <br/> <br/>Motherboard: Intel Corporation | | D845GVSR <br/>Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | X1 | 2400/133mhz <br/> <br/>==== Disk Partitions ========================= <br/> <br/>A: is Removable <br/>C: is FIXED (NTFS) - 29 GiB total, 29.229 GiB free. <br/>D: is FIXED (FAT32) - 19 GiB total, 18.626 GiB free. <br/>E: is FIXED (NTFS) - 45 GiB total, 42.935 GiB free. <br/>F: is FIXED (FAT32) - 19 GiB total, 2.113 GiB free. <br/>G: is FIXED (FAT32) - 19 GiB total, 1.117 GiB free. <br/>H: is FIXED (FAT32) - 19 GiB total, 4.928 GiB free. <br/>I: is Removable <br/>J: is CDROM () <br/>K: is Removable <br/> <br/>==== Disabled Device Manager Items ============= <br/> <br/>Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} <br/>Description: Ethernet Controller <br/>Device ID: PCI\VEN_8086&DEV_1039&SUBSYS_30488086&REV_81\4&2AF9ED5&0&40F0 <br/>Manufacturer: <br/>Name: Ethernet Controller <br/>PNP Device ID: PCI\VEN_8086&DEV_1039&SUBSYS_30488086&REV_81\4&2AF9ED5&0&40F0 <br/>Service: <br/> <br/>Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} <br/>Description: Multimedia Audio Controller <br/>Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_02088086&REV_01\3&267A616A&0&FD <br/>Manufacturer: <br/>Name: Multimedia Audio Controller <br/>PNP Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_02088086&REV_01\3&267A616A&0&FD <br/>Service: <br/> <br/>==== System Restore Points =================== <br/> <br/>RP1: 11/11/2009 12:26:40 PM - System Checkpoint <br/>RP2: 11/11/2009 12:38:54 PM - Advanced SystemCare RestorePoint <br/>RP3: 11/11/2009 1:40:13 PM - Installed Java(TM) 6 Update 15 <br/>RP4: 11/11/2009 2:08:37 PM - Installed Power Indiabulls <br/> <br/>==== Installed Programs ====================== <br/> <br/>Advanced SystemCare 3 <br/>avast! Antivirus <br/>CCleaner (remove only) <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 9:12:50 PM, on 11/11/2009 <br/>Platform: Windows XP SP2 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>E:\WINDOWS\System32\smss.exe <br/>E:\WINDOWS\system32\winlogon.exe <br/>E:\WINDOWS\system32\services.exe <br/>E:\WINDOWS\system32\lsass.exe <br/>E:\WINDOWS\system32\svchost.exe <br/>E:\WINDOWS\System32\svchost.exe <br/>E:\WINDOWS\Explorer.EXE <br/>E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe <br/>E:\Program Files\Alwil Software\Avast4\ashServ.exe <br/>E:\WINDOWS\system32\spoolsv.exe <br/>E:\WINDOWS\system32\ChgService.exe <br/>E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe <br/>E:\Program Files\Alwil Software\Avast4\ashWebSv.exe <br/>E:\WINDOWS\system32\wscntfy.exe <br/>E:\WINDOWS\system32\igfxtray.exe <br/>E:\WINDOWS\system32\hkcmd.exe <br/>E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe <br/>E:\Program Files\IObit\Advanced SystemCare 3\AWC.exe <br/>E:\Program Files\MMX300G 3G USB Manager\USB Modem.exe <br/>E:\WINDOWS\system32\wuauclt.exe <br/>E:\WINDOWS\system32\msiexec.exe <br/>E:\Program Files\Java\jre6\bin\jqs.exe <br/>E:\Program Files\Mozilla Firefox\firefox.exe <br/>E:\Program Files\Trend Micro\HijackThis\HijackThis.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank <br/>R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://iobitcom.ourtoolbar.com/SetupFinish <br/>R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - E:\Program Files\IObitCom\tbIObi.dll <br/>O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - E:\Program Files\IObitCom\tbIObi.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - E:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll <br/>O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - E:\Program Files\IObitCom\tbIObi.dll <br/>O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe <br/>O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe" <br/>O4 - HKCU\..\Run: [Advanced SystemCare 3] "E:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{FB160178-0F96-4718-A80E-8D0F76876ED9}: NameServer = 218.248.255.193 218.248.240.181 <br/>O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe <br/>O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe <br/>O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe <br/>O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe <br/>O23 - Service: Change Modem Device Service - Unknown owner - E:\WINDOWS\system32\ChgService.exe <br/>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe <br/> <br/>-- <br/>End of file - 3955 bytes <br/> <br/> <br/> <br/>Thanks for this favour
Posted 11/12/2009 5:13 AM
#79498
Posted 11/12/2009 7:33 AM
#79515
User avatar

cellclinic Valued member

Date Joined Nov 2016
Total Posts: 13
hello <br/> <br/> --------------------\\ Lop S&D 4.2.5-0 XP/Vista <br/> Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 <br/> X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz ) <br/> BIOS : BIOS Date: 09/22/04 23:29:55 Ver: 08.00.08 <br/> USER : Administrator ( Administrator ) <br/> BOOT : Normal boot <br/> A:\ (USB) <br/> C:\ (Local Disk) - NTFS - Total:29 Go (Free:29 Go) <br/> D:\ (Local Disk) - FAT32 - Total:18 Go (Free:18 Go) <br/> E:\ (Local Disk) - NTFS - Total:45 Go (Free:42 Go) <br/> F:\ (Local Disk) - FAT32 - Total:18 Go (Free:2 Go) <br/> G:\ (Local Disk) - FAT32 - Total:18 Go (Free:1 Go) <br/> H:\ (Local Disk) - FAT32 - Total:18 Go (Free:4 Go) <br/> I:\ (USB) - FAT32 - Total:1934 Mo (Free:0 Go) <br/> K:\ (USB) - FAT32 - Total:1894 Mo (Free:1 Go) <br/> "E:\Lop SD" ( MAJ : 19-12-2008|23:40 ) <br/> Option : [2] ( 12-11-2009|12:39 ) <br/> <br/> http://www.gmer.net <br/> Rootkit scan 2009-11-12 12:41:08 <br/> Windows 5.1.2600 Service Pack 2 NTFS <br/> scanning hidden processes ... <br/> scanning hidden files ... <br/> scan completed successfully <br/> hidden processes: 0 <br/> hidden files: 0 <br/> <br/> --------------------\\ Searching for other infections <br/> --------------------\\ Cracks & Keygens .. <br/> E:\DOCUME~1\ADMINI~1\Favorites\forums\GSM-Forum.eu comunity - Unlock - Flash - GSM-Hacking - Cracking - Powered by vBulletin.url <br/> E:\DOCUME~1\ADMINI~1\Favorites\forums\GSM-Hacking - Cracking.url <br/> E:\DOCUME~1\ADMINI~1\Favorites\forums\GSM-HACKING.EU FREE GSM SOFTWARES DATABASE GSMHACKING, CRACKING, CAR HACKING, CONSOLE HACKING, GSM-FORUM.EU 100% FREE.url <br/> E:\DOCUME~1\ADMINI~1\Favorites\Links\CRACK SEARCH ENGINE - crack , serial, keygens, patches..url <br/> <br/> [F:50][D:6]-> E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp <br/> [F:8][D:0]-> E:\DOCUME~1\ADMINI~1\Cookies <br/> [F:106][D:4]-> E:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5 <br/> 1 - "E:\Lop SD\LopR_1.txt" - 12-11-2009|12:41 - Option : [2] <br/> --------------------\\ Scan completed at 12:41:39 <br/> <br/> <br/>Thanks - Regards <br/>Sumit Lama
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 10, 2016, 11:34 PM (GMT +1)
There are a total of 61,164 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 4 reply posts.

Who's online

This forum has 37,970 registered members. Please welcome our newest member, MJD.
There are currently no users on-line.