Tech Support Guy banner
Not open for further replies.
1 - 9 of 9 Posts

14 Posts
Discussion Starter · #1 ·
Everytime I try to play a video nowadays (especially with DIVX Player, but to a lesser extent with Windows Media Player), my computer virtually freezes up. Sometimes the video tries to play, but the audio is usually a few seconds off. Regardless of my success, my computer is always very slow afterwards, and I always have to restart just to do simple tasks like open a Word document or surf the net.

I've installed a new version of DIVX Player and I checked for updates for Windows Media. I've also run CWS Shredder, Spybot, and McAfee Virus Scan. Is there something on my computer I need to delete?

Logfile of HijackThis v1.97.7
Scan saved at 2:29:06 PM, on 2/6/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *;<local>
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\\vso\mcvsshl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.ExE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Backward Links - res://c:\windows\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Similar Pages - res://c:\windows\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: SideFind (HKLM)
O9 - Extra 'Tools' menuitem: IMI (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .asp: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

257 Posts
I had the same problem when my computer was infected with the jeefo virus. Heres how you check for it

1> Go to c:\windows (xp) or c:\winnt (2000)
2> Go through the directory and look for svchost.exe
3> If its there then you have the virus and if you do dont do anything until you post back here

Hope this is a solution!

6,729 Posts
Have WinXP Pro running on Dell laptop, w/ Windows Media Player Series 9. Have had multiple issues the past few weeks, all of a sudden, where while having WMP, IE, Word, Outlook, Excel, MS Project, etc. all or some combination of WMP plus these, everything will just go as slow as molasses on a winter day in the Artic... :( Only thing that I know can do is command-alt-delete to bring up Task Manager, to slowly and methodically (try) to close each and every application. Very frustrating... :mad:

Searched and found the following:

File Version: 5.1.2600.0
Description: Generic Host Process for Win32 Services
Created/Modified: Thursday, August 29, 2002, 7:00:00 AM
Accessed: Today
Size: 12.5KB

File Version: 5.1.2600.2180
Description: Generic Host Process for Win32 Services
Created/Modified: Wednesday, August 04, 2004, 2:56:57 AM
Accessed: Today
Size: 14.0KB

Also, this link says the following:
"Svchost.exe" (Generic Host Process for Win32 Services) is an integral part of Windows OS. It cannot be stopped or restarted manually. It manages 32-bit DLLs and other services. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. In normal conditions multiple instances of Svchost.exe run at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. More info More info

Note: The svchost.exe file is located in the c:\windows\System32 folder. In other cases, svchost.exe is a virus, spyware, trojan or worm!
Has anyone used this Security Task Manager program?

At work, I'm quite limited as to what we are allowed to download, install, etc., so if this is indeed the jeefo virus, will have to call IT... which is off-site, in two time zones away [seriously, they are in Phoenix, I'm near Chattanooga. Fun times ;)].

6,729 Posts
Thanks for the help! Have scanned w/ this just now per your suggestion, but have not found anything; however, since I can not log on as administrator, guess the scan is somewhat limited in where/what it can search. Have clicked for it to check all files, etc., but nothing. Hmmmmmmm... now what? Do I need to have IT allow me to go into this as an admin? Or, is this virus not really the culprit, and the above mentioned files in my prior post are harmless? An eternity in hades is not nearly long enough for these malware writers... :(

257 Posts
are you saying that svchost.exe is in your c:\windows directory but jeefo didnt find it. Its probably another virus. Go to and do a free online virus scan and see what it picks up
1 - 9 of 9 Posts
Not open for further replies.