Content Top
DAL Computer Help » Operating System Help » Windows XP Help » shutdown when runnin vir/spy checkers.

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

shutdown when runnin vir/spy checkers.

Reply
Thread Tools
Windows XP Help
  #1 (permalink)  
Old 07-08-2007, 04:13 PM
Newbie
D-A-L Newbie
  
Join Date: Aug 2007
Posts: 0
jayjaybee Is a beginner here at D-A-L
shutdown when runnin vir/spy checkers.
For the past few months now my computer has been shutting itself off when i run any sort of anti virus, spyware checker, registry checker, etc.

Here are the error reports

Error code 00000024, parameter1 001902fe, parameter2 ecaef684, parameter3 ecaef380, parameter4 f825e87e.


Error code 10000050, parameter1 86f1dc82, parameter2 00000000, parameter3 86f1dc82, parameter4 00000000.


The computer has rebooted from a bugcheck. The bugcheck was: 0x1000008e (0xc0000005, 0x804dac8a, 0xec56c4d4, 0x00000000). A dump was saved in: C:\WINDOWS\Minidump\Mini080707-04.dmp.

This is very annoying as i dont know if its a virus because i cant scan all of my drive before it cuts off and restarts.

Also my internet has slowed down considerably and the activity light on the modem is constantly on even when im not using the internet.

Please help
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 08-08-2007, 01:45 AM
jephree's Avatar
¨*·.¸ «.·°·..·°·.» ¸.·*¨
  
Join Date: Jun 2004
Posts: 25,328
jephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniture
You might try the ideas in this post:

http://www.techhelpforum.com/showthread.php?t=3702



-------------------------------------------------



If that doesn't help you can also follow these ideas:

Steps to begin the diagnosis of BSOD errors aka Blue Screen of Death



Check your Event Viewer via Administrative Tools.

Open the System as well as Application tabs and look for red X errors that coincide with your problem. Details here:

How to view and manage event logs in Event Viewer in Windows XP

Basic information on Event Viewer errors can be found here: EventID.Net




Also turn off the auto restart function:

How to turn off Auto Restart in XP

Right click on My Computer

Select Properties

Select the Advanced tab then the Startup & Recovery section

Select the Settings button

Uncheck "Automatically restart" and then click Apply


This will give you a Blue Screen with the error message rather than restarting the computer.

Write down the error detail then use the reset button on the computer to restart.


Also while in this section change the Write debugging information setting to:

Kernel memory dump


Basic information about these errors can be found here:

Troubleshooting Windows STOP Messages




Then if your Blue Screen is showing a Memory Dump do the following:


Go to start | Search | All files and folders and type in .dmp in the All or part of the file name: box.
Note the location of your .dmp files.
If no .dmp files check for minidump.
Remember this location and the path that leads to it.

Then:

1) Download and install the

Debugging Tools from Microsoft

All you need do is download and install this. Make no attempt to start or run it.

2) Download and install this

debugwiz

This is a DOS based batch file that will command the above Microsoft Tools.

3) Open the Wiz & Browse to, or paste in the path to, your .dmp file.

4) After the Wiz creates a Text document post it back to your thread.

Please do not attach it or post in [code]: just plain text: thanks.



If you are looking for links on how to interpret this data for yourself try here first:

Using the Windows Debugger:
Exceptions, Bugchecks, and Register Context
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 09-08-2007, 09:59 AM
Newbie
D-A-L Newbie
  
Join Date: Aug 2007
Posts: 0
jayjaybee Is a beginner here at D-A-L
OK thanks.

Ive ran antivir in safe mode sucessfully and found no virus's. Also no adaware, but spybot is still making my computer switch off.

Heres my debug log

And also a hijack this log

Opened log file 'c:\debuglog.txt'

Microsoft (R) Windows Debugger Version 6.7.0005.1
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS\Minidump\Mini080707-04.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS\system32 \drivers
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 2600.xpsp_sp2_gdr.070227-2254
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a620
Debug session time: Tue Aug 7 15:03:56.921 2007 (GMT+1)
System Uptime: 0 days 0:28:52.517
Loading Kernel Symbols
.................................................. .................................................. .....................................
Loading User Symbols
Loading unloaded module list
............
************************************************** *****************************
* *
* Bugcheck Analysis *
* *
************************************************** *****************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, 804dac8a, ec56c4d4, 0}

Probably caused by : win32k.sys ( win32k!vSolidFillRect1+108 )

Followup: MachineOwner
---------

kd> !analyze -v;r;kv;lmtn;.logclose;q
************************************************** *****************************
* *
* Bugcheck Analysis *
* *
************************************************** *****************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 804dac8a, The address that the exception occurred at
Arg3: ec56c4d4, Trap Frame
Arg4: 00000000

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

FAULTING_IP:
nt!RtlFillMemoryUlong+10
804dac8a f3ab rep stos dword ptr es:[edi]

TRAP_FRAME: ec56c4d4 -- (.trap 0xffffffffec56c4d4)
.trap 0xffffffffec56c4d4
ErrCode = 00000002
eax=e71ce71c ebx=0000025f ecx=000001a4 edx=000001a5 esi=06230da8 edi=0a2414ec
eip=804dac8a esp=ec56c548 ebp=ec56c57c iopl=0 nv up ei pl nz ac po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010212
nt!RtlFillMemoryUlong+0x10:
804dac8a f3ab rep stos dword ptr es:[edi] es:0023:0a2414ec=????????
.trap
Resetting default scope

CUSTOMER_CRASH_COUNT: 4

DEFAULT_BUCKET_ID: COMMON_SYSTEM_FAULT

BUGCHECK_STR: 0x8E

PROCESS_NAME: iexplore.exe

LAST_CONTROL_TRANSFER: from bf835499 to 804dac8a

STACK_TEXT:
ec56c548 bf835499 0a2414ec 00000690 e71ce71c nt!RtlFillMemoryUlong+0x10
ec56c57c bf835310 ec56c89c 000001a4 06230028 win32k!vSolidFillRect1+0x108
ec56c6fc bf82f71a bf8353d2 ec56c89c 00000000 win32k!vDIBSolidBlt+0x19b
ec56c768 bf805363 e107a2d8 00000000 00000000 win32k!EngBitBlt+0xe1
ec56c7b8 bf80bd41 e29d9424 ec56c83c ec56c89c win32k!GrePatBltLockedDC+0x1ea
ec56c924 804de7be 000000a7 018ec0b8 018ec0c4 win32k!NtGdiFlushUserBatch+0x689
ec56c948 bf80ee00 bc671818 00000084 00000000 nt!KiFastCallEntry+0xca
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 win32k!xxxSendMessage+0x1b
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
WARNING: Frame IP not in any known module. Following frames may be wrong.
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6


STACK_COMMAND: kb

FOLLOWUP_IP:
win32k!vSolidFillRect1+108
bf835499 8b55f8 mov edx,dword ptr [ebp-8]

SYMBOL_STACK_INDEX: 1

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: win32k

IMAGE_NAME: win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 45f013f6

SYMBOL_NAME: win32k!vSolidFillRect1+108

FAILURE_BUCKET_ID: 0x8E_win32k!vSolidFillRect1+108

BUCKET_ID: 0x8E_win32k!vSolidFillRect1+108

Followup: MachineOwner
---------

eax=e71ce71c ebx=0000025f ecx=000001a4 edx=000001a5 esi=06230da8 edi=0a2414ec
eip=804dac8a esp=ec56c548 ebp=ec56c57c iopl=0 nv up ei pl nz ac po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010212
nt!RtlFillMemoryUlong+0x10:
804dac8a f3ab rep stos dword ptr es:[edi] es:0023:0a2414ec=????????
ChildEBP RetAddr Args to Child
ec56c548 bf835499 0a2414ec 00000690 e71ce71c nt!RtlFillMemoryUlong+0x10 (FPO: [3,1,0])
ec56c57c bf835310 ec56c89c 000001a4 06230028 win32k!vSolidFillRect1+0x108 (FPO: [Non-Fpo])
ec56c6fc bf82f71a bf8353d2 ec56c89c 00000000 win32k!vDIBSolidBlt+0x19b (FPO: [Non-Fpo])
ec56c768 bf805363 e107a2d8 00000000 00000000 win32k!EngBitBlt+0xe1 (FPO: [Non-Fpo])
ec56c7b8 bf80bd41 e29d9424 ec56c83c ec56c89c win32k!GrePatBltLockedDC+0x1ea (FPO: [Non-Fpo])
ec56c924 804de7be 000000a7 018ec0b8 018ec0c4 win32k!NtGdiFlushUserBatch+0x689 (FPO: [Non-Fpo])
ec56c948 bf80ee00 bc671818 00000084 00000000 nt!KiFastCallEntry+0xca
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 win32k!xxxSendMessage+0x1b (FPO: [Non-Fpo])
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21 (FPO: [0,0,0])
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21 (FPO: [0,0,0])
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6 (FPO: [Non-Fpo])
WARNING: Frame IP not in any known module. Following frames may be wrong.
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21 (FPO: [0,0,0])
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21 (FPO: [0,0,0])
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6 (FPO: [Non-Fpo])
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
ec56ca30 bf800b0b 81de7500 bf8f5e92 bc667f10 win32k!EnterCrit+0x21 (FPO: [0,0,0])
ec56ca38 bf8f5e92 bc667f10 bc667f30 00000000 win32k!EnterCrit+0x21 (FPO: [0,0,0])
ec56c9d8 ec56cc00 bc667f30 018effdc 7ffd9000 win32k!fnHkINLPMOUSEHOOKSTRUCTEX+0xd6 (FPO: [Non-Fpo])
ec56ca0c bf800b0b ec56ca94 804e2490 804e5760 0xec56cc00
start end module name
804d7000 806eb500 nt ntoskrnl.exe Wed Feb 28 09:10:41 2007 (45E54711)
806ec000 8070c380 hal halaacpi.dll Wed Aug 04 06:59:05 2004 (41107B29)
bf800000 bf9c2180 win32k win32k.sys Thu Mar 08 13:47:34 2007 (45F013F6)
bf9c3000 bf9d4580 dxg dxg.sys Wed Aug 04 07:00:51 2004 (41107B93)
bf9d5000 bfa17000 ati2dvag ati2dvag.dll Wed Feb 22 03:46:46 2006 (43FBDEA6)
bfa17000 bfa56000 ati2cqag ati2cqag.dll Wed Feb 22 03:04:48 2006 (43FBD4D0)
bfa56000 bfa8c000 atikvmag atikvmag.dll Wed Feb 22 03:11:01 2006 (43FBD645)
bfa8c000 bfd0fb80 ati3duag ati3duag.dll Wed Feb 22 03:30:43 2006 (43FBDAE3)
bfd10000 bfde2140 ativvaxx ativvaxx.dll Wed Feb 22 03:24:28 2006 (43FBD96C)
ec615000 ec655280 HTTP HTTP.sys Fri Mar 17 00:33:09 2006 (441A03C5)
ec796000 ec7ae000 PfModNT PfModNT.sys Sat Oct 22 04:02:03 2005 (4359ABAB)
ec7ae000 ec7ff480 srv srv.sys Mon Aug 14 11:34:39 2006 (44E051BF)
ec940000 ec953000 avgntflt avgntflt.sys Fri Apr 27 15:31:25 2007 (4632093D)
ec967000 ec969e40 mdmxsdk mdmxsdk.sys Wed Mar 17 19:04:10 2004 (4058A12A)
ec9a3000 ec9cf400 mrxdav mrxdav.sys Wed Aug 04 07:00:49 2004 (41107B91)
ed327000 ed33b400 wdmaud wdmaud.sys Wed Jun 14 10:00:44 2006 (448FD03C)
ed4fb000 ed4fdb00 MaVc2K MaVc2K.sys Mon Aug 23 08:40:03 2004 (41299F53)
ed5f7000 ed601200 Haspnt Haspnt.sys Mon Nov 17 18:11:22 1997 (347088CA)
ed643000 ed646280 ndisuio ndisuio.sys Wed Aug 04 07:03:10 2004 (41107C1E)
ed747000 ed755d80 sysaudio sysaudio.sys Wed Aug 04 07:15:54 2004 (41107F1A)
ef78f000 ef7a6480 dump_atapi dump_atapi.sys Wed Aug 04 06:59:41 2004 (41107B4D)
ef7a7000 ef7ca000 Fastfat Fastfat.SYS Wed Aug 04 07:14:15 2004 (41107EB7)
ef86a000 ef8cc000 eeCtrl eeCtrl.sys Thu Mar 29 00:51:40 2007 (460AFF8C)
ef8f4000 ef962a00 mrxsmb mrxsmb.sys Fri May 05 10:41:42 2006 (445B1DD6)
ef963000 ef98da00 rdbss rdbss.sys Fri May 05 10:47:55 2006 (445B1F4B)
ef98e000 ef9afd00 afd afd.sys Wed Aug 04 07:14:13 2004 (41107EB5)
ef9b0000 ef9d0f00 ipnat ipnat.sys Wed Sep 29 23:28:36 2004 (415B3714)
ef9d1000 ef9f8c00 netbt netbt.sys Wed Aug 04 07:14:36 2004 (41107ECC)
ef9f9000 efa50d80 tcpip tcpip.sys Thu Apr 20 12:51:47 2006 (444775D3)
efa51000 efa63400 ipsec ipsec.sys Wed Aug 04 07:14:27 2004 (41107EC3)
efa90000 efa92900 Dxapi Dxapi.sys Fri Aug 17 21:53:19 2001 (3B7D843F)
f7c7d000 f7cb0200 update update.sys Wed Aug 04 06:58:32 2004 (41107B08)
f7cb1000 f7cc1e00 psched psched.sys Wed Aug 04 07:04:16 2004 (41107C60)
f7cc2000 f7cd8680 ndiswan ndiswan.sys Wed Aug 04 07:14:30 2004 (41107EC6)
f7cd9000 f7cf0800 SCSIPORT SCSIPORT.SYS Wed Aug 04 06:59:39 2004 (41107B4B)
f7cf1000 f7d3b000 dtscsi dtscsi.sys Sat Dec 10 14:33:44 2005 (439AE748)
f7d3b000 f7d4e780 VIDEOPRT VIDEOPRT.SYS Wed Aug 04 07:07:04 2004 (41107D08)
f7d4f000 f7ecd000 ati2mtag ati2mtag.sys Wed Feb 22 03:46:24 2006 (43FBDE90)
f7efd000 f7f0c900 Cdfs Cdfs.SYS Wed Aug 04 07:14:09 2004 (41107EB1)
f7f0d000 f7f1bd80 arp1394 arp1394.sys Wed Aug 04 06:58:28 2004 (41107B04)
f7f1d000 f7f25700 wanarp wanarp.sys Wed Aug 04 07:04:57 2004 (41107C89)
f7f5d000 f7f66400 avipbb avipbb.sys Mon Mar 19 16:41:09 2007 (45FEBD25)
f7f6d000 f7f8a620 ctsfm2k ctsfm2k.sys Tue Sep 11 05:10:40 2001 (3B9D8EC0)
f7f8b000 f7fa2940 ctoss2k ctoss2k.sys Tue Sep 11 05:10:14 2001 (3B9D8EA6)
f7fa3000 f7fc5680 ks ks.sys Wed Aug 04 07:15:20 2004 (41107EF8)
f7fc6000 f7fe9980 portcls portcls.sys Wed Aug 04 07:15:47 2004 (41107F13)
f7fea000 f80fbca0 e10kx2k e10kx2k.sys Tue Oct 02 08:06:30 2001 (3BB96776)
f80fc000 f811ee80 USBPORT USBPORT.SYS Wed Aug 04 07:08:34 2004 (41107D62)
f811f000 f8132900 parport parport.sys Wed Aug 04 06:59:04 2004 (41107B28)
f8184000 f8186280 rasacd rasacd.sys Fri Aug 17 21:55:39 2001 (3B7D84CB)
f81c0000 f81c3c80 mssmbios mssmbios.sys Wed Aug 04 07:07:47 2004 (41107D33)
f81f0000 f820a580 Mup Mup.sys Wed Aug 04 07:15:20 2004 (41107EF8)
f820b000 f8237a80 NDIS NDIS.sys Wed Aug 04 07:14:27 2004 (41107EC3)
f8238000 f82c4400 Ntfs Ntfs.sys Fri Feb 09 11:10:31 2007 (45CC56A7)
f82c5000 f82db780 KSecDD KSecDD.sys Wed Aug 04 06:59:45 2004 (41107B51)
f82dc000 f82ed960 TPkd TPkd.sys Thu Jan 12 17:01:50 2006 (43C68B7E)
f82ee000 f82fff00 sr sr.sys Wed Aug 04 07:06:22 2004 (41107CDE)
f8300000 f831f780 fltmgr fltmgr.sys Mon Aug 21 10:14:57 2006 (44E97991)
f8320000 f8337480 atapi atapi.sys Wed Aug 04 06:59:41 2004 (41107B4D)
f8338000 f8356880 ftdisk ftdisk.sys Fri Aug 17 21:52:41 2001 (3B7D8419)
f8357000 f8367a80 pci pci.sys Wed Aug 04 07:07:45 2004 (41107D31)
f8368000 f8395d80 ACPI ACPI.sys Wed Aug 04 07:07:35 2004 (41107D27)
f8396000 f83ad800 SPTD0269 SPTD0269.SYS Wed Aug 04 06:59:39 2004 (41107B4B)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 09-08-2007, 09:59 AM
Newbie
D-A-L Newbie
  
Join Date: Aug 2007
Posts: 0
jayjaybee Is a beginner here at D-A-L
HIJACK THIS


Logfile of HijackThis v1.99.1
Scan saved at 09:43:54, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfx update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5D945E9A-DC10-4670-83EB-99DAA616628A} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1132581248875
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1132581231875
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Unimodem - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: SysTray.Exys - {7368D5FC-6F5C-4f5b-B964-E67214F67852} - (no file)
O21 - SSODL: SysTray.Excn2 - {1722ECFF-4356-4f5b-B534-E67294FE75E9} - (no file)
O21 - SSODL: H0BIAIFB - {3EBD6532-4CD9-6885-328F-7E7459291890} - (no file)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

Any one who can make sense of all this has got my respect.

PLEASE HELP
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 10-08-2007, 12:53 AM
jephree's Avatar
¨*·.¸ «.·°·..·°·.» ¸.·*¨
  
Join Date: Jun 2004
Posts: 25,328
jephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniture
Your log has been read here:

http://www.techhelpforum.com/showthread.php?t=5247
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
shutdown paurav Windows XP Help 2 23-07-2008 02:54 PM
Shutdown Problems Avie Windows XP Help 4 08-10-2007 03:54 PM
win xp pro shutdown mobileman1953 Windows XP Help 1 16-08-2007 12:20 AM
Cpu Shutdown!!!! markyt77 Windows XP Help 10 17-02-2007 03:34 AM
Shutdown stephenwhite990 Windows XP Help 2 13-02-2005 06:51 PM


All times are GMT +1. The time now is 01:21 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav