Post by: FIxeL on May 21, 2006, 07:38:10 AM
Scan saved at 15:34:16, on 2006.05.21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PC-Com\PC-Com.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Trust\460L MOUSE OPTICAL OFFICE\1.1\moffice.exe
C:\Program Files\Trust\460L MOUSE OPTICAL OFFICE\1.1\MOUSE32A.DAT
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Documents and Settings\Vartotojas\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lt (http://\"http://www.google.lt\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lt (http://\"http://www.google.lt\")
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PC-Com] C:\Program Files\PC-Com\PC-Com.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A983838-3AFF-4261-8954-C179A72F1640}: NameServer = 212.59.0.1 212.59.0.2
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Analog Devices, Inc. - (no file)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
pls someone help me
Post by: guestolo on May 21, 2006, 11:59:01 AM
I see both SpySweeper and SpywareDoctor on your computer
Are they both paid versions and up to date?
If they are, both include realtime protections
Use only one programs protections and disable the other programs background protections
You have AVAST and AVG installed
This is not good having 2 AV's background protections running in the background
This can result in the operating system be unstable
You should decide which one you like the best and uninstall the other
Reboot the computer afterwards
Run the diskcleanup tool if you haven't cleaned the temp files in a while
Go to START>>Run>>type in
cleanmgr
Hit OK
Let this finish scanning, ensure temp and temp internet files are selected
click OK
If you have not ran the DiskDefragmenter on the computer in some time, now would be a good time to do so
START>>All programs>>Accessories>>System tools>>Disk Defragmenter
Allow this to run uninterrupted, I find this best done in safe mode
Reboot the computer afterwards
Post back a fresh hijackthis log after you have done the above
Post by: FIxeL on May 21, 2006, 12:07:46 PM
oh P.S. is it ok to go thrue webs while on deframnet?
Post by: guestolo on May 21, 2006, 12:09:16 PM
I suggest that you let the Disk Defragment run UNINTERRUPTED
Again, I like to do this in Safe mode>>Without network
Post by: FIxeL on May 21, 2006, 12:13:22 PM
sry im not very good with computers
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: guestolo on May 21, 2006, 12:26:25 PM
I hope that helps
I'm outta here for a bit, so do what you can
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: FIxeL on May 21, 2006, 10:59:16 PM
Logfile of HijackThis v1.99.1
Scan saved at 06:59:01, on 2006.05.22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\PC-Com\PC-Com.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spy Sweeper\SpySweeper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trust\460L MOUSE OPTICAL OFFICE\1.1\moffice.exe
C:\Program Files\Trust\460L MOUSE OPTICAL OFFICE\1.1\MOUSE32A.DAT
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Vartotojas\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lt (http://\"http://www.google.lt\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lt (http://\"http://www.google.lt\")
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [PC-Com] C:\Program Files\PC-Com\PC-Com.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A983838-3AFF-4261-8954-C179A72F1640}: NameServer = 212.59.0.1 212.59.0.2
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Analog Devices, Inc. - (no file)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Post by: guestolo on May 21, 2006, 11:01:21 PM
Are you disabling anything from running on startup with msconfig?
Post by: FIxeL on May 21, 2006, 11:09:47 PM
And i duno why but my comp restarts when i play a game or trying to record TV
Post by: guestolo on May 21, 2006, 11:13:51 PM
Quote
Need help my computer is very slow,slow internet also i think its trojan or a worm.This is my hijack log file LogfileIs the above problems resolved
Quote
And i duno why but my comp restarts when i play a game or trying to record TVIs this a new problem?
Did you knowingly install this program?
O4 - HKLM\..\Run: [PC-Com] C:\Program Files\PC-Com\PC-Com.exe
Post by: FIxeL on May 21, 2006, 11:16:58 PM
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> and the second problem was also before the defragmentingand the pc-com program i know very helpfull program
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: guestolo on May 21, 2006, 11:21:20 PM
/unsure.gif\' class=\'bbc_emoticon\' alt=\':unsure:\' />
Post by: FIxeL on May 21, 2006, 11:22:55 PM
Post by: guestolo on May 21, 2006, 11:29:18 PM
OR an Hardware or overheating problem
problem is your not getting the error message
Do the following
Right click on MyComputer icon
Left click Properties
Open the ADVANCED tab
Under Startup and Recovery click SETTINGS
Under System Failure uncheck>>Automatically Restart
OK and Apply your way out of there
The next time a system failure happens
By chance, the screen may post the problem
Post back the whole error message
Post by: FIxeL on May 21, 2006, 11:35:41 PM
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> thx a lot /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: FIxeL on May 22, 2006, 09:08:50 AM
Post by: guestolo on May 22, 2006, 01:34:34 PM
Quote
from the blue window
The whole error message please
Post by: FIxeL on May 22, 2006, 02:51:48 PM
*** STOP:0x0000008E/0xC0000005,0xBFB1ED85,0xEE4197D8,0x0000000
*** nv4_disp.dll - adress BFB1ED85 base at BF9D4000,Date stamp 0000000
so this is it
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: guestolo on May 22, 2006, 03:35:58 PM
What are your system specs?
What computer brand and model do you have?
What video card do you have?
Right click MyComputer>>left click properties
Open the Hardware tab>>Device manager
Expand(+)Display adapters
What adapter do you have installed?
Double click on your adapter then click on Driver tab
What is the driver date and version?
Who is the supplier?
Go to START>>RUN>>type in
dxdiag
Hit OK
Under each tab do you find any problems?
What version of DirectX is installed?
Post by: FIxeL on May 22, 2006, 03:58:59 PM
pentium 4
Device: NVIDIA GeFOrece FX 5200 128.0 MB, display 1280x960 (32 bit)(60Hz) Date 203.06.23 version 4.4.7.1
Drivers: nv4_disp.dll
derex instaled 9.0c
i think this is all
Post by: guestolo on May 22, 2006, 04:03:26 PM
What are you doing when the system blue screens?
Playing a game or what?
If playing a game, which game?
Quote
What computer brand and model do you have?
Post by: FIxeL on May 22, 2006, 04:12:54 PM
mm were to find wich model?
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Post by: guestolo on May 22, 2006, 04:16:15 PM
In will be on the box
OR Right click MyComputer and left click properties
Quote
duno like cs source and sumthin like thatI'm not gonna guess here???
Is it CS source or isn't it??
What other games do you have problems with?
With the above info you only supplied
I suggest that you try the later drives from Nvidia
Download and save them too desktop
DON'T Install them yet
http://www.nvidia.com/object/winxp_2k_84.21.html (http://\"http://www.nvidia.com/object/winxp_2k_84.21.html\")
Go into add/remove programs and remove
NVIDIA Windows Display Drivers" OR "NVIDIA Drivers"
Whatever is listed
REboot the computer when prompted
If on startup you get new hardware found, just cancel it out
Double click to install the new driver you saved too desktop
Reboot again when prompted, see if that helps
Post by: FIxeL on May 22, 2006, 04:20:14 PM
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' /> penrium 4 cpu 2.60 GHz,256MB ramcia its cs,silkroad online(mmo rpg) and etc
Post by: guestolo on May 22, 2006, 04:22:37 PM
What MAKE AND MODEL?
Can you update your nvidia drivers with my last set of instructions
Post by: FIxeL on May 22, 2006, 04:31:39 PM
night
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: FIxeL on May 23, 2006, 09:08:53 AM
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Post by: guestolo on May 23, 2006, 09:15:21 PM
Take care
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />