Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help My Computer is going to [bleep]

Started by runner3053 , May 29 2005 09:45 PM

  • Please log in to reply

#16
runner3053
Posted 01 June 2005 - 11:47 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
So I did a spyware scan with 0 infections. My device manager was all clear. And after several out of the blue restarts i think i narrowed it down to windows media player. It seemed everytime i opened it soon after loading a vid it would restart. Maybe im talkin out of my [bleep] i dunno. Heres a new log file.

Logfile of HijackThis v1.99.1
Scan saved at 10:45:13 PM, on 6/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DigitalPersona\Bin\DPWinLct.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\DigitalPersona\Bin\DpHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\iRiver\iRiver Manager\Updater\Updater.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
C:\Program Files\WASTE\WASTE.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\hjt\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [iRiver Updater] C:\Program Files\iRiver\iRiver Manager\Updater\Updater.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
O4 - Startup: WASTE.lnk = C:\Program Files\WASTE\WASTE.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1096525929140
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
  • 0

Advertisements

#17
Hemal
Posted 02 June 2005 - 04:25 PM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
It looks like your java is corrupt or has a virus.
Think that I would uninstall jave and also update to.

Please download this – mwav exe http://www.spywarein...wnload/mwav.exe

Also the following program are blocking the fix and will need to be disabled
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

^disable antispy and spybot

Get rid of the rest:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Yahoo Companion
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)MyWebSearch
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no file)Real One toolbar
O2 - BHO: (no name) - {999A06FF-10EF-4A29-8640-69E99882C26B} - (no file)Begin2Search adware variant
O2 - BHO: (no name) - {C3429E3A-2BD3-627B-6E9E-6B1DD77FE454} - (no file) no information on this one
O2 - BHO: (no name) - {D14D6793-9B65-11D3-80B6-00500487BDBA} - (no file)Comet Cursor
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)C:\Program Files\Microsoft Money\System\mnyviewer.dll

O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} - http://codecs.micros...i386/voxacm.CAB
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxres...m/Preloader.dll
O16 - DPF: {33363249-0000-0010-8000-00AA00389B71} - http://codecs.micros...386/i263_32.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -This is located here in the Registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
O16 - DPF: {4063B398-3FC7-433E-B23B-0460CE7EDC27} (MaxisMakinMagicTeleX Control) - http://thesims.ea.co...nMagicTeleX.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {860D5AAC-D059-4C9F-93D3-3FD6FBB6872F} (AuroraCtrl Class) - http://icebergradio.....259/client.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - codebase="http://java.sun.com/...ersion=1,3,0,0"
http://bugs.sun.com/...?bug_id=5072892

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai....23/cpbrkpie.cab
O16 - DPF: {A1A961DA-2BA6-4032-859E-01AC35357163} (One2One Viewer) - http://www.one2one.c...ass/one2one.cab
O16 - DPF: {A8658086-E6AC-4957-BC8E-8D54A7E8A790} (GDIChk Object) - http://www.microsoft...DI/0/GDIChk.CAB
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1..../S...anager.ocx
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -Java Plug-in 1.4.2_03
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -Java Plug-in 1.4.2_03 <applet> redirector

Run a free online virus scan here (tick the "Auto Clean" checkbox):
http://housecall.antivirus.com/

And a free trojan scan here:
http://www.moosoft.com/

Reboot your PC.
  • 0

#18
runner3053
Posted 02 June 2005 - 08:46 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Umm i've done all that for the most part but i couldnt find any of those files on my computer excluding java. what did you want me to do with that mwav.exe. So far i unzipped it and put it into a folder in C:\
  • 0

#19
Hemal
Posted 03 June 2005 - 03:29 PM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
I would run the program, and then give me a new log....can you still right click the desktop?
  • 0

#20
runner3053
Posted 03 June 2005 - 05:40 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Fri Jun 03 15:14:12 2005 => ERROR!!! Invalid Entry System32\Drivers\SPCA561.SYS in SYSTEM\CurrentControlSet\Services\CA561...

is what came up with the scan and my right click still doesnt work
  • 0

#21
Hemal
Posted 04 June 2005 - 07:37 AM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
Try rebooting your computer and get a scan in safemode
  • 0

#22
runner3053
Posted 04 June 2005 - 03:34 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
ERROR!!! Invalid Entry System32\Drivers\SPCA561.SYS in SYSTEM\CurrentControlSet\Services\CA561...

SCANFILE FAILS
C:\Windows\Schedlgu.txt
C:\Windows\Wiadebug.log
C:\Windows\Wiaservc.log
C:\Windows\Winupdate.log

After running in safe mode these were the only things that came up in the scan
  • 0

#23
Hemal
Posted 05 June 2005 - 03:19 PM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
sry about the delay for the response...

Have you upgate a driver for a webcam or a digital camera- do you have one on this computer? Where did you download that driver and this one here: SPCA561.SYS

C:\Windows\Schedlgu.txt>--Get the txt file and post into the thread
C:\Windows\Wiadebug.log >--copy the log and post to the thread
C:\Windows\Wiaservc.log >--copy the log and post to the thread
C:\Windows\Winupdate.log >--copy the log and post to the thread

Look for those files and post the text or log back here as well
  • 0

#24
Hemal
Posted 07 June 2005 - 01:16 PM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
also have you tried to install recently a webcam or something...also have you tried to uninstall the webcam and not the driver?
  • 0

#25
runner3053
Posted 07 June 2005 - 08:15 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
sorry about the delay i haven't been able to get around to working on my computer the past couple days cause its finals week. About the webcam yes I had one and i just unplugged it.
  • 0

Advertisements

#26
Hemal
Posted 08 June 2005 - 12:53 PM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
have unistalled the drivers? in your device manager do you see any question marks?
  • 0

#27
runner3053
Posted 08 June 2005 - 03:05 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
No questions marks, but i never uninstalled any driver for the web cam
  • 0

#28
Hemal
Posted 08 June 2005 - 03:14 PM

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
Unistall the driver- whats this installed from a cd?
  • 0

#29
runner3053
Posted 13 June 2005 - 01:30 PM

runner3053

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Umm I did not install a cd for my web cam I believe that windows loaded a driver. In my add/remove program i couldnt find any files related to the web cam nor could I on my computer.
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP