Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Windows XP Windows XP
Search Search
Search for:
Tech Support Guy > > >

Solved: System shut down during virus scan!!!!!!!


(!)

Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
28-May-2007, 12:53 AM #1
Angry Solved: System shut down during virus scan!!!!!!!
Hiya all, long time reader, first time poster :-)

When ever I try to do a virus scan of late my system just shuts down. I have tried AVG, Panda, Trend and Norton and all of them just shut my system down. I tried running a AVG's spyware detector aswell and alas this shuts my system down too.

I have run HJT and here is my log details, but I am at a loss as to where the problem may be.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:34:48 AM, on 28/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Wacko\Local Settings\Temporary Internet Files\Content.IE5\GR2PTEYU\HiJackThis_v2[1].exe
C:\Documents and Settings\Wacko\My Documents\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Dulux WeatherShield WeatherDesk] C:\Program Files\Dulux WeatherShield WeatherDesk\weather.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ScreenHunter 5.0 Free.lnk = C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1173408087031
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5...ws-i586-jc.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9647 bytes
Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
04-Jun-2007, 09:38 PM #2
help
hi guys, am still having the problem. been away for a week with work and no replies. can anyone assist.......................

EDIT:

I have just been able to start the system in SAFE MODE and been able to achieve a spyware scan and virus scan. These both worked fine and detected no problems. I restarted the computer and tried the virus scan again, this time it still shut my system down!!!!!!!!!!!!!!!!!!!!!

Any ideas would be appreciated.

Last edited by Wackster71; 04-Jun-2007 at 10:26 PM..
spudnik's Avatar
spudnik spudnik is offline
Senior Member with 115 posts.
 
Join Date: Jun 2007
Experience: Advanced
04-Jun-2007, 10:57 PM #3
this might sound harsh, but how long has it been since you defragged/ pagedefragged?

if you only do defrag, you might need to do some pagedefrag. look it up in the microsoft website; it works before you boot and on a bad day takes 10 mins.

corrupted files tend to cause pc's to shut down. youre trying to do the right thing by virus scanning - props for that, homie.
Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
04-Jun-2007, 11:34 PM #4
finally, thanks for the reply. i defrag my other pc all the time, but rarely (no, lets be honest, never have done this one ) will give it a go now as this thing is really startin to jack me off.

will try it now and let you know.
Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
05-Jun-2007, 12:10 AM #5
okay, did a gefrag of my "C" drive, and did the pagedefrag. used MS One Care to do the virus scan and alas, the system shut down again!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Rollin' Rog's Avatar
Computer Specs
Member with 45,855 posts.
 
Join Date: Dec 2000
Location: North of Hollywoodland
Experience: I know when to fold em'
05-Jun-2007, 12:47 AM #6
Virus scans tend to max out the CPU -- and if you have an overheating problem -- that will bring it on.

Try monitoring the temps during the scan. Speedfan might work for you:

http://www.almico.com/speedfan.php

Also, try doing a scan in Safe Mode and see if that makes a difference.
The Hound's Avatar
Computer Specs
Member with 3,235 posts.
 
Join Date: May 2007
Location: Yooper, born and raised
Experience: Years of foolishness, moments of brilliance
05-Jun-2007, 01:34 AM #7
Might also try start, run, msconfig, tick selective startup, then on the startup tab click 'disable all', click apply, ok, reboot, and run your onecare scan without the AVG, the bit torrent, weather, screensaver search, etc. running.
Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
06-Jun-2007, 01:49 AM #8
okay, I decided to bite the bullet and buy vista. now, I have similar problems as before. This time, it seems to crap out the system and shut down whenever it feels like it.

I have tried the following things sofare and I am beginning to think it is hardware related:

Re-formatted and installed Vista Ultimate
Removed every component from my mobo and cleaned
Removed and cleaned fans (2 * power fan, 1 * GPU fan, 1 * cpu fan, 1 * bios fan)
The bios fan seems to be making a louder noise than before - could this be a problem?
Re-arranged my to RAM sticks (I have 4 slots - 2 blue, 2 brown, can I put them in the brown area as they are currently in the blue slots? mobo manual says use blue)
Re-checked every connection on the mobo to ensure no loose leads.

Temperature seems to be okay, I have set the auto shut down at 70 deg but when I check the bios after it does shut down cpu is running around 45 deg

Is there any software I could try to see if hardware seems to be faulty?

EDIT: rollin-rog - just got the speedfan prog, everything seems to be in order:

FAN 1: 25472 rpm
FAN 2: 48214 rpm
FAN 3: 0 rpm

Temps all stay aroun the same 30C - 40C
Core hasn't budged from 30C - 35C

Last edited by Wackster71; 06-Jun-2007 at 01:59 AM..
Rollin' Rog's Avatar
Computer Specs
Member with 45,855 posts.
 
Join Date: Dec 2000
Location: North of Hollywoodland
Experience: I know when to fold em'
06-Jun-2007, 11:52 AM #9
Shutdowns like that are almost always motherboard hardware problems.

It might be shutting down if the fan is not up to speed or the voltages are out of range. Heat always needs to be monitored under load. It should rise -- if you are not seeing any rise at all -- something is peculiar.

Ram has to be matched properly. If you are unsure -- just stick with a matched pair in one color slot set.
Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
09-Jun-2007, 07:51 AM #10
Bugger me...................
Well, I finally relented and took it to my computer shop where I do all my parts from. $55.00 later to find out it was my firewire card that was up to s&^#!!!!! As soon as they removed the card, problem disappeared, put the card back in, problem back.

Thanks for the help guys. Will keep browsing the forums as I am new to Vista.
Rollin' Rog's Avatar
Computer Specs
Member with 45,855 posts.
 
Join Date: Dec 2000
Location: North of Hollywoodland
Experience: I know when to fold em'
09-Jun-2007, 04:46 PM #11
Thanks for the follow-up. I'll mark the thread Solved, but be aware you can also do this yourself in the future using the Thread Tools menu.
Wackster71's Avatar
Wackster71 Wackster71 is offline
Computer Specs
Junior Member with 12 posts.
THREAD STARTER
 
Join Date: May 2007
Experience: Advanced
09-Jun-2007, 09:42 PM #12
Thanks, wasn't sure about the "solved" but will remember next time.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑