1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: System shut down during virus scan!!!!!!!

Discussion in 'Windows XP' started by Wackster71, May 28, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    Hiya all, long time reader, first time poster :)

    When ever I try to do a virus scan of late my system just shuts down. I have tried AVG, Panda, Trend and Norton and all of them just shut my system down. I tried running a AVG's spyware detector aswell and alas this shuts my system down too.

    I have run HJT and here is my log details, but I am at a loss as to where the problem may be.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 10:34:48 AM, on 28/05/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Profiler\lwemon.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Wacko\Local Settings\Temporary Internet Files\Content.IE5\GR2PTEYU\HiJackThis_v2[1].exe
    C:\Documents and Settings\Wacko\My Documents\HiJackThis_v2.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [ĀµTorrent] "C:\Program Files\uTorrent\utorrent.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Dulux WeatherShield WeatherDesk] C:\Program Files\Dulux WeatherShield WeatherDesk\weather.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: ScreenHunter 5.0 Free.lnk = C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173408087031
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab
    O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 9647 bytes
     
  2. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    hi guys, am still having the problem. been away for a week with work and no replies. can anyone assist.......................

    EDIT:

    I have just been able to start the system in SAFE MODE and been able to achieve a spyware scan and virus scan. These both worked fine and detected no problems. I restarted the computer and tried the virus scan again, this time it still shut my system down!!!!!!!!!!!!!!!!!!!!!

    Any ideas would be appreciated.
     
  3. spudnik

    spudnik

    Joined:
    Jun 4, 2007
    Messages:
    115
    this might sound harsh, but how long has it been since you defragged/ pagedefragged?

    if you only do defrag, you might need to do some pagedefrag. look it up in the microsoft website; it works before you boot and on a bad day takes 10 mins.

    corrupted files tend to cause pc's to shut down. youre trying to do the right thing by virus scanning - props for that, homie.
     
  4. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    finally, thanks for the reply. i defrag my other pc all the time, but rarely (no, lets be honest, never have done this one :eek: ) will give it a go now as this thing is really startin to jack me off.

    will try it now and let you know.
     
  5. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    okay, did a gefrag of my "C" drive, and did the pagedefrag. used MS One Care to do the virus scan and alas, the system shut down again!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
     
  6. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Virus scans tend to max out the CPU -- and if you have an overheating problem -- that will bring it on.

    Try monitoring the temps during the scan. Speedfan might work for you:

    http://www.almico.com/speedfan.php

    Also, try doing a scan in Safe Mode and see if that makes a difference.
     
  7. The Hound

    The Hound

    Joined:
    May 27, 2007
    Messages:
    3,235
    Might also try start, run, msconfig, tick selective startup, then on the startup tab click 'disable all', click apply, ok, reboot, and run your onecare scan without the AVG, the bit torrent, weather, screensaver search, etc. running.
     
  8. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    okay, I decided to bite the bullet and buy vista. now, I have similar problems as before. This time, it seems to crap out the system and shut down whenever it feels like it.

    I have tried the following things sofare and I am beginning to think it is hardware related:

    Re-formatted and installed Vista Ultimate
    Removed every component from my mobo and cleaned
    Removed and cleaned fans (2 * power fan, 1 * GPU fan, 1 * cpu fan, 1 * bios fan)
    The bios fan seems to be making a louder noise than before - could this be a problem?
    Re-arranged my to RAM sticks (I have 4 slots - 2 blue, 2 brown, can I put them in the brown area as they are currently in the blue slots? mobo manual says use blue)
    Re-checked every connection on the mobo to ensure no loose leads.

    Temperature seems to be okay, I have set the auto shut down at 70 deg but when I check the bios after it does shut down cpu is running around 45 deg

    Is there any software I could try to see if hardware seems to be faulty?

    EDIT: rollin-rog - just got the speedfan prog, everything seems to be in order:

    FAN 1: 25472 rpm
    FAN 2: 48214 rpm
    FAN 3: 0 rpm

    Temps all stay aroun the same 30C - 40C
    Core hasn't budged from 30C - 35C
     
  9. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Shutdowns like that are almost always motherboard hardware problems.

    It might be shutting down if the fan is not up to speed or the voltages are out of range. Heat always needs to be monitored under load. It should rise -- if you are not seeing any rise at all -- something is peculiar.

    Ram has to be matched properly. If you are unsure -- just stick with a matched pair in one color slot set.
     
  10. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    Well, I finally relented and took it to my computer shop where I do all my parts from. $55.00 later to find out it was my firewire card that was up to s&^#!!!!! As soon as they removed the card, problem disappeared, put the card back in, problem back.

    Thanks for the help guys. Will keep browsing the forums as I am new to Vista.
     
  11. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Thanks for the follow-up. I'll mark the thread Solved, but be aware you can also do this yourself in the future using the Thread Tools menu.
     
  12. Wackster71

    Wackster71 Thread Starter

    Joined:
    May 28, 2007
    Messages:
    12
    Thanks, wasn't sure about the "solved" but will remember next time.
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/578034