| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 98130 | 2009-03-12 12:21:00 | Intermittent Black Screen and Slow PC | paulT1010 (14698) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 755858 | 2009-03-14 08:19:00 | I also meant to add that Spybot found loads of stuff that required 2 passes to fully clear. | paulT1010 (14698) | ||
| 755859 | 2009-03-14 08:32:00 | Try reinstalling the graphics driver. Look in Device Manager for details of GFX card Also-does this happen in safe mode? Tap F8 on Boot and select "safe mode" |
Blam (54) | ||
| 755860 | 2009-03-14 08:45:00 | Pctek pointed out last night that you have LOTS of stuff in startup. I'm no expert, but I reckon you still have far too many programs there... I have only a firewall, and 1 of my several installed antiviruses in mine ( plus a reminder proggy which runs at startup, then removes itself) Works fine... Why burden your comp with such a load so soon? Surely the others will load when you actually need them? Edit - I leave it to the more comp-savvy than me to suggest which you should remove... |
Laura (43) | ||
| 755861 | 2009-03-14 10:35:00 | The problem didn't occur during running in Safe mode for an hour. I have removed a number of the programs from startup, but there are more I could also ditch. The next installment of the HT log follows. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:02:39 PM, on 14/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 HP.EXE C:\Program Files\Prevx2\PXConsole.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Prevx2\PXAgent.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe C:\Documents and Settings\Paul\Desktop\Utilities\HijackThis\HijackT his.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.crawler.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = optuszoo.ninemsn.com.au R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.crawler.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.crawler.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.crawler.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = dnl.crawler.com R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [EPSON Stylus Photo RX630 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 HP.EXE /P31 "EPSON Stylus Photo RX630 Series" /O6 "USB001" /M "Stylus Photo RX630" O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Crawler Search - tbr:iemenu O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - www.nvidia.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - housecall65.trendmicro.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PREVXAgent - Prevx - C:\Program Files\Prevx2\PXAgent.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 7467 bytes |
paulT1010 (14698) | ||
| 755862 | 2009-03-14 11:19:00 | I have also updated the driver, but this hasn't made a difference and the fault still remains. Is there any way it could be DirectX related?? I am at v9.0c. | paulT1010 (14698) | ||
| 755863 | 2009-03-14 22:19:00 | Change your power management settings in Control Panel to everything "ON" at all times Also. it seems many people are having this problem due connected modems/routers. Try unplugging them from your machine and see if it still happens. Download and run winsockfix. From your HJT log it seems they are corrupted: www.softpedia.com Blam |
Blam (54) | ||
| 755864 | 2009-03-14 22:28:00 | Tick these then tick fix checked Close browsers Uninstall this O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file) Uninstall this C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe What have you unticked in msconfig? |
Speedy Gonzales (78) | ||
| 755865 | 2009-03-14 23:13:00 | Speedy/Blam6, Have completed the tasks you both asked . I also re-ran Spyware Terminator and found/removed Trojan . Agent . RL . The items I unticked in msconfig are: FlashIcon, FusionRC, HDAudPropShortCut, KHALMNPR, NBJ, nxiz, OpwareSE2, and WMPNSCFG . My latest HT log: Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 9:40:38 AM, on 15/03/2009 Platform: Windows XP SP3 (WinNT 5 . 01 . 2600) MSIE: Internet Explorer v7 . 00 (7 . 00 . 6000 . 16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss . exe C:\WINDOWS\system32\csrss . exe C:\WINDOWS\system32\winlogon . exe C:\WINDOWS\system32\services . exe C:\WINDOWS\system32\lsass . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\System32\svchost . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\system32\spoolsv . exe C:\WINDOWS\Explorer . EXE C:\WINDOWS\AGRSMMSG . exe C:\Program Files\Microsoft IntelliType Pro\type32 . exe C:\Program Files\Microsoft IntelliPoint\point32 . exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 HP . EXE C:\WINDOWS\system32\RUNDLL32 . EXE C:\WINDOWS\system32\ctfmon . exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService . exe C:\WINDOWS\System32\svchost . exe C:\Program Files\Java\jre6\bin\jqs . exe C:\WINDOWS\system32\nvsvc32 . exe C:\Program Files\Prevx2\PXAgent . exe C:\WINDOWS\System32\snmp . exe C:\Program Files\Spyware Terminator\sp_rsser . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\system32\wbem\wmiprvse . exe C:\WINDOWS\System32\alg . exe C:\Program Files\Internet Explorer\IEXPLORE . EXE C:\Documents and Settings\Paul\Desktop\Utilities\HijackThis\HijackT his . exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = . crawler . com/search/dispatcher . aspx?tp=aus&qkw=%s&tbid=60341" target="_blank">www . crawler . com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = . ninemsn . com . au/?wa=wsignin1 . 0" target="_blank">optuszoo . ninemsn . com . au R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = . crawler . com/search/ie . aspx?tb_id=60341" target="_blank">www . crawler . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = . crawler . com/support/sa_customize . aspx?TbId=60341" target="_blank">dnl . crawler . com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = . crawler . com/search/ie . aspx?tb_id=60341" target="_blank">www . crawler . com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = . crawler . com/support/sa_customize . aspx?TbId=60341" target="_blank">dnl . crawler . com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7 . 0\ActiveX\AcroIEHelper . dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper . dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho . dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1 . 6 . 0_07\bin\ssv . dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv . dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin . dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page . dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page . dll O4 - HKLM\ . . \Run: [AGRSMMSG] AGRSMMSG . exe O4 - HKLM\ . . \Run: [NvCplDaemon] RUNDLL32 . EXE C:\WINDOWS\system32\NvCpl . dll,NvStartup O4 - HKLM\ . . \Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck . exe -CheckReg O4 - HKLM\ . . \Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32 . exe" O4 - HKLM\ . . \Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32 . exe" O4 - HKLM\ . . \Run: [EPSON Stylus Photo RX630 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9 HP . EXE /P31 "EPSON Stylus Photo RX630 Series" /O6 "USB001" /M "Stylus Photo RX630" O4 - HKLM\ . . \Run: [NvMediaCenter] RUNDLL32 . EXE C:\WINDOWS\system32\NvMcTray . dll,NvTaskbarInit O4 - HKLM\ . . \Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier . exe O4 - HKLM\ . . \Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate . exe O4 - HKLM\ . . \Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig . exe /auto O4 - HKCU\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp . dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp . dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper . dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper . dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra 'Tools' menuitem: @xpsp3res . dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau . dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - . nvidia . com/content/DriverDownload/srl/3 . 0 . 0 . 0/srl_bin/sysreqlab3 . cab" target="_blank">www . nvidia . com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6 . 6) - . trendmicro . com/housecall/applet/html/native/x86/win32/activex/hcImpl . cab" target="_blank">housecall65 . trendmicro . com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - . microsoft . com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site . cab?1120541865375" target="_blank">update . microsoft . com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - . microsoft . com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site . cab?1163507273359" target="_blank">update . microsoft . com O23 - Service: Apple Mobile Device - Apple Inc . - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService . exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService . exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT . exe O23 - Service: iPod Service - Apple Inc . - C:\Program Files\iPod\bin\iPodService . exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc . - C:\Program Files\Java\jre6\bin\jqs . exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32 . exe O23 - Service: PREVXAgent - Prevx - C:\Program Files\Prevx2\PXAgent . exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler . com - C:\Program Files\Spyware Terminator\sp_rsser . exe -- End of file - 6995 bytes |
paulT1010 (14698) | ||
| 755866 | 2009-03-14 23:33:00 | Get ccleaner (www.ccleaner.com) Install it (untick the Yahoo toolbar), run it. Go to tools/startup Tick / highlight the entries you unticked in msconfig here, then click on delete Then click on cleaner / run cleaner (close browsers first) I would install an AV program like Avast Home, if you want a free one, or NOD, if you want to pay for it. Then scan the whole hdd Am I missing something, or is this forum's time, an hour behind?? |
Speedy Gonzales (78) | ||
| 755867 | 2009-03-15 03:48:00 | I now have a fully clean system according to CCleaner, Avast & Spyware terminator. To summarise the situation: In safe mode no hang-ups, but obviously not everything works and when I go back into full mode the intermittent black screens come back. My frustration deepens...... | paulT1010 (14698) | ||
| 1 2 3 4 | |||||