Driver Problem

[Jamex]

My computer recently suffered from a major virus problem which caused the deletion of over 19 gigs of computer information, primarily windows programs, drivers, etc. Fortunately I was able to wipe my hard drive and start from scratch, though I feared that the virus may have done some damage to accual sound card, etc. Right now however, Ive got everything i really want reinstalled, and suddenly my computer starts doing wierd stuff. First of all my firefox has suddenly spontaneously crashing, and to be honest, it happens about every 10 minutes. Fortunately I did download a crash program that reopens all the pages I lost, i cant remember it off the top of my head, but now that wont even work. Not only that, my computer is now increadably slow and non responsive. Every time I do a "Spyware Doctor" or "Ad-Aware SE Personal" scan my entire computer crashes, even in safe mode, and my other scanners arent picking up anything. When I send a microsoft error report, they basically say that it is an undetermined driver issue, and will get back to me when they find out more about it, but they dont accually know whats wrong. I was wondering if, like i mentioned above, it could possably be a hardware problem caused from the virus and if ill have to replace any of my hardware. This isnt the best computer, but atleast i was able to pull off HL2 with a 1.15ghz AMD Athlon processor and about 768 MB of RAM, but now my computer crashes if I play regular HL! I have a hijackthis report down below. Please reply if you need any other information.

 

Logfile of HijackThis v1.99.1

Scan saved at 1:22:46 AM, on 6/18/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\Program Files\Spyware Doctor\sdhelp.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Alex Fischer\Desktop\HijackThis.exe

 

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe

O4 - Startup: PowerReg Scheduler V3.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1149562731207

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149610308357

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

[DjLizard]

I didn't look at your HJT log, but I just wanted to tell you that hardware can't be damaged by software (it was possible 20 years ago, but not now). Viruses can't do the sort of things you think they can.

 

You have a hardware problem, though.

 

You will want to check the integrity of your hard drive and memory:

1) http://hdtune.com

2) http://memtest.org

 

Check your hard drive's health with HD Tune (look for any highlighted lines and report back with a screenshot of the Health tab if you're confused about what you see), and then test your memory with a bootable disk/disc made from memtest.org. Test your memory for at least 4 hours, or until an error occurs. If errors occur in memtest, shut down, remove one stick of RAM, and test again. By cycling through your RAM one stick at a time, you should be able to isolate which memory module is at fault (if it is a memory problem). Otherwise, it could be a video card, motherboard, or power supply problem.

 

edit: okay, I looked at your log. There's nothing wrong there (although you could remove the X10 Device Network Service that doesn't point to any file).

[Jamex]

Heres the screenshot you asked for. i havent yet been able to do the other thing you mentioned, its dificult through random restarts, ill get to that next. after scanning both my hard drives though, this was the only error

[Jamex]

How exactly do you do the mem test, i went to the site you recomended and downloaded a zip folder with four files; install.bat, memtestp.bin, rawrite.exe, README.txt. i tried just opening them to puting them of a floppy and booting from the floppy, though it wont work, how exactly am i supposed to do it?

 

Also, like you mentioned above, i think the video card could be the issue. when i reinstalled my video card after the system wipe, i imediately started having problems. Windows suggested i update my drivers but the same things kept happening. for exmple, right after my last post i opened my browser and went onto a website with flash player on it. then a system notice poped up and said flash has ... an illegal action, we recommend the immediate restart of firefox. ive seen this notice before, however the problem seems to be getting worse and this time somehow caused my explorer program to crash. i was forced to restart my computer, which would make about 5 or 6 today alone, not to mention it now takes about 5-10 minutes just for startup to end now, and all that really loads at startup is ati, ewido anti malware, avg free, and zonealarm.

 

if it is my videocard, what should i do, and if you still think its my ram, please help me to figure out the mem test.

[Glenn]

Your HD Tune screen shot shows 55 deg Celsius. I believe that's considered too hot.

 

Have you checked your fans, cleaned your air intake and exhaust, etc.?

[Jamex]

Your HD Tune screen shot shows 55 deg Celsius. I believe that's considered too hot.

 

Have you checked your fans, cleaned your air intake and exhaust, etc.?

 

 

Could that be the problem? or just one of them? my other drive says something like 30 degrees or something, its wierd, and there is circulation in there. I was thnking of getting a liquid cooling system and found a really good deal but was convinced against it, what do you think about that. ill also see if i can clean the fans, etc and see if that will makes much of a difference.

[Glenn]

The HD Tune site says 55 deg C is the standard alarm level. Some other sites seem to consider anything above 50 deg C risky. The highest reading I've ever seen on my hard drive was 45 deg C.

 

It might just be the one drive is dying or, depending on the cause of the high temperature, e.g., blocked air flow, other components could be overheating.

[DjLizard]

55 isn't hot for that model of Maxtor, actually. That model just runs freaking hot cause it's half the height of the regular drives (here's a picture).

 

I'm going to be brutally honest though: your drive is going to fail, very, very soon. Your SMART status is fine, actually, but this model of drive doesn't die incrementally like most drives (to where you could see it in SMART status); it dies instantly. You will wake up one day and it will make a clicking sound (or just not spin at all), and all of your data will be gone. Prepare now by backing up all of your important data, and prepare to have a technician Ghost this drive to a new one. If this particular drive was manufactured in 2003, it is time for it to die in the very near future.

 

Other than this model of drive, Maxtor has pretty kick-ass drives. But...

 

Here's the order of brands, from best to decent:

Hitachi

Seagate

Maxtor (now owned by Seagate, so technically you should just get a Seagate drive)

 

Western Digital is terrible, don't ever buy them. They are sub-standard.

 

Don't bother buying Maxtor either, because any Maxtors left are ones that have been sitting on the shelf since before the Seagate acquisition.

 

Basically, buy only a Hitachi or Seagate drive.

[rridgely]

O4 - Startup: PowerReg Scheduler V3.exe

http://www3.ca.com/securityadvisor/pest/pe...px?id=453078189

[Jamex]

Fortunately due to a recent virus, i transfered all my information on my other drive to do the wipe, so information isnt an issue, however, the error reports still say that i have a driver issue. is this all due to my hard drive about to fail, or is there another issue here as well?

[DjLizard]

Another issue. RAM, video card, motherboard, or power supply, most likely.

[Jamex]

i was finally able to dua successful mem test and identified which RAM was responsible, and as soon as turning on my computer after removing the RAM, my computer identified a video card driver issue. I think i might have mantioned something like this above. However there is one problem. This might seem like a stupid question, but I dont know which driver update i should do, if i should do both, they seem to be for different things on the same video card.

 

Video card: ALL-IN-WONDER RADEON 8500DV

 

Here are the links:

Catalyst 6.5 Windows XP - Driver Download

ATI Multimedia Center 9.14

[DjLizard]

i was finally able to dua successful mem test and identified which RAM was responsible, and as soon as turning on my computer after removing the RAM, my computer identified a video card driver issue.

 

 

If you mean that a dialog popped up asking you to send an error report (such as "A serious error has occurred" or something), it was about a previous crash, not a current problem. Each blue screen of death generates a crash dump file, which in turn generates a "serious error has occurred"/"send error report/don't send report" dialog. There will be one "send/don't send" dialog per crash that hadn't yet been reported.

 

I would wait and see how/if your stability improves before taking any futher actions, as it's not yet proven that you are having video issues. Video drivers, after all, reside in system RAM, and bad system RAM can make anything look bad when it isn't. If it is bad, you will probably have another crash, and we'll work on it from there. For now, just wait and see

[Jamex]

If you mean that a dialog popped up asking you to send an error report (such as "A serious error has occurred" or something), it was about a previous crash, not a current problem.

 

 

Thank you. and it did generate a "send/don't send" dialoge, but for some reason it would always say we cant determine the problem. finally now its identifying the problem, but ill take your advice and just wait and see.

[Jamex]

OK, ive been on my computer for a while now and there are still a few problems, not to mention that after i restarted my computer, the same error report came up again saying that my computer had suffered from a serious error. Do you think enough time has passed and should i try and fix my device drivers? and if so, which of the ones listed above or both? even if its not the problem, its safe software and cant really cause any more problems right?

[Jamex]

Accually now my my computer is opperating pretty well, concidering i have 2/3s the ram, im even playing around with my on computer tv, and the tv listings. however, i still have one issue. for some reason my internet browser is increadibly slow and still crashes. especially compared to my other programs, for example, i know taht a tv program takes up a lot of the cpu and will naturally slow things down, but when i have a web page up and a tv up at the same time, without surfing or having to reload anything, it woll take my browser about 5-10 full seconds to respont to anything, scrolling, typing, stc, while my tv is still virtually instant, even with changing channels and stuff. i dont think this has to do with the video device, but thats why im asking you. what do you think this problem might be?