Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Video problems


  • Please log in to reply
6 replies to this topic

#1 JEservices

JEservices

    helping hand


  • Members
  • 1,700 posts
  • OFFLINE
  •  
  • Location:Texas
  • Local time:06:38 PM

Posted 12 July 2004 - 08:49 AM

In the last week, I have been having multiple problems. I thought that it was isolated to being java, but more problems are coming up. At random intervals, everything goes white-both monitors. I can right-click and refresh to get it back, or minimize/maximize the window, and it will come back. Other times, parts of screen will be completely mis-aligned, and I can use the same method to restore it. Even the taskbar and start button goes away, but most of the time, just have to mouse over them, and they return. Ever since this has happened, the computer has been slowing way down. The reason why I think that it is a java issue, is because I have multiple icons in the taskbar. They only show up, when I click the arrow, but then it slows everything down. As you can see from the pic, I have Avast. I ran it, but there is no viruses. I even did a panda scan, and it didnt find anything. I updated the java about a month ago, but there are three versions: SE v1.4.2, SE v1.4.2_01, and SE v1.4.2_04. I am not sure if I needed all of them, because the versions look similar, so I kept all of them. I have included a recent HiJack This log, in case this may help to find what is wrong.

HiJack This Log:

Logfile of HijackThis v1.97.7
Scan saved at 8:43:31 AM, on 7/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RamBooster\Rambooster.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\Jason\Desktop\HiJack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB003" /M "Stylus C64"
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - HKLM\..\RunOnce: [WildTangent CDA Uninstall] C:\WINDOWS\System32\cmd.exe /c del /f C:\WINDOWS\wt\updater\wtisa.dll
O4 - HKLM\..\RunOnce: [KB837272] "C:\WINDOWS\INF\unregmp2.exe" /UpdateWMP
O4 - Startup: Webshots.lnk.disabled
O4 - Global Startup: WinZip Quick Pick.lnk.disabled
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/partner...eed/install.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/12119/CTPID.cab




Here are a couple of screen shots to show you:

Attached Files


Edited by JEservices, 12 July 2004 - 08:53 AM.

We are all curious like a cat. We wonder, we ask, we learn.
Please post back when a suggestion works, so that others may learn.

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:38 PM

Posted 12 July 2004 - 09:09 AM

Did you just uninstall WildTangent?

If so reboot and again and post a new log

#3 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:38 PM

Posted 12 July 2004 - 11:32 AM

Hey Jason,
Man, that's a lot of Java icons in your System Tray. There's no way it should be like that. I don't know how you got more than one version on your machine, but all you want is the latest version. What I would do if I were you is uninstall all instances of Java using Add/Remove and then reinstall the latest version.

While there I would recommend uninstalling anything Wild Tangent. Make sure to look for Web Driver, too. I know you like games so you may be keeping WT intentionally. While it isn't considered outright spyware it is a resource hog and the Web Driver and updater are highly questionable. So at least to get this problem resolved I would uninstall and if you want it back reinstalling is easy enough. Last time I looked, Spybot S&D & AdAware will remove most of it if you don't have it excluded. There is also a "wt" folder in the Windows directory that will need to be deleted.

You may also want to look at this page if you have questions about dealing with Java.
http://www.java.com/en/download/help/index_installing.jsp

Sorry for butting in, but I think all those instances of Java, possibly combined with the Web Driver is what's got things screwed up. Let us know what you do and as Grinler suggested, post a new HT log when done.

The thing about people

is they change

when they walk away.--Mipso


#4 JEservices

JEservices

    helping hand

  • Topic Starter

  • Members
  • 1,700 posts
  • OFFLINE
  •  
  • Location:Texas
  • Local time:06:38 PM

Posted 12 July 2004 - 02:49 PM

Thank you very much for the quick responses, PapaKid and Grinler.

I did not see those references of Wild Tangent in HiJack This, prior to making the 1st post. I have removed all instances of it, did a new log, and have it posted below. Also I removed all java programs, and re-installed the most recent one. I also restarted the computer. The problems are still present. Is there another program that works like HiJack This, that I could d/l, that may look for other things?

In the meantime, I am going to click the arrow in the taskbar, at different intervals, to see if I can see when the other java icons appear.

updated HiJack This log:

Logfile of HijackThis v1.97.7
Scan saved at 2:42:44 PM, on 7/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RamBooster\Rambooster.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\msiexec.exe
C:\Documents and Settings\Jason\Desktop\HiJack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy LS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB003" /M "Stylus C64"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - HKLM\..\RunOnce: [KB837272] "C:\WINDOWS\INF\unregmp2.exe" /UpdateWMP
O4 - Startup: Webshots.lnk.disabled
O4 - Global Startup: WinZip Quick Pick.lnk.disabled
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/12119/CTPID.cab

Edited by JEservices, 12 July 2004 - 02:50 PM.

We are all curious like a cat. We wonder, we ask, we learn.
Please post back when a suggestion works, so that others may learn.

#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:38 PM

Posted 12 July 2004 - 02:59 PM

Did you just recently install a new version of windows media player?

#6 JEservices

JEservices

    helping hand

  • Topic Starter

  • Members
  • 1,700 posts
  • OFFLINE
  •  
  • Location:Texas
  • Local time:06:38 PM

Posted 12 July 2004 - 03:26 PM

I d/l a security update for Windows Media Player (817787), and the update for the series 9 player (KB837272), and the Media Player 9 player-3 different files from the Windows Update. I set them NOT as the default, because I prefer another player, but I wanted to have it, in case some sites use it.
We are all curious like a cat. We wonder, we ask, we learn.
Please post back when a suggestion works, so that others may learn.

#7 JEservices

JEservices

    helping hand

  • Topic Starter

  • Members
  • 1,700 posts
  • OFFLINE
  •  
  • Location:Texas
  • Local time:06:38 PM

Posted 21 July 2004 - 08:32 AM

Well, after some time all of those icons has left, except for one. I am not sure which step actually did it, but I wanted to post it in case someone else had a similar problem.

Took the advice of only having one JAVA. d/l latest version, closed all internet applications, removed all JAVA via add/remove, and re-installed it.

Restarted computer for changes to take effect.

Updated to my latest back-up.

Disabled system restore via safe mode, to clear out the previous entries.

Restarted computer once again.

From this point, everything was working smooth. Waited a few days to make sure that everything is good, and made a new system restore point and fresh back-up.

Thanks to all for the help
We are all curious like a cat. We wonder, we ask, we learn.
Please post back when a suggestion works, so that others may learn.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users