Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

laptop keeps crashing


  • This topic is locked This topic is locked
2 replies to this topic

#1 MaudeLebowski

MaudeLebowski

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:50 AM

Posted 19 September 2009 - 03:41 PM

i run vista on an acer laptop....screen goes blank all the time....can find no malware when doing scans with avast and adaware....if i try to encode something...the pc crashes right away....otherwise i get 20 mins before it crashes.....hope i posted this in the right place



StartupList report, 9/19/2009, 3:28:40 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows Vista SP2 (WinNT 6.00.1906)
Detected: Internet Explorer v8.00 (8.00.6001.18813)
* Using default options
==================================================

Running processes:

C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Users\PSYCHE~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Empowering Technology Launcher.lnk = ?

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

RtHDVCpl = RtHDVCpl.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Acer Tour =
PLFSet = rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
StartCCC = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
eDataSecurity Loader = C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
eRecoveryService =
LManager = C:\PROGRA~1\LAUNCH~1\LManager.exe
Acer Assist Launcher = C:\Program Files\Acer Assist\launcher.exe
Acer Product Registration = "C:\Program Files\Acer Registration\ACE1.exe" /startup
avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
YSearchProtection = "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
UnlockerAssistant = "C:\Program Files\Unlocker\UnlockerAssistant.exe"
SunJavaUpdateSched = "C:\Program Files\Java\jre6\bin\jusched.exe"

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartCCC = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
ehTray.exe = C:\Windows\ehome\ehTray.exe
Speech Recognition = "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
Search Protection = C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
YSearchProtection = C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\Aurora.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB}
(no name) - C:\Windows\system32\ActiveToolBand.dll - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
(no name) - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Ad-Aware Update (Weekly).job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:\Windows\system32\Macromed\Flash\Flash10b.ocx
CODEBASE = http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #5: C:\Program Files\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\System32\webcheck.dll

--------------------------------------------------
End of report, 6,861 bytes
Report generated in 0.093 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

BC AdBot (Login to Remove)

 


#2 pwgib

pwgib

  • Malware Response Team
  • 2,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:04:50 AM

Posted 06 October 2009 - 08:16 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
PW

#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:11:50 AM

Posted 14 October 2009 - 12:52 PM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
_temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users