Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

my HJT LOG...pls help...


  • Please log in to reply

#1
vidhya_80in

vidhya_80in

    Member

  • Member
  • PipPip
  • 11 posts
hi,
my system gets restarted very often all by itself...i first thought it might be because of some virus,so i tried every other scan found and the results said that my system is clean..My system used to get hung up for a minute and then would give me a "VPU RECOVER ERROR" which says
"VPU Recover has reset your graphics accelerator as it
was no longer responding to graphics driver commands"
then someone told me that it could be a compatibilty problem between my graphics card (GIGABYTE ATI RADEON 9200 SERIES) and WINDOWS XP SP2....so i downloaded the latest cat for ATI RADEON but that did not work too...
i was also suggested to check the voltages and everything is fine with that too...
even now both problems,"restarting randomly and VPU RECOVER", persist..i've done all the steps and below is the HIJACKTHIS LOG..please help...this is becoming very troublesome..i lose a lot of data because i never know when my system would behave wierd..

Logfile of HijackThis v1.99.1
Scan saved at 12:47:06 PM, on 8/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
D:\SOFTWARES\SPYWARE TOOLS\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.yahoo.com/
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -

C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat

5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program

Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -

http://housecall60.t...all/xscan60.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Alias Wavefront Help Server (AWHelpServer) - Unknown owner - C:\Program

Files\AliasWavefront\Maya5.0\docs\Wrapper.exe" -s "C:\Program Files\AliasWavefront\Maya5.0\docs/Wrapper.conf (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec

Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton

SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton

SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec

Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog

Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security

Center\SymWSC.exe

thanks in advance..
vidya

Edited by vidhya_80in, 05 August 2005 - 04:07 AM.

  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Hi vidhya,

I moved your topic to the Hardware forum. I have looked at your log and I can't find any malware either, so we have to assume it is not a virus.

Regards,
  • 0

#3
warriorscot

warriorscot

    Member 5k

  • Retired Staff
  • 8,889 posts
Righto, sytems specs and temps of case and cpu will be needed. Use a program called cpu-z to find the specs if you dont know them temps are in the bios or you can get software.
  • 0

#4
vidhya_80in

vidhya_80in

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
hey metallica,
thanks for spending time on my log....
and
hey warrior, i have intel active monitor,i see some system specs and temp in that...can i give u that info..if yes, it is as below,if not pls ignore the remaining part of the post....if u think i shud still download cpu-z,please lemme know...i'll do that instantly...

temperatures :

processor zone: 44
system zone 1 : 40
system zone 2 : 39
system fan : 5607 rpm

system specs below:
I N T E L ® A C T I V E M O N I T O R

System Information Report
8/12/2005 1:18:00 AM

***************************************************************************
General Information
***************************************************************************
Product name Intel® Desktop Board D865GBF based system
Board model Genuine Intel® D865GBF system board
OS version Windows* XP version 5.1 Service Pack 2 build 2600
OS memory 1,047,276 KB RAM

***************************************************************************
Processor
***************************************************************************
Processor Intel® Pentium® 4 CPU 3.00GHz
Bus speed 800 MHz
L1 cache Data Cache 8KB, Execution Trace Cache 12K Micro-ops
L2 cache Advanced Transfer Cache 512 KB
Form factor Socket 478
Stepping 9

***************************************************************************
System
***************************************************************************
Physical memory 1,024 MB RAM
Memory speed DDR333
Memory type DDR, Synchronous
Form factor DIMM
BIOS date 05/19/2003
BIOS size 512 KB
BIOS version P07 (BF86510A.86A.0036.P07.0305191051)

***************************************************************************
Sensors
***************************************************************************
Sensor Name System Fan 1
Current Value 5607
Upper Threshold not applicable
Lower Threshold not applicable

Sensor Name Processor Zone
Current Value 43
Upper Threshold 70
Lower Threshold not applicable

Sensor Name System Zone 1
Current Value 40
Upper Threshold 50
Lower Threshold not applicable

Sensor Name System Zone 2
Current Value 38
Upper Threshold 50
Lower Threshold not applicable

Sensor Name +12 V
Nominal Value 12.000
Current Value 12.250
Upper Threshold 13.200
Lower Threshold 10.800

Sensor Name +5 V
Nominal Value 5.000
Current Value 5.078
Upper Threshold 6.000
Lower Threshold 4.000

Sensor Name +3.3 V
Nominal Value 3.300
Current Value 3.266
Upper Threshold 4.300
Lower Threshold 2.300

Sensor Name CPU Core (+1.55 V)
Nominal Value 1.550
Current Value 1.518
Upper Threshold 2.350
Lower Threshold 0.750

Sensor Name CPU I/O (+1.5 V)
Nominal Value 1.500
Current Value 1.471
Upper Threshold 2.300
Lower Threshold 0.700


***************************************************************************
End of Report
***************************************************************************

*Third-party brands and names are the property of their respective owners.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP