help me out with the generic host process problem

Status
Not open for further replies.
here is the difference between my pc list and urs.

1) Application management - manual

2) Logical disk manager - Automatic
3) Performance logs and Alerts - manual

4) Remote Access Connection Manager - manual

5)Remote Access Auto Connection Manager - manual

6)Remote Desktop Help Session Manager - manual

7) Smart Card - manual

8)WMI Performance Adapter - manual

9) Routing and Remote Access - I have it disabled.
---------------------------------------------------------------
1) Remote registry ???? (not present in ur list)

2)Windows Management Instrumentation Driver Extensions ?? (not present in ur list)

--------------------------------------------------------------

What are the following services ???
dmlmanywdhna
Kavsvc
 
well i have no idea of dmlmanywdhna. google it does not mathcy any word.

kavsvc is kaspersky antivirus.

rest i have done as per your system

about remote registry i do not know why it is not there?
there is a windows management instrumentation service in my list whether it is same as extensions i do not know.

waiting for your further guidance.
 
hi doc,
firstly what is the status of your m/c at present.??
upon reboot / restart , go to event viewer ( %SystemRoot%\system32\eventvwr.msc /s ) and post any recent error messages. (items marked red and yellow)
to know more about that dmlmanywdhna sevice do as follows
Start-> Run - > regedit {Enter}
Then navigate to
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
locate the service and expand it. post what you see under the "parameters" and other sections if any. (this will be displayed on the right hand side of the window)
 
the event viewer log is attached here.
the registry values

Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dmlmanywdhna
Class Name: <NO CLASS>
Last Write Time: 4/4/2005 - 5:04 PM
Value 0
Name: ErrorControl
Type: REG_DWORD

Data: 0x1

Value 1
Name: Type
Type: REG_DWORD
Data: 0x20

Value 2
Name: Group
Type: REG_SZ
Data: Boot Bus Extender

Value 3
Name: Tag
Type: REG_DWORD
Data: 0x1

Value 4
Name: Start
Type: REG_DWORD
Data: 0x3
Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dmlmanywdhna\Security
Class Name: <NO CLASS>
Last Write Time: 6/30/2004 - 6:14 PM
Value 0
Name: Security
Type: REG_BINARY
Data:
00000000 01 00 14 80 90 00 00 00 - 9c 00 00 00 14 00 00 00 ................
00000010 30 00 00 00 02 00 1c 00 - 01 00 00 00 02 80 14 00 0...............
00000020 ff 01 0f 00 01 01 00 00 - 00 00 00 01 00 00 00 00 ÿ...............
00000030 02 00 60 00 04 00 00 00 - 00 00 14 00 fd 01 02 00 ..`.........ý...
00000040 01 01 00 00 00 00 00 05 - 12 00 00 00 00 00 18 00 ................
00000050 ff 01 0f 00 01 02 00 00 - 00 00 00 05 20 00 00 00 ÿ........... ...
00000060 20 02 00 00 00 00 14 00 - 8d 01 02 00 01 01 00 00 ...............
00000070 00 00 00 05 0b 00 00 00 - 00 00 18 00 fd 01 02 00 ............ý...
00000080 01 02 00 00 00 00 00 05 - d8 00 af 00 f6 00 74 00 ........Ø.¯.ö.t.
00000090 00 00 9a 00 00 00 ef 00 - 00 0a 0a 00 00 00 00 00 ......ï.........
000000a0 ae 00 b3 00 a5 00 e8 00 - ®.³.¥.è.
Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dmlmanywdhna\Enum
Class Name: <NO CLASS>
Last Write Time: 4/4/2005 - 5:04 PM
Value 0
Name: 0
Type: REG_SZ
Data: Root\LEGACY_DMLMANYWDHNA\0000

Value 1
Name: Count
Type: REG_DWORD
Data: 0x1

Value 2
Name: NextInstance
Type: REG_DWORD
Data: 0x1
 
Hmm.. May I ...?
@ Doc .. SFC was finishing in a snap cauz you werent running it from Console ..
Try this :
Start > Run > Cmd <Press Enter>
Now at the Command Prompt, Type :
Sfc /scannow <press Enter>

Khair .. I think you should also post your HijackThis Logfile .. :) ..
 
medpal said:
the event viewer log is attached here.

the registry values
Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dmlmanywdhna

Class Name: <NO CLASS>

Last Write Time: 4/4/2005 - 5:04 PM

Value 0

Name: ErrorControl

Type: REG_DWORD
Data: 0x1
Value 1

Name: Type

Type: REG_DWORD

Data: 0x20
Value 2

Name: Group

Type: REG_SZ

Data: Boot Bus Extender
Value 3

Name: Tag

Type: REG_DWORD

Data: 0x1
Value 4

Name: Start

Type: REG_DWORD

Data: 0x3

Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dmlmanywdhna\Security

Class Name: <NO CLASS>

Last Write Time: 6/30/2004 - 6:14 PM

Value 0

Name: Security

Type: REG_BINARY

Data:

00000000 01 00 14 80 90 00 00 00 - 9c 00 00 00 14 00 00 00 ................

00000010 30 00 00 00 02 00 1c 00 - 01 00 00 00 02 80 14 00 0...............

00000020 ff 01 0f 00 01 01 00 00 - 00 00 00 01 00 00 00 00 ÿ...............

00000030 02 00 60 00 04 00 00 00 - 00 00 14 00 fd 01 02 00 ..`.........ý...

00000040 01 01 00 00 00 00 00 05 - 12 00 00 00 00 00 18 00 ................

00000050 ff 01 0f 00 01 02 00 00 - 00 00 00 05 20 00 00 00 ÿ........... ...

00000060 20 02 00 00 00 00 14 00 - 8d 01 02 00 01 01 00 00 ...............

00000070 00 00 00 05 0b 00 00 00 - 00 00 18 00 fd 01 02 00 ............ý...

00000080 01 02 00 00 00 00 00 05 - d8 00 af 00 f6 00 74 00 ........Ø.¯.ö.t.

00000090 00 00 9a 00 00 00 ef 00 - 00 0a 0a 00 00 00 00 00 ......ï.........

000000a0 ae 00 b3 00 a5 00 e8 00 - ®.³.¥.è.

Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dmlmanywdhna\Enum

Class Name: <NO CLASS>

Last Write Time: 4/4/2005 - 5:04 PM

Value 0

Name: 0

Type: REG_SZ

Data: Root\LEGACY_DMLMANYWDHNA\0000
Value 1

Name: Count

Type: REG_DWORD

Data: 0x1
Value 2

Name: NextInstance

Type: REG_DWORD

Data: 0x1
Click to expand...
Hi doc,

as per your latest event logs
4/4/2005 9:34:10 PM Service Control Manager Error None 7000 N/A BHAVIN The BtXBar, WDM Crossbar service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

4/4/2005 9:34:10 PM Service Control Manager Error None 7000 N/A BHAVIN The BtTuner, WDM TV Tuner service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

4/4/2005 9:34:10 PM Service Control Manager Error None 7000 N/A BHAVIN The BtCap, WDM Video Capture service failed to start due to the following error:

The system cannot find the file specified.



For this just uninstall ur broktree based tv tuner / video capture software.



Also post the application event logs. what you have posted is system section only.



what is the current ststus of ur m/c. ??? are there any problems ??
















 
deejay said:
Hi doc,
what is the current ststus of ur m/c. ??? are there any problems ??
Click to expand...
i did not get you deejay here, what do you want to convey?

i have completely uninstalled the tv tuner and reinstalled it.
the jiaocap wdm tuner driver is not in my devices list now as it used to be earlier.

i am attaching the device manager window pic here.
here the third in sound, video and game controllers where legacy video capture is mention there used to be jiaocap wdm video cature drivers. which i uninstalled and i also uninstalled and reinstalled the pinnacle pctv tv tuner card.

as i mentioned earlier, in the application events log there is nothing after march 30. when my xing media player crashed once.



as such my system is totally working fine. the last message came only when i started this thread.

@batty:
long time no see here is my hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 1:44:21 PM, on 4/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Sygate\spf\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
D:\Program Files\yahoo pops\YahooPOPs.exe
E:\Program Files\Folding@Home\winFAH.exe
E:\Program Files\Folding@Home\FahCore_65.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\hi\msnappau.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/customize/ymsgr/defaults/su/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/defaults/sb/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCaptureBho Object - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\hi\msntb.dll
O2 - BHO: Toolbar Helper - {D44BBB61-E17F-4AE6-A502-8D7E0B29E616} - C:\WINDOWS\system32\s1923.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\hi\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KAVPersonal50] D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\spf\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] D:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: YahooPOPs.lnk = ?
O4 - Startup: Folding@Home 5.02.lnk = ?
O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
O8 - Extra context menu item: + &Mass Downloader: download this file - E:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: + Mass Downloader: download &All files - E:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Subscribe in NewzSpider - file://D:\Program Files\NewzSpider\addfeed.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - E:\Program Files\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - E:\Program Files\Mass Downloader\massdown.exe
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.chitralekha.com/wfplayer/tdserver.cab
O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201} -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} -
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd/boardid/BoardID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6FD3E05-ADFE-4051-BEAE-669DD4CEC8A7}: NameServer = 61.1.32.33 61.1.128.5
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\spf\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Click to expand...
 
Last edited by a moderator:
Dear dr.

1. c:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe and many related entries - iNTEL active monitor is not needed unless the pc is running overclocked. Still, I find this program buggy, conflicting with other applications/drivers and crashes the pc. If not needed, pls uninstall it. I recommend Motherboard monitor,another excellent program, if monitoring is really needed.

2. O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll and other related entries - If msn toolbar is not needed, dr. may uninstall it. I can see google desktop also installed. Both maynot like each other. ;-). (Sp2 already has builtin popup blocker, if that's the reason why its there.)

3. O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) - there is no file associated. Must be fixed

4. O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe - Not needed if nero is running ok without any problems. Disable it from startup (start-->run-->msconfig, hit enter, goto "startup" tab and uncheck "nerocheck", click "ok". It's my suggestion, others may disagree.

5. O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file) - No file associated. Must be fixed

6. O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing) - Here also file is missing. Pls fix this too.

7. O4 - Startup: Folding@Home 5.02.lnk = ? - Make sure it runs in "low priority".

8.O4 - Startup: YahooPOPs.lnk = ? - I know its a personal choice, still I never liked it. If it's not needed, yahoopops may be uninstalled. If needed, pls check for any updates. My recommendation - go for GMAIL.



9. C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -Pls check for any updates to the APC Powerchute application. UPS softwares are known to be buggy. I had a ups 5 years back and it used to create a lot of problems.

Except for Intel active monitor (known to conflict with many drivers and a buggy software, which intel also doesn't recommend installing, If my memory is correct) and msn toolbar (cuz of google desktop also installed), I don't find any serious problems.

Lastly, Pls fix whatever was suggested to be fixed (BAckup as always) and goto this site (http://pcpitstop.com/pcpitstop/default.asp) and pls do their tests and post the results.

Hope this helps.:)

Bye....:thumb:
 
Barbiegirl said:
Dear dr.
1. c:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe and many related entries - iNTEL active monitor is not needed unless the pc is running overclocked. Still, I find this program buggy, conflicting with other applications/drivers and crashes the pc. If not needed, pls uninstall it. I recommend Motherboard monitor,another excellent program, if monitoring is really needed.
well thinking on it

2. O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll and other related entries - If msn toolbar is not needed, dr. may uninstall it. I can see google desktop also installed. Both maynot like each other. ;-). (Sp2 already has builtin popup blocker, if that's the reason why its there.)
ok thanks for the info. actually i think it came with msn messenger when i reinstalled it
3. O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) - there is no file associated. Must be fixed
done
4. O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe - Not needed if nero is running ok without any problems. Disable it from startup (start-->run-->msconfig, hit enter, goto "startup" tab and uncheck "nerocheck", click "ok". It's my suggestion, others may disagree.
done
5. O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file) - No file associated. Must be fixed
done[/done]
6. O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing) - Here also file is missing. Pls fix this too.
damn, this norton crap does not leave me i had it preinstalled when i purchased my pc and i have already uninstalled it and also ran rnis and rnav utilities will fix with hijack this
7. O4 - Startup: Folding@Home 5.02.lnk = ? - Make sure it runs in "low priority".
it runs at the lowest priority only
8.O4 - Startup: YahooPOPs.lnk = ? - I know its a personal choice, still I never liked it. If it's not needed, yahoopops may be uninstalled. If needed, pls check for any updates. My recommendation - go for GMAIL.
i have gmail configured as pop with my mail client but i need yahoo mail as this is personal contact mail address and i have many medical forums delivering info there which i need to keep separate. and you know we have a google group on name of this forum friends which spams a lot :P. i have it directed with gmail. so i am keeping yahoopops
9. C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -Pls check for any updates to the APC Powerchute application. UPS softwares are known to be buggy. I had a ups 5 years back and it used to create a lot of problems.
noted your suggestions and will check for updates and give a try if i can uninstall it and have my ups as standalone unit
Except for Intel active monitor (known to conflict with many drivers and a buggy software, which intel also doesn't recommend installing, If my memory is correct) and msn toolbar (cuz of google desktop also installed), I don't find any serious problems.

Lastly, Pls fix whatever was suggested to be fixed (BAckup as always) and goto this site (http://pcpitstop.com/pcpitstop/default.asp) and pls do their tests and post the results.

Hope this helps.:)
Bye....:thumb:
Click to expand...


thank god i finished a flurry of advises there barbiegirl. usually we doctors bombard our patients with a lot of instructions to follow this time around it is my turn,but thanks to friends like you and deejay, bosky101 and batty i am doing good recovery :P
 
Besides the good advice of barbiegirl here is the automated analysis of your log file.
http://www.hijackthis.de/logfiles/8dfe639db814dcdcd880191b84f5054f.html
in future you can visit this site

http://www.hijackthis.de/en
post your log file and click "analyze"
nb* always run hijackthis from its own seperate folder. bcuz the "fixed entries" backups are saved in that folder.if you run it from a temp folder it may get deleted when you run diskclean etc... these backups can restore your original settings incase it is needed.
 
well autoscan suggested some problems or queries with these entries i have this outlined as under asking for more guidance.

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
can some one throw light over this
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6FD3E05-ADFE-4051-BEAE-669DD4CEC8A7}: NameServer = 61.1.32.33 61.1.128.5
i think this is something related to tcpip patch

O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd/boardid/BoardID.cab
related to my mobo, is this harmful

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah...utocomplete.cab
can some one throw light here too

O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} -
treated

O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201} -
treated

O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.chitralekha.com/wfplayer/tdserver.cab
this is one of magazine site with dynamic fonts

O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - E:\Program Files\Mass Downloader\massdown.exe

O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - E:\Program Files\Mass Downloader\massdown.exe
this is related to integration of download software with browser

O8 - Extra context menu item: Subscribe in NewzSpider - file://D:\Program Files\NewzSpider\addfeed.htm
this is new installation for rss news feed

O8 - Extra context menu item: + Mass Downloader: download &All files - E:\Program Files\Mass Downloader\Add_All.htm
this is also mass downloader related

O8 - Extra context menu item: + &Mass Downloader: download this file - E:\Program Files\Mass Downloader\Add_Url.htm

O4 - Startup: Folding@Home 5.02.lnk = ?
i am keeping this

O4 - Startup: YahooPOPs.lnk = ?
i am keeping this

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
what is this?

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
is this so dangerous

C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
i am keeping this

C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
shall i remove this one?

C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
removed this one already.
 
well autoscan suggested some problems or queries with these entries i have this outlined as under asking for more guidance.

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

can some one throw light over this
Click to expand...


--> safe file. here's a response from intel (found by googling)
Thank you for contacting Intel(R) Technical Support.

This file is part of the Intel(R) integrated graphics

controller; therefore, it is completely safe and

should create no issues. Furthermore, we do not

recommend editing the registry to remove any file

that came with the driver.

Please do not hesitate to contact us again if you

need further assistance.

Sincerely,

Otto JK.

Intel Technical Support
Click to expand...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6FD3E05-ADFE-4051-BEAE-669DD4CEC8A7}: NameServer = 61.1.32.33 61.1.128.5

i think this is something related to tcpip patch
Click to expand...

Or ur static ip address. Better ask ur isp, they my know about this ipaddress. Not dangerous, anyway.

O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd/boardid/BoardID.cab

related to my mobo, is this harmful
Click to expand...


NO. Clicking the link takes to www.intel.com. So perfectly safe.

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah...utocomplete.cab

can some one throw light here too
Click to expand...


--> Related to yahoo mail or messenger. Perfectly safe.

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u

what is this?
Click to expand...


--> Error reporting tool from Microsoft. Captures memory dump and other error related information and creates a report to be sent back to Microsoft for analysis. (Dr. can uncheck the option in "startup and recovery", if needed, but i will say to keep it)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll

is this so dangerous
Click to expand...


-->[font=Verdana,Arial,Helvetica] Part of the MSN toolbar. As most toolbars not needed, I suggest removing (fixing) the BHO with HijackThis after uninstalling msn toolbar using "add/remove programs" in control panel.[/font]
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe

shall i remove this one?
Click to expand...


--> As I hve mentioned, intel active monitor is known to conflict with other drivers, so pls uninstall intel active monitor using add/remove programs and then fix this using Hijackthis (If it's still there)

Hope this clears the remaining doubts.

Dr, Don't worry, U don't have a single spyware or trojan in ur system as per Hijackthis log. :hap2:

Bye:)

 
  • Like
Reactions: 1 person
thanks barbiegirl for the pain and care taken for my problem.

but the root problem still persists my event log still shows signs of bxt tv tuner driver which i do not have any where.

i do not from where this problem is occuring.
as such my system runs fine and no probs whatsoever.
 
ok all friends thanks for your whole hearted supported.

i decided to apply the medicine called google for my help.

what i found bt wdm drivers are meant for some audio or video captures.

now i have a sony mini dv handy cam for home video capture and also a canon powershot digicam with video and audio facility so this may be the reason it is showing no devices attached to it.

i will attach the digicam tomorrow and see it again it works or not.

till then keep a few hairs to snatch ans little skin over your head to scratch for someone else`s problems. :P

once again : thanks a lot. all (deejay, barbiegirl, bosky101, batty and every one else.)
 
Hmm.. Good job there Barbiegirl (Aqua fan ..?} ...

Besides those things, I think these are the redundant things in your log.. Which I thought you should take care of ..

O2 - BHO: Toolbar Helper - {D44BBB61-E17F-4AE6-A502-8D7E0B29E616} - C:\WINDOWS\system32\s1923.dll Did you install this yourself ..? Its StumbleUpon toolbar .. Not cateqorized as Spyware but I still am suspicous of toolbars ..
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
Click to expand...
...
I think you should run the Symantec Product Cleanup tool to get rid of Symantec's leftovers..
 
it_waaznt_me said:
Besides those things, I think these are the redundant things in your log.. Which I thought you should take care of ..

...

I think you should run the Symantec Product Cleanup tool to get rid of Symantec's leftovers..
Click to expand...

yup, read his previous post. It didn't go, hopefully hijackthis fixed...

:ohyeah:

Hmm.. Good job there Barbiegirl (Aqua fan ..?} ...
Click to expand...

Hey, :bleh: "IMAGINATION, THAT'S IS YOUR CREATION" :bleh:

....lol...

Ya, I liv in a barbieworld......:tongue: [:right: ]
 
Bhavin, Just some notes about the pcpitshop resilts...

1. u only posted one page..there r other pages tooo.. like hardware,

2. Disable paging to kernal.......I hve it disabled. for u also it may improve performance..

3. IE security zone permissions: change it to none (pcpitshop will explain)

4. Harddrive seems a bit old one ...5400rpm...so speed is low..If that's not the case, then somthing is wrong... Slow speed, slow performance...

5. FAT32: Once i jumped into the ntfs bandwagon, never looked back...

First i started with "C" as ntfs and all others as fat32 ..

Now, everything is NTFS...

My suggestion: whenever u plan to re-install xp, gofor NTFS all the way. (NB: Once ur "C" is ntfs, u can convert fat32 of other drives to ntfs from cmd line, without losing any data...)

Pls post the other pages of results too...or generate the url using "submit results to a friend" and post it here

 
Status
Not open for further replies.
Top Bottom