is this virus?

hey all,

the windows xp on my laptop suddenly shuts down without giving any error. I first thought that it is due to heat problem but there is another thing going on....when ever i run any kind of anti-virus...MaAfee, norton antiviris, spybot.....anything....it shuts down....without giving any message.....and when ever i restart....it does not talk about any sudden shutdown. Also attimes when i start it again....it doesn start for two three times....i mean it starts and again shuts down...and repeat...two three times?

Kindly help me out. how can i get rid of this problem? is formatting all the drives will help?

thanx

 

Well, I think you should check for an overheating problem so that it can be ruled out. Download and install Everest or Motherboard Monitor to check the temps.
Wouldn't be a bad idea to try an online AV scan at RAV and/or Housecall. Then download HijackThis.exe. Place it in a permanent folder (I create a new folder in C:\ named HJT). Open and hit scan, then save log. Once it is saved it will open in notepad. Select all from the edit button, copy and paste the results here. Don't fix anything with it yet!

 

hi

I have already everest installed on my laptop but i don know how to check the temp. on it..

Also, now i will run the virus scan....n i hope this time scan completes n doesn shut down in between.

Thanx a lot for ur feedback!

 

hi there

i scanned my laptop and run hijacker.exe...the result is as follows:
Logfile of HijackThis v1.98.0
Scan saved at 12:24:08 AM, on 7/6/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\WINDOWS\System32\ICO.EXE
C:\Program Files\Sony\Jog Dial Navigator\JogServ2.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\adobe\acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\SMC\EZ Connect Turbo WLAN Adapter\SMCWLAN.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Ghostgum\gsview\gsview32.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\adobe\acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [JOGSERV2.EXE] C:\Program Files\Sony\Jog Dial Navigator\JogServ2.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe /server
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\adobe\acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PowerPanel.lnk = ?
O4 - Global Startup: SMC EZ Connect Turbo WLAN Adapter.lnk = C:\Program Files\SMC\EZ Connect Turbo WLAN Adapter\SMCWLAN.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab



this is the first time the scan completed....i m surprised!

kindly let me know what next?

thanx for ur time...

 

Did the RAV scan find anything?
I don't see anything bad in your log, but the following process
C:\WINDOWS\system32\ntvdm.exe
is The Windows Virtual Machine for 16-bit Windows and Dos programs, used to run dos programs and old Windows programs inside a virtual machine, also known for hogging up to 100% of your CPU in XP. Try shutting down the process when you aren't using that program and see if it helps. I'm assuming it's used for the Cisco Systems\VPN Client?? That or some old games. There is a program called Tame that can help control the CPU usage. Has a free trial.
Everest will probably only give you the harddrive temp. It's under the Computer>sensor section.

 

hi

i checked the temp.

it says: case: 5 C, CPU 10 C and sensor 30C

is this fine or is problematic?

thanx

 

Without the computer specs. I could only guess, but those temps don't appear to be abnormal.

 

hey...

the specs of my computer r pent. IV, 2.4GHz, 30GB hard drive, 512 ram....n i have windows XP home edition on that.......n its sony vaio...

i formatted my computer...but still it shuts down whenever i run anti-virus......i don know what to do.....can anyone suggest me good Anti-virus...?

 

hi again!

hey dave,

i was wondering how the CPU temperature on a computer be so less than room temperature?

 

Your computer is reporting temps in Centigrade, not Fahrenheit.
Conversion

Johanna

 

What is the Series and Model number of the computer? Did you reformat, as in wipe the drive clean and reinstall, or did you just do a repair installation?

 

Hi bindas,

I just came accross your post in the XP forum concerning the same problem. That's called double posting, and it's not allowed, mainly because it becomes very confusing for the people trying to help you. Also, those helping you there might not be aware of what you have done here, and vice-versa, and what is done may be important for ALL to know. Because your log is clean and you still have not told me the results of the RAV scan, I'll have to assume this is not a virus problem, but a hardware problem, especially since the problem still exists after reformatting. My bet is that Rockster nailed it and you would do well to provide the information he has requested and do exactly as he says.

This thread should be considered closed.

 

I agree this is not a Security related item. Your other thread going on this should help you better.