Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Everything is suddenly crashing


  • Please log in to reply
11 replies to this topic

#1 Mandoponcho

Mandoponcho

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 01 August 2009 - 07:50 PM

Hey guys I seem to be having a problem.
Everything is crashing on me.
Mozilla, My games, setups.
I got this weird notepad with a message on my desktop too.
It's a Java error. I don't know if it has something to do with what's happening.
Here it is:

#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x01012a14, pid=4704, tid=4820
#
# JRE version: 6.0_14-b08
# Java VM: Java HotSpot™ Client VM (14.0-b16 mixed mode, sharing windows-x86 )
# Problematic frame:
# J rj.a(Lud;B)V
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
#

--------------- T H R E A D ---------------

Current thread (0x03223400): JavaThread "Thread-10" daemon [_thread_in_Java, id=4820, stack(0x045a0000,0x045f0000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x00008018

Registers:
EAX=0x23862e58, EBX=0x00008000, ECX=0x244655c0, EDX=0x244768d8
ESP=0x045ef4b0, EBP=0x045ef528, ESI=0x00000000, EDI=0x00000000
EIP=0x01012a14, EFLAGS=0x00210206

Top of Stack: (sp=0x045ef4b0)
0x045ef4b0: 23862e58 00000000 244655c0 00000000
0x045ef4c0: 0000007b 23855f68 00b22588 00000000
0x045ef4d0: 045ef52c 00000015 244655c0 00000000
0x045ef4e0: 244655c0 00000000 00000047 23862e58
0x045ef4f0: 24420948 24251a90 23862e10 00008000
0x045ef500: 00000009 21839dc8 ffffffff 045ef50c
0x045ef510: 26ef4ade 045ef57c 045ef568 01251a08
0x045ef520: 26ef81b8 00000000 045ef598 0104ce55

Instructions: (pc=0x01012a14)
0x01012a04: 00 0f 85 09 00 00 00 83 fe 00 0f 84 fe 02 00 00
0x01012a14: 8b 53 18 83 fa 00 0f 8e 0d 00 00 00 4a 89 53 18


Stack: [0x045a0000,0x045f0000], sp=0x045ef4b0, free space=317k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
J rj.a(Lud;B)V
J si.a(ILud;I)V
J vi.b(I)V
J bn.b(I)V
J client.e(I)V
J ea.g(I)V
J ea.run()V
j java.lang.Thread.run()V+11
v ~StubRoutines::call_stub
V [jvm.dll+0xecabc]
V [jvm.dll+0x173d61]
V [jvm.dll+0xecc87]
V [jvm.dll+0xeccfd]
V [jvm.dll+0x115d60]
V [jvm.dll+0x1cfd44]
V [jvm.dll+0x1739dc]
C [msvcr71.dll+0x9565]
C [kernel32.dll+0xb699]


--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x0316e400 JavaThread "Thread-21" daemon [_thread_blocked, id=4052, stack(0x02f60000,0x02fb0000)]
0x0543f000 JavaThread "Thread-15" daemon [_thread_blocked, id=4832, stack(0x05c20000,0x05c70000)]
0x032e7800 JavaThread "Thread-14" daemon [_thread_blocked, id=4648, stack(0x053d0000,0x05420000)]
0x0324b400 JavaThread "Java Sound Event Dispatcher" daemon [_thread_blocked, id=1584, stack(0x051e0000,0x05230000)]
0x0325c400 JavaThread "Thread-11" daemon [_thread_blocked, id=4772, stack(0x044f0000,0x04540000)]
=>0x03223400 JavaThread "Thread-10" daemon [_thread_in_Java, id=4820, stack(0x045a0000,0x045f0000)]
0x031d6800 JavaThread "Thread-9" daemon [_thread_blocked, id=1184, stack(0x04540000,0x04590000)]
0x03149c00 JavaThread "thread applet-loader.class-1" [_thread_blocked, id=4984, stack(0x043c0000,0x04410000)]
0x03139800 JavaThread "AWT-EventQueue-2" [_thread_in_native, id=2668, stack(0x04410000,0x04460000)]
0x03138400 JavaThread "Applet 1 LiveConnect Worker Thread" [_thread_blocked, id=4324, stack(0x039f0000,0x03a40000)]
0x03136400 JavaThread "Browser Side Object Cleanup Thread" [_thread_blocked, id=3892, stack(0x04370000,0x043c0000)]
0x03133400 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=1732, stack(0x03070000,0x030c0000)]
0x03146800 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=1592, stack(0x03ae0000,0x03b30000)]
0x0311b400 JavaThread "Java Plug-In Heartbeat Thread" [_thread_blocked, id=4544, stack(0x03a40000,0x03a90000)]
0x03119000 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=2616, stack(0x039a0000,0x039f0000)]
0x03116000 JavaThread "AWT-Windows" daemon [_thread_in_native, id=5784, stack(0x03410000,0x03460000)]
0x02c1f800 JavaThread "AWT-Shutdown" [_thread_blocked, id=4160, stack(0x033c0000,0x03410000)]
0x02c1e800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=5264, stack(0x03370000,0x033c0000)]
0x02c1b400 JavaThread "Java Plug-In Pipe Worker Thread (Client-Side)" daemon [_thread_in_native, id=5532, stack(0x030c0000,0x03110000)]
0x02c16800 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=6072, stack(0x03020000,0x03070000)]
0x02b9e400 JavaThread "Timer-0" [_thread_blocked, id=596, stack(0x02fd0000,0x03020000)]
0x02b89400 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=4200, stack(0x02db0000,0x02e00000)]
0x02b83000 JavaThread "CompilerThread0" daemon [_thread_blocked, id=4824, stack(0x02d60000,0x02db0000)]
0x02b81400 JavaThread "Attach Listener" daemon [_thread_blocked, id=6064, stack(0x02d10000,0x02d60000)]
0x02b80000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=2320, stack(0x02cc0000,0x02d10000)]
0x02b41800 JavaThread "Finalizer" daemon [_thread_blocked, id=4708, stack(0x02c70000,0x02cc0000)]
0x02b3cc00 JavaThread "Reference Handler" daemon [_thread_blocked, id=5524, stack(0x02c20000,0x02c70000)]
0x00616c00 JavaThread "main" [_thread_blocked, id=4332, stack(0x006a0000,0x006f0000)]

Other Threads:
0x02b3b400 VMThread [stack: 0x00770000,0x007c0000] [id=5480]
0x02b9cc00 WatcherThread [stack: 0x02e00000,0x02e50000] [id=5036]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 6848K, used 205K [0x209b0000, 0x21110000, 0x21110000)
eden space 6144K, 1% used [0x209b0000, 0x209ce810, 0x20fb0000)
from space 704K, 11% used [0x21060000, 0x21074f20, 0x21110000)
to space 704K, 0% used [0x20fb0000, 0x20fb0000, 0x21060000)
tenured generation total 90752K, used 52785K [0x21110000, 0x269b0000, 0x269b0000)
the space 90752K, 58% used [0x21110000, 0x2449c710, 0x2449c800, 0x269b0000)
compacting perm gen total 12288K, used 6516K [0x269b0000, 0x275b0000, 0x2a9b0000)
the space 12288K, 53% used [0x269b0000, 0x2700d3e8, 0x2700d400, 0x275b0000)
ro space 8192K, 63% used [0x2a9b0000, 0x2aec96b0, 0x2aec9800, 0x2b1b0000)
rw space 12288K, 53% used [0x2b1b0000, 0x2b824b80, 0x2b824c00, 0x2bdb0000)

Dynamic libraries:
0x00400000 - 0x00424000 C:\Program Files\Java\jre6\bin\java.exe
0x7c900000 - 0x7c9b2000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c8f5000 C:\WINDOWS\system32\kernel32.dll
0x77dd0000 - 0x77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e70000 - 0x77f02000 C:\WINDOWS\system32\RPCRT4.dll
0x77fe0000 - 0x77ff1000 C:\WINDOWS\system32\Secur32.dll
0x00800000 - 0x0081b000 C:\WINDOWS\TEMP\logishrd\LVPrcInj07.dll
0x7e410000 - 0x7e4a0000 C:\WINDOWS\system32\USER32.dll
0x77f10000 - 0x77f58000 C:\WINDOWS\system32\GDI32.dll
0x76390000 - 0x763ad000 C:\WINDOWS\system32\IMM32.DLL
0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d800000 - 0x6da8b000 C:\Program Files\Java\jre6\bin\client\jvm.dll
0x76b40000 - 0x76b6d000 C:\WINDOWS\system32\WINMM.dll
0x5cd70000 - 0x5cd77000 C:\WINDOWS\system32\serwvdrv.dll
0x5b0a0000 - 0x5b0a7000 C:\WINDOWS\system32\umdmxfrm.dll
0x6d7b0000 - 0x6d7bc000 C:\Program Files\Java\jre6\bin\verify.dll
0x6d330000 - 0x6d34f000 C:\Program Files\Java\jre6\bin\java.dll
0x6d290000 - 0x6d298000 C:\Program Files\Java\jre6\bin\hpi.dll
0x76bf0000 - 0x76bfb000 C:\WINDOWS\system32\PSAPI.DLL
0x6d7f0000 - 0x6d7ff000 C:\Program Files\Java\jre6\bin\zip.dll
0x6d430000 - 0x6d436000 C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1d0000 - 0x6d1e3000 C:\Program Files\Java\jre6\bin\deploy.dll
0x77a80000 - 0x77b14000 C:\WINDOWS\system32\CRYPT32.dll
0x77c10000 - 0x77c68000 C:\WINDOWS\system32\msvcrt.dll
0x77b20000 - 0x77b32000 C:\WINDOWS\system32\MSASN1.dll
0x7c9c0000 - 0x7d1d6000 C:\WINDOWS\system32\SHELL32.dll
0x77f60000 - 0x77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
0x774e0000 - 0x7761d000 C:\WINDOWS\system32\ole32.dll
0x77120000 - 0x771ab000 C:\WINDOWS\system32\OLEAUT32.dll
0x3d930000 - 0x3da00000 C:\WINDOWS\system32\WININET.dll
0x007c0000 - 0x007c9000 C:\WINDOWS\system32\Normaliz.dll
0x3dfd0000 - 0x3e015000 C:\WINDOWS\system32\iertutil.dll
0x78130000 - 0x78257000 C:\WINDOWS\system32\urlmon.dll
0x773d0000 - 0x774d3000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
0x6d6b0000 - 0x6d6f3000 C:\Program Files\Java\jre6\bin\regutils.dll
0x77c00000 - 0x77c08000 C:\WINDOWS\system32\VERSION.dll
0x7d1e0000 - 0x7d49e000 C:\WINDOWS\system32\msi.dll
0x6d610000 - 0x6d623000 C:\Program Files\Java\jre6\bin\net.dll
0x71ab0000 - 0x71ac7000 C:\WINDOWS\system32\WS2_32.dll
0x71aa0000 - 0x71aa8000 C:\WINDOWS\system32\WS2HELP.dll
0x6d630000 - 0x6d639000 C:\Program Files\Java\jre6\bin\nio.dll
0x6d000000 - 0x6d14a000 C:\Program Files\Java\jre6\bin\awt.dll
0x73000000 - 0x73026000 C:\WINDOWS\system32\WINSPOOL.DRV
0x5ad70000 - 0x5ada8000 C:\WINDOWS\system32\uxtheme.dll
0x60020000 - 0x60025000 C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
0x74720000 - 0x7476b000 C:\WINDOWS\system32\MSCTF.dll
0x10000000 - 0x10179000 C:\WINDOWS\system32\nview.dll
0x77690000 - 0x776b1000 C:\WINDOWS\system32\NTMARTA.DLL
0x76f60000 - 0x76f8c000 C:\WINDOWS\system32\WLDAP32.dll
0x71bf0000 - 0x71c03000 C:\WINDOWS\system32\SAMLIB.dll
0x03570000 - 0x037c5000 C:\Program Files\Xfire\xfire_toucan_38312.dll
0x71ad0000 - 0x71ad9000 C:\WINDOWS\system32\WSOCK32.dll
0x76380000 - 0x76385000 C:\WINDOWS\system32\MSIMG32.dll
0x77b40000 - 0x77b62000 C:\WINDOWS\system32\apphelp.dll
0x755c0000 - 0x755ee000 C:\WINDOWS\system32\msctfime.ime
0x6d230000 - 0x6d284000 C:\Program Files\Java\jre6\bin\fontmanager.dll
0x71a50000 - 0x71a8f000 C:\WINDOWS\System32\mswsock.dll
0x76f20000 - 0x76f47000 C:\WINDOWS\system32\DNSAPI.dll
0x76fb0000 - 0x76fb8000 C:\WINDOWS\System32\winrnr.dll
0x16080000 - 0x160a5000 C:\Program Files\Bonjour\mdnsNSP.dll
0x76d60000 - 0x76d79000 C:\WINDOWS\system32\Iphlpapi.dll
0x76fc0000 - 0x76fc6000 C:\WINDOWS\system32\rasadhlp.dll
0x6d7a0000 - 0x6d7af000 C:\Program Files\Java\jre6\bin\unpack.dll
0x605d0000 - 0x605d9000 C:\WINDOWS\system32\mslbui.dll
0x04480000 - 0x0448d000 C:\WINDOWS\.jagex_cache_32\runescape\jagmisc.dll
0x662b0000 - 0x66308000 C:\WINDOWS\system32\hnetcfg.dll
0x71a90000 - 0x71a98000 C:\WINDOWS\System32\wshtcpip.dll
0x6d520000 - 0x6d544000 C:\Program Files\Java\jre6\bin\jsound.dll
0x6d550000 - 0x6d558000 C:\Program Files\Java\jre6\bin\jsoundds.dll
0x73f10000 - 0x73f6c000 C:\WINDOWS\system32\DSOUND.dll
0x76c30000 - 0x76c5e000 C:\WINDOWS\system32\WINTRUST.dll
0x76c90000 - 0x76cb8000 C:\WINDOWS\system32\IMAGEHLP.dll
0x72d20000 - 0x72d29000 C:\WINDOWS\system32\wdmaud.drv
0x72d10000 - 0x72d18000 C:\WINDOWS\system32\msacm32.drv
0x77be0000 - 0x77bf5000 C:\WINDOWS\system32\MSACM32.dll
0x77bd0000 - 0x77bd7000 C:\WINDOWS\system32\midimap.dll
0x73ee0000 - 0x73ee4000 C:\WINDOWS\system32\KsUser.dll

VM Arguments:
jvm_args: -D__jvm_launched=51402897237 -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar -Xmx96m -Dsun.java2d.noddraw=true
java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid4924_pipe3,read_pipe_name=jpi2_pid4924_pipe2
Launcher Type: SUN_STANDARD

Environment Variables:
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
USERNAME=Armando
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 95 Stepping 2, AuthenticAMD



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 1 (1 cores per cpu, 1 threads per core) family 15 model 95 stepping 2, cmov, cx8, fxsr, mmx, sse, sse2, sse3, mmxext, 3dnow, 3dnowext

Memory: 4k page, physical 1571248k(651800k free), swap 2105524k(1130420k free)

vm_info: Java HotSpot™ Client VM (14.0-b16) for windows-x86 JRE (1.6.0_14-b08), built on May 21 2009 08:03:56 by "java_re" with MS VC++ 7.1

time: Sat Aug 01 00:47:08 2009
elapsed time: 2060 seconds

_____________________________________________________________________________________________________

It's getting really annoying. My ESET also has an error that says : "Virus scanner initialization failed. Most of ESET NOD32 Antivirus modules will not function properly. This as well as Malwarebytes not opening up and closing. I tried installing AVAST and it also didn't work.
So Please help :thumbsup:

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:07:54 AM

Posted 01 August 2009 - 10:00 PM

I'm sending you a PM

Try ATF and SAS

ATF
Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

------------------------------------

SAS,may take a long time to scan
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 Mandoponcho

Mandoponcho
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 02 August 2009 - 01:58 PM

Sorry for the long wait.
This scan took a while and I had to go to sleep :thumbsup:

Here is the log.


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/02/2009 at 01:22 AM

Application Version : 4.27.1000

Core Rules Database Version : 4032
Trace Rules Database Version: 1972

Scan type : Complete Scan
Total Scan Time : 04:34:48

Memory items scanned : 238
Memory threats detected : 0
Registry items scanned : 6312
Registry threats detected : 0
File items scanned : 192770
File threats detected : 3

Adware.Tracking Cookie
C:\Documents and Settings\Armando\cookies\armando@atdmt[2].txt

Application.PowerReg Scheduler
C:\DOCUMENTS AND SETTINGS\ARMANDO\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER V3.EXE

Rootkit.Agent/Gen-HJG
C:\WINDOWS\SYSTEM32\DRIVERS\HJGRUIAUKRCBYH.SYS


Looks nasty.
Even when I'm on this site the full site layout won't appear.
Just simple graphics and the letters. So there's there's the log.
I'll be waiting for the next reply.

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:54 AM

Posted 02 August 2009 - 02:19 PM

Let's look for rootkits

http://rootrepeal.googlepages.com/

http://rootrepeal.googlepages.com/RootRepeal.zip

or

http://ad13.geekstogo.com/RootRepeal.zip

Just use the file tab at the bottom, scan and paste the report into a reply here please

Posted Image
Chewy

No. Try not. Do... or do not. There is no try.

#5 Mandoponcho

Mandoponcho
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 02 August 2009 - 04:12 PM

Here it is.

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/02 14:00
Program Version: Version 1.3.2.0
Windows Version: Windows XP Media Center Edition SP2
==================================================

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\WINDOWS\Temp\tmp.edb
Status: Locked to the Windows API!

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\gotchaknife.mp3
Status: Invisible to the Windows API!

Path: c:\program files\steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\tgs\madeit2.mp3
Status: Size mismatch (API: 140737488675485, Raw: 320157)

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\sickness.mp3
Status: Invisible to the Windows API!

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\stupified.mp3
Status: Locked to the Windows API!

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\tgs_welcome.mp3
Status: Invisible to the Windows API!

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\gotchakni쁦e.mp3
Status: Visible to the Windows API, but not on disk.

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\sickn䁥ss.mp3
Status: Visible to the Windows API, but not on disk.

Path: C:\Program Files\Steam\steamapps\circusbrainsmasher\counter-strike source\cstrike\sound\gungame\TGS\tgs_welcome.m䁰3
Status: Visible to the Windows API, but not on disk.

#6 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:54 AM

Posted 02 August 2009 - 04:25 PM

Please download and run Processexplorer


http://technet.microsoft.com/en-us/sysinte...s/bb896653.aspx

Under file and save as, create a log and post here

copy and paste into a reply
Chewy

No. Try not. Do... or do not. There is no try.

#7 Mandoponcho

Mandoponcho
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 02 August 2009 - 05:13 PM

Here you go.

Process PID CPU Description Company Name
System Idle Process 0 90.63
Interrupts n/a Hardware Interrupts
DPCs n/a 1.56 Deferred Procedure Calls
System 4
smss.exe 688 Windows NT Session Manager Microsoft Corporation
csrss.exe 736 Client Server Runtime Process Microsoft Corporation
winlogon.exe 760 Windows NT Logon Application Microsoft Corporation
services.exe 804 Services and Controller app Microsoft Corporation
svchost.exe 1028 Generic Host Process for Win32 Services Microsoft Corporation
ehRec.exe 1272 Media Center Host Module Microsoft Corporation
COCIManager.exe 2296 Camera Control Interface Logitech Inc.
svchost.exe 1076 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1424 Generic Host Process for Win32 Services Microsoft Corporation
wscntfy.exe 3148 Windows Security Center Notification App Microsoft Corporation
wuauclt.exe 3200 Windows Update Automatic Updates Microsoft Corporation
svchost.exe 1532 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1712 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1896 Spooler SubSystem App Microsoft Corporation
svchost.exe 1972 Generic Host Process for Win32 Services Microsoft Corporation
AppleMobileDeviceService.exe 380 Apple Mobile Device Service Apple Inc.
mDNSResponder.exe 392 Bonjour Service Apple Inc.
dlcccoms.exe 452 Printer Communication System
ehRecvr.exe 1216 Media Center Receiver Service Microsoft Corporation
ehSched.exe 1236 Media Center Scheduler Service Microsoft Corporation
ekrn.exe 1264 ESET Service ESET
LVComSer.exe 1356 Logitech Video COM Service Logitech Inc.
LVPrcSrv.exe 1388 Logitech LVPrcSrv Module. Logitech Inc.
MDM.EXE 1404 Machine Debug Manager Microsoft Corporation
nvsvc32.exe 1636 NVIDIA Driver Helper Service, Version 182.50 NVIDIA Corporation
PnkBstrA.exe 1664
PnkBstrB.exe 1676
svchost.exe 1776 Generic Host Process for Win32 Services Microsoft Corporation
wdfmgr.exe 1744 Windows User Mode Driver Manager Microsoft Corporation
ViewpointService.exe 528 ViewMgr Viewpoint Corporation
mcrdsvc.exe 588 MCRD Device Service Microsoft Corporation
alg.exe 1764 Application Layer Gateway Service Microsoft Corporation
iPodService.exe 1564 iPodService Module Apple Inc.
svchost.exe 1136 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 824 LSA Shell (Export Version) Microsoft Corporation
explorer.exe 2756 1.56 Windows Explorer Microsoft Corporation
XBoxStat.exe 2392 XBoxStat.exe Microsoft Corporation
jusched.exe 3420 Java™ Platform SE binary Sun Microsystems, Inc.
stsystra.exe 3440 Sigmatel Audio system tray application SigmaTel, Inc.
rundll32.exe 3512 Run a DLL as an App Microsoft Corporation
Monitor.exe 2140 Registry Monitor PixArt Imaging Incorporation
Communications_Helper.exe 712 Communications Manager Logitech Inc.
iTunesHelper.exe 3028 iTunesHelper Module Apple Inc.
issch.exe 3820 InstallShield Update Service Scheduler InstallShield Software Corporation
ehtray.exe 2036 Media Center Tray Applet Microsoft Corporation
DMXLauncher.exe 3324
DLACTRLW.EXE 3596 Drive Letter Access Component Sonic Solutions
egui.exe 3060 ESET GUI ESET
realsched.exe 1620 RealNetworks Scheduler RealNetworks, Inc.
ctfmon.exe 3388 CTF Loader Microsoft Corporation
DLG.exe 516 Digital Line Detection BVRP Software
SUPERAntiSpyware.exe 1684 SUPERAntiSpyware Application SUPERAntiSpyware.com
procexp.exe 2356 3.13 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
rundll32.exe 140 Run a DLL as an App Microsoft Corporation
firefox.exe 436 3.13 Firefox Mozilla Corporation

Edited by Mandoponcho, 02 August 2009 - 05:14 PM.


#8 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:54 AM

Posted 02 August 2009 - 06:11 PM

This as well as Malwarebytes not opening up and closing


Still a problem, would you elaborate if so.

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with Dr.Web CureIt as follows:
  • Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current version
  • Read the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.
  • When complete, click Select All, then choose Cure > Move incurable.
    (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • Now put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and UNcheck "Heuristic analysis" under the "Scanning" tab, then click Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • When the scan is complete, a message will be displayed at the bottom indicating if any viruses were found.
  • Click "Yes to all" if asked to cure or move the file(s) and select "Move incurable".
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Chewy

No. Try not. Do... or do not. There is no try.

#9 Mandoponcho

Mandoponcho
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 03 August 2009 - 12:05 AM

Well.
The download will stop halfway and the computer suddenly restarted once.
As for MBAM I get the error 707(2) not sure what that means.
I think I might need to reformat computer.
But i'll give the scan a try once again
Thanks for the help so far though guys.

#10 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:54 AM

Posted 03 August 2009 - 12:07 AM

Error 707: Error during enumeration of languages. Please reinstall the application.


Chewy

No. Try not. Do... or do not. There is no try.

#11 Mandoponcho

Mandoponcho
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 03 August 2009 - 12:30 AM

so what do i need to reinstall, in order to get MBAM to run again?
I think it might be Java causing all of these problems.
My CPU usage is running normal and a lot of things that involve Java won't run.
And I can't install the new version of it either.

#12 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:54 AM

Posted 03 August 2009 - 12:53 AM

Try Javara

http://raproducts.org/
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users