Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue screen


  • This topic is locked This topic is locked
7 replies to this topic

#1 sayits69

sayits69

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 18 September 2009 - 10:14 PM

I've backed up my files but I'm worried that the files that I copied might be corrupt & don't feel like reprogramming my computer for no reason at all! When the computer went blue it said that all my files were corrupted, so I have no idea? So this is what I got when I downloaded Win32kDiag.exe

Running from: C:\Documents and Settings\Shawn\My Documents\Downloads\Win32kDiag.exe

Log file at : C:\Documents and Settings\Shawn\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

And this is what I got when I ran the RootPicks program!!

ROOTREPEAL AD, 2007-2009
==================================================
Scan Start Time: 2009/09/18 22:25
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEE418000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A9A000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xBA34E000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: c:\program files\pokerstars\pokerstars.log.0
Status: Size mismatch (API: 396630, Raw: 395921)

SSDT
-------------------
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0xee79b0b0

==EOF==

Good luck w/ this one! I have no clue what this is or means??? :thumbsup:

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:03:51 AM

Posted 19 September 2009 - 08:35 PM

On your Desktop, right-click on win32diag.exe to tatertot.scr and retry the scan

Rename rootrepeal.exe the same
Select only Drivers to scan
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 sayits69

sayits69
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 19 September 2009 - 09:30 PM

I tried it & received the same response

Running from: C:\Documents and Settings\Shawn\My Documents\Downloads\Win32kDiag.exe

Log file at : C:\Documents and Settings\Shawn\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

#4 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:03:51 AM

Posted 20 September 2009 - 04:28 PM

When scanning, disable your anti-virus and any real-time malware scanners, such as Spybot's Teatimer function.
Rename root Repeal.exe
Click Settings - Options. Set the Disk Access slider to High
When selecting what to scan, select only Drivers
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 sayits69

sayits69
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 21 September 2009 - 02:51 AM

The only anti virus programs that I might have is A.V.G 8.5 free & McCafee free, & the programs that u have told me to down load r the only programs I have on my computer & I have copied them to disk so I don't have to jump on the internet! I don't know how to change them & I don't understand what u want me to do? I don't know how to get to these programs, to disable them for a moment. You'll have to be patient w/ me on this part cause I don't know this side of the computer this well. I'm wondering if I should start over I have most of the stuff that's on my computer backed up & I have the start up disks to it. I'm just wondering if the programs that I have are infected? Then I would just be doing extra work for nothing & I'd be in the same boat as I am now.

#6 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:03:51 AM

Posted 21 September 2009 - 06:22 PM

In all honesty, it would be better to reformat and reinstall the OS
That is what I would do

Let me know. There are other things to try
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#7 sayits69

sayits69
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 24 September 2009 - 11:19 AM

OK that's what I'm going to do then, just start over & hope that my files were not infected! If not I'll be back & we'll just pick up from where we left off. Thanks for all of your help :thumbsup: , Shawn

#8 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:03:51 AM

Posted 24 September 2009 - 06:42 PM

hope that my files were not infected


That's kind of risky
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users