Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System becomes unstable, then throws errors


  • This topic is locked This topic is locked
17 replies to this topic

#1 brederic

brederic

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 28 November 2010 - 08:16 PM

My Compaq nx9420 is acting up. After an up to an hour of trouble-free operation, the system will seem to have window refresh issues and lagging. Attempts to start new processes including the task manager will produce this error "The program failed to initialize, error (0xc000012d)". Attempting to restart the computer will usually fail and the system has to be HARD shutdown. After restarting it works just fine until the symptoms start again.

Thanks in advance for your help.

DDS log
-------

DDS (Ver_10-11-27.01) - NTFSx86
Run by Brent at 15:25:36.01 on Sun 11/28/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.964 [GMT -5:00]

AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\PROGRA~1\SUGARC~1.0E\apache2\bin\Apache.exe
C:\PROGRA~1\SUGARC~1.0E\mysql\bin\mysqld.exe
C:\PROGRA~1\SUGARC~1.0E\apache2\bin\Apache.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Documents and Settings\Brent\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\Tavultesoft\Keyman Engine 7.0\keyman.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Notepad++\notepad++.exe
C:\DOCUME~1\Brent\LOCALS~1\Temp\HouseCall\housecall.bin
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Documents and Settings\Brent\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
BHO: StumbleUpon Launcher: {145b29f4-a56b-4b90-bbac-45784ebebbb7} - c:\program files\stumbleupon\StumbleUponIEBar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Pop-up Blocker: {52706ef7-d7a2-49ad-a615-e903858cf284} - c:\program files\juno\qsacc\X1IEBHO.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: HP Credential Manager for ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hpq\iam\bin\ItIeAddIN.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: Juno Toolbar Helper: {fe3098b1-04a3-41fd-8ca9-bea39cb14c87} - c:\program files\juno\ucreg.dll
TB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - c:\program files\stumbleupon\StumbleUponIEBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: JunoBar: {5854fac4-5bf0-47dd-b5a9-a5ea8cff3cf4} - c:\program files\juno\Toolbar.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
uRun: [Google Update] "c:\documents and settings\brent\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [desktop_light.pxx] "c:\program files\tavultesoft\keyman desktop light 7.0\kmshell.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\brent\startm~1\programs\startup\autoru~1\starof~1.lnk - c:\program files\staroffice7\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\ymetray.lnk - c:\program files\yahoo!\yahoo! music jukebox\ymetray.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_20.dll
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {197F8FE3-8DF6-4755-B925-B94A1FF2F58E} - hxxp://www.newstarsoccer.com/OSAKit2.CAB
DPF: {1B9B97D0-C0F4-4045-9B42-50A4535C9041} - hxxp://download.paltalk.com/wcloader_prod/wcloader.cab
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189270623406
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553536000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: IfxWlxEN - IfxWlxEN.dll
Notify: OneCard - c:\program files\hpq\iam\bin\AsWlnPkg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli AsWlnPkg

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\brent\applic~1\mozilla\firefox\profiles\i7345v3l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/calendar
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\brent\application data\mozilla\firefox\profiles\i7345v3l.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\winnt_x86-msvc\components\pagespeed.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - plugin: c:\documents and settings\brent\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\brent\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\brent\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\brent\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\brent\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\brent\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa2.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Extension: GMarks: {A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83} - c:\docume~1\brent\applic~1\mozilla\firefox\profiles\i7345v3l.default\extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}
FF - Extension: Zotero: zotero@chnm.gmu.edu - c:\docume~1\brent\applic~1\mozilla\firefox\profiles\i7345v3l.default\extensions\zotero@chnm.gmu.edu
FF - Extension: Page Speed: {e3f6c2cc-d8db-498c-af6c-499fb211db97} - c:\docume~1\brent\applic~1\mozilla\firefox\profiles\i7345v3l.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
FF - Extension: Free Realms Installer: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1} - c:\docume~1\brent\applic~1\mozilla\firefox\profiles\i7345v3l.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}
FF - Extension: HttpFox: {4093c4de-454a-4329-8aff-c6b0b123c386} - c:\docume~1\brent\applic~1\mozilla\firefox\profiles\i7345v3l.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}
FF - Extension: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\google\google gears\Firefox

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2010-7-29 15328]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-7-30 11608]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2005-10-25 35488]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-7-7 611664]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-7-30 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-7-30 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-7-30 60936]
R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\macrium\reflect\ReflectService.exe [2010-7-29 220128]
R2 sugarApache;sugarApache;c:\progra~1\sugarc~1.0e\apache2\bin\Apache.exe [2009-5-11 24634]
R2 sugarMysql;sugarMysql;c:\progra~1\sugarc~1.0e\mysql\bin\mysqld.exe --defaults-file=c:\progra~1\sugarc~1.0e\mysql\my.ini sugarmysql --> c:\progra~1\sugarc~1.0e\mysql\bin\mysqld.exe --defaults-file=c:\progra~1\sugarc~1.0e\mysql\my.ini sugarMysql [?]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\drivers\BazisVirtualCDBus.sys [2009-12-5 135320]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2006-10-2 87936]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2005-6-10 35968]
S2 bomgar-scc-1289839319;Bomgar Support Customer Client [1289839319];"c:\documents and settings\all users\application data\bomgar-scc-4ce162d7\bomgar-scc.exe" -service:run --> c:\documents and settings\all users\application data\bomgar-scc-4ce162d7\bomgar-scc.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-1 133104]
S2 Parclass;Parclass;c:\windows\system32\drivers\parclass.sys [2008-5-6 19824]
S3 ADM8511;PA090 USB ETHERNET 10/100 ;c:\windows\system32\drivers\ADM8511.SYS [2007-8-27 24745]
S3 klmd23;klmd23;c:\windows\system32\drivers\klmd.sys --> c:\windows\system32\drivers\klmd.sys [?]
S4 AdeonaClientService;AdeonaClientService;c:\program files\adeona\cygrunsrv.exe [2008-7-13 68096]
S4 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2004-8-4 14336]
S4 B-Service;B-Service;c:\documents and settings\brent\application data\mikogo\B-Service.exe [2009-6-4 185640]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-6-28 112592]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-3-30 1107336]
S4 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\stumbleupon\StumbleUponUpdateService.exe [2010-3-25 120232]
S4 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-10-2 1174152]
S4 VisualSVNServer;VisualSVN Server;c:\program files\visualsvn server\bin\VisualSVNServer.exe [2009-10-23 23840]

=============== Created Last 30 ================

2010-11-28 20:11:42 -------- d-----w- c:\program files\Lavasoft
2010-11-28 20:11:13 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-11-26 13:42:49 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{ab924a6e-afc5-43de-ae63-ad7be36ba83f}\mpengine.dll
2010-11-25 23:24:27 -------- d-----w- C:\Carbonite
2010-11-23 12:41:33 -------- d-----w- c:\program files\Cyberboard
2010-11-17 13:37:59 -------- d-----w- c:\program files\ESET
2010-11-17 13:06:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-17 13:06:05 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-17 13:06:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-15 16:59:04 609280 ----a-w- C:\CarboniteFixStatus.exe
2010-11-15 14:53:30 -------- d-----w- c:\program files\Carbonite
2010-11-15 14:53:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\Carbonite
2010-11-13 15:23:34 -------- d-----w- C:\Restored from Carbonite
2010-11-08 10:26:06 -------- d-----w- c:\docume~1\brent\locals~1\applic~1\Amazon
2010-11-08 10:23:23 -------- d-----w- c:\docume~1\brent\applic~1\Smart PDF Converter Pro
2010-11-08 10:18:55 -------- d-----w- c:\docume~1\brent\applic~1\Mobipocket Reader
2010-11-08 10:09:07 -------- d-----w- c:\documents and settings\brent\.FBReader
2010-11-08 10:08:20 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-11-08 10:08:19 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-11-08 10:08:19 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-11-08 10:08:11 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-11-06 16:37:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2010-11-06 16:37:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

==================== Find3M ====================

2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 15:26:51.82 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 05 December 2010 - 08:33 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 brederic

brederic
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 05 December 2010 - 08:52 PM

Hi,

I'm here. Thanks in advance for your help. I'm ready for your instructions.


Once I receive a reply then I will return with your first instructions.



#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 06 December 2010 - 04:39 PM

Please start by running MBRCheck

Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.
Posted Image
m0le is a proud member of UNITE

#5 brederic

brederic
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 06 December 2010 - 05:54 PM

MBRCheck log posted with errors.


Please start by running MBRCheck

Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.

Attached Files



#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 06 December 2010 - 06:57 PM

Nothing there. What sort of errors are you getting? Can you copy them down and post so I can see what the problem might be.
Posted Image
m0le is a proud member of UNITE

#7 brederic

brederic
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 06 December 2010 - 08:15 PM

The only actual error message is the one I reported in my first post. But I can describe the other issues more fully. When the system is becoming unstable...
- Text input stops updating reliably
- Windows explorer shows some list items and not others
- When switching to another application window, it pops up blank and takes a long time to refresh, if it ever does
- My first instinct is that some rogue process is stealing CPU and needs killed, so I Ctrl-Alt-Esc to bring up Task Manager, but sometimes it won't even start and fails with an error dialog saying, "The program failed to initialize, error (0xc000012d)"
- At this point, I just want to shutdown and restart, but even this is flaky
- Sometimes the "Turn off Computer" button is not present on the Start Menu, just the Log Off button. If I log off, I can't log in and get a message saying something about insufficient resources (I haven't written down that error), and so it accepts my password, but logs me in as the default user instead.
- Sometimes when I try to restart, the "Turn off Computer" button is present, but clicking on Standby, Turn Off or Restart does nothing.
- This has happened often enough that when I see the system start to flake out, I usually just hard shutdown, by holding down the power button until the laptop shuts down, then starting it again.

This whole situation happens about once or twice a day. Once I start it back up, the laptop runs normally for 1-8 hours, but eventually it will become unstable again.

Thanks for listening. Any ideas?

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 07 December 2010 - 02:15 PM

I would say that you are looking at a system problem here.

Some of these symptoms could be fixable with the PC's interior checkdisk and scannow but inevitably you will probably be better off reposting this to the XP forum. However, let's start working on it now...

Please do the following repairs

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Jdk 6 Update 22 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u22-windows-i586-p.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.


We need to run a system file check.

Go to the Run box on the Start Menu and type in:

sfc /scannow

Press Enter

More info on this process can be found here.


Then run CheckDisk

We are going to run chkdsk which will verify and repair the file system

Step One: Click Start, select Run

Step Two: In the box, type cmd

Step Three: Click Ok

Step Four: Run the chkdsk utility by typing in the following command:

chkdsk c: /f /r

NOTE: The /f command automatically fixes any errors encountered, the /r command locates bad sectors and recovers readable information.

Step Five: A reboot is normally required for the chkdsk program to lock the disk and run correctly (this is typical on machines that have only one volume), so simply restart the computer and chkdsk will run automatically. When it's finished, (This process can take quite a while depending on the size of your disk, etc.), it will boot back to normal Windows.

On Rebooting the PC you will see the disk being checked.

This process will take, on average, about an hour.


Finally you might also think about a defrag, if you haven't done one earlier.

Once these steps have been taken come back to me with a list of what's still causing problems and I will see if I can get an advisor to take a look. :thumbup2:

Edited by m0le, 07 December 2010 - 02:16 PM.

Posted Image
m0le is a proud member of UNITE

#9 brederic

brederic
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 08 December 2010 - 05:20 AM

I would say that you are looking at a system problem here.
Please do the following repairs

Your Java is out of date.

[b]sfc /scannow


chkdsk c: /f /r

Finally you might also think about a defrag, if you haven't done one earlier.

Once these steps have been taken come back to me with a list of what's still causing problems and I will see if I can get an advisor to take a look. :thumbup2:


Thanks for the suggestions. All of these procedures are now complete. I will be posting again in the next day or two to report whether the stability of my laptop has improved.

-Brent

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 08 December 2010 - 06:36 PM

:thumbup2:
Posted Image
m0le is a proud member of UNITE

#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 11 December 2010 - 08:00 PM

Hi Brent,

How are things going?
Posted Image
m0le is a proud member of UNITE

#12 brederic

brederic
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 11 December 2010 - 11:21 PM

It appears to be some better. In the last three days my laptop has gone down three times. Once it was with the same symptoms as above. The other two times I was away from the laptop when it hung up, so I am not sure about those. On one occasion, instead of shutting down, a blue screen appeared (not a typical blue screen of death) saying that there was a problem with a driver and that the system had shut down b/c of that. The driver identified was ati2dvag, I believe. It said it was doing a memory dump. After reboot in each case, the laptop was working fine.

#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 12 December 2010 - 05:22 AM

If it's always the same message and the same driver ati2dvag then this could solve the known Dell problem
Posted Image
m0le is a proud member of UNITE

#14 brederic

brederic
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 December 2010 - 05:57 AM

Thanks for finding this.

I used the instructions and in the System Devices replaced the "Intel® 82801 PCI Bridge - 2448 (Intel)" driver with the "PCI standard PCI-to-PCI bridge". I'll let that spin for a few days and let you know how things are going.

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:19 PM

Posted 12 December 2010 - 06:00 AM

Fingers crossed for you :thumbup2:
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users