Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virus, "Server Busy" error + freezing on startup


  • Please log in to reply
11 replies to this topic

#1 Quiet Bagel

Quiet Bagel

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 12 August 2011 - 09:34 PM

New member here, so if I'm doing anything incorrectly (ie. posting in the wrong location) I apologize in advance.

This problem is kind of worrying me as of late.

My laptop hasn't always been exactly the best. It used to crash unexpectedly fairly frequently (ie. just randomly black screen and restart, sometimes BSOD) like 5-10 times a day at its peak. But then the crashes started to slowly diminish over time for some unknown reason, so I just wrote it off as some kind of hardware problem. I've contacted the manufacturer before and have had them look at it, by the way, but they found no problem with it.

But the crashes never entirely stopped though. I maybe get a crash like once a month. Probably due to overheating, my laptop gets fairly hot. But that's besides the main point.

My laptop tends to freeze fairly frequently. When doing anything. I was watching a video on Firefox earlier (it was the only active application I had open besides ZoneAlarm, Avast, Microsoft Security Essentials, Malwarebytes and MSN all idling in the background, totaling no more than 15% CPU usage) when my computer suddenly just froze. So I forced a restart, as I usually do.

However, this time, upon logging on to my computer, Windows Explorer appeared to be frozen. I could still move my mouse around, but the taskbar would make my cursor turn into the loading circle and clicking anything on my desktop would just freeze the entire computer. I restarted 3-4 more times, but to no avail.

On my last attempt, I let the computer sit frozen for approximately 15 minutes. And then the "Windows Explorer has stopped responding" box popped up, so I clicked End Process. After 2-3 more minutes, the desktop entirely vanishes and an error box reading "Server Busy, This action cannot be completed because the other program is busy" with the options "Retry", "Switch To..." and "Cancel". Now this error box, I had never seen before in my entire life, so I instantly thought it must be some kind of infection. Even the wording of the error message sounded kind of awkward ("other program?").

I tried clicking "Switch To..." but all that did was make the error box vanish and reappear a second later. So I walked away from my computer for about 5 minutes, and when I came back, everything was loaded properly, desktop was back, etc. As if nothing had happened.

So I'm still kind of confused as to what's going on here. I've been wondering whether or not all these random crashes and freezes were ACTUALLY caused by hardware issues or if they were caused by some malware. I guess its time to find out.

So any ideas? Should I be concerned?

Also, a bit of background info:

I keep a regularly updated SpywareBlaster, Spybot Search & Destroy (without Tea Timer), Avast Antivirus, Malwarebytes Anti-Malware (full edition), ZoneAlarm firewall and Microsoft Security Essentials on my system. I run scans regularly in normal mode with all programs, but I have never once encountered a single infection. I have yet to run Avast, Malwarebytes and Microsoft Security Essentials in Safe Mode, but I have run Spybot in Safe Mode just a few hours ago (after the freezing and error) and it found nothing.

Will move to the "Virus, Trojan, Spyware, and Malware Removal Logs" and post a Hijack This log if necessary.

Thanks in advance.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:41 PM

Posted 12 August 2011 - 09:45 PM

Welcome aboard Posted Image

Download BlueScreenView (in Zip file)
No installation required.
Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

======================================================================

Download System Information for Windows (SIW free version)
No installation required.

After it scans your computer, navigate to Hardware>Sensors and post all info from there.

Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Quiet Bagel

Quiet Bagel
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 12 August 2011 - 10:41 PM

Forgot to mention, I have CCleaner which I run extremely regularly (at least 3 times per day), so any crash dump files I had would have already been deleted long ago. Which might be an issue...

Although, however, most of my crashes were not actually "Blue Screen of Death" crashes, the computer would just randomly restart itself.

As for SIW...

Well, I'm kind of reluctant to download it. I tried downloading it from the link you gave me and from the CNET website. Both times, my Microsoft Security Essentials popped up, alerting me that it intercepted a threat called Trojan:Win32/Osram!rts. The source of this supposed infection is from some avast TEMP files. So, I'm kind of scared to download that. Is there an alternative program?

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:41 PM

Posted 12 August 2011 - 10:48 PM

As you can see removing dump files is not a good idea. They're important from troubleshooting point of view.

Both times, my Microsoft Security Essentials popped up, alerting me that it intercepted a threat called Trojan:Win32/Osram!rts

Surely pure nonsense as the program is well know, widely used and safe.
You don't think at a professional computer help site like BleepingComputer we'd advice to you to download something malicious?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Quiet Bagel

Quiet Bagel
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 13 August 2011 - 10:05 AM

Alright, was just a bit skeptical though, but I downloaded SIW. Here's the information I got from Hardware > Sensors:

Posted Image

Also, small update on my situation:

My computer Blue Screen of Death'd for the first time in about 2-3 months last night (usually, if it does "crash", it just randomly restarts with no warning screen). However, the Blue Screen of Death ITSELF froze at "generating dump data", so I unfortunately could not get a memory dump out of it.

I did run memtest86 once on it right after, however it found no issues with the memory. I've ran memory tests like this before - I believe I ran Windows Memory Diagnostic about half a year ago, and it DID in fact find a problem with the RAM, however, I can no longer recreate it, so I have no idea what's going on there.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:41 PM

Posted 13 August 2011 - 10:52 AM

Temperatures look fine.

Let's run some scans...

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Quiet Bagel

Quiet Bagel
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 13 August 2011 - 12:32 PM

Security Check results:

Results of screen317's Security Check version 0.99.18
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
avast! Free Antivirus
ZoneAlarm
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Malwarebytes' Anti-Malware
Java™ 6 Update 26
Adobe Flash Player 10.3.181.26
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Microsoft Security Essentials msseces.exe
NVIDIA Corporation PhysX Common AvastSvc.exe -?-
Alwil Software Avast5 AvastUI.exe
Zone Labs ZoneAlarm zlclient.exe
``````````End of Log````````````


MiniToolBox results:

MiniToolBox by Farbar
Ran by PC (administrator) on 13-08-2011 at 12:50:52
Windows 7 Professional (X64)

***************************************************************************

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15022 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : phub.net.cable.rogers.com

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 1C-4B-D6-0B-22-3F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 48-5B-39-4B-E5-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 1C-4B-D6-A8-A0-1A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8176:f526:2c1a:34cf%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : August-13-11 10:40:09 AM
Lease Expires . . . . . . . . . . : August-14-11 12:40:59 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 236735446
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-AE-A6-2F-1C-4B-D6-A8-A0-1A
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.phub.net.cable.rogers.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:107c:28f5:52dc:4145(Preferred)
Link-local IPv6 Address . . . . . : fe80::107c:28f5:52dc:4145%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: www.phub.net.cable.rogers.com
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.113.103
74.125.113.105
74.125.113.106
74.125.113.147
74.125.113.99
74.125.113.104


Pinging google.com [74.125.113.106] with 32 bytes of data:
Reply from 74.125.113.106: bytes=32 time=73ms TTL=51
Reply from 74.125.113.106: bytes=32 time=48ms TTL=51

Ping statistics for 74.125.113.106:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 73ms, Average = 60ms
Server: www.phub.net.cable.rogers.com
Address: 192.168.0.1

Name: yahoo.com
Addresses: 69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76


Pinging yahoo.com [72.30.2.43] with 32 bytes of data:
Reply from 72.30.2.43: bytes=32 time=129ms TTL=53
Reply from 72.30.2.43: bytes=32 time=104ms TTL=53

Ping statistics for 72.30.2.43:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 104ms, Maximum = 129ms, Average = 116ms

Pinging 127.0.0.1 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
===========================================================================
Interface List
13...1c 4b d6 0b 22 3f ......Bluetooth Device (Personal Area Network)
12...48 5b 39 4b e5 4e ......Atheros AR8131 PCI-E Gigabit Ethernet Controller
11...1c 4b d6 a8 a0 1a ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:107c:28f5:52dc:4145/128
On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::107c:28f5:52dc:4145/128
On-link
11 281 fe80::8176:f526:2c1a:34cf/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/13/2011 00:52:52 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:03 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:03 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:03 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/13/2011 11:07:03 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (08/13/2011 10:40:44 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/13/2011 01:38:46 AM) (Source: Service Control Manager) (User: )
Description: The Server service terminated with the following error:
%%13

Error: (08/13/2011 01:38:46 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1115

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147467243.

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The hpqcxs08 service terminated with the following error:
%%-2147467243

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1069

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
%%1069

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/13/2011 01:38:45 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 2 (SP2)
64 Bit HP CIO Components Installer (Version: 6.2.2)
6500_E709_eDocs (Version: 1.00.0000)
6500_E709_Help (Version: 1.00.0000)
6500_E709n (Version: 140.0.000.000)
ABC Amber Nokia Converter
Acrobat.com (Version: 1.1.377)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.2.0)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (Version: 9.0.0)
Adobe Acrobat 9.2.0 - CPSID_50026
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 10 Plugin (Version: 10.3.181.26)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
Alcor Micro USB Card Reader (Version: 1.5.17.25482)
ASUS AI Recovery (Version: 1.0.8)
ASUS FancyStart (Version: 1.0.8)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS MultiFrame (Version: 1.0.0021)
ASUS Power4Gear Hybrid (Version: 1.1.27)
ASUS SmartLogon (Version: 1.0.0008)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS USB2.0 UVC VGA WebCam (Version: 5.8.53120.202)
ASUS Virtual Camera (Version: 1.0.19)
ASUS_Screensaver
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0054)
ATK Media (Version: 2.0.0006)
ATKOSD2 (Version: 7.0.0008)
µTorrent (Version: 2.2.0)
Audacity 1.3.12 (Unicode)
avast! Free Antivirus (Version: 6.0.1000.0)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 140.0.213.000)
CCleaner (Version: 3.05)
ControlDeck (Version: 1.0.5)
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DivX Setup (Version: 2.2.1.2)
DocMgr (Version: 140.0.65.000)
DocProc (Version: 140.0.100.000)
ETDWare PS/2-x64 7.0.5.9_WHQL
Fast Boot (Version: 1.0.5)
Fax (Version: 140.0.213.000)
GPBaseService2 (Version: 140.0.212.000)
Heroes of Newerth (Version: 2.0.33)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Officejet 6500 E709 Series (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPProductAssistant (Version: 140.0.213.000)
HPSSupply (Version: 140.0.212.000)
ImgBurn (Version: 2.5.5.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2021)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Turbo Boost Technology Monitor (Version: 1.0.115.11)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
LAME v3.98.3 for Audacity
League of Legends (Version: 1.3)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
MarketResearch (Version: 140.0.214.000)
McAfee SiteAdvisor (Version: 3.3.133)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 5.0 (x86 en-US) (Version: 5.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Nokia Connectivity Cable Driver (Version: 7.1.36.0)
Nokia PC Suite (Version: 7.1.60.0)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 275.33 (Version: 275.33)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA Optimus 1.3.5 (Version: 1.3.5)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
PC Connectivity Solution (Version: 10.50.2.0)
PowerISO (Version: 4.7)
ProductContext (Version: 140.0.000.000)
Rainmeter
Realtek High Definition Audio Driver (Version: 6.0.1.6029)
RPG Maker VX (Version: 1.02)
RPG Maker VX RTP (Version: 1.02)
SAMSUNG CDMA Modem Driver Set
Samsung Kies (Version: 2.0.1.11053_99)
Scan (Version: 140.0.167.000)
Shop for HP Supplies (Version: 14.0)
Skype™ 5.3 (Version: 5.3.120)
SmartWebPrinting (Version: 140.0.213.000)
SolutionCenter (Version: 140.0.214.000)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.4 (Version: 4.4.0)
SRS Premium Sound Control Panel (Version: 1.8.3800)
Status (Version: 140.0.256.000)
StepMania 3.9b (remove only)
System Requirements Lab CYRI (Version: 4.4.16.0)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.213.000)
TrueCrypt (Version: 7.0a)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.1.8 (Version: 1.1.8)
WebReg (Version: 140.0.213.017)
WIDCOMM Bluetooth Software (Version: 6.2.5.500)
Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) (Version: 07/17/2009 6.2.0.9403)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (Version: 07/29/2009 6.1.7100.0)
Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500) (Version: 06/11/2009 6.2.0.9500)
Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8) (Version: 06/09/2010 7.01.0.8)
Windows Driver Package - Nokia Modem (10/07/2010 4.6) (Version: 10/07/2010 4.6)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdbus) USB (10/15/2009 5.02.0.0) (Version: 10/15/2009 5.02.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdmdm) Modem (10/15/2009 5.02.0.0) (Version: 10/15/2009 5.02.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdserd) Ports (10/15/2009 5.02.0.0) (Version: 10/15/2009 5.02.0.0)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Mobile Device Center (Version: 6.1.6965.0)
WinFlash (Version: 2.29.0)
WinRAR archiver
Wireless Console 3 (Version: 3.0.15)
ZoneAlarm (Version: 9.2.102.000)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 3884.48 MB
Available physical RAM: 1460.58 MB
Total Pagefile: 7767.1 MB
Available Pagefile: 5264.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3997.44 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:34.43 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:126.05 GB) NTFS

========================= Users: ========================================

User accounts for \\PC

Administrator Guest PC
UpdatusUser


== End of log ==


Malwarebytes Anti-Malware results:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7456

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

13/08/2011 1:02:22 PM
mbam-log-2011-08-13 (13-02-22).txt

Scan type: Quick scan
Objects scanned: 183785
Time elapsed: 2 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER results:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-13 13:25:35
Windows 6.1.7600
Running: o9p5gucp.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd60b223f
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd60b223f@0018913606f2 0x92 0xF7 0xD2 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd60b223f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd60b223f@0018913606f2 0x92 0xF7 0xD2 0x80 ...

---- EOF - GMER 1.0.15 ----



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:41 PM

Posted 13 August 2011 - 12:57 PM

All looks clean.

Make sure you don't let CCleaner erase dump files and post BlueScreenView log as soon as some BSODs occurs.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Quiet Bagel

Quiet Bagel
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 14 August 2011 - 04:36 PM

Ok, just happened to have a Blue Screen of Death a few minutes ago. Here's the log from BlueScreenViewer:

==================================================
Dump File : 081411-26270-01.dmp
Crash Time : 14/08/2011 5:28:41 PM
Bug Check String : UNEXPECTED_KERNEL_MODE_TRAP
Bug Check Code : 0x0000007f
Parameter 1 : 00000000`00000008
Parameter 2 : 00000000`80050031
Parameter 3 : 00000000`000006f8
Parameter 4 : fffff800`02e3eea4
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+705c0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16841 (win7_gdr.110622-1503)
Processor : x64
Crash Address : ntoskrnl.exe+705c0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\081411-26270-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 262,144
==================================================

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:41 PM

Posted 14 August 2011 - 04:48 PM

We need couple more of them.
Were you doing something in particular when it happened?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Quiet Bagel

Quiet Bagel
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 14 August 2011 - 07:13 PM

I had a couple programs open and idling (ie. MSN, Firefox), but none of that was very CPU intensive to begin with.

I'll post another log when it crashes again.

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:41 PM

Posted 14 August 2011 - 08:22 PM

No problem...

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users