Tech Problem Aggregator

Can you please analyze this dump file .

Q: Can you please analyze this dump file .

ANd also explain how to read this ( what program is needed ) . I just see random stuff in the dmp file ..

Thanks a million ..

A: Can you please analyze this dump file .

It's a stop 0x116. More info on that type of crash:

http://www.sevenforums.com/crashes-d...tml#post280172

As far as "reading" the dump files is concerned:

http://www.sevenforums.com/crash-loc...ing-tools.html

2 more replies
Answer Match 77.28%

Hi,

here is my dump file analysis report. Please tell me what is the problem.


*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

WHEA_UNCORRECTABLE_ERROR (124)
A fatal hardware error has occurred. Parameter 1 identifies the type of error
source that reported the error. Parameter 2 holds the address of the
WHEA_ERROR_RECORD structure that describes the error conditon.
Arguments:
Arg1: 0000000000000000, Machine Check Exception
Arg2: fffffa8007d4b028, Address of the WHEA_ERROR_RECORD structure.
Arg3: 00000000b625a000, High order 32-bits of the MCi_STATUS value.
Arg4: 00000000ad000135, Low order 32-bits of the MCi_STATUS value.

Debugging Details:
------------------
BUGCHECK_STR: 0x124_AuthenticAMD

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: plugin-contain

CURRENT_IRQL: f

STACK_TEXT:
fffff880`02fddb08 fffff800`02c12a3b : 00000000`00000124 00000000`00000000 fffffa80`07d4b028 00000000`b625a000 : nt!KeBugCheckEx
fffff880`02fddb10 fffff800`02dd6513 : 00000000`00000001 fffffa80`080e7290 00000000`00000000 fffffa80`080e72e0 : hal!HalBugCheckSystem+0x1e3
fffff880`02fddb50 fffff800`02c12... Read more

A:Please analyze my dump file.

Download BlueScreenView:
http://www.nirsoft.net/utils/blue_screen_view.html
unzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select All
Go to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply

4 more replies
Answer Match 77.28%

For some reason, I can't get Windbg to work for me and its driving me nuts! >_<

Much appreciated!

My error:


Code:
DBGHELP: c:\symbols\ntkrnlmp.pdb\47F5C3BF9E0A493C9F63BB8F6413358B2\ntkrnlmp.pdb - file system or network error reading pdb
DBGHELP: ntkrnlmp.pdb - file not found
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrnlmp.exe -

A:Can someone please analyze this dump file?

volsnap.sys Volume Shadow Copy Driver.

HTML Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\x\Desktop\Dump\092111-44273-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Machine Name:
Kernel base = 0xfffff800`04e49000 PsLoadedModuleList = 0xfffff800`0508e670
Debug session time: Wed Sep 21 07:15:02.214 2011 (UTC + 3:00)
System Uptime: 1 days 0:09:10.167
Loading Kernel Symbols
...............................................................
................................................................
...................................................
Loading User Symbols
Loading unloaded module list
...............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging in... Read more

3 more replies
Answer Match 76.44%

hello.
my computer crashed 3 times recently.
i save the mini dump files in txt format so that you can help me find the problem cause i got no idea what it is.
my computer is in my profile and since the first crash i set the bios to default to see if it problem is my oc settings, my room ambient Temp is 30, its very hot in here and cpu temp is between 35-55 on load.
please help me find the problem.

A:[SOLVED] Help with DUMP file analyze

Quote:





Originally Posted by hollowcow


hello.
my computer crashed 3 times recently.
i save the mini dump files in txt format so that you can help me find the problem cause i got no idea what it is.
my computer is in my profile and since the first crash i set the bios to default to see if it problem is my oc settings, my room ambient Temp is 30, its very hot in here and cpu temp is between 35-55 on load.
please help me find the problem.







Hi. . .

I will be glad to take those minidump files off your hands. I will run them through a debugger which will hopefully provide the name of a system driver file or a piece of hardware that is the most probable cause of your system crashes.

One item that I would like to have is a Belarc Advisor report saved in "mht" format (Top right of IE screen; Page; Saved as; save as mht). You can download Belarc HERE. However, before attaching to your post please be sure to delete the information related to your product key codes located about ?way down the report.

I will need some time to process the dumps as I am currently working on dozens of others. Also, this is a holiday weekend and I don't expect to be around very much until early next week.

Regards. . .

jcgriff2

5 more replies
Answer Match 75.6%

I built a pc last week and I get the BSOD after a few minutes of playing any game I try. I only have the last dump file I got because the BSOD before the last wouldn't let me start my pc in safe mode or restore to a previous date so I had to reinstall windows 10. Here is my dump file, I know how to open it but I don't know how to analyze it and figure out what is causing the BSOD
here is my build
shadybk - Saved Part Lists - PCPartPicker
Thanks in advance!!!

A:How do I read/analyze this dump file so I know what is causing the BSO

Your dumpfile is a shortcut

Please use the BSOD posting instruction to provide theDumpfile http://www.tenforums.com/bsod-crashes-debugging/2198-bsod-posting-instructions.html
And fill in your System Specs.

0 more replies
Answer Match 74.76%

I get the error "The page failed to load" in control panel, but for a strange reason, it only occurs on every 5th attempt at opening a setting.

After this error, explorer.exe will either freeze/crash (and I need to kill it) or it'll just sit there still trying to load the page but allows me to close the window without it crashing.

How I reproduce the error:

1. I open control panel
2. It doesn't really matter which setting I choose to open, but for testing purposes I open "Ease of Access Center"
3. The first 4 times I open Ease of Access Center it loads just fine
4. The 5th time it shows a blank page with that error message centered!?

This seems to happen only on the 5th time and it seems to apply to the majority of the settings in control panel. I am absolutely clueless on the fix. It doesn't do this in safe mode. I suspect it could be a driver or just something in the registry but I'd love to be able to narrow this down and find the culprit without reinstalling clean.

(Dump File Attached)
(Windows 7 Pro)

A:The page failed to load.. Dump File Plz Analyze

Kudos for the desire to get straight to the debugging phase of troubleshooting, but there's a problem- what you're experiencing is not technically a "crash" in the sense that a process terminated in an abnormal way.

Not every error message constitutes a crash.

As a wild guess, is your UxTheme.DLL "patched" perhaps?

9 more replies
Answer Match 61.32%

Hi,

Could someone please analyze my dump file this is the latest one of many examples on my computer. I have peformed a scan using eset nod32 online scanner, which came up negative.

Regards,
JadeC
Microsoft ® Windows Debugger Version 6.11.0001.404 X86
Copyright © Microsoft Corporation. All rights reserved.
Loading Dump File [C:\WINDOWS\Minidump\Mini071409-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load... Read more

A:Plz help me to analyze my dump log

I suggest running that .dmp file through the debug program again...from what I see, the data you posted cannot be relied on.Follow the guidance at Help Diagnosing BSODs And Crashes (BC) - http://www.bleepingcomputer.com/forums/t/176011/how-to-receive-help-diagnosing-blue-screens-and-windows-crashes/ Louis

1 more replies
Answer Match 60.9%

Could someone please take a look at this crash dump and possibly provide some insight into why this computer is blue screening? The OS is 2008 R2 64-bit.

Thank you

mediafire.com/file/rcnhrtnfvgy/071110-13213-01.dmp
 

A:Analyze crash dump

I looked at the minidump and it doesn't tell me enough to tell you what caused it. If you can attach 5 or more to this post. Read this too please..
 

1 more replies
Answer Match 60.9%

...and tell me the culprit? They are from a Dell Latitude D630, running XP SP3. Thank you!

A:Can anyone analyze these dump files...

  
Quote: Originally Posted by DeaconFrost


...and tell me the culprit? They are from a Dell Latitude D630, running XP SP3. Thank you!


Hello Mate,

Seems like oz776.sys i.e. O2Micro USB Smart Card Reader has caused the System to crash. You could reinstall the Drivers for it and see if that fails then it's better to test it with different Card reader.

Bugcheck:


Code:
Built by: 2600.xpsp_sp3_gdr.100216-1514
Debug session time: Tue Jul 20 16:36:21.171 2010 (GMT+5)
System Uptime: 2 days 15:30:52.968
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
Probably caused by : oz776.sys

Hope this helps,
Captain

3 more replies
Answer Match 60.06%

My PC keeps crashing with the blue screen of death. The BSOD dumps my physical memory somewhere. I assume that's so we can figure out what went wrong. Where is the physical memory dump? How do I analyze it (or, more accurately, who can analyze it for me)?

The (important part of the) BSOD's message is:

"A clock interrupt was not received on a secondary processor within the allocated time interval"

Technical Information: 0x0000000000000101 (0x0000000000000031, 0x0000000000000000, 0xFFFFF88002F64180, 0x0000000000000002)

Note that my PC passes all of the hardware tests that the manufacturer (Lenovo) included.

A:Where do I retreive a core dump and how do I analyze it?

To get help, follow instructions here:
http://www.sevenforums.com/crashes-d...tructions.html

9 more replies
Answer Match 60.06%

The minidump is in the .rar file.

I would greatly appreciate if someone took a bit of their time and would take a look at it. My specs are in my profile. This is pretty fresh win 7 64 bit install, but recently after installing some important software I've been receiving this same BSOD dump.

Thanks in advance!

A:BSOD problem, need help to analyze the dump

dtsoftbus01.sys Fri Jan 13 19:45:46 2012
Remove Daemon Tools/Alchohol completely. SPTD.sys is known to cause BSODs.How to remove sptd.sys from system
Registry and SPTD problems | DAEMON Pro Help

Avast is contributing to your BSOD's/ Please uninstall it and use Microsoft Security Essentials & the Free version of Malwarebytes, update and make full scans separately:Uninstallers (removal tools) for common antivirus software - ESET Knowledgebase
Help protect your PC with Microsoft Security Essentials
Malwarebytes Free



   Note
Do not start the trial version of MalwareBytes

Also take a look at: Good & Free System Security Combination
Virus Check:Make scans with these tools below:TDSSKiller Rootkit Removal Utility Free Download | Kaspersky Lab US
Online Virus Scanner Eset


Application conflict:Reduce the start-up items. This will help avoid software conflicts:Remove Startup Programs in Windows 7
Clean Startup in Windows 7
System File CheckerThe SFC /SCANNOW Command - System File Checker scans the integrity of all protected Windows 7 system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible. If you have modified your system files as in theming explorer/system files, running sfc /scannow will revert the system files to it's default state.Link to full tutorial: SFC /SCANNOW Command - System File Checker


Run Disk Check in Windows 7Run this on your Hard Drive(s). This w... Read more

1 more replies
Answer Match 60.06%

"Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+f6ef )"
Coluld You Sir tell me whats wrong here?
https://www.dropbox.com/s/xnc8r5seq0rilek/112015-22718-01.dmp?dl=0

More replies
Answer Match 60.06%

Windows XP Home SP2
Spontaneous re-boots due to bug check

I disabled: system properties > advanced > startup & recovery / settings > failures / automatically restart

Event viewer > save dump.

I have read KB 385271 [ how to use dump check ] & KB 314084 [ how to gather information after a dump check ]. I tried to use pstat.exe to solve the problem, but I am unskilled.

Your guidance will be appeciated.

B123
 

A:Solved: analyze mini-dump

7 more replies
Answer Match 60.06%

Hello All,

Was wondering if someone could help analyze my dump files to see if there's a way to correct my BSOD issue.
Attached is the dump files. Thanks for any help!

A:BSOD Dump Files to Analyze

Hi CaddyQuinn ^_^,

I have analyzed your dump files and below has been provided an analysis of the same for informative purposes :-

Code:
**************************Fri Aug 22 01:37:58.628 2014 (UTC + 5:30)**************************
*** WARNING: Unable to verify timestamp for atikmdag.sys

*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys

Probably caused by : hardware ( nt!KiInterruptDispatch+13b )

BugCheck A, {5200000000, b, 0, fffff8012457057b}
BugCheck Info: IRQL_NOT_LESS_OR_EQUAL (a)

BUGCHECK_STR: AV

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

PROCESS_NAME: System

FAILURE_BUCKET_ID: IP_MISALIGNED

MaxSpeed: 3000

CurrentSpeed: 2993

BIOS Version A08

BIOS Release Date 04/16/2014

Manufacturer Dell Inc.

Product Name XPS 8700

??????????????????????????????????????????????????????????????????????????????????????``


Below is a list of 3rd party drivers present on your system :-

Code:
**************************Fri Aug 22 01:37:58.628 2014 (UTC + 5:30)**************************
lvbflt64.sys Tue Oct 23 07:40:38 2012 (5085FC9E)
lvrs64.sys Tue Oct 23 07:41:24 2012 (5085FCCC)
lvuvc64.sys Tue Oct 23 07:42:08 2012 (5085FCF8)
athw8x.sys Thu Jan 17 14:45:39 2013 (50F7C13B)
Rt630x64.sys Fri May 10 15:29:08 2013 (518CC4EC)
intelppm.sys Thu Aug 22 14:16:35 20... Read more

37 more replies
Answer Match 60.06%

I have a computer that crashes 3-4 times per week with 0xA, 0x50, 0x8E, 0xD1 stop errors... not the same everytime. If the BSOD indicates a system file error, that isn'y the same each time either. The computer is one of seven, all with identical hardware, and all with hard drives cloned from the same image.

I have run Memtest86 several hours with no failures, and even tried swapping memory to be sure. I have tried two PSUs and have verified the voltages are within spec and not noisy using a DMM and an oscilloscope. And tried re-imaging the hard drive using the original image. BIOS settings are the same as the other systems. CPU temps normally run about 46C (56C under load). Running Prime95 for 15 minutes crashes the CPU card, but doesn't report the cause. If I move the CPU card to another system that has never crashed before, it crashes there.

I could have a bad CPU card or marginally flakey drivers that paired with this card crashes, but the same drivers don't crash six other systems. Card manufacturer tech support and Google have been no help. I am hoping analysis of a crash dump file will narrow it down (bad Xeon processor#1 or #2, bad card, flakey driver, etc).

Specs:
Passive backplane with 8 PCI + 4 PCI-X slots
ADLink NuPro 900A SBC with dual Xeons @2GHz, 2GB PC2700 ECC RAM. dual GB ethernet
Matrox Odyssey XG (dual P750 GPUs) PCI-X graphics
Matrox Odyssey XPRO RGB image capture PCI-X
Condor Engineering QPCI-1553 four channel Mil-Std-1553
Condor Enginee... Read more

A:Solved: Help Analyze Crash Dump

If I move the CPU card to another system that has never crashed before, it crashes there.

It would appear to me that you have answered your own problem.
I would replace the graphics card
 

3 more replies
Answer Match 60.06%

Been getting random BSOD since adding some new RAM to the system. I know bad RAM is the most likely culprit but this has been happening with several different combitions of sticks (All the same brand/model), though I have yet to run memtest86+ on this specific set just added.

The dump files are attached, thanks.

A:Can someone analyze some mini dump files?

Please do run the Memtest. Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program. Boot from the CD, and leave it running for at least 5 or 6 passes.

Be sure to run it on all the sticks at the same time, to start out with.

I see you have Astra installed. Be update it to the latest version, or remove it altogether.
Code:
ASTRA64.sys Wed May 04 06:33:22 2005 (4278A4F2)

Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Jonathan\Desktop\061710-27487-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
Machine Name:
Kernel base = 0xfffff800`02a60000 PsLoadedModuleList = 0xfffff800`02c9de50
Debug session time: Thu Jun 17 17:12:13.286 2010 (UTC - 4:00)
System Uptime: 0 days 1:24:02.566
Loading Kernel Symbols
...............................................................
................................................................
..........................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* ... Read more

2 more replies
Answer Match 59.64%

Hi guys

my new Windows 7 and PC seems to be crashing after Windows Update (numerous updates were done)...

Please can someone analyse the minidump file and tell me what the most likely problem is.


Thank you
Mark
 

A:Windows 7 Mini Dump Files - Please analyze

Your issue is with the firewire driver 1394ohci.sys Microsoft has done a fix for this and Windows 7.

See this link: http://www.rme-audio.de/forum/viewtopic.php?id=8131
 

1 more replies
Answer Match 58.8%

I've started getting in to analyzing my own memory dumps with WinDBG but the problem is I don't know which commands to use to properly utilize its features. For instance, (forgive me if I sound noobish about this I'm new to analyzing them) how do I view the call stacks for seeing if the probable cause lies in there?

For instance just opening the Kernel Dump in WinDbg tells me the probable cause is "ntkrnlmp.exe" But I doubt that it's the real cause of the BSOD.

Any tips would be appreciated and I apologize if this is in the wrong topic.

EDIT:
Also could anyone tell me if this driver seems to be the cause of this particular blue screen? This is the call stacks






Quote:
fffff880`04306790 fffff880`04e1e9d3 dxgmms1!VIDMM_GLOBAL::ReferenceAllocationForSubmission+0xa3
fffff880`043067d0 fffff880`04e387d9 dxgmms1!VIDMM_GLOBAL::PrepareDmaBuffer+0xe1b
fffff880`043069a0 fffff880`04e38514 dxgmms1!VidSchiSubmitRenderCommand+0x241
fffff880`04306b90 fffff880`04e38012 dxgmms1!VidSchiSubmitQueueCommand+0x50
fffff880`04306bc0 fffff800`0332d73a dxgmms1!VidSchiWorkerThread+0xd6
fffff880`04306c00 fffff800`030828e6 nt!PspSystemThreadStartup+0x5a
fffff880`04306c40 00000000`00000000 nt!KxStartSystemThread+0x16


Thanks again for any information

A:How do I use WinDBG to properly analyze a kernal memory dump?

I'm not a pro either but looking at that dxgmms1, it is a microsoft driver and unlikely to be the actual cause.

Driver Reference Table - dxgmms1.sys

My suspicion would be graphics drivers or the card depending on the BugCheck Code.

Here's an excellent driver reference, Driver Reference Table (DRT)

And BSOD index for BugChecks, BSOD Index

Also here's some good info for finding offending drivers,

Debugging A BSOD - My way

5 more replies
Answer Match 58.8%

Hello,

I am trying to debug some crash dumps which all point to NTOSKRNL.EXE but I am unable to debug or even analyze it because the WinDBG throws me an error :-


Code:
************* Symbol Path validation summary **************Response Time (ms) Location
OK C:\symbols
Symbol search path is: C:\symbols
Executable search path is: C:\symbols
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 8 Kernel Version 9200 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9200.16628.amd64fre.win8_gdr.130531-1504
Machine Name:
Kernel base = 0xfffff801`0cc8a000 PsLoadedModuleList = 0xfffff801`0cf56a20
Debug session time: Sat Mar 22 19:54:14.327 2014 (UTC + 5:30)
System Uptime: 0 days 0:27:07.854
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................. Read more

A:Unable to make WinDBG analyze the Dump files

Hi

Your symbol search path is wrong. You should set it something like :

SRV*C:\symbols*http://msdl.microsoft.com/download/symbols

Then Windbg will download and save correct symbols in to the local cache.

4 more replies
Answer Match 58.38%
A:BSOD, and no dump file was found even though dump file anabled.

That is this driver,

Killer Networking - Standard Drivers (no Killer Features)

You still need to follow the posting instructions if you want help.

1 more replies
Answer Match 58.38%

Sometimes, and more frequently lately, my windows crashes at starting windows lately. When i logged in, it takes about a minute to 5 minutes until it crashes.
but when those 5 minutes are over i can work and play the whole day without a crash.
dump files attached.

A:Please analyze these BSOD dump files - windows crashes at startup

Here is the bugcheck

Code:
BugCheck 9F, {3, fffffa80049d0a20, fffff80000b9c518, fffffa8007ee0170}
*** WARNING: Unable to verify timestamp for NETw5s64.sys
*** ERROR: Module load completed but symbols could not be loaded for NETw5s64.sys
Probably caused by : NETw5s64.sys
Followup: MachineOwner
---------
BugCheck 1E, {ffffffffc0000005, fffff8800b472970, 0, 0}
Probably caused by : tcpip.sys ( tcpip!WfpAleInsertEndpoint+4 )
Followup: MachineOwner
---------
BugCheck A, {fffffffa80091e4c, 2, 1, fffff80003c8e8fd}
Probably caused by : ntkrnlmp.exe ( nt!KeSetEvent+36d )
Followup: MachineOwner
---------
BugCheck A, {fffffffa800950dc, 2, 1, fffff80003cca24f}
Probably caused by : ntkrnlmp.exe ( nt!KiTimerWaitTest+20f )
Followup: MachineOwner
---------
One of the dump indicated internet wifi driver, NETw5s64.sys, please go to intel website to download and install fresh copy of it (Also keep in mind to uninstall previous version of driver in Computer-->manage-->device manager before install new copy)

beside that, other minidumps indicated different causes, but one of them is ffffffffc0000005, which suggest memory corruption, please download third party called memtest86, burn it to cd and let it run for at least 7 passess

Good luck and let us know if you need help

Tuan

7 more replies
Answer Match 55.86%

I've been having BSoD's for well over a year now, once or twice almost every day. I've tried multiple times to figure out whats wrong but... I dont have ANY dump files.

I've followed instructions on how to enable them but it still doesn't create a file. Im really hoping you all can help me out here.

The current settings are:
Page files on both hard drives enabled.
Set custom page size to 17000MB-20000MB
System managed size and no paging file boxes are unchecked
Write an event to system log box checked
Automatically restart unchecked
Debug information set to small memory dump/kernal. Both settings dont work
Overwrite existing file box is greyed out when debug is set to small memory. Checked when set to kernal
Small and kernal memory dump location set to C:\Windows\Minidump and C:\Windows\Memory.DMP I created these folders as they were not present

I got a SSD awhile back and use it for my windows. However i didnt reformat my other hard drive and windows is still installed on the old one however i boot from the SSD (maybe this is some how the problem)

Im using WhoCrashed from Resplendence Software - Advanced System Tools and Developer Components to force a BSoD when trying to creat a dump file.

There are NO files in either folder. Both on the SSD or old hard drive.

I've searched many forums now and found others with what seems to be the same problem but with no solutions. I would VERY much appreciate the help!
The BSoD's seem to mostly happen when play... Read more

A:No dump file after BSoD. Dump files ARE enabled

Wrote stuff that was wrong. Ignore this reply

9 more replies
Answer Match 52.92%

firefox and YM crushed then BSOD.
PFN_LIST_CORRUPT
0x0000004e
0x0007f552
0x00000000
0x00000000

analyze minidump file pls!
thank you!
 

A:Pfn_ilst_corrupt windows xp sp3 "analyze mini dump"

Bug Check 0x4E: PFN_LIST_CORRUPT http://msdn.microsoft.com/en-gb/library/ms793247.aspx

Fault happened with Firefox open, looks to be Memory fault

Please run Memtest on your Ram (likely faulty Ram)
 

1 more replies
Answer Match 49.14%

Log was analyzed using HijackThis Analyzer - Updated on 12/1/04
Get updates at http://www.greyknight17.com/download.htm#programs

Logfile of HijackThis v1.98.2
Scan saved at 9:10:48 PM, on 12/3/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\system32\winsecure.exe
C:\PROGRA~1\COMMON~1\AOL\110079~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\110079~1\EE\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.begin2search.com/sidesearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
O2 - BHO: SDWin32 Class - {AA791B8B-906A-45A1-A122-AE81FD26D047} - C:\WINDOWS\system32\fsmed.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\C... Read more

A:HJT log file-please analyze

Hi
Make sure you have already run Adaware, Spybot S & D(check for updates) as these will do a preliminary clean first.Some files below may not be present after running the above programs.

Then....
Turn off your System Restore SEE HERE Reinstate it when your log is cleaned and then create a new restore point.Close your browser window and run hjt in safe mode... HOW TO RUN SAFE MODE and have "Hijack This" fix all the following items by placing a check in the appropriate boxes and selecting "fix checked". Files highlighted in BLACK in the log will need to be removed from your hard drive. Make sure to have your system set to show hidden files and folders.. HOW TO SHOW FILES ..Please reboot and post a new log when finished...


R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.begin2search.com/sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.begin2search.com/sidesearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.begin2search.com/sidesearch.html
R3 - Default URLSearchHook is missing
O2 - BHO: SDWin32 Class - {AA791B8B-906A-45A1-A122-AE81FD26D047} - C:\WINDOWS\system32\fsmed.dll
O4 - HKLM\..\Run: [winversion] C:\WINDOWS\system32\winversion.exe
O4 - HKLM\..\Run: [winsecure] C:\WINDOWS\system32\winsecure.exe

4 more replies
Answer Match 49.14%

I get the message executing wInotify.dll after the logon screen. I read somewhere that this could be a virus/spyware. Also, my computer seems to be slower than it used to be. please help. here is my HJT log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:53:13, on 27/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\AOL\1174742517\ee\AOLSoftware.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\... Read more

More replies
Answer Match 49.14%

Logfile of HijackThis v1.99.0Scan saved at 2:41:01 PM, on 1/10/2005Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\MSTASK.EXEC:\WINDOWS\SYSTEM\SSDPSRV.EXEC:\WINDOWS\SYSTEM\DEVLDR16.EXEC:\WINDOWS\EXPLORER.EXEC:\WINDOWS\SYSTEM\RESTORE\STMGR.EXEC:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXEC:\WINDOWS\APPLICATION DATA\PSMA.EXEC:\WINDOWS\MSTASK.EXEC:\WINDOWS\SYSTEM\XNCVR.EXEC:\PROGRAM FILES\PALM\HOTSYNC.EXEC:\WINDOWS\DVZCOMMON\DVZMSGR.EXEC:\WINDOWS\SYSTEM\PSTORES.EXEC:\WINDOWS\DESKTOP\SHORTCUTS & STUFF\SECURITY\HIJACKTHIS.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.find-more.net/sp.htmR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.find-more.net/index.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.find-everything.com/index.htmR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.comR1 - HKCU\Software\Microsoft&#... Read more

A:please analyze - use this file

Please download and install CWShredder.http://cwshredder.net/bin/CWSInstall.exePlease make sure that you can view all hidden files. Instructions on how to do this can be found here:How to see hidden files in WindowsRun Hijackthis again, click scan, and Put a checkmark next to each of these. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.find-more.net/sp.htmR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.find-more.net/index.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.find-everything.com/index.htmR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.comR1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blankR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.find-more.net/sp.htmR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.find-more.net/index.htmR3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O2 - BHO: (no name) - {38AB445E-E362-4FB3-8753-60550DF32C42} - C:\WINDOWS\SYSTEM\NTGCE.DLL (disabled by BHODemon)O2 - BHO: (no name) - {78C89F59-229C-4C1B-CF6A-29A71949C494} ... Read more

3 more replies
Answer Match 49.14%

Hi... I have had this problems for several weeks now, and it has only gotten worse. There is a "sex" icon on my desktop no matter how many times I delete it. Also, my IE browser have numerous popups that just won't stop. I have run the newest Ad-Aware, Spybot, and virus scans to no avail. Whenenver I remove or "fix" the entries, once I reboot they all come back. Please help.... HJT logfile is listed below. Thanks for helping.

Logfile of HijackThis v1.99.0
Scan saved at 7:23:53 PM, on 1/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\gearsec.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\inetdata\services.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.... Read more

A:Please help analyze HJT file

Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Reboot into Safe Mode (hit F8 key until ... Read more

4 more replies
Answer Match 49.14%

For the first time in maybe 5-6 years i got infected with a trojan, VIRTUMONDE.NEOESET kept qurantining those files, and causing headaches, finally i somehow located ComboFix in my toolbox and i ran it and it seems to have worked. However, since i am not the expert on analyzing this file i need assistance.Thanks in advance, 1sysComboFix 09-04-14.08 - 01/14/2009 7:10.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2569 [GMT -5:00]Running from: c:\documents and settings\Desktop\ComboFix.exeAV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)FW: ESET Personal firewall *enabled* * Created a new restore point.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\Application Data\inst.exec:\windows\system32\aonbcb.dllc:\windows\system32\bfaekqoi.dllc:\windows\system32\bunvsyty.dllc:\windows\system32\cgxtovur.dllc:\windows\system32\cnhtjyrc.dllc:\windows\system32\enkfxy.dllc:\windows\system32\geBqPIbX.dllc:\windows\system32\jdoqkikp.dllc:\windows\system32\lbvqwubh.dllc:\windows\system32\lgaxinnd.dllc:\windows\system32\lzlfrz.dllc:\windows\system32\mcrh.tmpc:\windows\system32\nviolc.dllc:\windows\system32\piscajnc.dllc:�... Read more

A:analyze log file help!!

no one has had a chanc to analyze the file yet, or...
a little glance would do it.

10 more replies
Answer Match 49.14%

I have a reoccurring bsod that seems to happen more when a internet browser is up and I thought I would scan and try and rule out viruses for sure.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:37:14 AM, on 12/2/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Privoxy\privoxy.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\OCCT\OCCT.exe
C:\Users\Chad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet... Read more

More replies
Answer Match 49.14%

Here is my preanalyzed HJT log captured after running the latest AdAware SE definintions and Trendmicro HouseCall scan as instructed:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 9/28/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Servic... Read more

A:Please analyze my log file

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

In the meantime, make sure you subscribe to this thread so that you will receive an instant email when I have replied with a fix to your problem. You may do this by clicking the Thread Tools option at the top of your post and then clicking Subscribe to this thread. Then, make sure Instant Notification by email is selected and click Add Subscription

Please be patient with me during this time.

7 more replies
Answer Match 49.14%

Could someone please look at this hijack this log file and tell me what's going on.I get so many pop-ups that i can barely do my work online because it has made my computer so slow. I don't know if this is related, but systemdoctor is on my coomputer(i didn't put it there) and won't uninstall. Any advice would be much appreciated.Logfile of HijackThis v1.99.1Scan saved at 1:16:49 PM, on 8/11/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Wireless-G Notebook Adapter\NICServ.exeC:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\WINDOWS\system32\pctspk.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exeC:\Program Files... Read more

A:Please Analyze This Hjt Log File

Hello there and welcome to Bleeping Computer's security forum.My name is David, I will be helping you with your log today.It is a good idea to print off these instructions. There is a possibility some of the instructions will need to be carried out where internet access is not available. It is important that you complete the instructions in the right order, and that you don't miss out any steps.You are missing one important program on that computer - an antivirus! This is somewhat suicidal in today's digital world.You need to install an antivirus program as soon as you can and run a complete scan of the computer. AVG and Avast are excellent, free antivirus programs..Never install more than one antivirus on your system - several together can cause problems and decrease performance.Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\ovamcska.dll",forkonceO23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\loyqjagj.exe (file missing)Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!You are using the Shareaza p2p file sharing program.This is not technically malware by itself, but it installs malware in order to run properly.It also opens the door for every other nasty program you can... Read more

2 more replies
Answer Match 49.14%

well Im pretty sure i dont have any malware on my computer but decided i should do this just as a precaution.if someone can look at this and tell me if everything is OK it would be much appreciated. here is the log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:53:52 PM, on 12/6/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Stardock\SDMCP.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Support.com\bin\tgcmd.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\NCLAUNCH.EXeC:\Program Files\CursorXP\CursorXP.exeC:\Program Files\Comm... Read more

A:need someone to analyze my log file

We apologize for the delay in responding to your request for help. We are volunteer staff at Bleeping Computer and get overwhelmed at times with the large number of users seeking help. We are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate your letting us know. If not, please perform the following steps so we can have a look at the current condition of your computer. If you have not done so, include a description of your problem along with any steps you may have performed so far.When you have completed the steps below, a staff member will review the log and provide instructions for you to get your computer clean and free of malware.Thanks and we apologize for the delay.We need to see current information on what is happening in your computer. Please perform the following scan: Please download DDS by sUBs from one of the following links. Save it to your desktop.DDS.com DDS.scr DDS.pif After downloading the tool: Disconnect from the Internet. Disable all antivirus/anti-spyware protection. If needed, please read How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs. Double click on the DDS icon, allow it to run. Please note: If the scan fails to run, you may have to dis... Read more

6 more replies
Answer Match 49.14%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:09:20 PM, on 30/07/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:D:\WINDOWS\System32\smss.exeD:\WINDOWS\system32\winlogon.exeD:\WINDOWS\system32\services.exeD:\WINDOWS\system32\lsass.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\system32\spoolsv.exeD:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeD:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeD:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeD:\PROGRA~1\Grisoft\AVG7\avgemc.exeD:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeD:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exeD:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exeD:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exeD:\WINDOWS\system32\svchost.exeD:\Program Files\Blue Coat K9 Web Protection\k9filter.exeD:\WINDOWS\system32\wscntfy.exeD:\WINDOWS\Explorer.EXED:\Program Files\Yahoo!\Messenger\YahooMessenger.exeD:\WINDOWS\system32\ctfmon.exeD:\Program Files\DNA\btdna.exeD:\Program Files\Internet Downl... Read more

A:I Need Help To Analyze My Log File

Hello there and welcome to bleeping computer!
There is nothing wrong with this log, it's clean! Are you having problems?

1 more replies
Answer Match 49.14%

can someone analyze this log file please

More replies
Answer Match 49.14%

My laptop is running very slow. I log on the internet a lot on the road either with a Cingular air card or with Wi-Fi or with an ethernet cable. I have been noticing lately that it is taking more and more time to bring up the computer to do anything. The other day, I tried to do a virus/spyware scan and the I could not even do the spyware scan, it seemed like it was in a loop and wouldn't do the scan. Please look at the attached log and tell me anything I need to fix. Also are there any other security programs that I could run that would be beneficial to me and help me speed this up. I have another error that has been coming up lately as well. It looks like the Blue Screen of Death. I have been getting an error "Kernal - Data - Inpage - Error"

Any help you could give me would be appreciated. Please see Latest HJT log below.

Thank You
Edwin

Logfile of HijackThis v1.99.1
Scan saved at 4:49:55 PM, on 10/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\WINDOWS\System32\HPConfig.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\RadioSvr.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\... Read more

More replies
Answer Match 49.14%

Ok... I have used Ad-Aware, Spy-bot, Spyware Doctor, Xoftspy, CWshredder, Ewido. and had kaspersky do a full scan. I still have pop ups. Nasty ones at that. I'm thinking its the log entry "winshow" but I'm at a loss. This is the first time I have done a clean-up service and still had a problem afterwards. Please help me!Here's the log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:03:52 PM, on 3/17/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exeC:\WINDOWS\System32\nvsvc32.exeC:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\System32\hphmon05.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exeC:\WINDOWS\system32\Rundll32.exeC:\WINDOWS\... Read more

A:Help Me Analyze This Log File

Hello Capricorn One,Welcome to Bleeping Computer This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.1. Download this file - combofix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe2. Double click combofix.exe & follow the prompts.3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.Note:Do not mouseclick combofix's window while it's running. That may cause it to stall.Thanks,tea

2 more replies
Answer Match 49.14%

Hi I am new to this forum and I was wondering if anyone can help determine if my system is clean.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:58:42 PM, on 8/6/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\Program Files\Dell\Media Experience\PCMService.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Comodo\Firewall\CPF.exeC:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\DellSupport\DSAgnt.exeC:\WINDOWS\s... Read more

A:Can Someone Analyze My Log File Please?

Welcome to BC! I don't see any problems here, the log is clean..

3 more replies
Answer Match 49.14%

Logfile of Trend Micro HijackThis v2.0.4Scan saved at 4:03:02 PM, on 10/7/2011Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exeC:\Program Files (x86)\WinZip\WZQKPICK.EXEC:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exeC:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exeC:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exeC:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\Samsung\PanelMgr\SSMMgr.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exeC:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\HTC\ModeSelection\VMMModeSelection.exeC:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exeC:\Users\Luther\AppData&... Read more

A:analyze my log file

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===The HijackThis tool is not ready for the 64 bit operating system. In your case I need to see a DDS Log.I would remove HijackThis using the Add/Remove Programs list.Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.Download DDS and save it to your desktop from here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop.Please just paste the contents of the DDS.txt log in your next post.===Third party programs if not up to date can be the cause infiltration of an infection.Please run this security check for my review.Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.===Please post the logs and let me know what problem persists.

7 more replies
Answer Match 49.14%

here it is - my system is severely infected.....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:05:28 PM, on 2/16/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Safe mode with network support

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Documents and Settings\Administrator.THOUSE.002\Application Data\U3\000179701123248C\LaunchPad.exe
C:\WINNT\system32\mshta.exe
C:\WINNT\explorer.exe
C:\Documents and Settings\Administrator.THOUSE.002\My Documents\Downloads\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:80
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,fuktkip.exe
O1 - Hosts: 124.217.252.77 www.bravesentry.com
O1 - Hosts: 124.217.252.77 bravesentry.com
O1 - Hosts: 124.217.252.78 secure.isoftpay.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\... Read more

A:Can somebody help me analyze this log file?

Please download SDFix from here and save it to your desktop


Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.


Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Post that log in your next reply.


=========================================


Please download Combofix from any of the links below, and save it to your desktop. For further information regarding this download you can see this ... Read more

1 more replies
Answer Match 48.72%

Hello I just joined and would really like to have an expert look over my hijackthis logfile to help me clear things out that might need it. so please analyze it and tell me what to do afterwards. thank you so much! heres my log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:09:53 AM, on 3/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\bak\bak\qttask.exe
C:\Program Files\HP\HP Softwar... Read more

More replies
Answer Match 48.72%

I have been getting two popups repeatedly.Windows Security CenterWARNING: Windows Firewall detected suspicious network activity on your computer..... Do you want to learn how to protect your computer?A balloon dialogue from the taskbar stating:Your computer might be at risk Your virus protection status is bad Spyware Activity DetectedI run Ad-Aware, CWShredder, and Spybot S&D regularly. Spybot found FindSpy.A, Avenue.A, and EffectiveBandToolbar. Deleted but problem remains.Here are the results of HijackThis. Logfile of HijackThis v1.99.1Scan saved at 10:34:56 AM, on 6/26/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exeC:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeC:\Program Files\Protector Plus\PPAVMon.exeC:\Program Files\Protector Plus\PPServ.exeC:\WINDOWS\System32\svchos... Read more

A:Analyze HijackThis Log File

Hello cheerokeedog and welcome to the BC forums. You are getting these popups for 2 reasons. They are coming from the Windows Security service and it either does not recognize the anti-virus program you are using or your anti-virus is out of date. The Security Center is doing its job.Whatever the reason, your computer is infected. I would check your anti-virus and make sure that it is being kept updated. To repair the current infection, please print these directions and then proceed with the following steps in order.Step #1Download CCleaner and install it but do not run it yet.ImportantYour copy of HijackThis needs to be in a folder of it's own. If it is run from Temporary folders the backups and HijackThis itself could be accidentally deleted if the Temporary folders are cleaned. If it is run from the desktop then the backup files and folders can clutter up the desktop and be accidentally deleted. If it is run from inside a compressed file then the backups are not created at all.Please open My ComputerDouble-click on Local Disk (C:)Click on the File menu, point to New and then click on Folder. Name the folder 'HijackThis' or 'HJT'.Unzip to or copy and paste HijackThis.exe to the new folder (do not run HijackThis directly out of the sfx or compressed file).Step #2Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.... Read more

1 more replies
Answer Match 48.72%

Hello. Can you please analyze the following HijackThis Log, so that you can tell me if everything is as it should be. Thank you in advance and have a good time:)!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:52:36 PM, on 12/26/2009Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18865)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exeC:\Windows\System32\mobsync.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Windows\Samsung\PanelMgr\SSMMgr.exeC:\Program Files\Babylon\Babylon-Pro\Babylon.exeC:\Windows\System32\rundll32.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Creative\MediaSource5\MtdAcqu.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXEC:\Program Files\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Babylon\Babylon-Pro\Agent\BabylonAgent.exeC:\Program Files\Internet Download Manager\IDMan.exeC:\Program Fil... Read more

A:HijackThis Log file analyze.

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

19 more replies
Answer Match 48.72%

minidump file attached.
Thx.
 

A:Another minidump file to analyze.

This is your minidump....

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 0081990a, The address that the exception occurred at
Arg3: eec7aa18, Trap Frame
Arg4: 00000000

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

FAULTING_IP:
+81990a
0081990a ?? ???

TRAP_FRAME: eec7aa18 -- (.trap ffffffffeec7aa18)
ErrCode = 00000000
eax=0081990a ebx=e285a5f8 ecx=eec7abf4 edx=00000000 esi=eec7aab0 edi=00000000
eip=0081990a esp=eec7aa8c ebp=eec7acac iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010202
0081990a ?? ???
Resetting default... Read more

2 more replies
Answer Match 48.72%

i have some viruses that i can't get rid off, i scaned my pc with Combofix, please help to analyze the log file ComboFix 10-10-10.02 - S?bastien 11/10/2010 17:02:22.1.2 - x86Microsoft Windows XP ?dition familiale 5.1.2600.3.1252.33.1036.18.1022.219 [GMT 2:00]Lanc? depuis: c:\documents and settings\S?bastien\Mes documents\T?l?chargements\ComboFix.exeAV: Securitoo AntiVirus Firewall 6.15 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}FW: Securitoo AntiVirus Firewall 6.15 *enabled* {D4747503-0346-49EB-9262-997542F79BF4} * Un antivirus r?sident est actifAVERTISSEMENT - LA CONSOLE DE R?CUP?RATION N'EST PAS INSTALL?E SUR CETTE MACHINE !!.Les fichiers ci-dessous ont ?t? d?sactiv?s pendant l'ex?cution:c:\program files\Securitoo\av_fw\FWES\Program\fsdc.dll(((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))).c:\program files\Fast Browser Searchc:\program files\Fast Browser Search\IE\1.batc:\program files\Fast Browser Search\IE\about.htmlc:\program files\Fast Browser Search\IE\affid.datc:\program files\Fast Browser Search\IE\basis.xmlc:\program files\Fast Browser Search\IE\basis_br.xmlc:\program files\Fast Browser Search\IE\basis_de.xmlc:\program files\Fast Browser Search\IE\... Read more

A:please help to analyze Combofix log file

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

2 more replies
Answer Match 48.72%

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:34 AM, on 3/17/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\Adobe\Director\SwDnld.exe
C:\Program Files (x86)\Trend Micro\Hijac... Read more

A:Please analyze this log file for viruses, etc

Hi judy217, and welcome to Bleeping Computer.Please follow our Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help, and post the logs requested! Since you're using a 64bit system, there is no need for a Gmer scan - post just the DDS.txt and Attach.txt logs...

2 more replies
Answer Match 48.72%

Hi,
I've recently got the dreaded offeroptimizer pop-ups on my computer.
I'm working with a Win XP with sp2, so the popups are being snuffed, but they're still driving me crazy.
I've downloaded and tried, with full updates, both spybot search and destroy and ad-aware se.
Both of these programs have found stuff on my computer, but they haven't resolved the offeroptimizer pop-up problem.
Therefore I downloaded HiJack.
Here is what my log says.
Any information as to the next step is greatly appreciated.

Logfile of HijackThis v1.98.2
Scan saved at 508 PM, on 9/9/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\... Read more

More replies
Answer Match 48.72%

For those that get their kicks on looking at these. Anybody see any bad things in this log file.

Logfile of HijackThis v1.99.1
Scan saved at 7:54:07 AM, on 7/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\U... Read more

A:Solved: Anyone want to analyze this log file?

Overall it looks clean.

I'd fix these minor entries.

O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)

O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)

Reboot afterwards.

Are you having any problems or just wanted your log looked over?
 

3 more replies
Answer Match 48.72%

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:49:18 PM, on 8/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: (no name) - {00000000-6C30-11D8-9363-000AE6309654} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ZILLAbar BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\ZB2.dll
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.... Read more

A:can someone analyze this Hijack this file for me?

just to let you know you posted in the wrong area it should be in Malware removal and hijacks
 

2 more replies
Answer Match 48.72%

Hi everyoneMy computer has done many access to non authorized web site (by websense software). That web site seems to be a malware site.I executed a hijackthis on my computer and generate the attached log file.Thanks for every expert who can analyze it for me !My name is KaderMy email address is : Removed to protect from spambots. ~ OB

A:Need that someone analyze my HijackThis Log File

Please need help !!! a malware inside my computer !!!here is the hijacktihis logLogfile of Trend Micro HijackThis v2.0.2Scan saved at 2:13:21 PM, on 4/6/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exeC:\Program Files\PatchLink\Update Agent\GravitixService.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exeC:\Program Files\RealVNC\WinVNC\WinVNC.exeC:\WINDOWS\TEMP\JJFD29.EXEC:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exeC:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exeC:\WINDOWS\System32\dllhost.exeC:\WINDOWS\system32\inetsrv\DavCData.exeC:�... Read more

3 more replies
Answer Match 48.72%

Can someone analyze my file and tell me if I have something that should be deleted?

Thanks and have a great day


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:14:11 AM, on 8/2/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\McAf... Read more

A:Please Analyze my HijackThis log file

Looks okay
 

3 more replies
Answer Match 48.72%

Can anyone analyze a Hijackthis file for me. I won't post it here, unless it's OK.

HP Dual-Core processor, 2 GB RAM, running Vista Home Premium SP1

Thanks
 

A:Analyze my Hijackthis file, please

What is the problem that you are facing? That is what will determine where you post a thread. State your problem in the title of the thread, then give a detailed description of the problem, within the body of the thread. Appropriate instructions will then be given, by someone.
If it is a Malware problem go here; http://www.techspot.com/vb/topic109461.html. follow the instructions then post your logs. If infact you are having Malware problems start a new thread here; http://www.techspot.com/vb/menu28.html
 

8 more replies
Answer Match 48.72%

i have a few problems... first of all i get this pop up that keeps coming up called Error #317 and winSterhjk v.2011...and my comp is running slower...and my documents keeps appearing as an application in the taskmanager but i cant c it

helppp plz

Logfile of HijackThis v1.99.1
Scan saved at 9:53:11 AM, on 5/03/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOW... Read more

A:can someone analyze my hijackthis log file

16 more replies
Answer Match 48.72%

I need help in analyzing and fixing what may be wrong with my computer. Thank you.
 

A:Can someone pls help me analyze my hijackthis file.

Hiya and welcome to Tech Support Guy

What is the problems with your computer?

Download TFC by OldTimer to your desktop

Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
It will close all programs when run, so make sure you have saved all your work before you begin.
Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by cl... Read more

1 more replies
Answer Match 48.72%

Hi,
This is my friend's computers log. She was using MSN and she got a message that said "OMG this is so funny" with a link which she clicked on. Now the internet isn't really working, popups are popping up, etc. The log is below.

Thanks!

Lisa

Logfile of HijackThis v1.99.0
Scan saved at 10:42:01 AM, on 3/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\hotkeysvc.exe
C:\WINDOWS\system32\cthelper.exe
C:\WINDOWS\yxydxhb.exe
C:\WINDOWS\system32\Axkext.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\gah95on6.exe
C:\WINDOWS\sy... Read more

A:Please help analyze hijackthis file

Hello and welcome to TSF-

You have several problems that we need to address. We will be using several anti-spyware, anti-adware and anti-hijack programs. I recommend that you keep these programs on your system permanently.
Only use Hijack This under the guidance of an expert! Accidentally deleting something can disable your operating system. Print out these instructions so you may reference them without any programs open. It is very important that no programs (especially internet browsers) are running when implementing these fixes. [You may leave your firewall and virusscanner running, of course.]
----------------------------------------------------------------
* Your version of HiJackThis is outdated. Please download the most recent version, v1.99.1 and repost a new HJT log.
* Your HiJackThis program is in a temporary folder or on the Desktop. It is important that this program reside in a permanent folder. I recommend c:/program files/HJT/. You should save each log with a name that you can recognize, like HJT 9-20-04a.log. The 'a' is in case we make multiple logs in one day. HiJackThis is a single file program. So you may freely cut/paste it to whereever you want and it will not affect HiJackThis's functionality.

You have 2 Internet Explorer programs running during your scan.
* When running HiJackThis scans or fixes, it is imperative that you close all programs especially internet browsers. HiJackThis, Spybot, AdAware and CWShredder cannot repair the badguy... Read more

18 more replies
Answer Match 48.72%

Many thanks in advance. My computer has been redirecting me left and right. Tried every virus scanner in the book. Nothing has helped.

A:Ran combofix, can somebody please analyze my log file?

Welcome to TSF :)

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:


Code:
File::
c:\windows\Bjafabafi.dat
c:\windows\Ntecafuzaca.bin
Folder::
c:\documents and settings\Matt\Application Data\krofxyltf
c:\documents and settings\Matt\Local Settings\Application Data\krofxyltf
c:\documents and settings\Matt\Local Settings\Application Data\uvvtrbqnr
Driver::
cpuz130
DDS::
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5643
Save this as CFScript.txt, in the same location as ComboFix.exe





Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

6 more replies
Answer Match 48.72%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:42:28 PM, on 4/5/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exeC:\Program Files\Dell\Media Experience\DMXLauncher.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\Yahoo!\Search Protection\SearchProtection.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Verizon\VSP\VerizonServicepoint.exeC:\... Read more

A:Hijackthis Log File. Please Analyze Ty!

Hi,

What problems are you having? Because I can't see anything suspicious here.

2 more replies
Answer Match 48.72%

Please let me know if you see anything suspicious. I ran a pandascan a few months ago and it found viruses, and i'll run that again if you want me to. thanksLogfile of HijackThis v1.99.1Scan saved at 10:47:38 AM, on 5/11/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\netdde.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\nvsvc32.exeC:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\EarthLink TotalAccess\Spyware Blocker\WRSSSDK.exeC:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exeC:\WINDOWS\System32\vssvc.exeC:\WINDOWS\System32\wbem\wmiapsrv.exeC:\WINDOWS\System32\dmadmin.exeC:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exeC:\WINDOWS\system32\cidaemon.exeC:\WINDOWS\System32\HPZipm12.exeC:\PROGRA~1\TRENDM~1&... Read more

A:Please Analyze My Log File, Possible Viruses

Hello Nakedyak Welcome to BC.You are running HijackThis from the Desktop. It needs to have its own folder to function properly. Please create a new folder and place HijackThis.exe in it.========================Please disable Windows Defender Real Time Protection as it may interfere with the fix. To disable Windows Defender: Open Windows DefenderClick ToolsClick General SettingsScroll down to Real Time Protection OptionsUncheck Turn on Real Time Protection (recommended)After you uncheck this, click on the Save button and close Windows Defender.Close Windows DefenderOnce your log is clean you can re-enable Windows Defender Real Time Protection.==========================Scan with HijackThis and put a checkmark against the following:R3 - Default URLSearchHook is missingF2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\msiexec.exeClose all other windows/browsers/applications, except HijackThis and click on Fix checked.===========================Make sure that you can see hidden files ? Click Start

? Open My Computer

? Select the Tools menu and click Folder Options

? Select the View Tab

? Under the Hidden files and folders heading select Show hidden files and folders

? Uncheck the Hide protected operating system files (recommended) option

? Click Yes to confirm

? Click OK

** These files are hidden to stop you accidentally removing something important.

It is advisable to hide them again afte... Read more

11 more replies
Answer Match 48.72%

I had a blue screen a few hours and that the findings

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {20, 8538e5d8, 8538e7a8, 83a0010}

Unable to load image \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys, Win32 error 2
*** WARNING: Unable to verify timestamp for VBoxNetFlt.sys
*** ERROR: Module load completed but symbols could not be loaded for VBoxNetFlt.sys
Unable to load image \SystemRoot\system32\DRIVERS\athr.sys, Win32 error 2
*** WARNING: Unable to verify timestamp for athr.sys
*** ERROR: Module load completed but symbols could not be loaded for athr.sys
Probably caused by : NETIO.SYS ( NETIO!NetioFreeNetBufferList+e )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
********************************... Read more

A:BSOD there is dmp file analyze

Hi kfir91.

Click on the button below ....



It will download the DM log collector. Right click on the application and run as administrator. It will generate a .zip file on your desktop. Upload the .zip.
Screenshots and Files - Upload and Post in Seven Forums

4 more replies
Answer Match 48.72%

Can someone please analyze my BSOD file

A:Can someone pls. analyze my BSOD file

You are getting 0xF4 bugchecks which means a critical process has been exited or terminated.
I can't say I have a lot of experience with these bugchecks but a few experiments might help.

A virus would be my first suspect, can you please run your Anti Virus to scan for threats.
Then please download and run Malwarebytes Anti Malware on demand scanner.

Can you also go into the elevated command prompt (Run as administrator) and type in sfc /scannow

We can try running memtest86 as well to see if your RAM is failing.
Follow these instructions.

RAM - Test with Memtest86+

Post back the results.


Code:
IMAGE_NAME: csrss.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: csrss

FAULTING_MODULE: 0000000000000000

PROCESS_NAME: csrss.exe

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

BUGCHECK_STR: 0xF4_C0000005

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

CURRENT_IRQL: 0
csrss.exe is the win32 subsystem, it handles the win32 console and other win32 subsystem routines.
As a result this object cannot be terminated otherwise the system will crash.

The 0xc0000005 code is an access violation which means something has accessed a part of memory that it shouldn't access.

8 more replies
Answer Match 48.72%

I want to clean up my Uncle's PC...I want to clear out all uneccessary crap.

Thanks in advance~!
-bob
 

A:Please analyze HiJack This log file

please ignore this post I forgot to paste down the log FILE! - Duh! see my other post ...it has the the log file...
 

2 more replies
Answer Match 48.72%

So while browsing the web last night, my background decided to change to a virus warning message. Then when I tried to fix the background, i noticed that some of my tabs (screen saver or desktop) for display options has gone missing....I'm pretty sure my computer is infected, a friend said it sounds like Antivirus XP 2008, but you don't know for sure - you were directed to this website, and told to make a HiJackThis log.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:15:40 PM, on 8/19/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC.exeC:\WINDOWS\system32\svchost.exeC:\WI... Read more

A:Could Someone Analyze This Hijackthis File For Me?

Hello and welcome to BCApologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so we can have a look at the current condition of your machine.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.
Note: If you are using Windows Vista, right click at RSIT.exe and select 'Run as administrator'.

Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)NextPlease do a scan with Kaspersky Online ScannerNote: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.Click on the Accept button and install any components it needs.The program will install and then begin downloading the latest definition files.After the files have been downloaded on the left side of the page in the Scan section select My ComputerThis will start the program and scan your system.The scan will take a while, so be patient and le... Read more

2 more replies
Answer Match 48.3%

Logfile of HijackThis v1.99.1
Scan saved at 1:42:30 PM, on 1/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\ap... Read more

A:Solved: Please Help Analyze Hijack log file

7 more replies
Answer Match 48.3%

I had gone a long time between BSODs until this occurred a couple of days ago. If somebody could analyze it for me, it would be greatly appreciated.

A:Please analyze my win7 x64 minidump file for me

Not much info in the single memory dump file. Please zip up and upload the entire contents of the C:\Windows\Minidump folder. Often we need all of the minidumps to establish a pattern.

The only significant mention is that these drivers are older and should be updated:

Code:
LMouFilt.Sys Fri Feb 29 05:08:31 2008
LHidFilt.Sys Fri Feb 29 05:08:27 2008
Summary of the BSOD:

Code:
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Tue Dec 22 21:09:40.314 2009 (GMT-5)
System Uptime: 6 days 1:26:54.296
BugCheck 7A, {fffff6fc400394d8, ffffffffc000000e, 93096be0, fffff8800729b000}
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+34cde )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System

4 more replies
Answer Match 48.3%

"Hello world"I guess I'm allowed to open a new topic to post my HijackThis's logs file in order to ask you some help to analyze it.So, it is the first time I use such a difficult software and I'm not very brilliant in computing ^^'I indeed have a problem with my computer and it is about using DirectX with some games. Since I bought a new graphic card, I've had to play some games (For instance, World of Warcraft or Fable II) using opengl because, if I don't write "-opengl" after the "target" field in my game properties, when it starts ... BAM, Blue Screen Of The Death T-TI'm not sure this problem is in connection with HijackThis use ... But I 've not found any reason to it yet. Here is my logs file :Logfile of Trend Micro HijackThis v2.0.2Scan saved at 16:51:47, on 29/04/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\... Read more

A:Analyze HijackThis'logs file

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

2 more replies
Answer Match 48.3%

My computer keeps freezing after coming out of sleep. I'm pretty sure it has something to do with the sound manager.

Thanks.

A:Can someone analyze my minidump file? Not a bsod.

This was a driver power state failure:


HTML Code:
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Debug session time: Thu Sep 29 01:59:35.429 2011 (UTC + 2:00)
System Uptime: 0 days 0:35:40.427
Probably caused by : ntkrnlmp.exe ( nt!KiSwapContext+7a )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x9F
PROCESS_NAME: System
FAILURE_BUCKET_ID: X64_0x9F_4_nt!KiSwapContext+7a
Bugcheck code 1000009F
Arguments 00000000`00000004 00000000`00000258 fffffa80`045f0680 fffff800`00b9c510
BiosVersion = 1.0.18
BiosReleaseDate = 02/24/2009
SystemManufacturer = Dell Inc.
SystemProductName = Inspiron 530
MaxSpeed: 2400
CurrentSpeed: 2992
But, strangely, you are also "underclocking". Any ideas on that?

I'd start by checking your powerplan and advanced settings for problems or inconsistency in your energy settings. For more help, please follow the complete upload instructions http://www.sevenforums.com/crashes-d...tructions.html

5 more replies
Answer Match 48.3%

Hi all,

I'm trying to analyze a cap file with logparser. I'm exporting all the content of the file to a CSVfile. But when I open the CSV file, it doesn't shows source IP and destination IP for any of the packets. Whereas if I open the file with network monitor,
it does shows all the information. I'm using below mentioned query to export the data to CSV.

logparser -i:netmon "SELECT * INTO test.csv FROM test.cap"

Regards, Darshan G. Parab

A:Analyze netmon .cap file with logparser

It's probably more likely support for wireless or other parsing that logparser has not been updated to take advantage of. Logparser has to parse the data manually, and doesn't use our parsing engine.  We've since added new media, in particular wireless,
which logparser has no knowledge of.
Paul

4 more replies
Answer Match 48.3%

Please kindly help to analyze of problem dmp file?
I find problem as boot by i have 2 dmp file
link of dmp file, i cannot understand its

013010-26145-01.dmp
013010-26613-01.dmp
thank you very much

A:Blue screen (please analyze dmp file)

I'm posting a link to a similar thread that I just responded to. It may be of more help than someone directly answering your question:

http://www.sevenforums.com/crashes-d...lp-needed.html

3 more replies
Answer Match 48.3%

This is the first time I have used Hijack This, and would appreciate help in analyzing the output log file attached
 hijackthis09_21_09.txt   14.24KB
  2 downloads. Thank you very much!

A:Requesting help to analyze HijackThis log file

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner o... Read more

2 more replies
Answer Match 47.46%

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:38:03 PM, on 8/14/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\McAfee.com\Agent\mcagent.... Read more

A:Please someone analyze my HJT log getting popup (WINDOWS FILE PROTECTION)

Hi qpsiphi,

Firstly, welcome to the TSG - Virus & Other Malware Removal Forum.
My name is Scolabar, and I'll be helping you with your malware problems.
Logs can take a while to research, so please be patient.

I am currently working under the guidance of teachers, everything I post to you, will need to be reviewed by them.
This additional review process can add some extra time to my responses, but hopefully not too much.

Please note the following important guidelines before proceeding:
The instructions that will be provided are for YOUR computer and system only!
Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
If you have any questions or do not understand something, please do not hesitate to ask, don't guess or assume.
Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
Only reply to this thread, do not start another. Please, continue responding, until I give you the All Clean.
Absence of symptoms does not necessarily mean that everything is clear.
DO NOT run any other fix or removal tools unless instructed to do so!
DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
Your security programs may give warnings for some of the tools I will ask you to use. Be as... Read more

2 more replies
Answer Match 47.46%

This is a Dell P-III 450 Mhz with 512 MB RAM, running Win-XP and McAfee.

Computer running slow, some hiccups. Would be grateful if you can detect and help me remove browser hijacker, spyware, or malware. Posting my hijack this log file for analysis. Please reply to ********

Logfile of HijackThis v1.99.1
Scan saved at 2:47:05 AM, on 4/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Iomega\Iomega Backup\dtsc.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\ntvdm.exe
C:\DOCUME~1\RODNEY~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\H... Read more

A:Suspect hijack intrusion - please help analyze log file

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below. Also if you have any programs that may prevent system changes (like Spybot's TeaTimer program, Ad-aware's Ad-Watch, and others), make sure you disable them before doing any of the fixes (or accept the changes for the fix we give you when asked by the programs).

Go to My Computer->Tools (or View)->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders (it's Show all files for Windows 98).
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Download Ewido Security SuiteInstall Ewido Security Suite
When in... Read more

3 more replies
Answer Match 47.46%

Like many i'm having problems with the xlima.optimizer adware. Here is my hijack log & analyze results. Thank all those who are able to help in advance.


Logfile of HijackThis v1.99.0
Scan saved at 6:44:51 PM, on 1/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Opera75\opera.exe
C:\WINDOWS\system32\ntvdm.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;sas.ne2.attbb.net;<local>
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.yahoo.com/&quo... Read more

A:xlime optimizer, hijack file & analyze log

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Please download Ad-aware SE and install it if you don't hav... Read more

3 more replies
Answer Match 47.04%

Frequent but unpredictable BSOD when coming out of sleep.
Here is the error message. I also attach the dmp file
Please help, I have tried everything and don't know what cause this.

-
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: f4
BCP1: 00000003
BCP2: 86F92120
BCP3: 86F9228C
BCP4: 83624D60
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\021012-29016-01.dmp
C:\Users\user\AppData\Local\Temp\WER-53976-0.sysdata.xml
 

A:Frequent BSOD coming out of sleep, need help analyze dmp file

"Frequent but unpredictable BSOD when coming out of sleep"...

CRITICAL_OBJECT_TERMINATION

This usually indicates a problem with a video driver or hard drive, but we can't rule out the memory until you test these components...

Please read and follow this info:
http://www.techspot.com/vb/topic51365.html
 

1 more replies
Answer Match 47.04%

When I run


Code:
sfc /scannow
it says

Windows Resource Protection found corrupt files but was unable to fix some of them.

How can I analyze CBS.log file to find the problematic points? Is there an easy way to do it?

More replies
Answer Match 47.04%

Hey, i have some probs now so iv ran sfc /scannow and i got that:
"Windows Resource Protection found corrupt files and was unable to fix some of them..."

it also told to look at the folder of the log file to found the cbs.log and then i ran this command to pull out the actual probs:
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

This command have created an sfcdetails text file. here:
Download sfcdetails.txt

can someone help to analyze this file? i havnt find a detailed article about it.

il appreciate it :]

A:How to analyze CBS.log file by SFC command to detect corrupt files?

Hello energydream,

As you go through the sfcdetails.txt log, it'll tell you if SFC was unable to repair/replace a file, and it's location. I looked through your log copied below, and it shows that SFC found nothing wrong.

SFC /SCANNOW Command - System File Checker


Code:
2012-08-26 21:21:59, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-08-26 21:21:59, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-08-26 21:21:59, Info CSI 0000000c [SR] Verify complete
2012-08-26 21:21:59, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-08-26 21:21:59, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-08-26 21:21:59, Info CSI 00000010 [SR] Verify complete
2012-08-26 21:21:59, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-08-26 21:21:59, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-08-26 21:22:00, Info CSI 00000014 [SR] Verify complete
2012-08-26 21:22:00, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-08-26 21:22:00, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-08-26 21:22:01, Info CSI 00000018 [SR] Verify complete
2012-08-26 21:22:01, Info ... Read more

3 more replies
Answer Match 45.78%

I have developed a report in access and when I chose the option to 'analyze the report in excel' it converts a field that is defined as 'text' in access, incorrectly. It takes a value, for example, OA12345-831 and converrts to -68221 (these are the exact values, just a sample). This happens sporadically because there are multiple values of char/numeric data with dashes and not all of them are converted incorrectly. The report is based on a query which pulls from a database. The database is a link to a Teradata table but a make table query is used to pull the data from Teradata to an access database which is what the report uses. The field is defined as 'text' in the access database and it is correct on the database. It is also correct on the report. It is only incorrect when I use the option to 'analyze it in excel' to put it into excel format. Can someone help me correct this? Thank you.
 

A:Option to 'analyze file into excel' from access is converting a char field incorrectl

15 more replies
Answer Match 45.78%

Hello, im very new to this so if i make some mistakes , sorry for that.
Sinds a short time i noticed a system problem and for the first time i saw a blue screen. it robooted and thats it... At some moments i notice that the processor suddenly goes from 10 to 40%. usually after that and when i reboot it shows the message i can see the dump file, i could never see that untill i installed the driverkit.. How to open DMP files in Windows 7? | Windows 7 Themes

My system is a i5, 64 bit, 8GB memory, 650 @320ghz
maybe 1 year old.

Below is the dump, who can tell me whats wrong ?


*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
WHEA_UNCORRECTABLE_ERROR (124)
A fatal hardware error has occurred. Parameter 1 identifies the type of error
source that reported the error. Parameter 2 holds the address of the
WHEA_ERROR_RECORD structure that describes the error conditon.
Arguments:
Arg1: 0000000000000000, Machine Check Exception
Arg2: fffffa8007eba028, Address of the WHEA_ERROR_RECORD structure.
Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
Debugging Details:
------------------

BUGCHECK_STR: 0x124_GenuineIntel
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: f
STACK_TEXT:
fffff880`009efa58 fffff800`03219a3b... Read more

A:My dump file

Looks like a hardware defect in your CPU

Stop 0x124 - what it means and what to try

Please stop any overclocking

Run Prime 95 to test your CPU. Carefully the instructions in this tutorial: CPU - Stress Test with Prime95. Run 3 separate tests, one on each of the settings (Blend, Small FFTs, Large FFTs). Post back with your results.

Code:
FAILURE_BUCKET_ID: X64_0x124_GenuineIntel_PROCESSOR_MAE
BUCKET_ID: X64_0x124_GenuineIntel_PROCESSOR_MAE

4 more replies
Answer Match 45.78%

Hello,
I have this dump file that i am having a hard time finding out what is going on. I have recently rebuilt this server it a hp dl360. not much running on it. i would be greatful of someone can take a look at it
thanks
*** WARNING: Unable to verify timestamp for tcpip.sys
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
Probably caused by : tcpip.sys ( tcpip+20f9 )

Followup: MachineOwner
---------
Loading Dump File [Z:\Mini043008-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: set_NT_SYMBOL_PATH=srv*C:\Program Files\Debugging Tools for Windows\sym*http://msdl.microsoft.com/download/symbols

Executable search path is:
Windows Server 2003 Kernel Version 3790 MP (4 procs) Free x86 compatible
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_gdr.070301-2306
Kernel base = 0x804de000 PsLoadedModuleList = 0x8056e6a8
Debug session time: Wed Apr 30 02:13:32.951 2008 (GMT-4)
System Uptime: 0 days 6:32:17.609
Loading Kernel Symbols
........................................................................................................
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {207efeee, 2,... Read more

More replies
Answer Match 45.78%

hello my question is that no one can figure out
why my computer keeps crashing when i play games anything else its fine
but using shockwave or just playing games in general reboots my system
with a blue screen of death so i changed out a few video cards went from
asus 9550 128mb to pny 6200 256mb but still have the same problem so i
put in a cheap pci video card and it still does it I have a dump file
here for you to examine

i have windows xp pro sp2 with abit kw7 mobo with corsair 512mb dual channel 3200 mem and a
sata 80 gig harddrive
a AMD xp 2700 cpu ohh and here is the dump file please help because i
have no where else to go I will pay if neccessary

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

NOTE: This is a hardware error. This error was reported by the CPU
via Interrupt 18. This analysis will provide more information about
the specific error. Please contact the manufacturer for additional
information about this error and troubleshooting assistance.

This error is documented in the following publication:

- Bios and Kernel Developers Guid for AMD Athlon(r) 64 and AMD
Opteron(r) Processors
Bit Mask:

MA Model Specific MCA
O ID Other Information Error Code Error Code
VV SDP ___________|____________ _______|_______ _______|______
AEUECRC| | | |
LRCNVVC| | | |
^^^^^^^| | | |
6 5 4 3 2 1
3210987654321098765432109876543210987654321098765432109876543210
----------------------------------------------------------------
1100010000001000010000000000000000... Read more

More replies
Answer Match 45.78%

A friend has a Dell latitude E6410 that has been crashing every so often. It is also getting some wierd video, almost like a really bad 8-bit video game. I am attaching the SF Diagnostics Tool reports. If someone could take a look at them and help me in figuring out what is wrong with the machine, that would be great.

A:Dump file help

Hi and Welcome to SF,

This is pretty straight forward,The error appears to be caused by e1k6232.sys. Looking on the net, it appears that this is a network card driver, please download and install fresh copy of it.
you can get more info from the Software Environment\System Drivers node of the msinfo32.exe utility and then look at the drivers in use under the Components node.

BUGCHECK SUMMARY:

Code:

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\TUANTR~1\AppData\Local\Temp\Rar$DI00.009\072110-36254-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Machine Name:
Kernel base = 0x82c43000 PsLoadedModuleList = 0x82d8b810
Debug session time: Wed Jul 21 22:25:30.879 2010 (UTC + 7:00)
System Uptime: 0 days 1:15:11.065
Loading Kernel Symbols
...............................................................
................................................................
..........................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* ... Read more

1 more replies
Answer Match 45.78%

Here is the dump file

A:Dump file

Thanks for the help

6 more replies
Answer Match 45.78%

hi,
sometimes when i use WinAvi AiO Converter my PC is crashing.

if anyone could help me with the dump file ill be greatfull dead to him.
Dump File: https://www.firedrive.com/file/1703FE3C21D1337B

Thank You:

p.s.
after restart i get a Blue Screen message :


Code:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 124
BCP1: 0000000000000000
BCP2: FFFFFA800D64A028
BCP3: 00000000BF800000
BCP4: 0000000000000124
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\091214-7300-01.dmp
C:\Users\ODED\AppData\Local\Temp\WER-15958-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

A:Help With Dump File Please.

Hello and welcome oded mate I cannot open that file list you sent as it needs athird party app to do it take a look at this and then post back
Blue Screen of Death (BSOD) Posting Instructions

6 more replies
Answer Match 45.78%

Hi all, everything was running ok recently until i installed dragon age : origins now i am getting another crash situation...everything just freezes and nothing..no BSOD just a buzzing noise from my speakers and a black screen..if someone could look at my Dump file i would appreciate it..thanks in advance.

A:Can someone look at this Dump file please?

  
Quote: Originally Posted by Rayzor


Hi all, everything was running ok recently until i installed dragon age : origins now i am getting another crash situation...everything just freezes and nothing..no BSOD just a buzzing noise from my speakers and a black screen..if someone could look at my Dump file i would appreciate it..thanks in advance.


Hello Rayzor, Welcome to SF,

The Bug Check Code is referring to 0x00000124 please go through this
http://www.sevenforums.com/crash-loc...-what-try.html

Bugcheck Analysis


Code:


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\020410-16598-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02865000 PsLoadedModuleList = 0xfffff800`02aa2e50
Debug session time: Fri Feb 5 04:46:44.682 2010 (GMT+5)
System Uptime: 0 days 0:00:04.477
Loading Kernel Symbols
.................................................
Loading User Symbols
Mini Kernel Dump does not contain unloaded driver list
****************************************... Read more

2 more replies
Answer Match 45.78%

I'd like to be able to read the .dmp file crreated and sent to Microsoft when an application has a problem. How can I go about doing that?

THX - FK

A:Dump file

This may help you

2 more replies
Answer Match 45.78%

I don't seem to have a dump file. Is it necessary? Can someone help me try and locate it or install a new one? Thanks

A:Where's my Dump File

Hi,

Do you mean a .dmp file, created after a system has crashed? Have a look in C:\Windows\Minidump

Read this: Dump File - Change Default Location

Regards,
Golden

4 more replies
Answer Match 45.78%

I am thinking this is RAM by looking at the debug details, but the CPU part has me wondering. Can some check out this dump for me?
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\MEMORY.DMP]
Kernel Complete Dump File: Full address space is available

************************************************************
WARNING: Dump file has been truncated. Data may be missing.
************************************************************
Symbol search path is: C:\Windows\Symbols
Executable search path is:
*** WARNING: symbols timestamp is wrong 0x4b7a1beb 0x3ee650b3 for ntkrnlmp.exe
Windows 2000 Kernel Version 2195 (Service Pack 4) MP (2 procs) Free x86 compatible
Product: Server, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x80400000 PsLoadedModuleList = 0x80485bc0
Debug session time: Wed Jul 28 08:53:36.857 2010 (GMT-4)
System Uptime: 46 days 7:42:50.421
*** WARNING: symbols timestamp is wrong 0x4b7a1beb 0x3ee650b3 for ntkrnlmp.exe
Loading Kernel Symbols
...............................................................
...................................................
Loading User Symbols

Loading unloaded module list
..................................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v ... Read more

A:Help with dump file

Bump.
 

1 more replies
Answer Match 45.78%

Hi, I am having issue reading the dumpfile after installing the dbugging tool.

"Symbol search path is: %windir%\symbols
Executable search path is:
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0x82c42000 PsLoadedModuleList = 0x82d8a810
Debug session time: Wed Jan 2 09:07:58.289 2002 (UTC + 0:00)
System Uptime: 0 days 0:00:35.178
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2"

The sysmbols are installed.

Can someone look at the dump and tell be what it is pointing to? I supect a system file is corrupt but startup repair wont work.

Thnk you

A:Dump file help

Corrupt system files aren't very likely - as Windows System File Checker does a good job of ensuring that they don't get corrupted.

Quite often this type of error is due to a virus infection, so I'd suggest trying a couple of these free, online scans (in case your antivirus has become corrupted): Free Online AntiMalware Scanners

If that doesn't fix things up, then please post this info: http://www.sevenforums.com/crashes-d...tructions.html

Then please uninstall Daemon Tools/Alcohol 120% (a known cause of BSOD's).
Then use this free tool to remove the offending sptd.sys driver: DuplexSecure - FAQ - Remove 32 bit sptd.sys

Then do this:
OLDER DRIVERS PRESENT IN THE DUMP FILES
- Please update these drivers from the device manufacturer's website - or uninstall/remove them from your system. Reference links included below.
- DO NOT use Windows Update or the Update Drivers function of Device Manager.
- Please feel free to post back about any drivers that you are having difficulty locating.
- Windows Update exceptions may be noted below for Windows drivers:





Quote:

Code:

sptd.sys Sun Oct 11 16:54:02 2009 (4AD245EA)
nvstor32.sys Wed Apr 29 21:52:55 2009 (49F90477)
amdxata.sys Tue May 19 13:57:35 2009 (4A12F30F)
Rt86win7.sys Thu Feb 26 04:04:22 2009 (49A65B16)
lmimirr.sys Tue Apr 10 18:32:11 2007 (461C106B)
AsIO.sys Mon Dec 17 04:10:20 2007 (47663CFC)
ASACPI.sys Wed May 13 07:11:32 2009 (4A0AAAE4)
nvsmu.sys Fri Apr 24 23:07:19 20... Read more

1 more replies
Answer Match 45.78%

Here is the .dmp file that I get. Looks like a driver issue. What do you guys think.

POOL_ADDRESS: e1145798

FREED_POOL_TAG: FSim

BUGCHECK_STR: 0xc2_7_FSim

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

LAST_CONTROL_TRANSFER: from 8053a50d to 804f573b

STACK_TEXT:

a9b9ab8c 8053a50d 000000c2 00000007 00000cd4 nt!PsChargeProcessNonPagedPoolQuota+0x44

a9b9ab8c e32f28d0 000000c2 00000007 00000cd4 nt!KiTrap04+0x97

WARNING: Frame IP not in any known module. Following frames may be wrong.

e1145794 00000000 00000000 00000001 816f62d8 0xe32f28d0



FOLLOWUP_IP:

nt!PsChargeProcessNonPagedPoolQuota+44

804f573b 5d pop ebp

SYMBOL_STACK_INDEX: 0

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: nt!PsChargeProcessNonPagedPoolQuota+44

MODULE_NAME: nt

IMAGE_NAME: ntoskrnl.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 42250a91

STACK_COMMAND: kb

FAILURE_BUCKET_ID: 0xc2_7_FSim_nt!PsChargeProcessNonPagedPoolQuota+44

BUCKET_ID: 0xc2_7_FSim_nt!PsChargeProcessNonPagedPoolQuota+44

Followup: MachineOwner
 

More replies
Answer Match 45.78%

I hope this dump file would identify the problem.

A:At last I have a dump file!

  
Quote: Originally Posted by IMAyNeed


I hope this dump file would identify the problem.


This one was blamed on mdfsysnt.SYS driver the Mac HD driver. http://www.mediafour.com/products/macdrive
Best guess is to re-install it and run a system file check to verify and repair your system files

Run a system file check to verify and repair your system files.
To do this type cmd in search, then right click to run as administrator, then
SFC /SCANNOW

Read here for more information SFC /SCANNOW Command - System File Checker

Let us know the results from the report at the end.

Old driver needing update

Code:
MarvinBus64.sys 9/23/2005 05:17:03 PM fffff880`04f85000 fffff880`04fc9000 0x00044000 0x433470cf
speedfan.sys 9/24/2006 09:26:48 AM fffff880`01b46000 fffff880`01b4d000 0x00007000 0x45168798
ASMMAP64.sys 2/4/2007 03:52:56 PM fffff880`036b6000 fffff880`036bd000 0x00007000 0x45c63998
sncduvc.SYS 12/29/2008 05:14:26 AM fffff880`02bd8000 fffff880`02be0a80 0x00008a80 0x495894f2
AsDsm.sys 2/13/2009 02:14:26 AM fffff880`011ed000 fffff880`011fa000 0x0000d000 0x49950fc2
mcdbus.sys 2/24/2009 06:34:07 AM fffff880`04ed4000 fffff880`04f10880 0x0003c880 0x49a3cd1f
spldr.sys 5/11/2009 12:5... Read more

3 more replies
Answer Match 45.78%

Could someone please help me to read the dmp files? I've been getting multiple BSOD's lately.

I tried several times last night on my W7 PC and it wasn't working. I tried the debugger and that said to I don't have the proper symbols, so I installed that and directed debugger to it, but it didn't help.

I'm not too sure how the dumpfiles work, but I am at work now, so I don't think I can do anything with the files here (on XP).

I'll attach the recent dumps.
Quick History:
Built the PC a little more than a month ago, installed XP. Had BSOD's but figured it was XP related, so let it be (knowing I was going to install W7 in a few weeks). Once W7 was out I installed it and have run into far less BSOD's. Only having one until yesterday when I had 5 in like an hour or so.
Thanks.

A:Dump file help

Run memtest for as long as you can. 5 hours at least. I think there is something wrong with you RAM module(s). Especially because you said XP and here on 7.


Code:
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [E:\Temp\Rar$DI12.937\110309-25412-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02a09000 PsLoadedModuleList = 0xfffff800`02c46e50
Debug session time: Tue Nov 3 19:45:34.850 2009 (GMT-5)
System Uptime: 0 days 0:44:15.927
Loading Kernel Symbols
...............................................................
................................................................
...............
Loading User Symbols
Loading unloaded module list
..........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analy... Read more

9 more replies
Answer Match 45.78%

My PC has crashed several times. Attached is the Windows_NT6_BSOD_jcgriff2 zip file as requested for BSOD analysis.

This is a custom built PC running W7 Professional 64-bit built about 7-8 months ago.

Can someone help me figure out why it's crashing?

Thanks!

A:Help with Dump File

  
Quote: Originally Posted by pongolo


My PC has crashed several times. Attached is the Windows_NT6_BSOD_jcgriff2 zip file as requested for BSOD analysis.

This is a custom built PC running W7 Professional 64-bit built about 7-8 months ago.

Can someone help me figure out why it's crashing?

Thanks!


ASACPI.sys Sun Mar 27 22:30:36 2005





Quote:
The 2005 version of this driver is a known BSOD cause.
Please visit this link: ASUSTeK Computer Inc.-Support- download_item_mkt
Scroll down to the Utilities category, then scroll down to the "ATK0110 driver for WindowsXP/Vista/Windows 7 32&64-bit " (it's about the 8th item down).
Download and install it.
Go to C:\Windows\System32\drivers to check and make sure that the ASACPI.sys file is date stamped from 2009 or 2010 (NOT 2005).

2 more replies
Answer Match 45.78%

I've heard the term memory dump file or dump file being used? I was wondering what it means?

I've gathered that it may be something to do with error messages or errors.

A:What is a dump file?

Stuff in RAM automatically gets wiped when you shut down or reboot. The dump file saves that info to your hard drive when the system crashes so you can analyze it after rebooting and are up and running again.

For a once-in-a-blue-moon BSOD a person might not care. When BSODs get to be a frequent event it makes it worth analyzing the problem so you can put an end to it.

5 more replies