| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 101340 | 2009-07-10 09:40:00 | problems | PPp (9511) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 790649 | 2009-07-10 09:40:00 | I started to note problems with Burnaware, tried other programs and ended up with cdxp, and futher noted other,(newer, downloaded) programs displayed the same systematic problems ie the(empty) frame of the program comes up, but the actual program does not appear to load or run inside the frame. Any clues? |
PPp (9511) | ||
| 790650 | 2009-07-10 09:44:00 | Sounds like something is stuffed or corrupt. With cdxp (I take it, you mean cdburnerxp)? is net framework 2 installed?? It has to be installed for this to work. What version of windows are you running? | Speedy Gonzales (78) | ||
| 790651 | 2009-07-10 09:46:00 | What OS is this? This of problems indicate serious Windows corruption, and in these cases even if you do find the problem it'll occur again in another form, so I'd recommend a clean reinstall. All you can do now is do the usual malware checks and post a HijackThis log here for analysis. You could also open command promp(run>cmd) and type sfc /scannow and hit enter to fix possibly corrupted Windows components. And chkdsk /f Blam |
Blam (54) | ||
| 790652 | 2009-07-10 10:49:00 | OS is XP SP3 .Net framework 2 installed sfc /scannow unsucessful "Windows File Protection could not initiate a scan of protecd file system files" "specific error code is 0x000006bq"(or 9) can't read my own writing [ The RPC server is unavailable Ran Chkdsk All in Safemode Unusually a message flashed on the screen at restart, before the Asus/boot screen Something about Point of View ( my Nvidea GeForce 8800GT is a point of view model) I have had the occasional problem with this card, (Nvidea control panel not working, games crashing after 10-15 mins ) but installed the latest Nvidea driver( after uninstall) and played around for some time befor it came right(i hope) ? |
PPp (9511) | ||
| 790653 | 2009-07-10 10:58:00 | Post a hijackthis log, we'll see whats in it. Hm that error 0x000006b9 looks like it means Not enough resources are available to complete this operation. 0x000006BA RPC_S_SERVER_UNAVAILABLE means The RPC server is unavailable. Whats the specs of this system (how much ram is in it / CPU etc) | Speedy Gonzales (78) | ||
| 790654 | 2009-07-10 11:59:00 | Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:47:23 p.m., on 10/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe E:\Programs\isposure\IsposureAgent.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\PC Tools Firewall Plus\FWService.exe E:\Programs\Sandboxi\SbieSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe E:\Programs\Sandboxi\SbieCtrl.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe E:\Programs\Sandboxi\SandboxieRpcSs.exe E:\Programs\Sandboxi\SandboxieDcomLaunch.exe C:\Sandbox\user\DefaultBox\drive\C\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: Shell=x O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - E:\Programs\Canon Printer\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Programs\Canon Printer\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ avast! ] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [SandboxieControl] "E:\Programs\Sandboxi\SbieCtrl.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1004\..\Run: [SandboxieControl] "E:\Programs\Sandboxi\SbieCtrl.exe" (User '?') O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1004\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?') O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1005\..\Run: [SandboxieControl] "E:\Programs\Sandboxi\SbieCtrl.exe" (User '?') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{3532B2EF-D821-4DA2-9AEB-6A0E897C0B75}: NameServer = 58.28.4.2,58.28.6.2 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - E:\Programs\antispyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Update Service (gupdate1c99409b50bec26) (gupdate1c99409b50bec26) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IsposureAgent (isposure_svc) - Epitiro Ltd. - E:\Programs\isposure\IsposureAgent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - E:\Programs\Sandboxi\SbieSvc.exe -- End of file - 6554 bytes Intel E6750 2GB RAM I keep startup proggys pretty lean and services to a minimum as per Black Viper (a possible problem?) |
PPp (9511) | ||
| 790655 | 2009-07-10 22:12:00 | That could be one reason, you've disabled a service that you werent meant to I wouldnt go by Black Vipers site. Its not accurate. I tried that once everything came to a crawl. And nothing worked properly. I changed all the services back to their original settings Its probably because you've disabled the RPC server You can tick these then tick fix checked Close browsers R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file) Dont kbnow why this entry is here F2 - REG:system.ini: Shell=x I would install something better than PCtool's firewall |
Speedy Gonzales (78) | ||
| 790656 | 2009-07-11 10:56:00 | I've done the deletions, gone back to Black Viper and gone into default mode as much as possible . I've also run the error checking tool in Disc Properties and defragged . I Googled "F2 - REG:system . ini: Shell=x" and found quite a few instances of it, but none being taken notice of . Without the speech marks Google showed most HiJackthis logs showed x being replaced by Explorer . exe Might be on to something with cdburnerxp I reinstalled it and noticed it installed a service called NMSAccessU which has problems running, on a new HiJack log (saved version below, does not show this . According to the burners web site . cdburnerxp . se/viewtopic . php?f=4&t=5170&p=18700&hilit=NMSAccessU" target="_blank">forum . cdburnerxp . se they provide a solution but I can't understand what to do from their postings?? Any help appreciated . Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 8:48:07 p . m . , on 11/07/2009 Platform: Windows XP SP3 (WinNT 5 . 01 . 2600) MSIE: Internet Explorer v7 . 00 (7 . 00 . 6000 . 16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss . exe C:\WINDOWS\system32\winlogon . exe C:\WINDOWS\system32\services . exe C:\WINDOWS\system32\lsass . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\System32\svchost . exe C:\Program Files\Alwil Software\Avast4\aswUpdSv . exe C:\Program Files\Alwil Software\Avast4\ashServ . exe C:\WINDOWS\system32\spoolsv . exe E:\Programs\isposure\IsposureAgent . exe C:\Program Files\Java\jre6\bin\jqs . exe C:\Program Files\Common Files\LightScribe\LSSrvc . exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer . exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv . exe E:\CDBurnerXP\NMSAccessU . exe C:\WINDOWS\system32\nvsvc32 . exe C:\Program Files\PC Tools Firewall Plus\FWService . exe E:\Programs\Sandboxi\SbieSvc . exe C:\WINDOWS\system32\svchost . exe C:\Program Files\Alwil Software\Avast4\ashMaiSv . exe C:\Program Files\Alwil Software\Avast4\ashWebSv . exe C:\WINDOWS\Explorer . EXE C:\WINDOWS\System32\svchost . exe C:\WINDOWS\RTHDCPL . EXE C:\WINDOWS\system32\rundll32 . exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI . exe C:\WINDOWS\system32\RUNDLL32 . EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp . exe E:\Programs\Sandboxi\SbieCtrl . exe C:\Program Files\Skype\Phone\Skype . exe C:\WINDOWS\system32\ctfmon . exe C:\Program Files\Skype\Plugin Manager\skypePM . exe C:\WINDOWS\system32\winlogon . exe E:\Programs\isposure\IsposureAgent . exe C:\Sandbox\user\DefaultBox\drive\C\Program Files\Trend Micro\HijackThis\HijackThis . exe E:\Programs\Sandboxi\SandboxieRpcSs . exe E:\Programs\Sandboxi\SandboxieDcomLaunch . exe C:\Program Files\Opera\opera . exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system . ini: Shell=x O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - E:\Programs\Canon Printer\Easy-WebPrint\EWPBrowseLoader . dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Programs\Canon Printer\Easy-WebPrint\Toolband . dll O4 - HKLM\ . . \Run: [RTHDCPL] RTHDCPL . EXE O4 - HKLM\ . . \Run: [nwiz] nwiz . exe /install O4 - HKLM\ . . \Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI . exe" -s O4 - HKLM\ . . \Run: [NvCplDaemon] RUNDLL32 . EXE C:\WINDOWS\system32\NvCpl . dll,NvStartup O4 - HKLM\ . . \Run: [NvMediaCenter] RUNDLL32 . EXE C:\WINDOWS\system32\NvMcTray . dll,NvTaskbarInit O4 - HKLM\ . . \Run: [ avast! ] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp . exe O4 - HKCU\ . . \Run: [SandboxieControl] "E:\Programs\Sandboxi\SbieCtrl . exe" O4 - HKCU\ . . \Run: [Skype] "C:\Program Files\Skype\Phone\Skype . exe" /nosplash /minimized O4 - HKCU\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1004\ . . \Run: [SandboxieControl] "E:\Programs\Sandboxi\SbieCtrl . exe" (User '?') O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1004\ . . \Run: [Skype] "C:\Program Files\Skype\Phone\Skype . exe" /nosplash /minimized (User '?') O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1004\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe (User '?') O4 - HKUS\S-1-5-21-1004336348-884357618-839522115-1005\ . . \Run: [SandboxieControl] "E:\Programs\Sandboxi\SbieCtrl . exe" (User '?') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos . scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra 'Tools' menuitem: @xpsp3res . dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O17 - HKLM\System\CCS\Services\Tcpip\ . . \{3532B2EF-D821-4DA2-9AEB-6A0E897C0B75}: NameServer = 58 . 28 . 4 . 2,58 . 28 . 6 . 2 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480 . dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1 . DLL O20 - Winlogon Notify: !SASWinLogon - E:\Programs\antispyware\SASWINLO . dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv . exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ . exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv . exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv . exe O23 - Service: Google Update Service (gupdate1c99409b50bec26) (gupdate1c99409b50bec26) - Google Inc . - C:\Program Files\Google\Update\GoogleUpdate . exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService . exe O23 - Service: IsposureAgent (isposure_svc) - Epitiro Ltd . - E:\Programs\isposure\IsposureAgent . exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc . - C:\Program Files\Java\jre6\bin\jqs . exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc . exe O23 - Service: LVCOMSer - Logitech Inc . - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer . exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc . - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv . exe O23 - Service: NMSAccessU - Unknown owner - E:\CDBurnerXP\NMSAccessU . exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32 . exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService . exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - E:\Programs\Sandboxi\SbieSvc . exe -- End of file - 6378 bytes |
PPp (9511) | ||
| 790657 | 2009-07-11 11:14:00 | Looks ok to me. CDburnerXP is installed on this, but for some reason that file isnt here. Unless its hidden or I'm blind :p I remember NMSaccess getting installed on XP, (this is Vista). But I'm pretty sure I saw that file somewhere ! on this before Edit: The latest version of cdburnerxp according to the site, NO longer uses that file. Thats why I cant see / find it |
Speedy Gonzales (78) | ||
| 790658 | 2009-07-12 08:35:00 | Been busy with another project, but replaced CdburnerXP with latest version, it got rid of NMSAccessU service but still no luck. I replaced the recently downloaded Nvidea driver with the original Point of View driver, just in case, but came up with the the same result, worse really, no access to the Nvidea control panel(freezes)! Does this mean a reinstall of a(not recent backup). Or should I try a repair install of XP? Or is there an alternative? |
PPp (9511) | ||
| 1 2 3 4 | |||||