Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unbootable computer


  • Please log in to reply

#76
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Topic re-opened. Please describe what the new symptoms are
  • 0

Advertisements


#77
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Hello, sorry to disturb you again.

Not sure if these are malware related to be exact but loads of Notepad files have appeared on my desktop


#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d0b70d0, pid=4764, tid=5712
#
# JRE version: 6.0_26-b03
# Java VM: Java HotSpot™ Client VM (20.1-b02 mixed mode windows-x86 )
# Problematic frame:
# C [awt.dll+0xb70d0]
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/...eport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x49f8e000): JavaThread "AWT-Windows" daemon [_thread_in_native, id=5712, stack(0x4a3e0000,0x4a430000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x00000000

Registers:
EAX=0x4a42f5b0, EBX=0x49fbfcc0, ECX=0x000000b4, EDX=0x000000c0
ESP=0x4a42f598, EBP=0x4a42f708, ESI=0x00000000, EDI=0x000000c0
EIP=0x6d0b70d0, EFLAGS=0x00010206

Top of Stack: (sp=0x4a42f598)
0x4a42f598: 4a42f5b0 00001000 00000000 49f90bf8
0x4a42f5a8: 49f90b00 00000500 000002ee 6d0af5ac
0x4a42f5b8: 00000000 4a010208 49fb8010 49f90bf8
0x4a42f5c8: 6d0b3d33 00000000 00009825 49f8e128
0x4a42f5d8: 00000001 00000500 00000000 00000000
0x4a42f5e8: 00000500 00000000 4a42f67c 49f8e128
0x4a42f5f8: 019c56f0 fffffffe 00000000 76c709d3
0x4a42f608: 00000000 6d06dbd0 000302da 00000020

Instructions: (pc=0x6d0b70d0)
0x6d0b70b0: d8 56 8b b3 10 a0 00 00 1b c0 57 25 00 f0 ff ff
0x6d0b70c0: 05 00 20 00 00 50 c1 e2 05 8d 44 24 14 50 8b fa
0x6d0b70d0: 8b 16 57 c1 e1 05 51 56 ff 52 2c 85 c0 0f 8c 93
0x6d0b70e0: 00 00 00 8b 53 04 8b cf 8b 7c 24 10 8b c1 c1 e9


Register to memory mapping:

EAX=0x4a42f5b0 is pointing into the stack for thread: 0x49f8e000
EBX=0x49fbfcc0 is an unknown value
ECX=0x000000b4 is an unknown value
EDX=0x000000c0 is an unknown value
ESP=0x4a42f598 is pointing into the stack for thread: 0x49f8e000
EBP=0x4a42f708 is pointing into the stack for thread: 0x49f8e000
ESI=0x00000000 is an unknown value
EDI=0x000000c0 is an unknown value


Stack: [0x4a3e0000,0x4a430000], sp=0x4a42f598, free space=317k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [awt.dll+0xb70d0] D3DVertexCacher::Render+0x50
C [awt.dll+0x9cd3a] Java_sun_awt_windows_WToolkit_loadSystemColors+0x94a
C [USER32.dll+0x1fd72] GetWindowLongW+0x4b3
C [USER32.dll+0x1fe4a] GetWindowLongW+0x58b
C [USER32.dll+0x19d6a] ReleaseDC+0x7d
C [USER32.dll+0x19f8d] WCSToMBEx+0xcc
C [ntdll.dll+0x65bde] KiUserCallbackDispatcher+0x2e
C [USER32.dll+0x2054d] PeekMessageW+0xf3

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.awt.windows.WToolkit.eventLoop()V+0
j sun.awt.windows.WToolkit.run()V+52
j java.lang.Thread.run()V+11
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x4d6d4800 JavaThread "Client write thread" daemon [_thread_blocked, id=3572, stack(0x4e6d0000,0x4e720000)]
0x4d6d4000 JavaThread "Client read thread" daemon [_thread_in_native, id=3528, stack(0x4e680000,0x4e6d0000)]
0x4d6d3800 JavaThread "Thread-13" daemon [_thread_in_native, id=4432, stack(0x4f640000,0x4f690000)]
0x4d6d3400 JavaThread "Minecraft main thread" daemon [_thread_in_native, id=4800, stack(0x4d4b0000,0x4d500000)]
0x4d6d2c00 JavaThread "Timer hack thread" daemon [_thread_blocked, id=3468, stack(0x4a720000,0x4a770000)]
0x4a0ed000 JavaThread "TimerQueue" daemon [_thread_blocked, id=5848, stack(0x4a4e0000,0x4a530000)]
0x4d63a400 JavaThread "D3D Screen Updater" daemon [_thread_in_native, id=5772, stack(0x4a530000,0x4a580000)]
0x01a99800 JavaThread "DestroyJavaVM" [_thread_blocked, id=5644, stack(0x003b0000,0x00400000)]
0x49fce000 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=5756, stack(0x4cfe0000,0x4d030000)]
=>0x49f8e000 JavaThread "AWT-Windows" daemon [_thread_in_native, id=5712, stack(0x4a3e0000,0x4a430000)]
0x49f8b800 JavaThread "AWT-Shutdown" [_thread_blocked, id=5708, stack(0x4a390000,0x4a3e0000)]
0x49f8b000 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=5704, stack(0x4a340000,0x4a390000)]
0x01a14400 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=5676, stack(0x49e50000,0x49ea0000)]
0x01a01800 JavaThread "C1 CompilerThread0" daemon [_thread_blocked, id=5672, stack(0x49e00000,0x49e50000)]
0x019fe800 JavaThread "Attach Listener" daemon [_thread_blocked, id=5668, stack(0x49db0000,0x49e00000)]
0x019fd800 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=5664, stack(0x49d60000,0x49db0000)]
0x019d2800 JavaThread "Finalizer" daemon [_thread_blocked, id=5660, stack(0x49d10000,0x49d60000)]
0x019ca800 JavaThread "Reference Handler" daemon [_thread_blocked, id=5656, stack(0x01aa0000,0x01af0000)]

Other Threads:
0x019c6800 VMThread [stack: 0x01a40000,0x01a90000] [id=5652]
0x01a25800 WatcherThread [stack: 0x49ea0000,0x49ef0000] [id=5680]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 157376K, used 11573K [0x03b80000, 0x0e640000, 0x190d0000)
eden space 139904K, 8% used [0x03b80000, 0x046bb640, 0x0c420000)
from space 17472K, 0% used [0x0d530000, 0x0d5421b8, 0x0e640000)
to space 17472K, 0% used [0x0c420000, 0x0c420000, 0x0d530000)
tenured generation total 349568K, used 108758K [0x190d0000, 0x2e630000, 0x43b80000)
the space 349568K, 31% used [0x190d0000, 0x1fb05ac8, 0x1fb05c00, 0x2e630000)
compacting perm gen total 18944K, used 18919K [0x43b80000, 0x44e00000, 0x47b80000)
the space 18944K, 99% used [0x43b80000, 0x44df9cd0, 0x44df9e00, 0x44e00000)
No shared spaces configured.

Code Cache [0x01b00000, 0x020f0000, 0x03b00000)
total_blobs=3100 nmethods=2761 adapters=271 free_code_cache=27345600 largest_free_block=384

Dynamic libraries:
0x00400000 - 0x00424000 C:\Program Files\Java\jre6\bin\javaw.exe
0x77790000 - 0x778b8000 C:\Windows\system32\ntdll.dll
0x77520000 - 0x775fc000 C:\Windows\system32\kernel32.dll
0x64d00000 - 0x64d34000 C:\Program Files\Alwil Software\Avast5\snxhk.dll
0x76b80000 - 0x76c46000 C:\Windows\system32\ADVAPI32.dll
0x76ab0000 - 0x76b73000 C:\Windows\system32\RPCRT4.dll
0x76c50000 - 0x76ced000 C:\Windows\system32\USER32.dll
0x779a0000 - 0x779eb000 C:\Windows\system32\GDI32.dll
0x75e30000 - 0x75e4e000 C:\Windows\system32\IMM32.DLL
0x76d40000 - 0x76e08000 C:\Windows\system32\MSCTF.dll
0x76fe0000 - 0x7708a000 C:\Windows\system32\msvcrt.dll
0x778c0000 - 0x778c9000 C:\Windows\system32\LPK.DLL
0x77920000 - 0x7799d000 C:\Windows\system32\USP10.dll
0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d7f0000 - 0x6da9f000 C:\Program Files\Java\jre6\bin\client\jvm.dll
0x74550000 - 0x74582000 C:\Windows\system32\WINMM.dll
0x77090000 - 0x771d5000 C:\Windows\system32\ole32.dll
0x76a20000 - 0x76aad000 C:\Windows\system32\OLEAUT32.dll
0x74510000 - 0x7454d000 C:\Windows\system32\OLEACC.dll
0x75be0000 - 0x75c0c000 C:\Windows\system32\apphelp.dll
0x6d7a0000 - 0x6d7ac000 C:\Program Files\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000 C:\Program Files\Java\jre6\bin\java.dll
0x75e20000 - 0x75e27000 C:\Windows\system32\PSAPI.DLL
0x6d7e0000 - 0x6d7ef000 C:\Program Files\Java\jre6\bin\zip.dll
0x6d000000 - 0x6d14b000 C:\Program Files\Java\jre6\bin\awt.dll
0x73d70000 - 0x73db2000 C:\Windows\system32\WINSPOOL.DRV
0x74d70000 - 0x74f0e000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\COMCTL32.dll
0x771e0000 - 0x77239000 C:\Windows\system32\SHLWAPI.dll
0x729b0000 - 0x72a35000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
0x6d210000 - 0x6d21c000 C:\Windows\system32\DWMAPI.DLL
0x74af0000 - 0x74b2f000 C:\Windows\system32\uxtheme.dll
0x75e50000 - 0x76961000 C:\Windows\system32\shell32.dll
0x6d230000 - 0x6d27f000 C:\Program Files\Java\jre6\bin\fontmanager.dll
0x6afb0000 - 0x6b16a000 C:\Windows\system32\d3d9.dll
0x75110000 - 0x75118000 C:\Windows\system32\VERSION.dll
0x74650000 - 0x74656000 C:\Windows\system32\d3d8thk.dll
0x74660000 - 0x74668000 C:\Windows\system32\atiu9pag.dll
0x69700000 - 0x69ad1000 C:\Windows\system32\atiumdag.dll
0x688c0000 - 0x68d18000 C:\Windows\system32\atiumdva.dll
0x6d600000 - 0x6d613000 C:\Program Files\Java\jre6\bin\net.dll
0x778e0000 - 0x7790d000 C:\Windows\system32\WS2_32.dll
0x778d0000 - 0x778d6000 C:\Windows\system32\NSI.dll
0x75480000 - 0x754bb000 C:\Windows\system32\mswsock.dll
0x754e0000 - 0x754e5000 C:\Windows\System32\wship6.dll
0x6d620000 - 0x6d629000 C:\Program Files\Java\jre6\bin\nio.dll
0x75200000 - 0x7523b000 C:\Windows\system32\rsaenh.dll
0x75ce0000 - 0x75cfe000 C:\Windows\system32\USERENV.dll
0x75cc0000 - 0x75cd4000 C:\Windows\system32\Secur32.dll
0x750f0000 - 0x750f5000 C:\Windows\System32\wshtcpip.dll
0x74360000 - 0x7436f000 C:\Windows\system32\NLAapi.dll
0x756c0000 - 0x756d9000 C:\Windows\system32\IPHLPAPI.DLL
0x75680000 - 0x756b5000 C:\Windows\system32\dhcpcsvc.DLL
0x759a0000 - 0x759cc000 C:\Windows\system32\DNSAPI.dll
0x75670000 - 0x75677000 C:\Windows\system32\WINNSI.DLL
0x75640000 - 0x75662000 C:\Windows\system32\dhcpcsvc6.DLL
0x737e0000 - 0x737ef000 C:\Windows\system32\napinsp.dll
0x72ab0000 - 0x72ac2000 C:\Windows\system32\pnrpnsp.dll
0x734a0000 - 0x734a8000 C:\Windows\System32\winrnr.dll
0x76cf0000 - 0x76d39000 C:\Windows\system32\WLDAP32.dll
0x72a50000 - 0x72a75000 C:\Program Files\Bonjour\mdnsNSP.dll
0x72aa0000 - 0x72aa6000 C:\Windows\system32\rasadhlp.dll
0x76f50000 - 0x76fd4000 C:\Windows\system32\CLBCatQ.DLL
0x6d780000 - 0x6d788000 C:\Program Files\Java\jre6\bin\sunmscapi.dll
0x75760000 - 0x75852000 C:\Windows\system32\CRYPT32.dll
0x758e0000 - 0x758f2000 C:\Windows\system32\MSASN1.dll
0x4a580000 - 0x4a618000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
0x74f60000 - 0x74f8d000 C:\Windows\system32\WINTRUST.dll
0x76970000 - 0x76999000 C:\Windows\system32\imagehlp.dll
0x4a630000 - 0x4a70b000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_interface.dll
0x754f0000 - 0x754fa000 C:\Windows\system32\WTSAPI32.dll
0x75920000 - 0x75996000 C:\Windows\system32\NETAPI32.dll
0x4d500000 - 0x4d56b000 C:\Users\LENOVO\AppData\Roaming\.minecraft\bin\natives\lwjgl.dll
0x5fc50000 - 0x5fd1b000 C:\Windows\system32\OPENGL32.dll
0x64000000 - 0x64023000 C:\Windows\system32\GLU32.dll
0x676a0000 - 0x67785000 C:\Windows\system32\DDRAW.dll
0x67f60000 - 0x67f66000 C:\Windows\system32\DCIMAN32.dll
0x77600000 - 0x7778a000 C:\Windows\system32\SETUPAPI.dll
0x6d350000 - 0x6d356000 C:\Program Files\Java\jre6\bin\jawt.dll
0x4a780000 - 0x4a787000 C:\Windows\system32\atiglpxx.dll
0x4f830000 - 0x501b1000 C:\Windows\system32\atioglxx.dll
0x637c0000 - 0x637c7000 C:\Windows\system32\atigktxx.dll
0x4a7b0000 - 0x4a7c3000 C:\Users\LENOVO\AppData\Roaming\.minecraft\bin\natives\jinput-dx8.dll
0x61330000 - 0x61363000 C:\Windows\system32\DINPUT8.dll
0x74100000 - 0x74109000 C:\Windows\system32\HID.DLL
0x4d420000 - 0x4d432000 C:\Users\LENOVO\AppData\Roaming\.minecraft\bin\natives\jinput-raw.dll
0x55af0000 - 0x55ba9000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_keyboard_hook.dll

VM Arguments:
jvm_args: -Xms512m -Xmx1024m
java_command: C:\Users\LENOVO\Desktop\Minecraft.exe
Launcher Type: SUN_STANDARD

Environment Variables:
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
PATH=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\Intel\WiFi\bin;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Lenovo;C:\Program Files\ThinkPad\ConnectUtilities;C:\Program Files\Lenovo\Client Security Solution;C:\Program Files\QuickTime\QTSystem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\TortoiseSVN\bin;C:\Program Files\Java\jre6\bin
USERNAME=LENOVO
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 23 Stepping 10, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows Vista Build 6002 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 23 stepping 10, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3, sse4.1

Memory: 4k page, physical 1989896k(95120k free), swap 4224524k(565088k free)

vm_info: Java HotSpot™ Client VM (20.1-b02) for windows-x86 JRE (1.6.0_26-b03), built on May 4 2011 00:50:59 by "java_re" with MS VC++ 7.1 (VS2003)

time: Tue Aug 23 18:00:31 2011
elapsed time: 9859 seconds






Also earlier i received a BSOD relating to NTFS.SYS
saying that a attempt was made to write to a read only file?
  • 0

#78
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,
These are java crashes.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Make sure that under Extra Registry the Use Safelist option is selected
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

As for the BSOD, you mustn't worry if a single BSOD appeared, but if the problem continues tell me
  • 0

#79
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
I often do get a BSOD maybe once a day atleast


Also OTL keeps crashing like before

Edited by nortan360, 24 August 2011 - 02:43 PM.

  • 0

#80
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
OK follow OTL and we'll see that one after we finish with java
  • 0

#81
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
OTL keeps crashing
  • 0

#82
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

You have an outdated version of Java, follow step 1 at post#27 to uninstall the outdated java programs and install their latest version


Next:

Open OTL, click the None button
Under Extra Registry select Use Safelist
Under Custom Scans/Fixes paste the following

/md5start
ntfs.sys
/md5stop

Click Run Scan and post the logs it produces here
If it crashes again, tell me

Next:

Go to C:\windows, copy the folder minidump to your Desktop
Then zip that folder and upload it here or at mediafire if it's too big
  • 0

#83
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Otl still crashing



http://www.mediafire...8dwer95q33mi37b
  • 0

#84
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,

Let's make sure that you're clean before proceeding to technical solutions

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

Also in Desktop there should be a file called MBR.dat after that, zip it and then attach it here :)



Next:



Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" for further review.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**



Next:

Does OTL crashes in a specific point? You can see what OTL is scanning from the bar at the bottom of it
Example:
Posted Image
  • 0

#85
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
It becomes unresponsive at scanning modules
Logs to follow
  • 0

Advertisements


#86
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Okay mbr ran it found tdl4 comp bsod'd now I can't boot I don't have windows disks but lenovo rescue and recovery has tools such as cmd
  • 0

#87
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,

Do these from a clean computer:

Download the recovery console ISO from Here
Also download Imgburn from here and install

Once Imgburn is installed double click the ISO to burn to disc

Do these to the infected computer:
  • Insert the disc and select start from the cd. Instructions for this here
  • Select Repair your computer.
  • Select the operating system you want to repair, and then click Next
  • Select command prompt
  • Type in the following command

    Bootrec.exe /FixMbr
  • Once finished type Exit

Allow it to do its thing and then try a reboot to normal windows

Tell me if you can log in normally
  • 0

#88
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Comp boots then after say 5 mins bsod happens and unbootable again unless I repeat your steps where it happens over again
  • 0

#89
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,

Is the error code 0x0000007B?
  • 0

#90
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Not sure but I'm in safe mode now what should I do?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP