Wininit.exe

How many times should appear this 'wininit.exe' file in my system? (I found several files with that name and I understand that could be a virus) Thanks in advance :)

@SergioTokar Lubel only! =>

I doubt very much that these 2 keys have been created by a Norton or McAfee application. That being said, you could download/run the Norton Removal Tool [1] and tool McAfee Consumer products Removal, [2] restart after each race, to make sure that there is no "leftovers".

If you have any other questions, it would be better to post in this forum of Avast instead: http://forum.avast.com/index.php?board=2.0

====================================================
[1] ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

[2] http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp

Tags: Windows

Similar Questions

Windows 7 clean installation Blue Screen of Death (BSoD) on a loop of reboot

Aloha everyone,
I did an install customized windows 7 on a new Western Digital 1 TB sata hard drive, which has been formatted, partitioned, scandisk, and a ntfs c drive was created prior to installation.
The installation ended safely. I then install my screen reader, Window-Eyes, requiring a reboot. After the reboot, I started to install critical updates to Windows. On my fourth update and restarting, I got the blue screen of death, that of some people call a BSoD. I rebooted and Windows itself restored to a previous state of good, of my just accept the default choice. Then the rear computer works, but if I stop, restart I get the blue screen of death (BSod) is back, and the loop begins again, i.e. windows restores good condition that works well, until you stop, but on reboot - BSoD is BACK!
I removed the automatic update option, I disabled ScanDisk, drivers updated, bluetooth devices, deactivated sideshow, etc., without any positive result. I called Microsoft for assisstance and the technician acted like this isn't a known issue, but he assured me that he could solve the problem. He took control of my computer remotely and do not tell me anything except that the computer would check and repair any problem on reboot, and if he did does not resolve the problem, I have to remember. The computer has rebooted without the BSod, but I stopped to check if the loop went, and it is not! To restart the BSOd was back. It is to note that if I put the computer to sleep, I get a clean start, but stop, restart or hibernation, I get the blue screen of death (BSoD)!
It is a Dell Dimension XPS 420 with a intel Q6600 processer, 3 GB of ddr2 memory, which came with OS Vista Home premium 32-bit. The Vista system, the last time I got a BSoD has been for more than a year.

After researching this problem on Google, it appears that there is a problem without a solution.
I ran "which has crashed, you can get:
http://www.resplendence.com/downloads

The following accident report:
Monday, December 21, 2009 23:23:44 your computer crashed
This was probably caused by the following module:
Wininit.exe
Bug check code: 0xF4 (0x3, 0xFFFFFA800573B060, 0xFFFFFA800573B340, 0xFFFFF80002D91240)
Error:
CRITICAL_OBJECT_TERMINATION
Empty the file: C:\Windows\Minidump\122109-16972-01.dmp
file path: C:\Windows\system32\wininit.exe
product:
Microsoft® Windows® operating system
company:
Microsoft Corporation
Description: Application to Windows startup
The accident took place in a standard Microsoft module. Your system configuration can
be incorrect, perhaps the culprit may be another driver on your system which cannot
be identified at this time.
Monday, December 21, 2009 20:22:10 crashed your computer
This was probably caused by the following module:
Ntoskrnl.exe
Verification of error code: 0 x 50 (1, 0xFFFFF80002A9300C, 0xFFFFFFFFFFFFFFD0, 0 x 0 x 0)
Error:
PAGE_FAULT_IN_NONPAGED_AREA
Empty the file: C:\Windows\Minidump\122109-33306-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product:
Microsoft® Windows® operating system
company:
Microsoft Corporation
Description: NT Kernel System &
The accident took place in a standard Microsoft module. Your system configuration can
be incorrect, perhaps the culprit may be another driver on your system which cannot
be identified at this time.
Sunday, December 20, 2009 15:28:42 crashed your computer
This was probably caused by the following module:
Ntoskrnl.exe
Verification of error code: 0 x 50 (1, 0xFFFFF80002ADC00C, 0xFFFFFFFFFFFFFFD0, 0 x 0 x 0)
Error:
PAGE_FAULT_IN_NONPAGED_AREA
Empty the file: C:\Windows\Minidump\122009-17565-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product:
Microsoft® Windows® operating system
company:
Microsoft Corporation
Description: NT Kernel System &
The accident took place in a standard Microsoft module. Your system configuration can
be incorrect, perhaps the culprit may be another driver on your system which cannot
be identified at this time.
Thursday, December 17, 2009 12:27:45 AM your computer crashed
This was probably caused by the following module:
Ntoskrnl.exe
Verification of error code: 0 x 50 (1, 0xFFFFF80002A9300C, 0xFFFFFFFFFFFFFFD0, 0 x 0 x 0)
Error:
PAGE_FAULT_IN_NONPAGED_AREA
Empty the file: C:\Windows\Minidump\121609-28111-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product:
Microsoft® Windows® operating system
company:
Microsoft Corporation
Description: NT Kernel System &
The accident took place in a standard Microsoft module. Your system configuration can
be incorrect, perhaps the culprit may be another driver on your system which cannot
be identified at this time.
Monday, December 14, 2009 20:59:21 crashed your computer
This was probably caused by the following module:
Wininit.exe
Bug check code: 0xF4 (0x3, 0xFFFFFA80059A3060, 0xFFFFFA80059A3340, 0xFFFFF80002DC4240)
Error:
CRITICAL_OBJECT_TERMINATION
Empty the file: C:\Windows\Minidump\121409-25506-01.dmp
file path: C:\Windows\system32\wininit.exe
product:
Microsoft® Windows® operating system
company:
Microsoft Corporation
Description: Application to Windows startup
The accident took place in a standard Microsoft module. Your system configuration can
be incorrect, perhaps the culprit may be another driver on your system which cannot
be identified at this time.
Sunday, December 13, 2009 02:17:55 your computer crashed
This was probably caused by the following module:
Wininit.exe
Bug check code: 0xF4 (0x3, 0xFFFFFA80058A4060, 0xFFFFFA80058A4340, 0xFFFFF80002D8A240)
Error:
CRITICAL_OBJECT_TERMINATION
Empty the file: C:\Windows\Minidump\121209-24648-01.dmp
file path: C:\Windows\system32\wininit.exe
product:
Microsoft® Windows® operating system
company:
Microsoft Corporation
Description: Application to Windows startup
The accident took place in a standard Microsoft module. Your system configuration can
be incorrect, perhaps the culprit may be another driver on your system which cannot
be identified at this time.
Conclusion
6 dumps were found and analysed. Note that it is not always possible to
assert with certainty whether a reported driver is really responsible for crashing
your system or that the cause is in another module. However, it is suggested
looking for updates for the products that these drivers belong to and regularly
Visit the Windows Update or activate the automatic updates for Windows. In the case of a piece of
defective material is in trouble, a Google search on the bug control
Errors, as well as the name of the model and brand of your computer can help you investigate
This further.
end of the crash report.
A side comment:
Them are 56 reported problems, and none of them have solutions. If I go through each problem report and check for solutions, about 80% of the times I ask myself to send to Microsoft for more information about the problem and I click on send, but I always get the following:
[Window title]
Incident reports

[Main instruction]
Problem connecting to the Windows error reporting service

[Content]
Some of the reports can not be uploaded to the Windows error reporting service. Please try again later.

[Close] »
I tried several times with the same result, that is, the details of the problem which has need of Microsoft is not be received. To this end, the problem will not be found.
Thanks much for any help.
Manny
P.S. I'll never upgrade a Windows operating system. My recommendation for anyone who is planning to upgrade to Windows 7 is to try first on a dual boot using the free download. If it works for you, consider yourself lucky and buy the upgrade. If it does not, then remove Windows 7 and stay with your old system.

Please check your RAM for errors (use memtest86 + to test). "A programmer is just a tool that converts the caffeine in code" Deputy CLIP - http://www.winvistaside.de/

Server 2008 R2 DataCenter keepts restart - HELP!

Server keeps on restarting all the 1-2 hours, the event logs show consistent errors...

"The process C:\Windows\system32\winlogon.exe (NAS03)" launched the computer restart NAS03 on behalf of the user RMS\camuser1 for the following reason: no title for this reason don't we find reason Code: 0x500ff stop Type: restart the comment: "".

or

«The process wininit.exe (127.0.0.1) "launched the computer restart NAS03 for the NT AUTHORITY\SYSTEM account for the following reason: stop API legacy reason Code: 0 x 80070000 Type of shutdown: restart the comment:"»

Appreciate any help.

Thanks, much appreciated!

Hello

I suggest you to send your query to the Technet Forum for better support.

http://social.technet.Microsoft.com/forums/en-us/category/WindowsServer

Hijacking of the Internet

I think I was victim of misuse of the internet. about a week ago I was surfing the net and a popup of Scanmypc went up and checked the Red Cross. (must have closed the browser) He began to scan my pc that I clicked on another site without thinking, oblivious to what was to sweep behind the page, silly me. After that, I was do redirected to other sites to add other than the one requested, but which seems to have stopped now some sites on the internet is slower, and some sites does not open.
I noticed when I'm Googling, looking through at the bottom left of the browser, comes in with billsearch.org or bigsalefinder.com
I'm using Vista premium and used Norton internet security trial and Google Chrome. I scanned with Norton but still the same. so I uninstalled chrome announcement has started using IE7, same, then uninstalled Norton and installed AVG - and set to date & scannned-always the same, installed Adaware AE-implementation to date & scanned, but could only find the 10secs, then stops. installed spybot-setting day & always scanned the same, installed Zonealarm installed and put in same day. now I'm really getting angry.
I found a program in msconfig/startup called Runit.exe - google it and found that it was malware so I removed it. also deleted in addition and removal (program & features).
now I also get notebook every time that I boot on my desk with this.
[. ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787

ZoneAlarm preferences, if you can help on a rule of thumb on what & do not allow. suspicious prgram-Host process for windows services---string---C:\windows\system32\lsass.exe
I also have this HijackThis report for all who can help.
much appreciated in advance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:26:01, 09/14/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Ongoing process:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\lxbkcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM. EXE
C:\Program Files\Fichiers Nero Nero BackItUp 4\NBService.exe 4
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files X 1100 Series\LXBKbmgr.exe
C:\Program Files ATI Technologies ATI. ACE\Core-Static\MOM.exe
C:\Program Zone Labs ZoneAlarm Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files X 1100 Series\lxbkbmon.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files ATI Technologies ATI. ACE\Core-Static\CCC.exe
C:\Program Files\Optus Broadband\Optus Broadband.exe wireless
C:\Windows\System32\mobsync.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program may Explorer\iexplore.exe
C:\Program may Explorer\iexplore.exe
C:\Program may Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKLM Software Microsoft Internet Explorer Main, Default_Page_URL is http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM Software Microsoft Internet Explorer Main, Default_Search_URL is http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM Software Microsoft Internet Explorer hand, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM Software Microsoft Internet Explorer hand, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM Search Microsoft Internet Explorer, SearchAssistant =
R0 - HKLM Search Microsoft Internet Explorer, CustomizeSearch =
R0 - HKCU Software Microsoft Internet Explorer Main, Local Page =
R0 - HKLM Software Microsoft Internet Explorer Main, Local Page =
R0 - HKCU Toolbar, LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name)-* {CFBFAE00-17A6-11D0-99CB-00C04FD64497}-(no file)
O1 - Hosts:: 1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll AskBar BHO
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java (TM) plug-in 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\... \Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\... \Run: [adobe Reader Speed Launcher] "C:\Program 9.0\Reader\Reader_sl.exe Adobe."
O4 - HKLM\... \Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\... \Run: [StartCCC] "C:\Program Files ATI Technologies ATI." ACE\Core-Static\CLIStart.exe"MSRun
O4 - HKLM\... \Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\... \Run: [lxbkbmgr.exe] "C:\Program Lexmark X 1100 Series\lxbkbmgr.exe".
O4 - HKLM\... \Run: [ZoneAlarm Client] "C:\Program Zone Labs ZoneAlarm Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\... \Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe/autorun
O4 - HKCU\... \Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKCU\... \Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS S-1-5-19\... \Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe Sidebar.exe/detectMem (User 'NETWORK SERVICE')
O4 - HKUS S-1-5-19\... \Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS S-1-5-20\... \Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe Sidebar.exe/detectMem (User 'NETWORK SERVICE')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O9 - Extra button: research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR. DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher prefix:
Ø16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/ge...sh/swflash.cab
{O17 - HKLM\System\CCS\Services\Tcpip\... \{E1DD056A-8043-4696-B8EF-B01312C3B274}: NameServer = 61.88.88.88 61.88.88.88
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\,avgrsstx.dll,C:\Windows\System32\dmintf32.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxbk_device--C:\Windows\system32\lxbkcoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers Nero Nero BackItUp 4\NBService.exe 4
O23 - Service: SBSD Security Service Center (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

See the response to Mick.

Also, see my response to your other thread: hijacking Internet Vincenzo Di Russo - Microsoft MVP Windows Internet Explorer, Windows Desktop experience & security - since 2003. ~ ~ ~ My MVP profile: https://mvp.support.microsoft.com/profile/Vincenzo

Svchost constantly using all cpu that is 100%

computer running constantly slow due a svchost constantly of vives that uses all the CPU resources available to be able to read a question on this forum, in which you explained to another, how to get the data needed to send it to you if you can help to diagnose the problem, here is the data that I collected with your information It's like this. can send it please reply to (Email address removed) if possible thank you for your time

PID number is 1176

Image name PID Services

========================= ======== ============================================

System Idle Process 0 n/a

System 4 n/a

N/A smss.exe 468

N/A csrss.exe 580

Wininit.exe 624 n/d

N/A csrss.exe 632

N/A services.exe 668

Lsass.exe 684 KeyIso, ProtectedStorage, SamSs

LSM.exe 692 n/d

N/A Winlogon.exe 740

Svchost.exe 904 DcomLaunch, PlugPlay

Svchost.exe 964 RpcSs

Svchost.exe 1068 Audiosrv, Dhcp, Eventlog, lmhosts, wscsvc

Svchost.exe 1164 AudioEndpointBuilder, dot3svc EMDMgmt;

Hidserv, Netman, PcaSvc, SysMain, TrkWks,

UxSms, wudfsvc WdiSystemHost, WPDBusEnum,

Svchost.exe 1176 AeLookupSvc Appinfo, BITS, browser,

CertPropSvc, EapHost, hkmsvc, IKEEXT,

iphlpsvc, LanmanServer, MMCSS, MSiSCSI;

ProfSvc, RasMan, schedule seclogon, FEEL,.

ShellHWDetection, themes, Winmgmt, wuauserv

audiodg.exe 1300 n/d

gpsvc svchost.exe 1328

SLsvc.exe 1348 slsvc

Svchost.exe 1376 EventSystem, fdPHost, FDResPub.

LanmanWorkstation, netprofm, nsi, QWAVE,

SCardSvr, SstpSvc, W32Time, wcncsvc,

WebClient

LBTServ.exe 1472 LBTServ

1556 CryptSvc, Dnscache, KtmRm napagent, Svchost.exe

NlaSvc, TapiSrv, Wecsvc

Spoolsv.exe spooler 1884

1924 BFE MpsSvc, DPS, Svchost.exe

agrsmsvc.exe 388 AgereModemAudio

ALG.exe 392 ALG

AppleMobileDeviceService. 476 Apple Mobile Device

aDefragService.exe 520 AshampooDefragService

mDNSResponder.exe 492 Hello Service

CDAC11BA. EXE C 564-DillaCdaC11BA

Dllhost.exe 660 COMSysApp

DfSdkS DfSdkS.exe 1044

PresentationFontCache.exe 1568 FontCache3.0.0.0

fsssvc fsssvc.exe 2312

GoogleUpdaterService.exe 2324 gusvc

IJPLMSVC.exe 2476 IJPLMSVC

iWinTrusted iWinTrusted.exe 2496

McSACore.exe 2524 McAfee SiteAdvisor Service

mcods.exe 2544 McODS

Rundll32.exe 2556 N/A

McProxy McProxy.exe 2568

McShield McShield.exe 2608

MpfSrv.exe 2676 MpfService

MSDTC.exe 2932 MSDTC

Svchost.exe 3272 PolicyAgent

DWM.exe 3336 n/d

Explorer.exe 3360 n/d

N/A defragMonitorService.exe 3456

N/A defragActivityMonitor.exe 3576

BJMYPRT. S/O EXE 3592

N/A mcagent.exe 3600

ACDaemon.exe 3640 s/o

N/A defragTaskBar.exe 3760

N/A fsui.exe 3860

ProtexisLicensing-PSIService.exe 3936

DAP.exe 4084 n/a

Svchost.exe 1132 SDRSVC

Msnmsgr.exe 2184 N/A

taskeng.exe 2288 n/d

GoogleToolbarNotifier.exe 772 n/a

btdna.exe 2300 n/d

SeaPort SeaPort.exe 3180

snmptrap.exe 3124 SNMPTRAP

svchost.exe 3404 stisvc

UI0Detect ui0detect.exe 3492

VDS VDS.exe 3660

VideoAcceleratorService.e 3308 VideoAcceleratorService

S/o VideoAcceleratorEngine.ex 3676

VSSVC.exe 1116 VSS

Svchost.exe 3428 WcsPlugInService

WmiApSrv WmiApSrv.exe 3688

SearchIndexer.exe 4024 WSearch

WUDFHost.exe 4112 n/a

MgApp.exe 4120 n/a

WmiPrvSE.exe 4344 n/a

mcmscsvc mcmscsvc.exe 4384

taskeng.exe 5356 N/A

mcsysmon.exe 5400 McSysmon

ImApp.exe 5816 n/a

Unsecapp.exe 5896 N/A

6088 N/A wlcomm.exe

McNASvc McNASvc.exe 5104

IncMail.exe 4640 s/o

IEUser.exe 1588 N/A

Iexplore.exe 6116 n/d

2168 N/A cmd.exe

taskeng.exe 4620 n/d

616 N/A Tasklist.exe

WmiPrvSE.exe 2484 n/a

The ability to install all versions of Vista is contained on the Vista DVD.

In other words, there are only 2 DVDs, 32 and 64 bit.

This is the product key that corresponds to the correct version must be activated.

If you have no luck with MS re one disc, borrow one, select your operating system version and use install your product key during.

Active connections

I see a lot of active connections to my home network. How can I find valid connections?

I have avast! antivirus, firewall, password & protected key RSV4000; netstat output b is the following (sometimes I see a lot more connections, say 30, in the TIME_WAIT state). Is this normal or something to worry about? Thank you.

C:\Windows\System32>Netstat b

Active connections

State of proto local address foreign address
TCP 127.0.0.1:12080 CHOCOLATE: 1896 TIME_WAIT
TCP 127.0.0.1:12080 CHOCOLATE: 1897 TIME_WAIT
TCP 127.0.0.1:12080 CHOCOLATE: 1924 TIME_WAIT
TCP 127.0.0.1:12080 CHOCOLATE: 1928 TIME_WAIT
TCP 127.0.0.1:12080 CHOCOLATE: 1939 TIME_WAIT
TCP 127.0.0.1:12080 CHOCOLATE: 1941 TIME_WAIT
TCP 192.168.1.108:1234 host27:http CLOSE_WAIT
[jusched.exe]
TCP 192.168.1.108:1235 BLUEBIRD: 1138 ESTABLISHED
[WHSConnector.exe]
TCP 192.168.1.108:1885 a96-17-150 - 24:http TIME_WAIT
TCP 192.168.1.108:1890 iw - in - f148:http TIME_WAIT
TCP 192.168.1.108:1891 iw - in - f148:http TIME_WAIT
TCP 192.168.1.108:1895 iw - in - f155:http TIME_WAIT
TCP 192.168.1.108:1901 iy - in - f149:http TIME_WAIT
TCP 192.168.1.108:1905 63-216-54 - 161:http TIME_WAIT
TCP 192.168.1.108:1931 64.236.101.16:http TIME_WAIT
TCP 192.168.1.108:1935 a69-192-133 - 115:http TIME_WAIT
TCP 192.168.1.108:1947 host73:http TIME_WAIT
TCP 192.168.1.108:1948 host73:http TIME_WAIT
TCP 192.168.1.108:1949 host73:http TIME_WAIT
TCP 192.168.1.108:1950 host73:http TIME_WAIT
TCP 192.168.1.108:1951 host73:http TIME_WAIT
TCP 192.168.1.108:1952 host73:http TIME_WAIT

O.K. We'll see. Open TCP ports (i.e. programs accept incoming connections):

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 820
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING 492
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING 944
TCP 0.0.0.0:1027 0.0.0.0:0 LISTENING 360
TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING 572
TCP 0.0.0.0:1030 0.0.0.0:0 LISTENING 1696
TCP 0.0.0.0:1034 0.0.0.0:0 LISTENING 548
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:9000 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:16107 0.0.0.0:0 LISTENING 1492
TCP 127.0.0.1:1024 0.0.0.0:0 LISTENING 2340

Port 135: for Windows file sharing (RPCSS)
Port 445: for Windows sharing files (using PID 4)
Port 1025: use by wininit.exe. Don't know about that one.
Port 1026: I guess that's for the homegroup
Port 1027: seems to be another network service, perhaps something UPnP associated.
Port 1028: Windows Security Service.
Port 1030: Printer Spooler
Port 1034: services.exe. This could be anything including a virus.
Port 5357: Web Services on devices via system process.
Port 9000: cslistener through system. Could be something lse.
Port 16107: avast antivirus.

Port 1024: is only accessible to the computer itself. SlingAgent. You should know that...

You definitely have a lot of stuff running on your computer...

You have a lot of these lines:

127.0.0.1:12080 127.0.0.1:2215 2760 ESTABLISHED TCP
TCP 127.0.0.1:12025 0.0.0.0:0 LISTENING 3824
TCP 127.0.0.1:12080 0.0.0.0:0 LISTENING 3632

connection to 12025 or 12080 on the computer itself. 12080 is the avast web scanner (i.e. a web proxy through which everything is redirected). 12025, 12110, 12119, 12143 is analysis of emails (i.e. all mails go through this port).

Here is access to the internet web server to your browser through the web Analyzer:

TCP 192.168.1.108:1293 63.216.54.152:80 CLOSE_WAIT 4384
TCP 192.168.1.108:2073 209.85.225.147:80 CLOSE_WAIT 4308
192.168.1.100:1138 192.168.1.108:2159 2480 ESTABLISHED TCP

This is iexplorer HTTPS access directly. HTTPS cannot go through the proxy.

74.125.95.106:443 192.168.1.108:2219 2760 ESTABLISHED TCP

I think it's all TCP ports...

Upgrade to 4.0 - problem

I have a s arc experia phone. When you try to upgrade to 4.0 companion pc application to close wininit.exe leading to blue screen on my lap top running windows 7 64 bit please guide me on how to level?

Hmm... Seems very strange. Wininit.exe is a file system that are required for Windows to run. Thus, close and your computer will blue screen and reboot. Honestly, I have no idea why PC Companion would advice you to close. Have you tried to reinstall PC Companion? If you have, try to download Update Service instead.

Vista x 86 the screen freezes after 20 minutes - captured some logs - need help

Hi-
I checked all the settings of power and as the laptop is plugged in (it's a Dell Vostro 1700), I changed all the settings to never Hibernate, never sleep and turned off the screen saver. I'm not saying the monitor turns off after 45 minutes.

The screen still freezing occurs, and the only way to get out of it, is a hard reset of the operating system (power button).

Here are 2 logs system, I found, actually rebooted device itsself so after freezing.
Log name: System
Source: iaStor
Event ID: 9
Level: error
Description: The device, \Device\Ide\iaStor0, did not in the expiration time.

Less than 1 min later that the next system log appeared, shows that he has been forced to restart.

Log name: System
Source: USER32
Event ID: 1074
Level: information
Description: The process wininit.exe has inititaed restart the computer, workstation, on behalf of the user for the following reason: no title for this reason could be found.
Reason code: 0 x 50006
Comment: The system process 'C:\windows\system32\lsass.exe' ended unexpectedly with status-1073741819 code. The system will now shut down and restart.

You can check one thing in your power settings? Are - this you hard drive worth powerdown after 20 minutes? You will find that in the advanced power settings.

Criticism of the system program appears as a Trojan horse.

I was browsing the internet as I usually do when I received an error message saying "Explorer has stopped working".
Knowing that shouldn't happen anywhere, I did a scan of the computer and the results came as soon as a file called "wininit.exe" had a Trojan horse in or on it. I tried to remove it but could not so I looked to see if the file itself was the problem. Discovered critical file system (or that was what I was told) and am looking for a way to fix emergency. Is there something that can be done?

Be careful. Completely valid system files are sometimes identified as

malware. They are called "false positives" you were wise to check further.

I advise to use another parser. Here's one that can get

on the web...

http://www.SUPERAntiSpyware.com/onlinescan.html

Alternatively, I would say Malwarebyte Anti-malware (free download)

You can also download your wininit.exe for instant assessment here:

http://www.VirusTotal.com/

and here:

http://www.Kaspersky.com/scanforvirus

"aburningman" wrote in message news: 8b18f1f5-19cc-447e-9a53-c4c4461cc703...

> I was browsing the internet as I usually do when I got an error message

> telling me "Explorer has stopped working".

> Knowing that shouldn't happen anywhere, I did a scan of the computer and

> the results came as soon as a file called "wininit.exe" had a Trojan horse

> / on it. I tried to remove it but could not so I looked to see if

> the file itself was the problem. Found out that the file is system

> criticism (or that was what I was told) and I keep emergency

> to fix it. Is there something that can be done?

svchost.ext problems

I noticed one of my svchost.exe process went a little funky, after that I had to do a system restore to take a bad driver for my graphics card. He started to eat 30-100% of my CPU usage. After a day of reacent he has returned down to a maximum of 50% of the CPU usage and is enabled by running the windows update. So far, he did install time extremely long, I'm constantly late to get an update to install and go beyond creating a system restore point. Im running the eddition 64 bit Windows Vista business.

Here is some information and any help would be greatly apriceiated.

PID 4248

Image name PID Services
========================= ======== ============================================
System Idle Process 0 n/a
System 4 n/a
N/A smss.exe 520
N/A csrss.exe 592
Wininit.exe 644 n/d
N/A csrss.exe 664
N/A Winlogon.exe 700
N/A services.exe 740
Lsass.exe 752 SamSs
LSM.exe 760 n/d
Svchost.exe 936 DcomLaunch, PlugPlay
Svchost.exe 1004 RpcSs
Svchost.exe 324 WinDefend
Ati2evxx.exe 560 Ati External Event Utility
12 AudioSrv, Dhcp, Eventlog, lmhosts, Svchost.exe
p2pimsvc, wscsvc
Svchost.exe 344 AudioEndpointBuilder, CscService, EMDMgmt;
Hidserv, Netman, PcaSvc, SysMain.
TabletInputService, TrkWks, UxSms
Wudfsvc WdiSystemHost, WPDBusEnum,
1032 AeLookupSvc, BITS, browser IKEEXT, Svchost.exe
iphlpsvc, LanmanServer, ProfSvc, MMCSS.
RasMan, schedule, seclogon, SENSE,
ShellHWDetection, themes, Winmgmt, wuauserv
audiodg.exe 1120 n/d
gpsvc svchost.exe 1148
Slsvc SLsvc.exe 1192
Svchost.exe 1216 EventSystem, FDResPub, LanmanWorkstation.
netprofm, nsi, SstpSvc, SSDPSRV, upnphost,
W32Time, WebClient
Ati2evxx.exe 1408 n/a
AvastSvc.exe 1544 avast! Antivirus, avast! Mail Scanner,
Avast! Web Scanner
DWM.exe 1752 n/d
Explorer.exe 1788 N/A
MSASCui.exe 1908 n/a
RAVCpl64.exe 1916 n/a
p2phost.exe 1948 N/A
RocketDock.exe 1964 n/a
hpqtra08.exe 916 n/d
SetPoint.exe 1664 n/a
Spoolsv.exe spooler 2004
Svchost.exe 884 MpsSvc BFE, DPS,
taskeng.exe 2068 n/d
FourEngine.exe 2180 s/o
taskeng.exe 2192 n/d
razerhid.exe 2364 n/d
MOM.exe 2372 n/a
S/o AvastUI.exe 2404
hpwuSchd2.exe 2412 N/A
iTunesHelper.exe 2432 n/d
jusched.exe 2444 n/d
razertra.exe 2528 N/A
CCC.exe 2680 s/o
AppleMobileDeviceService. 2728 Apple Mobile Device
mDNSResponder.exe 2740 Hello Service
Svchost.exe 2760 BthServ
Svchost.exe 2796 hpqcxs08, hpqddsvc
Svchost.exe 2812 Net Driver HPZ12
Svchost.exe 3016 Pml Driver HPZ12
Svchost.exe 3028 PolicyAgent
svchost.exe 2148 stisvc
Svchost.exe 1244 WerSvc
SearchIndexer.exe 2032 WSearch
Svchost.exe 3536 HPSLPSVC
iPodService.exe 3824 iPod Service
SetPoint32.exe 3496 n/a
KHALMNPR.exe 3356 n/a
N/A hpqste08.exe 2704
hpqbam08.exe 3284 n/d
hpqgpc01.exe 3620 n/d
VSSVC.exe 312 VSS
Iexplore.exe 4736 n/d
Iexplore.exe 4624 n/d
Svchost.exe 4596 swprv
Wuauclt.exe 4744 n/d
Svchost.exe 4248 CryptSvc Dnscache, KtmRm, NlaSvc, TapiSrv,
TermService
Taskmgr.exe 4116 n/d
3668 N/A cmd.exe
4052 N/A Tasklist.exe
WmiPrvSE.exe 4452 n/a

Problem solved, after a bit of research and talk to some local technicians, and we saw it happen. The system restore ruined a parameter that does not hurt the system. the solution was eather leave it is and putting day make sure to end it, repair windows or reinstalling itself on another hard drive. Option 1 is what im on since its only activated by windows update. Automatic updates are disabled and I can stop the process when it acts upward with a problem.

Virus, Malware, Spyware, etc. prgrams withdrawal will not update google redirects me to random Web sites; Windows update cannot find the updates and will not install ect.

These problems have been going on a month now and I can't get rid of them

Logfile of IObit HijackScan v1.0.0.0
Scan saved at 23:1:41, 2009-10-3

Ongoing process:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Fichiers Apple Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers Files\LightScribe\LSSrvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL10. SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program NetworkAccessManager Corporation\nTune\nTuneService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\SMINST\BLService.exe
C:\Program CyberLink Files\RichVideo.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Alcohol Soft 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Microsoft Shared Live\WLIDSVC. EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Hewlett-Packard HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Hewlett - Packard HP wireless Assistant\HPWAMain.exe
C:\Program HP Imaging\bin\HpqSRmon.exe
C:\Program HP HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Hewlett - Packard HP wireless Assistant\WiFiMsg.EXE
C:\Users\Zach\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Hewlett-Packard HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\system32\wuauclt.exe
c:\Program Hewlett-Packard HP health Check\hphc_service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\IObit\IObit security 360\is360.exe
C:\Program Files\IObit\IObit security 360\is360tray.exe
C:\Program Files\IObit\IObit security 360\IS360srv.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IObit\IObit security 360\a_hijackscan.exe

O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe/autorun
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [Octoshape Streaming Services] "C:\Users\Zach\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" - inv: bootrun
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [NVIDIA nTune] "C:\Program NetworkAccessManager Corporation\nTune\nTuneCmd.exe' clear
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [nclauncher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe / reduced
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" / background
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [Google Update] "C:\Users\Zach\AppData\Local\Google\Update\GoogleUpdate.exe" / c.
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [AlcoholAutomount] "C:\Program Alcohol Soft 120\axcmd.exe" / automount
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [amd_dc_opt] C:\Program AMD Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe - hide
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" 'C:\Program CyberLink YouCam' updated 'Software\CyberLink\YouCam\2.0 '.
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" - atboottime
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe".
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [QlbCtrl.exe] C:\Program Hewlett-Packard HP Quick Launch Buttons\QlbCtrl.exe/Start
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [NvMediaCenter] RUNDLL32. EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [NvCplDaemon] RUNDLL32. EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [TkBellExe] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [hpWirelessAssistant] C:\Program Hewlett-Packard HP Wireless Assistant\HPWAMain.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [hpqSRMon] C:\Program HP Imaging\bin\hpqSRMon.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [HP Software Update] C:\Program HP HP Software Update\HPWuSchd2.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [HP Health Check Scheduler] c:\Program Hewlett-Packard HP health Check\HPHC_Scheduler.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe".
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [AppleSyncNotifier] C:\Program Files\Fichiers Apple Support\bin\AppleSyncNotifier.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [adobe Reader Speed Launcher] "C:\Program 8.0\Reader\Reader_sl.exe Adobe."
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\Run\: [IObit Security 360] C:\Program Files\IObit\IObit security 360\IS360tray.exe
O4 - HKLM. \Software\Microsoft\Windows\CurrentVersion\RunOnce\: [Malwarebytes' Anti-Malware] C:\Program Malwarebytes Anti-Malware\mbamgui.exe/install/silent
O8 - Extra context menu item: E & xport to Microsoft Excel - res: / / C:\PROGRA~1\MICROS~3\Office12\EXCEL. EXE/3000
O9 - Extra button: send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -.
O9 - Extra button: research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR. DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR. DLL
Ø16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Java plug-in 1.6.0_15 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
Ø16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Java 1.6.0_05 plugin - http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Ø16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Java plug-in 1.6.0_07 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Ø16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Java plug-in 1.6.0_15 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
Ø16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Java plug-in 1.6.0_15 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files Apple Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Server\bin\arrakis3.exe Arrakis
O23 - Service: Bonjour Service (morning Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx (Com4QLBEx) - Hewlett-Packard Development Company, L.P. - C:\Program Hewlett-Packard HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Server DCOM (DcomLaunch) - unknown process Launcher.
O23 - Service: political diagnosis Service (DPS) - unknown -.
O23 - Service: Windows Media Center Service Launcher (ehstart) - unknown - %windir%\system32\svchost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - (GameConsoleService) C:\Program HP Games My game console HP Console\GameConsoleService.exe
O23 - Service: Group Policy Client (gpsvc) - Unknown -.
O23 - Service: HP Health Check (HP Health Check Service) Service - Hewlett-Packard - c:\Program health Hewlett-Packard HP
O23 - Service: hpqwmiex (hpqwmiex) - Hewlett - Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender update Service\livesrv.exe
O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Service nProtect GameGuard (npggsvc) - INCA Internet Co., Ltd. - C:\Windows\system32\GameMon.des
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA (PnkBstrA) - unknown - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Video Audio quality Windows (QWAVE) - Unknown - %windir%\system32\svchost.exe experience
O23 - Service: recovery for Windows Service (Service recovery for Windows) - unknown - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo service (RichVideo) - Unknown - C:\Program CyberLink Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe
O23 - Service: remote procedure (RPC) call (RpcSs) - unknown -.
O23 - Service: Manager of security accounts (SamSs) - unknown -.
O23 - Service: secondary (seclogon) - Unknown - %windir%\system32\svchost.exe to logon
O23 - Service: Service AE StarWind (StarWindServiceAE) - Rocket Division Software - C:\Program Alcohol Soft 120\StarWind\StarWindServiceAE.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - unknown -.
O23 - Service: installer of Modules of Windows (TrustedInstaller) - unknown -
O23 - Service: Service Manager Viewpoint (Service Manager Viewpoint) - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: Service host (WdiServiceHost) - Unknown diagnosis.
O23 - Service: Diagnostic system host (WdiSystemHost) - unknown -.
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe
O23 - Service: XAudioService (XAudioService) - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: PnkBstrB (PnkBstrB) - unknown - C:\Windows\system32\PnkBstrB.exe
O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit security 360\IS360srv.exe

Hello

You can access Microsoft.com, McAffee.com, Symatec.com? Thinking you have a conficker.

Check with this site
http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

Alert on the Win32/conficker virus
http://support.Microsoft.com/kb/962007

Protect yourself from Conficker
http://www.Microsoft.com/security/worms/Conficker.aspx

How to remove the worm Downadup Conficker (Uninstall Instructions)
http://www.bleepingcomputer.com/virus-removal/remove-Downadup-Conficker

How to manually remove the Conficker worm
http://www.411-spyware.com/Conficker-worm-removal#how-to-remove

BDTool to remove
http://www.bdtools.NET/

-----------------------------------------------

Run the malware removal tool from Microsoft, add Prevx to detect any malware you have
the system and execution UnHackMe - then do the rest for you.

Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.

You should get this tool and its updates via Windows Update - if necessary, you can download it here.

Download - SAVE - go where go out you there - top - right click RUN AS ADMIN
(Then run MRT as shown above.)

Malicious removal tool from Microsoft
http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

Malwarebytes - a scanner at the request - update on the updates tab and run whenever you think malware.
http://www.Malwarebytes.org/

Here are some free online scanners to help the

http://www.eset.com/onlinescan/

http://www.Kaspersky.com/virusscanner

Other tests free online
http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1

also install Prevx to be sure that it is all gone.

Prevx - Home - free - small, fast, exceptional CLOUD protection, working with other security programs. It comes
a scan only, VERY EFFICIENT, if it finds something to come back here or use Google to see how to remove.
http://www.prevx.com/

Choice of PCmag editor - Prevx-
http://www.PCMag.com/Article2/0, 2817,2346862,00.asp

--------------------------------------------

Also do to the General corruption of cleaning.

Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup

Start - type this in the search box-> find COMMAND at the top and RIGHT CLICK – RUN AS ADMIN

Enter this at the command prompt - sfc/scannow

How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.Microsoft.com/kb/928228

Run checkdisk - schedule it to run at the next startup, then apply OK then restart your way.

How to run the check disk at startup in Vista
http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html

-------------------------------------------------

Run Malwarebytes when you can.

IE - Tools - Internet Options - Advanced - tab click on restore, and then click Reset - apply / OK

IE - Tools - Internet Options - Security - reset all Zones by default level - apply / OK

Close IE

IE - tools - manage Addons (for sure disable SSV2 if it is there, it is no longer necessary but Java always install
"(and it causes problems - you never update Java to go back in and turn it off again)." Search for other possible problems.

Windows Defender - tools - software explore - look for problems with programs that do not look right. Permit
are usually OK and "unauthorized" are not always bad. If in doubt about a program to ask about it here.

Could be that a BHO - BHOremover - free - standalone program, needs no installation, download and run - not all
are bad, but some can cause your question. (Toolbars are BHO)
http://securityxploded.com/bhoremover.php

Startup programs
http://www.Vistax64.com/tutorials/79612-startup-programs-enable-disable.html

Don't forget to do:

Logon as administrator

Start - type in the search box-> COMMAND - find on the list above - CLICK RIGHT - RUN AS ADMIN

Enter each of these one at a time and press ENTER after each

ipconfig/flushdns

nbtstat-r

nbtstat - RR

netsh int Reinitialis

netsh int ip reset

netsh winsock reset

Reset
------------------------------------------------------

Here are a few rootkits if it were a question:

SpyDLL Remover - free
http://securityxploded.com/spydllremover.php

Advanced Windows Service Manager
http://securityxploded.com/winservicemanager.php

Run the Rootkit Revealer - free
http://TechNet.Microsoft.com/en-us/Sysinternals/bb897445.aspx

UnHackme - trial
http://www.Greatis.com/UnHackMe/

This shows how to use UnHackme and includes a link to version 2.5 – use it as a guideline and current
available as version above is 5.5
http://safecomputing.umn.edu/guides/scan_unhackme.html

IceSword - free
http://www.AntiRootkit.com/software/IceSword.htm
Instructions and pictorial
http://securityxploded.com/IceSword.php
Tutorial for use of IceSword
http://translate.Google.com/translate?hl=en&SL=zh-CN&u=http://soft.zol.com.CN/2004/0803/145163.shtml&prev=/search%3Fq%3Dicesword%26hl%3Den%26lr%3D

I hope this helps.

Rob - bicycle - Mark Twain said it is good.

At the start of some games, I get a BSOD 0x000000f4

Hi every 1

Was the first time that I had this problem with Call of duty: modern warfare, now all of a sudden, I got it on testdrive unlimeted!

I never used to have any problem! But anyway, the problem in detail.

I have updated all drivers and all the stuff, reinstalled the games and every thing. So, when I start the game, it goes black and then comes up with the blue screen of death (BSOD). It is said that as a critical process or thread system was completed or something like that. The error code is 0x000000f4 (0 x 00000003, varies, varies, varies)

Here are the things to dump:

version.txt:

Windows NT Version 6.0 Build: 6002 SP2

Product (0 x 2): Windows Vista (TM) Home Basic

Edition: HomeBasic

BuildString: 6002.18209.x86fre.vistasp2_gdr.100218 - 0019

Flavor: Multiprocessor Free

Architecture: X 86

LCID: 1033

SysData.XML:

http://www.mediafire.com/?75sez5eg61uzos3

Mini072210 - 01.dmp:

http://www.mediafire.com/?8sn3yec7jkaesj8

Thanks for any help provided!

Jon

Hi Jon,

you get the following verification of bug: 0xF4 - CRITICAL_OBJECT_TERMINATION: This indicates that a process or thread crucial to system operation has unexpectedly left or came to an end.

The debugger says, wininit.exe led by gamexl.exe . What I see, it's spyware.

Run this tool and scan your PC for spyware:

http://www.Malwarebytes.org/MBAM.php

André

"A programmer is just a tool that converts the caffeine in code" Deputy CLIP - http://www.winvistaside.de/

BSOD with code stop 0x000000F4

Hello

My system Windows 7 embedded experience occasionally CRITICAL_OBJECT_TERMIONATION cose stop 0x000000F4. I used WinDbg to determine the root cause of the problem but could not make a lot of MEMORY. DMP, please throw some light on how to proceed further with this.

Here's the information I have from MEMORY. DMP, using windbg.

1: kd >! analyze - v
*******************************************************************************
* *
* Bugcheck analysis *.
* *
*******************************************************************************

CRITICAL_OBJECT_TERMINATION (f4)
A process or thread crucial to system operation has unexpectedly left or been
terminated.
Several processes and threads are necessary to the functioning of the
System; When they are finished (for some reason any), the system may not
function longer.
Arguments:
Arg1: 0000000000000003, process
Arg2: fffffa80086139f0, object of ends
Arg3: fffffa8008613cd0, name of the process image file
Arg4: fffff80001f8edb0, explanatory message (ascii)

Debugging information:
------------------

PROCESS_OBJECT: fffffa80086139f0

Nom_image: wininit.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: wininit

FAULTING_MODULE: 0000000000000000

Nom_processus: wininit.exe

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - the instruction at 0 x % lx 08 referenced memory at 0 x % 08 lx. The memory could not be %s.

BUGCHECK_STR: 0xF4_c0000005

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

CURRENT_IRQL: 0

ANALYSIS_VERSION: 6.3.9600.17336 (debuggers (dbg). 150226-1500) amd64fre

STACK_TEXT:
fffff880'189180 has 8 fffff800'02013982: 00000000' 000000f4 00000000 00000003' fffffa80'086139f0 fffffa80'08613 cd 0: nt! KeBugCheckEx
fffff880 '189180b 0 fffff800' 01fc10ab: ffffffff 'ffffffff fffffa80' 06d7fb60 fffffa80 '086139f0 fffffa80' 086139f0: nt! PspCatchCriticalBreak + 0 x 92
fffff880 '189180f0 fffff800' 01f44698: ffffffff 'ffffffff 00000000 00000001' fffffa80' 086139f0 00000000'00000008: nt! : NNGAKEGL: 'string' + 0x17ad6
fffff880 ' 18918140 fffff800' 01c8a8d3: fffffa80'086139f0 fffff800 'c0000005 fffffa80' 06d7fb60 00000000'011 ch. 0730: nt! NtTerminateProcess + 0xf4
"" fffff880 ' 189181 c 0 fffff800 ' 01c86e70: fffff800 '01cd711f fffff880' 18918b 38 fffff880 ' 18918890 fffff880 ' 18918be0: nt! KiSystemServiceCopyEnd + 0x13
"fffff880 ' 18918358 fffff800' 01cd711f: fffff880'18918 b 38 fffff880 ' 18918890 fffff880 ' 18918be0 00000000' 011c1f70: nt! KiServiceLinkage
fffff880 ' 18918360 fffff800' 01c8acc2: fffff880 '18918 b 38 00000000' 0000aab7 fffff880' 18918be0 00000000' 011c1a48: nt! : FNODOBFM: 'chain' + 0 x 49974
fffff880 '18918-00 fffff800' 01c8983a: 00000000'00000001 00000000' 011c0ce8 00000000' 776a9c01 00000000' 0000aab7: nt! KiExceptionDispatch + 0xc2
fffff880 '18918be0 00000000' 77698e3d: 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000000: nt! KiPageFault + 0x23a
00000000' 011c0cf0 00000000'00000000: 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000000: 0x77698e3d

STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

IMAGE_VERSION:

FAILURE_BUCKET_ID: X64_0xF4_c0000005_IMAGE_wininit.exe

BUCKET_ID: X64_0xF4_c0000005_IMAGE_wininit.exe

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:x64_0xf4_c0000005_image_wininit.exe

FAILURE_ID_HASH: {a2dbcacb-935a-5ba8-e51d-9f8a30f04f43}

Follow-up: MachineOwner
---------

Wininit.exe is a windows process, but do not know why it causing the BSOD.

These accidents were related to the corruption of memory (probably caused by a driver).

Run these two tests to check your memory and find which driver is causing the problem. Launch auditor. You don't need to run memtest again unless the auditor is not the cause, or you want to.

If you are overclocking anything reset by default before running these tests.

In other words STOP! If you don't know what it means that you're probably not

1-Driver Verifier (for full instructions, see our wiki here)

2-Memtest. (You can learn more about running memtest here)

On the user process start/exit Windows memory leak

I have more question just ask why batch file back in before the current ordering process properly release the .exe file, I see that some memory is not released at all. In other words, once again, I create and execute processes in the loop (here, to increase performance I do in parallel threads)

off @echo

IF "% ~ 2" == "" GOTO args

SET /A FIRST_ARG = "% ~ 1" * 1

IF % FIRST_ARG % EQU 0 goto single_thread

: multithreaded
for/l %% in (1, 1, % 1))
Start % ~ n0 thread % t %2
)
end goto

: single_thread
echo from %1 %2
: pushd z:

for/l %% in (1, 1, % 2))
Echo % iteratation 1%.
echo int hand ^ (^) {int a = 0; for ^ (; a ^< %%x00000="" ;="" a++^);="" return="" a;}=""> %1.c)}
GCC %1.c-o %1.exe - lm
%1.exe
)
: popd
end goto

: args
echo Usage1: % ~ n0 threadID executions
Use: 2 Echo% ~ n0 ^ ^.
ECHO have first created a number of discussions and execution second order with them
: output

You start with 30 1000 arguments to have 30 parallel processors in batches, each compiles a 1000 times program and runs it. The problem is that the memory develops its use

It's mine bug, you say? Where? In the end, I finished all batch processes. Memory consumption continued to increase. Yet, you see, he is not released. Is this ok? I noticed that my PC is starting to get excited. I can't even move a mouse after some 1000 CCG performs a loop with my simple program execution. PC becomes slow as hell and nothing helps to recover its restart performance but the machine. It seems that some memory leaks in Windows. It's not all recover when the process stops. Is this a known issue?

It seems to be question of Windows Professional. I can't reproduce it in Windows 7 Enterprise, which also gets the requested CPU easily 100%.

------

Update

Note that this cannot be an antivirus because I have disabled all the and here is the card memory of mine

Image name PID Session name Session # Mem use
========================= ======== ================ =========== ============
System Idle Process 0 0 24 K Services
System 4 0 1 320 K Services
Smss.exe 340 Services 0 144 K
Services of csrss.exe 516 0 992 K
Csrss.exe 592 Console 1 4 568 K
Wininit.exe 600 Services 0 256 K
Winlogon.exe 648 Console 1 292 K
Services.exe 692 0 6 056 K services
Lsass.exe 712 0 4 988 K services
LSM.exe 728 Services 0 1 680 K
Services svchost.exe 824 0 3 848 K
nvvsvc.exe 884 Services 0 252 K
nvSCPAPISvr.exe 908 Services 0 1 K 100
Svchost.exe 952 Services 0 4 396 K
Services svchost.exe 132 0 9 K 420
Services of svchost.exe 588 0 701 588 K
Services svchost.exe 780 0 6 484 K
Services svchost.exe 840 0 25 628 K
audiodg.exe 1088 Services 0 14 848 K
Services svchost.exe 1236 0 8 908 K
Spoolsv.exe 1364 Services 0 4 780 K
Services svchost.exe 1400 0 5 112 K
Services svchost.exe 1436 0 11 684 K
Services armsvc.exe 1548 0 216 K
AppleMobileDeviceService. 1576 services 0 1 396 K
BOINC.exe 1676 Services 0 2 704 K
mDNSResponder.exe 1768 Services 0 2 004 K
GfExperienceService.exe 1828 Services 0 268 K
Services of XSrvSetup.exe 1876 0 292 K
jtagserver.exe 1916 Services 0 272 K
httpd.exe 1948 Services 0 548 K
NvNetworkService.exe 1256 Services 0 412 K
Services nvstreamsvc.exe 1456-0-688 K
nvxdsync.exe 1584 Console 1 1 104 K
nvvsvc.exe 1340 Console 1 556 K
SNMP.exe 1428 Services 0 1 168 K
Services svchost.exe 2096 0 292 K
Services httpd.exe 2164 0 6 180 K
vmnat.exe 2244 Services 0 532 K
Services gcbarsvc.exe 2560 0 204 K
vmnetdhcp.exe 2600 Services 0 392 K
VMware - 2648 Services 0 524 K usbarbitrator64.ex
Services nvstreamsvc.exe 2676 0 3 132 K
conhost.exe 2684 Services 0 212 K
Vmware - authd.exe 2764 0 1 912 K services
Services mvraidsvc.exe 2960 0 3 432 K
Services svchost.exe 3548 0 264 K
ALG.exe 3588 Services 0 240 K
WUDFHost.exe 3752 Services 0 244 K
TaskHost.exe 4584 Console 1 6 988 K
4604 Console 1 928 K nvstreamsvc.exe
conhost.exe 4624 Console 1 400 K
DWM.exe 4840 Console 1 35 676 K
Explorer.exe 4864 Console 65 1 228 K
Console NvBackend.exe 4968 1 3 628 K
Console RAVCpl64.exe 5020 1 1 004 K
Console AppIntegrator64.exe 5052 1 252 K
GoogleCrashHandler.exe 944 Services 0 320 K
GoogleTalk.exe 160 Console 1 4 308 K
MSOSYNC. EXE, 1172 Console 1 2 284 K
Console Workrave.exe 264 1 10 308 K
Skype.exe 2860 Console 1 52 876 K
3556 Console 1 968 K nusb3mon.exe
acrotray.exe 3876 Console 1 476 K
boinctray.exe 624 Console 1 460 K
3504 Console 1 480 K gcbrmon.exe
gcbrmon64.exe 772 Console 1 412 K
5228 Services 0 252 K GoogleCrashHandler64.exe
Services wmpnetwk.exe 6100 0 4 236 K
Services svchost.exe 1864 0 26 684 K
Wuauclt.exe 1304 Console 1 420 K
Procmon.exe 705132 Console 368KO 1
Procmon64.exe 705204 Console 1 4 696 K
PROCEXP64.exe 1374272 Console 1 126 K 620
WmiPrvSE.exe 1377420 Services 0 6 864 K
chrome.exe 1015464 Console 1 127 740 K
chrome.exe 700500 Console 1 66 000 K
chrome.exe 1013924 Console 1 39 968 K
chrome.exe 1014888 Console 32 1 508 K
chrome.exe 639844 Console 1 69 256 K
WinRAR.exe 4236 Console 1 26 748 K
RAMMap.exe 1342448 Console 5 1 K 200
RAMMap64.exe 1331116 Console 1 790 112 K
chrome.exe 124224 Console 32 1 584 K
Notepad ++ .exe 1377448 Console 30 1 712 K
chrome.exe 634932 Console 1 93 284 K
cmd.exe 392796 Console 1 3 596 K
conhost.exe 1377564 Console 1 10 184 K
Tasklist.exe 1343860 Console 1 6 536 K
WmiPrvSE.exe 5124 Services 0 6 964 K

Note that there is nothing near the gigabytes. RamMap report, takes into account a few gigabytes

and the "Process" tab contains some gcc thouthand, cc1, as.exe, ld.exe, collect2.exe and other process that I started with gcc tools. I don't see in the list/process manager task, nor Process Explorer howerver. I can't RamMap them where?

I got the answer https://social.technet.microsoft.com/Forums/en-US/0b610346-fc53-4b39-8cfd-9737d265c3f4/physical-memory-leak-by-terminated-processes?forum=winservergen#0f4158fb-050b-477d-9489-ee7afb602d2e. (Sentinel) Aladdin drivers blocked the destruction of the process after it is removed from the list of processes.

Windows 7 pro 64 bit BSOD on start up

Hi, recently my computer keep BSOD start up (not all the time) that she nvr happen before.

I have a blue screen Viewer corrector and this is the error I get

Hi, recently my computer keep BSOD start up (not all the time) that she nvr happen before.
I have a blue screen Viewer corrector and this is the error I get

Empty the file 041914-23524 - 01.dmp
Crash Time 19/04/2014 12:10:13
Bug CRITICAL_OBJECT_TERMINATION control chain
0x000000f4 bug check code
Parameter 1 00000000'00000003
Parameter 2 fffffa80'0adf8b30
Parameter 3 fffffa80'0adf8e10
Parameter 4 fffff800'037cb7b0
Caused by the driver Ntoskrnl.exe
Caused by the address ntoskrnl.exe + 75bc0
Description NT Kernel & system files
Operating system Microsoft® Windows® product names
Company Microsoft Corporation
Version 6.1.7601.18247 (win7sp1_gdr.130828 - 1532) file
X 64 processor
Crash address ntoskrnl.exe + 75bc0
Address of the stack 1
Address of the stack 2
Address of the stack 3
Name of the computer
Full path
Processors of count 4
Major Version 15
Minor version 7601
262 144 dump file size

BugCheck F4, {3, fffffa800adf8b30, fffffa800adf8e10, fffff800037cb7b0}

Unable to load the image? \C:\Windows\system32\drivers\aswSP.sys, 0n2 error Win32

WARNING: Unable to verify timestamp for aswSP.sys

ERROR: Module load completed but symbols can be loaded for aswSP.sys

Probably caused by: wininit.exe

You must remove Avast. aswSP.sys is the Avast TDI filter driver. Replace Avast with Microsoft Security Essentials, while you establish if there are other problems affecting the stability of your computer.

Avast Removal Tool

http://avast-removal-tool.com/

Restart the computer, download, install, update the definitions and run a full scan with Microsoft Security Essentials:
http://www.Microsoft.com/en-GB/download/details.aspx?ID=5201

Download and install Malwarebytes (free version for users only - not the trial version), updated definitions and run in normal mode. Disable other security software while you do the analyses.
http://www.Malwarebytes.org/products/malwarebytes_free

When you have completed these tasks, please restart your computer, allow 1 hour for the system to operate before downloading more information so that the impact of the changes can become apparent.

Please provide a copy of your system information file. Type the system information in the search box above the Start button and press the ENTER key (alternative is select Start, all programs, accessories, System Tools, system information). Select file, Export and give the file a name noting where it is located. Not to place the cursor in the body of the report before exporting the file. The system creates a new information file system each time system information is available. You must allow a minute or two before the file is completely filled before exporting a copy. Please download to your OneDrive (formerly Sky Drive), share with everyone and post a link here. Normal mode preferred report. Please say if the report was obtained in safe mode.

Please download and share with everyone your event to your OneDrive Viewer Application copies of your System and logs and post a link here.

To access the system, log, select Start, Control Panel, administrative tools, Event Viewer, in the list on the left of the window, expand Windows logs and select System. Place the cursor on the system, select the Action in the Menu and record all events (the file default evtx type) and give a name to the file. Do the same for the application log. Don't provide filtered files. Do not clear the logs so that you have a persistent problem.

Wininit.exe

Similar Questions

Maybe you are looking for