TechSpot

Need help with all the sum-up minidumps..

By JasJas
Jun 11, 2007
  1. hiya,

    I just learned how to getting use with the WinDbg and i manage to sum-up all the minidumps and organized them into a list in .doc.... i tried to search around to look for the answers and eventough those crashes do not happen quite often but i wish to identify the problems.....

    I'm attaching the .doc in zip file due to the file size (113kb :dead: ) and would be very appreciated if someone could have a look...

    thanks
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    I have removed your zip file as it contains .doc files and these pose a threat from viruses.

    Go and read this thread HERE and see if it helps you to identify the culprit.

    If it doesn`t, attach 5 or 6 of your latest minidumps here. You can attach your minidumps directly as we accept .dmp files.

    Regards Howard :wave: :wave:
     
  3. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    thanks howard, i have checked the link that u provided before posting here - well i been using original internet security from NAV all the time and if it is posing a threat from viruses, should i throw these list back to symentec?

    and still there is another minidump worry me as it was referring to my graphic card, maybe i attach the latest minidump here so u can have look on it....
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I wasn`t saying NAV poses a threat, only that .doc files can carry viruses. I won`t open any .doc files, unless I know exactly where they`ve come from. ;)

    Your minidump crashes at nv4_mini.sys. This is your video card driver. It has a bugcheck of EA.

    0x000000EA: THREAD_STUCK_IN_DEVICE_DRIVER

    A device driver problem has caused the system to pause indefinitely (hang). Typically, this is caused by a display driver waiting for the video hardware to enter an idle state. This might indicate a hardware problem with the video adapter, or a faulty video driver.

    Try uninstalling/updating your video card drivers and see if that helps.

    Regards Howard :)
     
  5. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    opppsss...my mistake...:stickout:

    then i might need your help again to identify the rest of the attached minidumps...

    Note that one of the minidump dated 10/8/2006 was attached as it was happened consistantly where it crashed in the middle of the online gaming (Rakion). Eventough i quit the game today, i wish to indentify the problem behind it. And most of the attached minidumps, would it be my NAV problem just by seeing the process name in the debug report?

    Thanks again
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    It looks like your system may be infected with malware as one of your minidumps crashes with dump_wmimmc. This is nasty as far as I can tell.

    Go and read this thread HERE and post a HJT log as an attachment into this thread.

    Regards Howard :)
     
  7. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    thanks howard, how about the rest?
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I want to try and see the extent of any infection first, as trying to debug when there may be malware present is a waste of time. In fact, it`s quite possible that malware is the source of your problems.

    Regards Howard :)
     
  9. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    oo thanks....i m working with the link u provided and will post it up later - but still if it is malware then i might really need to ask for explaination from symentec.....
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    There`s lots of different kinds of malware, some of which no antivirus programmes will pick up.

    Regards Howard :)
     
  11. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    well i think at least should inform those "symentecian" about this case...

    and here is the attached logfile from HJT...

    thanks again :)
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    No major problems there.

    I`d like you to go HERE and follow the instructions in steps 6, 11, 12 and 14.

    Post the AVG Antispyware and Combofix logs and let me know the results of the AVG Antirootkit scan.

    Regards Howard :)
     
  13. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    btw i just notice i do have 7 svchost.exe ...should it be a problem? since it suppose to be 4-5 ...

    edit : thanks howard....will work on the link u provided tonite coz goin to college now :( 8:30 a.m. d at my place...
     
  14. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    7 svchost.exe processes running is not unusual and is probably nothing to worry about. Providing svchost.exe is running from the c:\windows\system32 folder it`s legit. If it`s found to be running from any other location, it`s malware.

    Regards Howard :)
     
  15. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    following the steps provided from the link :

    1. nothing was found by using AVG anti-rootkit and i dont find any logfile within it....
    2. combofix quarantined the .ini file which is not visible to NAV/my eye :confused: and with this i attach the logfile here.
    3. by using AVG Anti-Spyware, 113 of cookies and 1 adware.minibug were detected as infected objects...here's the attached log...
     
  16. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

  17. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    ????
    like i said, i used WinBdg to ....to 'read' (cant think of the verb now) the minidumps.....yet i got those all organized into .doc but fearing for threat of viruses so i attached all the minidumps here....or should i organized them into .txt file?
     
  18. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Do you have Setup Factory 6.0 installed on your system?

    If not, please have the following file checked out over at Jotti`s

    Please visit this link http://virusscan.jotti.org/
    * Click the Browse... button
    * Navigate to the following file C:\WINDOWS\iun6002.exe

    * Click Open
    * Please let me know the results.

    Also, delete the following bold folder.

    C:\Program Files\Common Files\Real\WeatherBug

    Then, run the Ccleaner programme as per step9 of the instructions HERE.

    Let me know how your system is running.

    Regards Howard :)
     
  19. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    tested as mentioned from the http://virusscan.jotti.org/, nothing was found and as for ccleaner, most of the things deleted were .log, .txt , all cookies , .idx , .ink , .xml , .qtch , .sol , .class and .gif .

    BTW : what is the use for factory setup? and regarding on the minidump containing dump_wmimmc., the process name involved was CCAPP.EXE which my NAV.....same goes other minidumps which were CCSVCHST.EXE and SYMTDI.SYS....
     
  20. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Info on Setup factory can be found HERE.

    Since your minidumps identify NAV, maybe it`s time to consider getting rid of it. I`ve seen so many problems caused by that programme. Then see if your system becomes stable.

    You can find a removal tool HERE.

    Good free alternatives can be found below.

    AVG free or Avast antivirus programmes.

    Zonealarm, Kerio or Comodo free firewall programmes.

    Regards Howard :)
     
  21. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    wow...the problem is the NAV i have now is just renewed quite recently, maybe i need to start to bombard those symentec people...sigh....

    and i found out problem with AVG even that 'paid' AVG could not able track some trojan like Umbrontok or something which really runing famous in my campus that NAV could able to track..... sigh again...
     
  22. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I`ve been using AVG for a number of years and I`ve never had any problems whatsoever.

    There is no single antivirus programme in existence that will find and kill every type of malware. If that were the case, we`d all be running it. ;)

    Symantec/Norton is complete crap and I wouldn`t have it anywhere near my system. It`s a resource hog and is way to problematic.

    Regards Howard :)
     
  23. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    is there any else than AVG? because w32.rontokbro.U@mm, Trojan.Qhosts and w32.rajump are kinda running wild in my campus' pcs and i found out that AVG could not able to detect them... one of them is quite troublesome as they lock all those admin control with password, it happen to a few of my campus friends' pc who used either paid AVG or free AVG version....that's what is worrying me from switching NAV to AVG...

    P/S : few of my friend's pc was infected by mentioned trojan on above and after their HDD is cleaned, they could not able to open window task manager or use the "run" function....as msg will pop out saying "locked by admin" or something - is there anyway to cure this situation other than reformat them?
     
  24. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    As I said, no single antivirus programme can possibly remove everything and Symantec/Norton is just a pathetic piece of software in my opinion.

    If you don`t mind paying for antivirus protection, then Kaspersky or Nod32 are two of the very best.

    As for task manager being disabled by an infection, it`s usually fairly easy to solve.

    Get your friends to join Techspot and follow all the instructions HERE. Then, they should open a new thread in our Security and the Web forum and post the requested logfiles.

    Regards Howard :)
     
  25. JasJas

    JasJas TS Rookie Topic Starter Posts: 25

    hmm...i might have to consider it and thanks howard - will ask my friends to join here for more info :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...