Posts by DMR

1. FixWareout didn't run correctly, and that bothers me. Please try downloading, reinstalling, and running the program again. I gave two download links for FixWareout; use the alternate link this time, just in case there was/is a problem with the file on the download site you did use.

2. The latest HJT log you posted is missing the top portion (compare it with your previous logs). Please post a full log.

3. Clear your DNS cache to remove possible leftover entries from the "rogue" DNS servers:

* Click on the "Run..." option in your Start menu. In the "Open:" box of the resulting window, type "cmd" (omit the quotes) and hit Enter. This will bring up a DOS window
* At the DOS prompt, type the following command and hit Enter. Close the DOS box once the command completes:
ipconfig /flushdns

4. Let's verify that (among other things) you are now using valid, non-malicious DNS servers:

* Click on the "Run..." option in your Start menu. In the "Open:" box of the resulting window, type "cmd" (omit the quotes) and hit Enter. This will bring up a DOS window
* At the DOS prompt, type the following command and hit Enter. You won't see any result from the command, but when it completes a second prompt with a flashing cursor will be displayed; close the DOS box once that happens:
ipconfig /all >ipconfig.txt

The above command …

You're welcome. :)

Also, check the O17 entries if ya don't recognize the IP there.

Those IPs (which point to rogue/bogus DNS servers) are the work of the Wareout parasite. Wareout also drops hidden, malicious files on the system, which will need to be removed.

chazzman, please do the following:

You will need to close/quit all open programs now, and will be disconnected from the Internet for some of the following, so you should print out these instructions or save them into a text file with Notepad.

* Download FixWareout from one of these sites and save it to your desktop :
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

* Download and install the free 14-day trial version of ewido anti-malware:
http://www.ewido.net/en/download/

* Open ewido. In the main screen, click "Update" and click "Start Update". Don't run a scan with ewido yet; after the update process completes, just close the program.

* Run FixWareout. Click Next, then Install, then make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
When your system reboots, follow the prompts. Afterwards, HijackThis will launch. Please click Scan, and check the following items (the actual filename may have changed slightly, as it did before, but the entry will be similar enough):
O4 - HKLM\..\Run: [dmwck.exe] C:\WINDOWS\system32\dmwck.exe

Click …

in order to post it i would have to write it down and type it out on another computer...

Assuming that you can dodge the Blue Screen of Death long enough, you could copy the hijackthis.log file to a floppy or CD and post it from another computer. If that isn't possible, I'll work from the last log you posted, but get us a new log if you can.

OK- I'm assuming that none of the suggestions in the Blue Screen message apply. That is, you have plenty of free space on the drive, haven't installed/changed any hardware recently, haven't made any changes in the BIOS, and haven't tried to update any hardware drivers yet, right?

If the culprit isn't one of the things mentioned in the BSOD message, there are two other common causes for 0x8E errors: one is a conflict (usually memory-related) caused by a legit but malfunctioning startup program/process/service; malware would be the second culprit.

Is it at all possible to run another HJT scan and post the new log? I'd like to get a current list of your running programs and services from that log; we may be able to narrow down the suspect by disabling your non-critical software until we hit on something that, when disabled, changes or eliminates the problems.

...the computer doesn't boot from cd

Check the boot device order in the computer's BIOS configuration; the CD-ROM needs to be placed before the hard drive in the boot device sequence.

... a blue screen comes up and says windows is shuting download with codes and ideas

Please give us the full and exact contents of the Blue Screen message; you need to be as specific as possible if you want us to help you most efficiently.

I have a Fujitsu-Siemens Scenic eB with 128MB RAM but would like at least 256MB RAM. How do I get it?

The eB series will definitely support up to 512MB of RAM (later models probably support 1G or more, but I can't confirm that). What size of individual RAM modules you can use depends on how many RAM slots your particular motherboard has. If the mobo only has 2 slots, you can install (2) 128MB modules for a total of 256MB, or (2) 256MB modules for a total of 512MB. I'd suggest tossing out the existing 128M module and buying 2 256M modules; the more RAM you have the better. Also, buying modules of the same brand and speed is a good idea in terms of stability and performance.
The eB machines use the following type of RAM module: 168-pin PC133 SDRAM DIMM

I also need at least a 32MB Transform & Lighting Video capable video card. How do i find out if i've got this and where can i get one? Please help! Thsi is all the get The Sims 2 game.

According to your DXDiag report, you have the NVIDIA RIVA TNT2 card, which, although it does have 32M of RAM, unfortunately does not support T&L as far as I know. I'm not up on the current gaming-oriented video card offerings, but I'm sure you can find online reviews and comparisons of the different cards that are available.

You have the patience of a saint.

... lol. If so, patience is as close as I'll ever get to that one! :mrgreen:

Thanks for the follow up, Terry. I'll mark this one as (finally) solved now...

Due to the fact that the member who originally started this thread has not responded in quite a long time, this thread is considered abandoned and has been closed.

In accordance with our posting rules, other members having similar problems should start their own threads and post their questions there. In order to help us help you most quickly, please include as much information about your problem as possible in your posts.

If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.

Thank you.

Hi Cloud9,

First of all- welcome to DaniWeb :)

We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

Please start your own thread and post your question there, along with the problem history/details that you've included here.

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_policies

Thanks for understanding.

Please tell us the exact pattern of the beeps, and the make of the BIOS (if you know it). The different BIOS beep code patterns indicate different faults; if we can "decode" your beep pattern, we may be able to pinpoint the likely location/cause of the fault.

After putting in new hardware my computer...

What hardware did you install? Did the newly-installed hardware physically obstruct the free flow of air within the chassis?
Judging from your description, whatever you added is generating enough extra heat (or blocking the airflow enough) to cause the fans to kick up a notch in an attempt to keep the temp at a safe level. The fact that the problems really exhibit themselves when you're gaming (games drive a system pretty hard) indicates that you may need to beef up your case-cooling scheme.

Some systems (including some Optimas, I think) come with a special "recovery partition", which you can boot to by pressing a certain key just as your computer is starting up. The original setup files are on that partition, and you can start a reinstallation of your Windows partition from there. Some of the common recovery partition access keys are F2, F11, and F12, but watch your screen carefully as the computer boots; if the system has a recovery partition, it might display a message which tells you which key to press.

Ok, I have windows ME

Sorry to hear that. :mrgreen:

The colors are speckly and it says its working on 16 colors, isnt it supposed to work on 32 or something?? ...i have tried to install several different display adapters but to no avail. It keeps saying there is a conflict with 2 different hardware or something??

You can use Windows' Device Manager to determine the model of graphics card you have, as well as what pieces of hardware are having problems/conflicts. This Microsoft article has information on using Device Manager to pinpoint problematic hardware and resource conflicts. Follow the suggestions in the article and get back to us with your findings. When you repost, please give us full and exact details; you need to be as specific as possible in order for us to help you most efficiently.

Is there any way that I could post my system drivers on here and get links to downloads?

You can certainly do that. I can't guarantee that our members have the time to go searching for drivers for you, but I'm sure people will post links/suggestions if they have them.

1. Try using the wifi adapter with no other USB devices connected and see if that makes a difference.

2. Your event logs may have some clues in them. Open the Event Viewer utility in your Administrative Tools control panel and look through your System and Application logs for entries flagged with "Error" or "Warning". Double-clicking on such an entry will open a properties window with more detailed information on the error; post the details from a representative sample of some of the different error messages (please don't post duplicates or flood us with the entire logs).
To do so:
In the Properties window of a given entry, click on the button with the graphic of two pieces of paper on it; the button is at the right of the window just below the up arrow/down arrow buttons. You won't see anything happen when you click the button, but it will copy all of the details to the Windows clipboard. You can then paste the details into your next post here.

No problem at all- it's a very common thing for new members to do. :)
By the way: your HJTlog is clean, but if you want to check for/remove possible infections, then yes- install the most current updates for your antispyware and antivirus programs, run them in Safe Mode, and let them fix whatever they find. If you need help after that, start your own thread, and in it, post a new HJT log, the scan report log that ewido generated, and any specific questions you have.

Hi docisley1859,

First of all- welcome to DaniWeb :)

We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

Please start your own thread and post your questions and HJT log in that thread.

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_policies

Thanks for understanding.

Good- it looks like the rpcapd service is finally gone. What a bear!
You can safely delete the rpcapd.reg file on your desktop now; it's just a safety backup of the "pre-edited" state of the HKEY_LOCAL_MACHINE\SYSTEM Registry key. If something had gone wrong with the Reg edit that you did, we could have used it to undo the edit, but since you did the edit correctly we no longer need the backup. :)

Your HJT log is clean as well, although you can fix the following "leftover" from Webroot's Spy Sweeper program:
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

What is the model # of the eB (1141, 1183, etc.)? The specifications/capabilities of eB series vary slightly depending on the exact model #.

The first thing to do is to check the hardware manufacturer's websites; you'll find most of what you need on their support/download pages. Keep in mind that drivers for devices which are intergral to the motherboard (graphics chipsets, disk drive/USB controllers, etc.) are often bundled together into one motherboard update package. This saves you the trouble of hunting around for each individual component's driver.
If you need drivers for obscure or obsolete hardware, driverguide.com is a good resource. The site does require you to register as a member if you want to download, but the registration is free of charge.

This is more than a bit frustrating; I've never had so much difficulty removing that service, and I don't (at least from this distance) have any idea why we can't delete it.
The one thing left to try (before re-enabling Defender) is to go into the Registry and manually delete the rpcapd entry:

* Click on the "Run..." option under your Start menu.
* Type the following command in the resulting "Open:" dialog box and then hit Enter to open the Registry Editor: regedit
* In the left-hand column of the Editor, navigate to the My Computer\HKEY_LOCAL_MACHINE\SYSTEM folder.

- First, make a backup of the SYSTEM folder:
- Right-click on the SYSTEM folder and choose "Export" from the resulting menu.
- In the Export window, name the file rpcapd.reg and save it to your desktop.

- Once the backup file is saved:
* Beneath the HKEY_LOCAL_MACHINE\SYSTEM folder you will find subfolders named ControlSet001, ControlSet002, ControlSet003, etc. (there will also be a folder named CurrentControlSet, but we aren't concerned with that one).
* Under each of the ControlSet00x folders that exists on your system there will be a subfolder named "Services", and under one or more of those ControlSet00x\Services folders will be a folder named "rpcapd".
* For every ControlSet00x\Services\rpcapd folder found, right-click on that folder, choose the "Delete" option, and then choose "Yes" at the confirmation prompt.
* Reboot the computer. The rpcapd service should not still be present …

You're welcome :)
Let us know the results of your troubleshooting....

1. If you haven't opened up a laptop before, you might not want to go that route; getting some of those beasties open without breaking anything can be pretty difficult. Get a can of compressed air and spray it into the laptop's vents from the outside; that should force some of the crud out.

2. A RAM issue? Good thought; it definitely could be. You can "stress test" your RAM with two free utilities: memtest86, and Microsoft's Windows Memeory Diagnostic.

Somewhat obvious suggestions, but worth mentioning:

1. Simply uninstalling the software for those devices and reinstalling it from scratch will often clear up the freezing/hanging problem.

2. Wireless devices often have specific instructions regarding their installation. For example, the instructions for some NICs say to disable Windows' Wireless Zero configuration utility before installing, while others will tell you to install the NIC using Windows' Found New Hardware and Wireless Zero utilities. Additionally, some device's instructions say to install the software before connecting the device, but other's instruct that you install the device before the software. Follow your particular card's instructions carefully.

You need to provide more details.

- What version(s) of Windows are you running on each of the machines?
- Are the machines operating in a workgroup environment, or in a domain?
- Is the account under which you are are trying to log in disabled, as the message indicates?

I am certain it is because of the Netgear ProSafe 802.11g wireless firewall/print server (FWG114P) and the netgear ADSL modem router DG632 which I have.

Does the computer exhibit the symptom when connected directly to the modem? Testing that would help you determine whether or not the ProSafe is the issue.

Assuming you're using Windows XP:
The configuration software that ships with wireless cards often conflicts with XP's built-in wireless configuration utility, causing problems such as the one you describe. What basically happens is that either the Windows software or the card's software will take control of the card's functions, preventing the other utility's settings from having any effect.

To see if Windows is handling the wireless card:

* Right click on My Network Places and select Properties.

* Right click on the Wireless Network Connection icon. In the resulting context menu, you will see an "Enable" or "Disable" option; click that option and see what effect that has. If you seem to able turn the wifi card on/off by that method, do the following to see if you can release control of the card to the card's utility software:

* Right-click on the Wifi connection icon again, choose Properties, and then click the View Available Wireless Networks tab in the resulting Properties window.

* Check the status of the Let Windows Confiure my Wireless Network Settings option. If the box is checked, uncheck the box, click OK to apply the change, and then reboot the computer. (Note that your wifi card's software may have a similar option. If so, make sure that the setting of that option is set appropriately as well.)

* Once rebooted, see if the card's software can now control the card.

It could very well be a thermal problem in that case, especially given the fact that your HijackThis log shows no signs of malicious infections. If you do see any amount of dust/dirt/etc. build-up in the vents or on the fan, it would be a good idea to at least give the machine a good blast with a can of compressed air. If you're comfortable do it, open up the laptop's chassis to make sure all of the "guts" are getting a thorough cleaning.

Now it's begun shutting down at random ...

That could be heat-related. Does the machine have to be running for at least a little while before it crashes, or will it crash right after being turned on (that is, while it is still "cold")?

Are the air intake and exhaust vents free of dust? Shine a flashlight into the various opening around the sides of the machine; make sure that nothing is obstructing the airflow, and verify that the fan is working properly.

...I tried disabling Norton Security...

1. Did you make sure that it was completely disabled, or did you just choose the "disable" option from the Startup Tray context menu? If you only chose the "disable" menu option once Norton was up and running, the firewall was not entirely shut down. Go into the program's options/settings and turn off the option to start the firewall automatically when Windows boots. Reboot the machine after that and see if there's any change in the connectivity issue.

2. It's worth noting that Norton's firewall does have a history of glitching in ways that demand that the package be completely uninstalled and then reinstalled.

3. Can you even ping any sites, either by URL or IP address?

I've tried searching but there doesn't seem to be much around.

Except perhaps this, from the MSI website? :mrgreen:

I have found out that inless you can ID the type and manufacture of RAM you will most likely cause you're self problems.

Good point-- for performance and reliability reasons, it's best to use RAM modules of matched type, speed, and brand.

Please give us some history on the problem, and post as many details as you can about what exactly you mean when you say it won't boot (does the fan turn on? LEDs? Can you hear the drive spin? etc., etc.)

It sounds like you've tried some of the recommended troubleshooting steps, but more suggestions for finding/fixing the causes of such problems can be found here. Try those suggestions and repost with the details of your results.

is it possible that the power supply is dead...?

That's definitely a possibility; I'd suggest testing the DC voltages on the power leads to see if you're getting healthy voltages. Pinouts (with voltages) for the various ATX power connectors can be found here.

Cant be 2 faulty boards can it?

It definitely can (I've had it happen), but isn't the most likely scenario. Since you indicated that you've tried the usual troubleshooting steps with the mobo, RAM, and peripheral cards, I'd suspect the CPU.

Which folder? What version of Windows? Is it only this folder that has the problem? What are some of the details of the history of the problem?
In order for us to help you most quickly, you need to give us as much specific detail as possible.

Welcome, usguy; happy Easter to you as well! :)

Thanks, and welcome to our site! :)

Hi sallyssanctuary, welcome to DaniWeb. :)

To give you a truly definitive answer we would need to know the specifications of your motherboard (model# and version) and/or the specs of your BIOS, as those are the components that ultimately determine what RAM configurations will work with any given computer.
In general though (unless your computer is several years old), you should be able to add a 256M RAM module without issue. Given the relatively low price of RAM modules, I'd suggest scrapping the existing 128M module and installing 2 256M modules instead.

If you can give any details at all on the computer's specifications we can probably give you a more reliable answer.

Any other ideas on what i could try next would be great.

The pages in the Google search link in my last post have many troubleshooting suggestions; please try as many of those as possible and let us know the full, exact, and detailed results.

A word of advice before you dive in, though:
Be aware that the DMI Pool error is (with the exception of corrupted boot files) indicative of a low-level hardware problem, and the error itself is generated by the BIOS, not by the operating system software. This means that unless you are comfortable with and familiar with troubleshooting at a hardware/BIOS level, your safest bet would be to get someone qualified/experienced to help you out. It's easy to overlook something as simple as a broken pin on a data cable's connnector; and just as easy to make a (wrong) change in the BIOS which makes matters worse.

Strange that the power supply should decide to die coincidentally with the move to a new location...

Strange coincidence indeed, but computers do have a pretty twisted sense of humor some times, don't they?
Glad the new supply did the trick; beats having to replace the mobo, I guess...

And you dug up a 1 year old post just to share that with us? :mrgreen:

Is there a way to get the power supply to switch on in isolation, or is a signal from the mbo needed to get it to power up?

Well- yes, and... yes. Computer power supplies usually need to be connected to a load in order to fire up, so you'll need to leave the main power connector plugged into the motherboard. However, you can "jump start" the supply by shorting the Power On pin to ground manually. By doing that, you might be able to determine if the supply is putting out any juice at all (that it is, for example, at least capable of powering the fans). Details on the procedure, with a diagram of the mobo connector pinout, can be found here.

Also, is the power supply supposed to provide 12v to components, such as hard drives when it comes on?
It appears that the problem is in the power supply or the mbo.

Yes- when functioning correctly, the supply should provide +12V, -12V, +5V, -5V, and +3.3V on the mobo connector. It should provide +12 (Yellow) and +5 (Red) on the 4-pin drive connectors.

Try "hotwiring" the supply as described in the link I posted and let us know the results.

One pin of the supply cable to the motherboard has 5v and another 4.1v but the rest measure only a few mV (23.6mV to be exact).

The 5V line carries the standby voltage, which should be present whether the machine is booted or not. The 4.1V is obviously not standard/correct; did you measure that voltage under load, or not? That is, did you get that reading while the power supply cables were connected in their respective sockets, or while (all of) the power leads were disconnected?

Also- did you try booting with only the bare minimum of hardware attached/installed, and did you try the whole "process of elimination" hardware removal/replacement steps we suggested? IF not, please do so; it's about the only way you'll be able to pinpoint or rule out the problematic component.

...I have heard 98 SE came out AFTER ME because of the problems with it

No, SE was released to address problems with earlier releases of 98; the only thing released to address the problems ME has was a device called a hammer. :mrgreen:

Seriously though- if you can give us the make/model/version/revision of the video card, we may be able to point you to appropriate drivers.

Hmm- a light bulb has just clicked on in my tiny little brain, and it's a light which probably should have clicked on many posts ago:

You are running Windows Defender, and I have a feeling that Defender may be preventing the removal of the rpcapd service. One of Defender's jobs is to prevent changes to certain Windows components, including services, but in your case it may be doing too good of a job.

Please turn off/disable Defender and then try to delete the rpcapd service again. After that, reboot the computer, run HJT again, and fix the associated "023" entry if it is still present.
Let us know if the fix works this time.

Given that the computer was moved, something may have become unseated or loosened in the process. If so, it may not be that power supply itself is bad, but that a connection fault is preventing the system from powering up properly. The general troubleshooting drill is this:

* Disconnect all peripheral devices (printers, USB devices, etc.) and see if removing those items has any effect on the problem.

* Open the computer's case and:
- Remove and then firmly reseat the RAM modules.
- Do the same for all PCI cards.
- Check all power and data cable connections on the motherboard and all internal devices. Make sure the cables are firmly seated into their respective connectors.
- Look for (and smell for) signs of shorted connections, heat-damaged chips, etc.
- If you have (and know how to use) a voltmeter, check the internal power cables to see if they're supplying any kind of voltage. Normal, healthy voltages you'd expect to find on the different connectors would include 12V, 5V, and 3.3V.

* If you detect no physical signs of damage and have verified that the connections/cables are OK, but the system still does not boot:

Remove/disconnect all non-critical internal components and external peripheral devices. In other words, pare the system down to: the boot drive, 1 RAM module, the video card, mouse, keyboard, and monitor. If the system boots normally with that minimal configuration, reconnect the removed components one at …

If Bloodhound is finding nothing wrong, and you find its alerts distracting, you should be able to turn off or minimize the Bloodhound feature's activity. The exact setting for that varies depending on the specific version of Norton that you are using, but it's usually in the Advanced options area, and sometimes buried in a "Heuristics" submenu.