So something just suddenly came up on my computer....completely out of the blue.
I'm not sure how it happened, but it seems like the most likely option is a virus. I keep my computer very clean and protected, so off the top of my head I don't know how it happened, especially because it just suddenly hit really quickly. My computer has been working completely fine with no problems up until about 15 minutes ago...when suddenly everything just went down.
I came back from the grocery store and tried to open up Firefox, when I was presented with an error message telling me that Firefox had to close. I assumed that it must just be something that had happened to Firefox, and so I tried to open Safari. Safari crashed too. I then tried to open Windows Messenger, but it crashed.
My virus scanner was already open sitting in my tray at the bottom of the screen, so I brought it up and started a scan.
I tried opening up AdAware, and was successful, but it was not able to connect to the internet and get an update. I then started a scan...it failed in its scan about 1 minute into it and just hung. I tried opening up Spybot but it crashed. Internet Explorer successfully opened, but I wasn't able to connect to any websites. I then tried opening up Putty and WinSCP. WinSCP crashed. Putty opened but couldn't connect to anything.
After all this my virus scanner still had not found anything. I wanted to see my list of running processes, so I pressed CTRL+ALT+DEL, but even it failed to open, bringing up an error message.
I immediately opened up Cygwin, but it failed whenever it tried to "fork" any processes....thus not allowing me to run anything from Cygwin. I opened up Windows PowerShell and ran "ps" to see my list of running processes. I didn't see anything suspicious. "ps" succeeded on the first run, but my next attempt failed with another error message.
After this I immediately disconnected my internet connection from my wireless router, and then plugged myself directly into the wall jack. I ran "cmd" and tried "ipconfig /renew" (I was hoping I could try and access the internet with IE which was still open), but ipconfig failed and brought up an error message.
Most of the error messages that came up were all "memory access" errors. Some of them had to do with the inability to create a socket (Putty) or fork a process (Cygwin). One particular one gave me some useful information to go by: it said that "hhctrl.dll" and "psapi.dll" were not valid Windows images.
sooooo....after all of this I decided to stop my virus scanner which still hadn't found anything and I booted up using an Ubuntu DVD...which is what I am in right now.
It appears that PSAPI.dll is a very important dll file in Windows used for starting up processes. How this file could have been compromised is beyond me...
Has anyone ever had similar problems? Anyone have any suggestions?
I am wondering what will happen if I try to boot up back in to Windows. I am going to back up all my important data onto my external hard drive before I do that, however.
so what makes you think it was a virus?
google the md5sums for the dlls.
is there an av for windows that runs under linux?
PSAPI.dll contains... well, API. Specifically for processes & things.
Well, there's windows file protection system, which you could try... or not, since it might mess up everything else.
But you could try to download those libraries and replace them perhaps?
Quite honestly... that sounds like Windows, when something is FUBAR. My first, and continued reaction as I read, was "Have you tried rebooting?" A good swift kick to the nether regions seems to do Windows good when things are like that. ;) No version of Windows has ever given me great results in stability...
Now, if a reboot did not fix problems, I might then go on to question system integrity. Just my two cent, though.