Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IExplorer starts normally except when called by another pgm "Blank Page"


  • This topic is locked This topic is locked
24 replies to this topic

#1 JoanneMT

JoanneMT

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Florida
  • Local time:04:24 AM

Posted 27 February 2013 - 11:51 PM

Hello - I am running XP - SP3 (except .NET is at SP2). Scans have found trojans and deleted, Today after removing the trojans I used CCLeaner to delete a meg of junk files. I have been running RKILL before scans. When MS Security Essentials (MSSE) found trojans, I got these two error messages

:

C:\DOCUME~1\HP_OWN~1.HP-\LOCALS~1\Temp\WER4966.dir00\iexplore.exe.mdmp
C:\DOCUME~1\HP_OWN~1.HP-\LOCALS~1\Temp\WER4966.dir00\appcompat.txt

 

I am not sure when this started, it has been at least a couple of weeks. I update MSSE when I start a session.

 

Today during a scan, it kept turning off MSSE and wouldn't allow the report to Microsoft to debug. Here are the messages I got. Other than IE8 not being able to execute when called by another program, the PC is running ok. But I do see the desktop being "scanned" whenever I start the machine up. (All the icons appear to be read) as they jump as the scan appears to run across the desktop.:

TROJAN: JS/Seedabutor.b
found by MSSE 2/23/13/ quarantined (I did not see that until today 2/27/13. I deleted the files and the machine ran fine after reboot. Error messages were as follows:

 

MsMpEng.exe  application error

the instruction at "0x5a334ee3" referenced memory at "0x00000012". The memory could not be "written".

press "ok" to terminate or "cancel" to debug (it wouldn't debug)

When I pressed cancel. Got message:

antimalware service executable has encountered a problem and needs to close. (occurred running super anti spywware) scan

 

it stopped MSSE several times while using notepad to document the messages.. The report to MS said:

szAppName : MsMpEng.exe     szAppVer : 4.2.223.0     szModName : mpengine.dll
szModVer : 1.1.9203.0     offset : 00234ee3    

 

Thank you! I need to logoff for the night.


Edited by hamluis, 28 February 2013 - 10:10 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

    Almost Retired


  • Members
  • 9,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:07:24 PM

Posted 28 February 2013 - 12:43 AM

Hello -

A question, and some links that may help you with downloads -

(except .NET is at SP2). < < You will find that .NET Framework 3.5 is required for many Internet downloads and updates.
Do you have Windows Updates set to download so that you can install them ??

Please use these 2 links to download .NET Framework 3.0 and 3.5 direct from M/soft - .NET 3.0 and .NET 3.5

 

Please post back if there is any reason that you can not download either of these. They are dated 2007.

 

Thank You -



#3 .X.

.X.

  • Members
  • 490 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:24 AM

Posted 28 February 2013 - 02:53 AM

Microsoft .NET Framework 3.5 contains many new features building incrementally
upon .NET Framework 2.0 and 3.0, and includes .NET Framework 2.0 service
pack 1 and .NET Framework 3.0 service pack 1.

 

There is no need for 2.0 or 3.0 when you install 3.5.



#4 frankp316

frankp316

  • Members
  • 2,425 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 28 February 2013 - 05:43 AM

This is not true. .NET Framework is different. Different apps require different versions to run.



#5 .X.

.X.

  • Members
  • 490 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:24 AM

Posted 28 February 2013 - 06:08 AM

When you install 3.5, 3 versions are installed. 2.0, 3.0 and 3.5.



#6 noknojon

noknojon

    Almost Retired


  • Members
  • 9,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:07:24 PM

Posted 28 February 2013 - 06:36 AM

OK - Enough of this - .NET Framework installs

Please remember that we all want to help JoanneMT.

NOTE: I have only offered the updates in parts, in case there was any problem with incremental updates -

 

Thank You -

 



#7 .X.

.X.

  • Members
  • 490 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:24 AM

Posted 28 February 2013 - 07:28 AM

Again the MS quote with emphasis added to the important part.

 

Microsoft .NET Framework 3.5 contains many new features building incrementally
upon .NET Framework 2.0 and 3.0, and includes .NET Framework 2.0 service
pack 1 and .NET Framework 3.0 service pack 1.

 

http://www.microsoft.com/en-us/download/details.aspx?id=25150

 

 

.NET Framework 3.5

Version 3.5 of the .NET Framework was released on 19 November 2007, but it is not included with Windows Server 2008.
As with .NET Framework 3.0, version 3.5 uses the CLR of version 2.0. In
addition, it installs .NET Framework 2.0 SP1, (installs .NET Framework
2.0 SP2 with 3.5 SP1) and .NET Framework 3.0 SP1 (installs .NET
Framework 3.0 SP2 with 3.5 SP1)

 

http://en.wikipedia.org/wiki/.NET_Framework_version_history#.NET_Framework_3.5


Edited by .X., 28 February 2013 - 07:34 AM.


#8 hamluis

hamluis

    Moderator


  • Moderator
  • 43,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:24 AM

Posted 28 February 2013 - 10:08 AM

Can we...stick to the topic...assisting the OP...please?

 

The topic is NOT MS.NET Framework.

 

Thank you...on behalf of the OP and others following this topic.

 

Louis



#9 JoanneMT

JoanneMT
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Florida
  • Local time:04:24 AM

Posted 28 February 2013 - 02:14 PM

Gee, hello everybody!!! Sorry I haven't been online to work this. Thanks for the .net discussion, I will use a link for .net 3.5 and hope it brings the other versions up as well.  I have to agree about the increments being required... I deleted all of them once long ago, and got into lots of trouble.  I really appreciate ALL of your input.  

 

When I used the word "scan" in my problem statement, I meant it in the "Star Trek" sense.  I actually see icons or a page flutter (or blink) across the desktop icons and sometimes when I open a page.

 

Did the error messages say anything to someone?



#10 JoanneMT

JoanneMT
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Florida
  • Local time:04:24 AM

Posted 28 February 2013 - 03:05 PM

was microsoft .net framework 3.5 service pack 1.
 
As it started to download, it gave me an option to do a repair install or remove  .NET 1.1 SP1.  I chose the "repair" option that downloaded to a directory named c:alphanumeric characters
 
During the download-repair, it stopped and gave a message that "download is complete you can now disconnect from the internet"  The download stopped until I pulled the cord and I never saw it complete.
 
Now, looking at add/remove programs, .NET 1.1 has no size (it's gone) and there is a readme file telling me to use the original source of .NET, complicated like the old DOS days.
 
I did update this machine from SP2 to SP3 BEFORE all the instructions of how to do this were published by Microsoft.  I spent at least a week until I found I was at a dead end. Then some fix came out and my PC updated.  Occasionally I will see a reference to XP SP2.  I am using REVO uninstaller to remove old programs and their remnants. It even re-scans for leftover files and takes me to a place in the Registry, highlighting the files that need to be deleted (I get to put a check mark next to each file; sometimes open a folder as well).  Scans run faster now that I delete old backups and create a new restore point after a Trojan is declared cleaned by one of the scanners I use (all recommended somewhere at Bleeping).
 
I'm still getting the blank explorer page when called by e.g. the .NEt setup framework window to "download and install the latest service packs and security updates for this product"
 
Maybe I should have let it delete the SP1 .NET programs instead of repairing it...  I'm going to reboot now.


#11 noknojon

noknojon

    Almost Retired


  • Members
  • 9,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:07:24 PM

Posted 28 February 2013 - 05:07 PM

Hello -

Sorry for the discussion above - It got a bit beyond what is usual for here, and was Off Topic.

It seems that you know how to use Revo, and only tick the Highlighted items, not everything -

 

We may be able to decypher a few errors and see if you do have all correct installed versions of programs.

Please download MiniToolBox, Save it to your desktop and run it.
 Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).

From here we may find which way to go -

 

Also: Please post a snapshot with Speccy for more system details, and include the Make and Model of computer.
How to Publish a snapshot with Speccy <<-- Bleeping Computer Directions Here

 

Thank You -



#12 JoanneMT

JoanneMT
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Florida
  • Local time:04:24 AM

Posted 28 February 2013 - 07:38 PM

Hi noknojon, thank you for your response, and confirming my use of RevoUninstaller.  One of the reports I ran (before posting here) said I had over a thousand entries in my Hosts file, so I researched and deleted all the entries. Whatever is here was written within the last couple of weeks or a month.  That "HelpAssistant" user account is nothing I defined nor does it show on my safe boot page. I really like uninstalling programs, so if you see junk on MiniTool, I'll be happy to delete it.  Thank you again for your time :thumbup2:      Please advise if you wanted the Speccy report snapshot pasted in this reply. I gave you the link below, but might have to post twice, sorry, having trouble with words today.
 
Here is system information from a Hijack This report back in December. It said I have a few Conflicts/Sharing. Would you like me to run it again and send you the whole report?
 
 
System Name    HP-27E1513D96    
System Manufacturer    HP Pavilion 061    
System Model    PX181AV-ABA d4100y    
System Type    X86-based PC    
Processor    x86 Family 15 Model 4 Stepping 4 GenuineIntel ~2800 Mhz    
BIOS Version/Date    Phoenix Technologies, LTD  3.17, 4/20/2006    
SMBIOS Version    2.4    
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Mini Tool
 
 
MiniToolBox by Farbar  Version: 25-11-2012
Ran by HP_Owner (administrator) on 28-02-2013 at 18:12:27
Running from "C:\Documents and Settings\HP_Owner.HP-27E1513D96\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
    
    127.0.0.1        localhost
 
========================= IP Configuration: ================================
 
Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
Error obtaining configuration for interface Local Area Connection.
                                                    Note:  I do not have the other PC turned on, I've tried to turn OFF the sharing between my PCs.
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : HP-27E1513D96
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
 
        Physical Address. . . . . . . . . : 00-15-F2-0B-0B-39
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.0.3
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.0.1
 
        DHCP Server . . . . . . . . . . . : 192.168.0.1
 
        DNS Servers . . . . . . . . . . . : 65.32.5.111
 
                                            65.32.5.112
 
        Lease Obtained. . . . . . . . . . : Thursday, February 28, 2013 5:48:19 PM
 
        Lease Expires . . . . . . . . . . : Thursday, February 28, 2013 6:48:19 PM
 
Server:  dns-redir-lb-01.tampabay.rr.com
Address:  65.32.5.111
 
Name:    google.com
Addresses:  74.125.229.228, 74.125.229.229, 74.125.229.230, 74.125.229.231
      74.125.229.232, 74.125.229.233, 74.125.229.238, 74.125.229.224, 74.125.229.225
      74.125.229.226, 74.125.229.227
 
 
 
Pinging google.com [173.194.37.142] with 32 bytes of data:
 
 
 
Reply from 173.194.37.142: bytes=32 time=28ms TTL=51
 
Reply from 173.194.37.142: bytes=32 time=28ms TTL=51
 
 
 
Ping statistics for 173.194.37.142:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 28ms, Maximum = 28ms, Average = 28ms
 
Server:  dns-redir-lb-01.tampabay.rr.com
Address:  65.32.5.111
 
Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=466ms TTL=48
 
Reply from 98.138.253.109: bytes=32 time=742ms TTL=48
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 466ms, Maximum = 742ms, Average = 604ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 0b 0b 39 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.3      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0      192.168.0.3     192.168.0.3      20
      192.168.0.3  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255      192.168.0.3     192.168.0.3      20
        224.0.0.0        240.0.0.0      192.168.0.3     192.168.0.3      20
  255.255.255.255  255.255.255.255      192.168.0.3     192.168.0.3      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/28/2013 00:41:06 PM) (Source: Application Hang) (User: )
Description: Hanging application notepad.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (02/27/2013 06:19:28 PM) (Source: Application Error) (User: )
Description: Fault bucket -855937560.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.
 
Error: (02/27/2013 06:19:16 PM) (Source: Application Error) (User: )
Description: Fault bucket -855937560.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.
 
Error: (02/27/2013 06:18:53 PM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.2.223.0, faulting module mpengine.dll, version 1.1.9203.0, fault address 0x00234ee3.
Processing media-specific event for [MsMpEng.exe!ws!]
 
Error: (02/27/2013 06:17:53 PM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.2.223.0, faulting module mpengine.dll, version 1.1.9203.0, fault address 0x00234ee3.
Processing media-specific event for [MsMpEng.exe!ws!]
 
Error: (02/27/2013 06:17:33 PM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.2.223.0, faulting module mpengine.dll, version 1.1.9203.0, fault address 0x00234ee3.
Processing media-specific event for [MsMpEng.exe!ws!]
 
Error: (02/27/2013 06:17:20 PM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.2.223.0, faulting module mpengine.dll, version 1.1.9203.0, fault address 0x00234ee3.
Processing media-specific event for [MsMpEng.exe!ws!]
 
Error: (02/27/2013 06:17:12 PM) (Source: Application Error) (User: )
Description: Fault bucket -855937560.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.
 
Error: (02/27/2013 06:17:06 PM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.2.223.0, faulting module mpengine.dll, version 1.1.9203.0, fault address 0x00234ee3.
Processing media-specific event for [MsMpEng.exe!ws!]
 
Error: (02/27/2013 06:16:50 PM) (Source: Application Error) (User: )
Description: Faulting application MsMpEng.exe, version 4.2.223.0, faulting module mpengine.dll, version 1.1.9203.0, fault address 0x00234ee3.
Processing media-specific event for [MsMpEng.exe!ws!]
 
 
System errors:
=============
Error: (02/28/2013 06:07:08 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2013 09:53:32 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2013 07:47:53 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2013 06:19:31 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 11 time(s).
 
Error: (02/27/2013 06:18:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 engine has been terminated due to an unexpected error.
 
    Failure Type: %%830
 
    Exception code: 0xc0000005
 
    Resource: file:C:\WINDOWS\System32\smss.exe
 
Error: (02/27/2013 06:17:55 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 engine has been terminated due to an unexpected error.
 
    Failure Type: %%830
 
    Exception code: 0xc0000005
 
    Resource: process:pid:3820
 
Error: (02/27/2013 06:17:50 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 engine has been terminated due to an unexpected error.
 
    Failure Type: %%830
 
    Exception code: 0xc0000005
 
    Resource: file:C:\WINDOWS\system32\dpcdll.dll
 
Error: (02/27/2013 06:17:37 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 10 time(s).
 
Error: (02/27/2013 06:17:35 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 engine has been terminated due to an unexpected error.
 
    Failure Type: %%830
 
    Exception code: 0xc0000005
 
    Resource: process:pid:604
 
Error: (02/27/2013 06:17:30 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 engine has been terminated due to an unexpected error.
 
    Failure Type: %%830
 
    Exception code: 0xc0000005
 
    Resource: file:C:\WINDOWS\system32\dpcdll.dll
 
 
Microsoft Office Sessions:
=========================
Error: (02/28/2013 00:41:06 PM) (Source: Application Hang)(User: )
Description: notepad.exe5.1.2600.5512hungapp0.0.0.000000000
 
Error: (02/27/2013 06:19:28 PM) (Source: Application Error)(User: )
Description: -855937560
 
Error: (02/27/2013 06:19:16 PM) (Source: Application Error)(User: )
Description: -855937560
 
Error: (02/27/2013 06:18:53 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.2.223.0mpengine.dll1.1.9203.000234ee3
 
Error: (02/27/2013 06:17:53 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.2.223.0mpengine.dll1.1.9203.000234ee3
 
Error: (02/27/2013 06:17:33 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.2.223.0mpengine.dll1.1.9203.000234ee3
 
Error: (02/27/2013 06:17:20 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.2.223.0mpengine.dll1.1.9203.000234ee3
 
Error: (02/27/2013 06:17:12 PM) (Source: Application Error)(User: )
Description: -855937560
 
Error: (02/27/2013 06:17:06 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.2.223.0mpengine.dll1.1.9203.000234ee3
 
Error: (02/27/2013 06:16:50 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.2.223.0mpengine.dll1.1.9203.000234ee3
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX (Version: 11.6.602.168)
Adobe Flash Player 11 Plugin (Version: 11.6.602.168)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
BufferChm (Version: 53.0.13.000)
CameraDrivers (Version: 5.0.0.290)
CameraDrivers (Version: 5.0.0.328)
CP_CalendarTemplates1 (Version: 53.0.13.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CueTour (Version: 53.0.13.000)
CVE-2012-4792
DefaultTab (Version: 2.2.3.0)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
ESET Online Scanner v3
Fax (Version: 50.0.206.000)
Google Chrome (Version: 65.61.49249)
Google Update Helper (Version: 1.3.21.135)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HijackThis 2.0.2 (Version: 2.0.2)
HP Boot Optimizer (Version: 1.0.2)
HP Deskjet Printer Preload (Version: 10.1.0)
HP Document Viewer 5.3 (Version: 5.3)
HP Image Zone 5.3 (Version: 5.3)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Organize
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Cameras 5.0 (Version: 5.0)
HP Product Assistant (Version: 100.000.001.000)
HP Product Detection (Version: 11.14.0006)
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 53.0.13.000)
Intel® PRO Network Connections Drivers
IntelliMover Data Transfer Demo
Internet Explorer (Enable DEP)
InterVideo WinDVD Player
InterVideo WinDVD Player (Version: 5.0-B11.789)
LightScribe  1.4.42.1 (Version: 1.4.42.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Baseline Security Analyzer 2.2 (Version: 2.2.2170)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works (Version: 08.04.0623)
MSN
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
muvee autoProducer 4.0 (Version: 4.00.050)
NewCopy (Version: 50.0.206.000)
NVIDIA Drivers
PanoStandAlone (Version: 53.0.13.000)
PhotoGallery (Version: 53.0.13.000)
PSPrinters08 (Version: 8.01.0000)
PSTAPlugin (Version: 8.01.0000)
QuickTime (Version: 7.73.80.64)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.206.000)
Revo Uninstaller 1.94 (Version: 1.94)
Revo Uninstaller Pro 3.0.2 (Version: 3.0.2)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Secunia PSI (3.0.0.6001) (Version: 3.0.0.6001)
Shared C Run-time for x86 (Version: 10.0.0)
SkinsHP1 (Version: 53.0.13.000)
SolutionCenter (Version: 50.0.152.000)
Sonic_PrimoSDK (Version: 53.0.13.000)
Sound Blaster Audigy 4 (Version: 1.0)
Status (Version: 53.0.13.000)
SUPERAntiSpyware (Version: 5.6.1014)
TrayApp (Version: 53.0.13.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Updates from HP (remove only)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 1022.41 MB
Available physical RAM: 446.35 MB
Total Pagefile: 2458.13 MB
Available Pagefile: 1979.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.7 MB
 
========================= Partitions: =====================================
 
1 Drive c: (HP_PAVILION) (Fixed) (Total:226.44 GB) (Free:209.11 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.42 GB) (Free:0.39 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\HP-27E1513D96
 
Administrator            Guest                    HelpAssistant            
HP_Owner                 SUPPORT_388945a0         SUPPORT_fddfa904         
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
 
 http://speccy.piriform.com/results/HUOdOmEbC3a2FiKN5RXwJCS
 
I published a snapshot (before I re-read your instructions) and when I tried to "open in browser", I got the blank Explorer page again. Explorer is not the default browser, in fact I did not set one. I usually use Chrome. If I am successful, an HTML of the Speccy report will appear below or in the next paste 
 
 Operating System
    Microsoft Windows XP Home Edition 32-bit SP3
CPU
    Intel Pentium D 820
    SmithField 90nm Technology
RAM
    1.00 GB Dual-Channel DDR2 @ 333MHz (5-5-5-15)
Motherboard
    ASUSTek Computer INC. LITHIUM (Socket 775)    40 °C
Graphics
    VG2030wm (1680x1050@60Hz)
    256MB NVIDIA GeForce 6200SE TurboCache (ASUStek Computer Inc)
Hard Drives
    233GB SAMSUNG SP2504C (SATA)    37 °C
Optical Drives
    SONY DVD RW DRU-842A
    IDE-DVD DROM6216
Audio
    Creative Audigy Audio Processor (WDM)

Edited by JoanneMT, 28 February 2013 - 07:42 PM.


#13 noknojon

noknojon

    Almost Retired


  • Members
  • 9,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:07:24 PM

Posted 28 February 2013 - 07:50 PM

Hi -

HJT logs are not allowed in this area, and you would need to repost in Malware Removal area for this.

However HJT has not been used for diagnostics unless as a last resort -

 

Give me some time to find what the errors relate to, and I will get back later -

 

Thank You -



#14 noknojon

noknojon

    Almost Retired


  • Members
  • 9,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:07:24 PM

Posted 28 February 2013 - 08:41 PM

One of the reports I ran (before posting here) said I had over a thousand entries in my Hosts file, so I researched and deleted all the entries.

Hi -

As an extra, please note that I have about 1,500 entries in my Hosts file. But as I research many items here, I am often sent to sites that require a longer Hosts file to block advertising and pop-ups -

This is often a good thing and I update my Hosts file from MVP Hosts and other areas.

The basic 127.0.0.1 localhost is not always enough to protect from all bad items.

Just a point I missed in my last comment -

 

Thank You -



#15 JoanneMT

JoanneMT
  • Topic Starter

  • Members
  • 175 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Florida
  • Local time:04:24 AM

Posted 28 February 2013 - 11:06 PM

Hello nokojon, thank you for the info on the Hosts file. I had no idea it was protection. Your explanation is much appreciated.   From now on, my research will always start at Bleeping.

 

I forgot to report this error: A "program" named CVE-2012-4792 cannot be removed. I get an installer error:

"Warning: can't delete value '{a1447a51-d8b1-4e93-bb19-82bd20da6f2}.sdb' under registry key

'Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe'

 

The Installer Error message and Add/Remove Programs will not be closed, and I have to reboot to get rid of it. I think this appeared after I uninstalled all Java and JavaRe.  I haven't noticed a problem not having Java on the machine.

 

 

Thank you again for your time and kind education.


Edited by JoanneMT, 28 February 2013 - 11:24 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users