 Xp Media Center 2002 Edition Sp1 - Service Pack 2 Won't Install, Service Pack 2 won't install, IE perm, can't hit update.micros |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.| Important Announcement: The winners of the BC Million Post contest have been announced. You can read who the winners are at this post. - BleepingComputer Management |
  |
 Sep 6 2008, 06:45 AM
Post
#1
|
|
|
New Member  Group: Members Posts: 8 Joined: 6-September 08 Member No.: 236,417  |
This has made it difficult to run some new software and malware is now blocking me from even loading the update.microsoft.com page. Before the malware problem got as bad as it is, I was able to hit update.microsoft.com, but the system just died every time I attempted to install an update. I have tried downloading the exe file from microsoft.com for "if your update does not work automatically" on another comp and copying it on a card over to the problem one, but this does not work. In addition, I can't install the new IE 8 and I can't entirely remove the old IE 6. I have used the Control Panel uninstall Windows Components, but the files are still on my drive and iexplore.exe is often running in Task Manager, no matter how often I close it from there. I have tried manually deleting the files, yet they reappear. I have tried going through regedit and manually deleting anything which remotely referred to IE, although one key I think reappears when I do this. Regardless, the files reappear and I cannot upgrade to the current version. I'll post about the malware issue in the other forum, but I'm totally stumped on the Windows upgrade problem and I think this has been a gateway to others. This post has been edited by affkatt: Sep 6 2008, 07:25 PM |
 |
 
|
|
Sep 6 2008, 08:04 AM
Post
#2
|
|
 Visually handicapped, hence the avatar :0) Group: Moderator Posts: 14,526 Joined: 2-October 05 From: Southeastern CT, USA Member No.: 35,824 |
The 2 most common reasons for a failure to update to Service Pack 2 are:
1) Malware 2) Incompatible drivers So, first you've got to make sure that all the malware is off of your system. Once that's done, then you can go about updating the drivers to SP2 compatible versions. FWIW - I'm moving this over to the Am I Infected forum where the experts can assist you in cleaning your system up. -------------------- - John
**If you need a more detailed explanation, please ask for it. I have the Knack. ** |
|
|
|
|
Sep 6 2008, 09:25 AM
Post
#3
|
|
 Visiting Alien Group: Members Posts: 4,959 Joined: 20-May 07 From: millenium falcon and rockytop Member No.: 131,963 |
Welcome to BleepingComputer
I would like to suggest at sometime in this process you consider a clean install, when a computer has had malware for quite some time the operating system may get so corrupt we can't repair it, especially if you don't have the right CD. You might attempt removing malware to help be able to backup critical files before reinstalling I was under the impression that the updates for MCE were called rollups 1 and 2 and somewhere it changes to MCE 2004/2005 would you try a scan and clean with MBAM first? http://www.bleepingcomputer.com/forums/ind...mp;#entry935291 -------------------- Chewy
life is like a box of chocolates and stupid is as stupid does but you can always run |
|
|
|
|
Sep 6 2008, 06:51 PM
Post
#4
|
|
|
New Member Group: Members Posts: 8 Joined: 6-September 08 Member No.: 236,417 |
QUOTE(DaChew @ Sep 6 2008, 09:25 AM)  Welcome to BleepingComputer I would like to suggest at sometime in this process you consider a clean install, when a computer has had malware for quite some time the operating system may get so corrupt we can't repair it, especially if you don't have the right CD. You might attempt removing malware to help be able to backup critical files before reinstalling I was under the impression that the updates for MCE were called rollups 1 and 2 and somewhere it changes to MCE 2004/2005 would you try a scan and clean with MBAM first? http://www.bleepingcomputer.com/forums/ind...mp;#entry935291 I'm hoping to avoid a clean install, but I realize I may be out of luck. I've used MBAM now. It sure did find some stuff. I was going to make a separate thread about the infection part, but since I am already in here, I'll post my HijackThis log and a list of what I've tried in this thread. Thanks for the welcome :-) What is MCE? This post has been edited by affkatt: Sep 6 2008, 07:07 PM |
|
|
|
|
Sep 6 2008, 07:05 PM
Post
#5
|
|
|
New Member Group: Members Posts: 8 Joined: 6-September 08 Member No.: 236,417 |
Okie dokie, so I've been making a really concerted effort to get the malware off of this computer and I think I'm making headway, but it is not there yet. Here is what I've run:
I ran VundoFix and it did not find anything, although it had found Vundo and removed it in the past. I'm not positive I used the most current version of this, but everything else I know I used the current version. I ran AdAware and, at first, the system kept crashing trying to run it. Finally got it to run by unchecking the autorepair. Ran thorough scan. It found a lot of stuff, but the system was still running crazy slow after removals, IE was still appearing to be running in Task Manager and could not be deleted, and still could not hit Microsoft update or download pages. SpyBot keeps finding registry values trying to change themselves when I'm not even on that machine. I keep telling it to Deny. I ran MBAM quick scan and it found 44 more things AdAware had not. System started behaving much more properly after this. Ran MBAM thorough scan and did not find anything additional. Ran Stinger and it seemed to think it found a bunch of stuff and quarantined it, but I think it was just finding old things in compressed files in the trash of an archived copy of Netscape, not anything which was really currently acting on the machine. I let it do its thing anyway. TrendMicro Housecall found some vestiges of Vundo and another Trojan first time through. And here is my HijackThis log: Logfile of HijackThis v1.99.1 Scan saved at 4:45:52 PM, on 9/6/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\WINDOWS\ehome\ehSched.exe C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe C:\Program Files\SONY\sHotKey\sHotKey.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\System32\WDBtnMgr.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe C:\WINDOWS\ehome\ehmsas.exe C:\WINDOWS\System32\ezSP_Px.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\PROGRA~1\Live365\Radio365\Radio365TrayAgent.exe C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe C:\Program Files\PIXELA\ImageMixer 3 SE\CameraMonitor.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe C:\Program Files\My Book\WD Backup\uBBMonitor.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Trillian\trillian.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Forrest Black\Desktop\HijackThis.exe C:\Program Files\Allaire\HomeSite 4.5\homesite45.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blueblood.net R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blueblood.net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.we1.attbb.net:8000 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.attbb.net R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = N1 - Netscape 4: user_pref("browser.startup.homepage", "http://lifeofvice.com/tgp.html"); (C:\Program Files\Netscape\Users\affiliates\prefs.js) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: (no name) - {1ebbdfb7-9917-4ca0-a930-592b19c552d1} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {993DC475-77D7-4C70-8956-A9A5E66511E1} - (no file) O2 - BHO: (no name) - {9CF9F87A-AF6D-4C23-BAC7-4E59FBBDE040} - (no file) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe" O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] "C:\Program Files\Norton Internet Security\UrlLstCk.exe" O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [EPSON Stylus CX9400Fax Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFA.EXE" /FU "C:\WINDOWS\TEMP\E_SA7D.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Radio365Agent] C:\PROGRA~1\Live365\Radio365\Radio365TrayAgent.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Forrest Black\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe O4 - Global Startup: ImageMixer 3 SE Camera Monitor.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe O4 - Global Startup: Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Privacy protector monitor - {52F18EF2-6030-4DD8-9B21-2B09A0959C2D} - (no file) (HKCU) O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - O20 - Winlogon Notify: hggheee - hggheee.dll (file missing) O20 - Winlogon Notify: vtuvuvw - vtuvuvw.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing) O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing) O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing) O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing) O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe My apologies that some of these lines wrap, but I had to email the log to myself on another computer, as the infected one does not want to go to BleepingComputer.com. It is like the malware knows BleepingComputer.com shall destroy it. |
|
|
|
|
Sep 6 2008, 07:10 PM
Post
#6
|
|
|
New Member Group: Members Posts: 8 Joined: 6-September 08 Member No.: 236,417 |
Oops, I was going to make a new thread for the malware (vs. the operating system probs) once I had the HijackThis log, but then I was thinking this was already in that forum. Apologies for doing it wrong.
|
|
|
|
|
Sep 6 2008, 08:10 PM
Post
#7
|
|
 Computer Masochist Group: Moderator Posts: 8,463 Joined: 27-January 07 From: Cleveland, Ohio Member No.: 108,618 |
I have moved your Topic that includes a HijackThis log here to the Misplaced HJT Logs forum. You posted your log in a forum not intended for HijackThis logs analysis and probably missed the directions we provide to those who require assistance. We can only allow topics with such logs in the HijackThis Logs and Malware Removal forum. This restriction is to ensure you get the best help available, from those who specialize in malware anlaysis and removal. It also should prevent you from receiving ineffective or even potentially dangerous advice, whether well meaning or not.
Prior to posting a HJT log, we ask that you please read and follow all instructions in the pinned topic titled Preparation Guide For Use Before Posting A Hijackthis Log. Following the steps in this Guide will allow the HJT Team to quickly help you with specific fixes for what may remain on your system. Please complete all the steps in the Guide. If you have performed some of them already, then just continue with the next. If you can't perform a step, then skip it and continue with the next. The last step will include downloading and using the most current version of HijackThis if the first line of your log does not appear as follows: Logfile of Trend Micro HijackThis v2.0.2 Please note that it is important that HijackThis be run and a log created while in normal mode. If you run it and create your log while in safe mode, you will be asked to redo it again properly. When you have completed those steps, start a new topic in the HijackThis Logs and Malware Removal forum as directed in the Guide to post a new log. Please DO NOT post any more logs to this topic, or post a log again in the wrong forum. This Misplaced HJT Logs forum is strictly a holding area where the BC Staff can assist you with preparations for and to properly post your log. If you have a question or encounter a problem in the Prep Guide, please do post back to this topic; that is what it is here for. When your new HJT log is posted in the proper forum, please reply to this topic with a link to your new topic. Once that is done, a Member of the HJT Team will analyze your log and assist you with step by step instructions to clean your computer or otherwise advise what needs to be done. Thanks for your cooperation and good luck. The BC Staff -------------------- Mark
 why won't my laptop work? Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around Avatar by Handplane |
|
|
|
|
Sep 13 2008, 10:01 PM
Post
#8
|
|
 The Bookworm Group: Moderator Posts: 4,962 Joined: 14-July 06 From: Bloomington, IN Member No.: 76,150 |
QUOTE(affkatt @ Sep 6 2008, 08:10 PM) Oops, I was going to make a new thread for the malware (vs. the operating system probs) once I had the HijackThis log, but then I was thinking this was already in that forum. Apologies for doing it wrong. That's okay. We all goof up like that. I see that you since properly posted your log. From this point, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer. From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean. Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond. If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?". To avoid confusion, I am closing this topic. Good luck with your log. The BC Staff -------------------- Orange Blossom An ounce of prevention is worth a pound of cure ESET NOD32, AVG Anti-spyware Free, SuperAntiSpyware Pro, SpywareBlaster, Spybot 1.5, WinPatrol Plus, Sunbelt Personal Firewall - Full, Comodo BOClean 4.27, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 21st November 2008 - 11:59 PM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.