Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot run programs - Virus/Issue Unknown


  • This topic is locked This topic is locked
8 replies to this topic

#1 Britishinga

Britishinga

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 26 February 2010 - 05:00 PM

Hello all! (first time poster!)

I'm trying to help my girlfriend with her computer issues and I think it's a little beyond my expertise. She cannot go online, nor can she run some of the programs that she uses on a regular basis. Information follows...

First error ...
"iTunes was not installed correctly. Please reinstall iTunes. Error 7"
I click "ok"
Then another pops up with ...
A Microsoft Windows error .. "iTunes has stopped working. Windows can check for a solution to the problem."
Then it has two options to either "Check online for a solution and close the program." or "Close the program."
(iTunes is not open or running at this point)
It wouldn't open at all.
"To help protect your computer, Data Execution Prevention has close iTunes. Click to learn more."
popped up in the bottom right hand corner in a little speech bubble.

Trying to run internet explorer


I go to open Internet Explorer.
"explorer.exe"
"This file does not have a program associated with it for performing this action. Create an association in the Set Associations control panel."
I click ok.
"The item you selected is unavailable. It might have been moved, renamed, or removed. Do you want to remove it from the list? (Options for "Yes" and "No")


other programs aren't working that are giving you errors
Skype, but it's not really giving me any errors.
It keeps ringing even if I can't get a call to go through.
It won't uninstall.
"Are you sure you want to uninstall Skype 4.1? (Options for "Yes" and "No")
I click yes.
"Preparing to remove."
"An unidentified program wants to access your computer ..."
I click "Allow."
"Do you want to delete your Skype history? This will permanently remove all evidence of your calls and chats." (Options for "Yes" and "No)
I click yes.
"Please wait while Windows configures Skype 4.1" (this evenutally just disappears
"The following applications should be closed before continuing the install : Skype." (Options for "Automatically close applications and attempt to restart them after setup is complete" and "Do not close applications [A reboot will be required[")
I select "automatically close ..."
Click okay.
"Please wait while Windows configures Skype 4.1"
...anway, it never uninstalled



CLayoutHostWnd-Tooltip:YahooMessenger.exe-corrupt file

The file or directory C:\PROGRA~1\QuickTime is corrupt and unreadable please run the Chkdsk utility.


Tried running GMER, it froze and I had to reboot the computer. Tried to run GMER again and it it gave the Corrupt file error msg...

I replaced the file again with a freshly downloaded one (from a different computer) tried to run it and got this message...

"An unexpected error is preventing the operation. Make a not of this error code which might be useful if you get additional help to resolve this probelem : Error 0x80004005:unspecified error"

The DDS logs are below...

DDS.txt


DDS (Ver_09-12-01.01) - NTFSx86
Run by cat at 15:47:58.61 on Fri 02/26/2010
Internet Explorer: 7.0.6000.16982
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3326.1679 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\rpcnet.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\explorer.exe
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\cat\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uWindow Title = Microsoft Internet Explorer
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRunOnce: [UniblueRegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

============= SERVICES / DRIVERS ===============

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]

=============== Created Last 30 ================

2010-02-23 03:37:19 0 d-----w- c:\program files\COMODO
2010-02-23 03:22:12 0 d-----w- c:\program files\Eusing Free Registry Cleaner
2010-02-23 03:14:18 0 d-----w- c:\program files\Uniblue
2010-02-23 03:10:01 0 d-----w- c:\users\cat\appdata\roaming\Uniblue
2010-02-23 02:53:57 0 d-----w- c:\users\cat\appdata\roaming\GlarySoft
2010-02-23 02:49:39 0 d-----w- c:\program files\Glary Utilities
2010-02-23 01:40:32 2020136 ----a-w- c:\users\cat\SkypeSetup.exe
2010-02-19 17:30:01 0 d-----w- c:\program files\WinASO
2010-02-19 05:59:19 0 d-----w- c:\users\cat\appdata\roaming\Malwarebytes
2010-02-19 05:59:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-19 05:59:14 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-19 05:59:14 0 d-----w- c:\programdata\Malwarebytes
2010-02-19 05:59:14 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-18 23:23:41 0 d-----w- c:\programdata\Yahoo!
2010-02-18 23:22:11 0 d-----w- c:\program files\Yahoo!
2010-02-10 10:04:40 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 10:04:40 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 10:02:42 3502168 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 10:02:42 3467848 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-10 10:00:48 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 10:00:48 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-09 07:29:31 38 ----a-w- c:\windows\avisplitter.ini
2010-02-09 07:29:31 178176 ----a-w- c:\windows\system32\unrar.dll
2010-02-09 07:29:30 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-02-09 07:29:30 839680 ----a-w- c:\windows\system32\lameACM.acm
2010-02-09 07:29:30 414 ----a-w- c:\windows\system32\lame_acm.xml
2010-02-09 07:29:30 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-02-09 07:29:30 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-02-09 07:29:30 151552 ----a-w- c:\windows\system32\ac3acm.acm
2010-02-09 07:29:28 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-09 07:29:28 547 ----a-w- c:\windows\system32\ff_vfw.dll.manifest
2010-02-09 07:29:27 0 d-----w- c:\program files\K-Lite Codec Pack

==================== Find3M ====================

2010-02-24 14:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-19 02:50:58 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2010-02-19 02:50:56 56680 ----a-w- c:\windows\system32\rpcnet.dll
2010-02-17 22:41:31 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2010-01-22 10:01:53 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-22 10:01:52 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-22 10:01:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-22 10:01:49 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-01-22 10:01:46 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-01-22 10:01:45 56320 ----a-w- c:\windows\system32\iesetup.dll
2010-01-14 10:02:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-14 10:02:35 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-01-14 10:02:35 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-01-14 10:02:35 24064 ----a-w- c:\windows\system32\lpk.dll
2010-01-14 10:02:35 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-14 10:02:35 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-01-14 03:57:17 86016 ----a-w- c:\windows\inf\infstrng.dat
2010-01-14 03:57:17 86016 ----a-w- c:\windows\inf\infstor.dat
2010-01-14 03:57:17 51200 ----a-w- c:\windows\inf\infpub.dat
2010-01-09 21:49:58 48 ---ha-w- c:\programdata\ezsidmv.dat
2010-01-02 10:00:57 268800 ----a-w- c:\windows\system32\es.dll
2009-12-31 10:24:50 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-31 10:07:45 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-12-31 10:07:45 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-12-31 10:07:44 28344 ----a-w- c:\windows\system32\drivers\battc.sys
2009-12-31 10:07:44 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-12-31 10:07:44 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-12-31 10:07:44 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2009-12-31 10:07:44 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2009-12-31 10:07:44 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys
2009-12-31 10:07:43 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-12-31 10:07:03 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-12-31 10:07:02 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2009-12-31 10:06:16 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2009-12-31 10:05:49 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-12-31 10:05:49 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-12-31 10:05:49 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-12-31 10:03:42 61440 ----a-w- c:\windows\system32\ntprint.exe
2009-12-31 10:03:42 220160 ----a-w- c:\windows\system32\ntprint.dll
2009-12-31 10:03:42 1984512 ----a-w- c:\windows\system32\authui.dll
2009-12-31 10:03:42 120320 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2009-12-31 10:03:42 10240 ----a-w- c:\windows\system32\dhcpcmonitor.dll
2009-12-31 10:03:41 8138240 ----a-w- c:\windows\system32\ssBranded.scr
2009-12-31 10:03:41 69632 ----a-w- c:\windows\system32\sendmail.dll
2009-12-31 10:03:25 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-31 10:03:08 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-31 10:03:07 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-31 10:03:07 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-12-31 10:02:45 1645568 ----a-w- c:\windows\system32\connect.dll
2009-12-31 10:02:14 974336 ----a-w- c:\windows\system32\crypt32.dll
2009-12-31 10:01:04 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-31 10:01:02 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-12-31 10:01:02 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-12-31 10:00:59 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-31 09:03:58 56680 ----a-w- c:\windows\system32\rpcnet.exe
2009-12-31 08:49:42 174 --sha-w- c:\program files\desktop.ini
2009-12-31 05:59:53 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-12-31 05:59:53 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-12-31 05:59:53 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-12-31 05:59:53 272896 ----a-w- c:\windows\system32\polstore.dll
2009-12-31 05:58:49 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-12-31 05:58:49 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-12-31 05:58:49 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-12-31 05:57:24 15360 ----a-w- c:\windows\system32\netevent.dll
2009-12-31 05:57:24 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-12-31 05:57:23 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-12-31 05:57:23 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-12-31 05:57:23 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-12-31 05:57:23 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-12-31 05:57:23 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-12-31 05:57:23 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-12-31 05:57:23 10240 ----a-w- c:\windows\system32\finger.exe
2009-12-31 05:57:22 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-12-31 05:56:01 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-12-31 05:56:01 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-12-31 05:55:01 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-31 05:55:00 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-12-31 05:55:00 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-31 05:55:00 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-12-31 05:55:00 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-12-31 05:55:00 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-31 05:53:49 1260032 ----a-w- c:\windows\system32\msxml3.dll
2009-12-31 05:53:48 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-12-31 05:53:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-12-31 05:53:48 1406464 ----a-w- c:\windows\system32\msxml6.dll
2009-12-31 05:51:28 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-12-31 05:51:28 216576 ----a-w- c:\windows\system32\msv1_0.dll
2009-12-31 05:51:28 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-12-31 05:51:27 7680 ----a-w- c:\windows\system32\lsass.exe
2009-12-31 05:51:27 72704 ----a-w- c:\windows\system32\secur32.dll
2009-12-31 05:51:27 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2009-12-31 05:50:25 49664 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-31 05:50:25 376320 ----a-w- c:\windows\system32\winsrv.dll
2009-12-31 05:49:25 2855424 ----a-w- c:\windows\system32\mf.dll
2009-12-31 05:49:24 98816 ----a-w- c:\windows\system32\mfps.dll
2009-12-31 05:49:24 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2009-12-31 05:49:24 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-12-31 05:49:24 2048 ----a-w- c:\windows\system32\mferror.dll
2009-12-31 05:48:05 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-31 05:45:32 376832 ----a-w- c:\windows\system32\winhttp.dll
2007-02-21 19:49:52 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 15:48:22.76 ===============


Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/30/2009 9:38:18 PM
System Uptime: 2/18/2010 9:50:19 PM (186 hours ago)

Motherboard: Dell Inc. | | 0CF456
Processor: Intel® Core™2 CPU T7200 @ 2.00GHz | Microprocessor | 1667/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 98 GiB total, 21.924 GiB free.
D: is FIXED (NTFS) - 200 GiB total, 139.057 GiB free.
E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP110: 2/17/2010 8:51:28 PM - Scheduled Checkpoint
RP111: 2/18/2010 5:00:22 AM - Windows Update
RP112: 2/18/2010 6:32:41 PM - Windows Update
RP113: 2/18/2010 9:46:42 PM - Windows Update
RP114: 2/18/2010 9:53:46 PM - Removed Bonjour
RP116: 2/18/2010 9:54:27 PM - Configured OZ776 SCR Driver V1.1.3.9
RP117: 2/18/2010 9:55:37 PM - Removed Bonjour
RP118: 2/19/2010 1:56:29 AM - Removed Skype™ 4.1
RP119: 2/19/2010 1:58:29 AM - Removed Skype™ 4.1
RP120: 2/19/2010 2:01:04 AM - Removed Skype web features
RP121: 2/19/2010 2:03:27 AM - Removed Skype™ 4.1
RP122: 2/19/2010 2:05:50 AM - Removed Skype™ 4.1
RP123: 2/19/2010 2:07:04 AM - Removed Skype™ 4.1
RP124: 2/19/2010 5:00:10 AM - Windows Update
RP125: 2/20/2010 12:31:09 AM - Scheduled Checkpoint
RP126: 2/20/2010 5:00:10 AM - Windows Update
RP127: 2/21/2010 - Scheduled Checkpoint
RP128: 2/22/2010 - Scheduled Checkpoint
RP129: 2/22/2010 5:04:19 PM - Windows Update
RP130: 2/22/2010 10:37:09 PM - Installed COMODO System - Cleaner
RP131: 2/23/2010 12:45:09 AM - Removed Skype™ 4.1
RP132: 2/23/2010 12:47:38 AM - Removed Skype™ 4.1
RP133: 2/24/2010 - Scheduled Checkpoint
RP134: 2/25/2010 12:00:01 AM - Scheduled Checkpoint
RP135: 2/25/2010 1:49:23 AM - Windows Update
RP136: 2/25/2010 5:00:10 AM - Windows Update
RP137: 2/25/2010 10:28:25 PM - Windows Update
RP138: 2/26/2010 5:00:11 AM - Windows Update

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Apple Application Support
Apple Mobile Device Support
Apple Software Update
COMODO System - Cleaner
Eusing Free Registry Cleaner
Glary Utilities 2.20.0.831
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® PROSet/Wireless Software
iTunes
K-Lite Codec Pack 5.7.0 (Full)
Malwarebytes' Anti-Malware
mCorev32.ism_new
mCPlug
mDriver
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
mMHouse
mPfMgr
mWMI
OZ776 SCR Driver V1.1.3.9
QuickTime
Skype™ 4.1
Uniblue RegistryBooster 2010
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
WinASO Registry Optimizer 2.0.6
WinASO Registry Optimizer 4.5.3
Yahoo! Messenger
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

2/24/2010 6:10:18 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979306 (Update) into Resolved(Resolved) state
2/24/2010 6:09:48 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979099 (Update) into Resolved(Resolved) state
2/24/2010 6:09:18 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 937287-4_neutral_PACKAGE from package KB937287(Update) into Resolving(Resolving) state
2/24/2010 6:09:18 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 937287-3_neutral_PACKAGE from package KB937287(Update) into Resolving(Resolving) state
2/24/2010 6:09:18 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 937287-2_neutral_PACKAGE from package KB937287(Update) into Resolving(Resolving) state
2/24/2010 6:09:18 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB937287 (Update) into Resolving(Resolving) state
2/24/2010 6:09:18 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB937287 (Update) into Default(Default) state
2/24/2010 6:09:16 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB929777 (Update) into Default(Default) state
2/23/2010 6:10:00 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume1.
2/23/2010 6:05:25 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

==== End Of File ===========================


I'm going to try to get GMER to run...but, this is all the information that I have right now.

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:41 AM

Posted 01 March 2010 - 06:42 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 Britishinga

Britishinga
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 01 March 2010 - 10:52 PM

I'm subscribed, here, and awaiting your instructions! Thanks for the assistance!
thumbup2.gif



#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:41 AM

Posted 02 March 2010 - 07:58 AM

Hello,

This looks much more like a system issue than a malware issue.

The error reports are more indicative of operating system corruption but I need to check this.

Firstly, are you able to boot into safe mode correctly?

Secondly, have you got the repair disk for the machine?

Finally, is there anything on the PC which makes you think there may be more than just a system problem? Do you know if your girlfriend downloaded anything or if there was one particular time when all these errors suddenly started to happen?


Depending on the answers to those questions I will either attempt to fix the PC or refer you to another forum more suitable to the problem. thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#5 Britishinga

Britishinga
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 02 March 2010 - 01:25 PM

I don't have a repair disk. She recently downloaded "updates" for her computer...I'm really not sure if they were from Microsoft or not...I was thinking that it might be the spurious yellow shield..."antivirus 2010" I believe? But, it seems really odd that it just started all of a sudden after she downloaded these updates...

Edited by Britishinga, 02 March 2010 - 01:54 PM.


#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:41 AM

Posted 02 March 2010 - 06:12 PM

The updates were from Microsoft and if you look at the two bottom entries on the Event Log they show a corruption.

QUOTE
2/23/2010 6:10:00 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume1.
2/23/2010 6:05:25 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.


The updates failed due to this.


We are going to run chkdsk which will verify and repair the file system

Step One: Click Start, select Run

Step Two: In the box, type cmd

Step Three: Click Ok

Step Four: Run the chkdsk utility by typing in the following command:

chkdsk c: /f /r

NOTE: The /f command automatically fixes any errors encountered, the /r command locates bad sectors and recovers readable information.

Step Five: A reboot is normally required for the chkdsk program to lock the disk and run correctly (this is typical on machines that have only one volume), so simply restart the computer and chkdsk will run automatically. When it's finished, (This process can take quite a while depending on the size of your disk, etc.), it will boot back to normal Windows.

On Rebooting the PC you will see the disk being checked.

This process will take, on average, about an hour.

Let me know how the PC behaves after this has been run. thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#7 Britishinga

Britishinga
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:41 AM

Posted 03 March 2010 - 12:44 PM

I tried doing this, but the shutdown froze. Held down the power button and when it restarted, it didn't run chkdsk. Grr...

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:41 AM

Posted 03 March 2010 - 02:42 PM

Sounds like you've got some real issues.

I will have to refer you to the Vista forum for some non malware-related advice.

Link to this topic if you like so they can see that this is not a malware issue.

Good luck. thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:41 AM

Posted 07 March 2010 - 08:16 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. smile.gif

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users