Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

major issues with my pc


  • Please log in to reply
2 replies to this topic

#1 sadaf

sadaf

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:42 PM

Posted 19 April 2012 - 09:57 PM

I am feeling lucky since i found this site, i tried everything so im going to cross my fingers and let you help me hopefully.

my desktop is windows xp

i used firefox and internet explorer years ago but both browsers stop working completely, so I have been using google chrome. Problem with google is when I google anything the links redirect me to completely different page from where i was trying to go. when i start up my computer i get a lot of pop up blank screens showing up as hello4 on the tab. They eventually disappear. Also i see other pop up screens that come up and go so fast that i cant see any name or anything for it. google chrome crashes often for example in the last 5 hours crashed about 5-6 times. I also have this strange beetle looking icon on the start bar (task bar) next to the time display, that program is called VERITAS update manager, i cant open it cant delete it cant locate it on add/remove programs. There are many programs i cant recognize on my task manager list and in add/remove programs (tried to remove most), so screens keep popping as im typing which is so annoying because i have to click back on the text box to continue typing. other problem that started happening when all this started was i cant right click with my mouse anywhere, and its not a faulty mouse. Finally i can not shut down my computer normally have to hold down the power button or pull the plug because there are so many hello4 that need to close because it usually pops up hello4 end task (although i dont see the pop up hello4 screens) ...many times... and even when i once tried closing by hitting each end task, it still didnt shut down.

i feel like its all related and there is some infection somwhere. :( Please help.

thanks in advance !

:)

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:42 PM

Posted 19 April 2012 - 10:29 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 sadaf

sadaf
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:42 PM

Posted 22 April 2012 - 11:26 PM

here are the ones i got done , i was having trouble with malwarebytes antimalware... ill try that again tomorrow

1.security checkup
________________________________________________________________________________________
Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.6
Spybot - Search & Destroy
Java™ 6 Update 16
Out of date Java installed!
Adobe Flash Player ( 10.3.181.22) Flash Player Out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (3.6.25) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

WinPatrol winpatrol.exe
BillP Studios WinPatrol winpatrol.exe
``````````End of Log````````````
_______________________________________________________________________________________________

2.farbar ss

Farbar Service Scanner Version: 16-04-2012
Ran by Administrator (administrator) on 22-04-2012 at 19:18:52
Running from "C:\Documents and Settings\Administrator\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\System32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
fssfltr(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****
_____________________________________________________________________________________________

3. minitool box


MiniToolBox by Farbar Version: 18-01-2012
Ran by Administrator (administrator) on 22-04-2012 at 19:21:52
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:8893

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : sadaf

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : nyc.rr.com



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-0C-6E-A9-E5-06

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.104

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Sunday, April 22, 2012 7:00:28 PM

Lease Expires . . . . . . . . . . : Monday, April 23, 2012 7:00:28 PM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.228.71, 74.125.228.72, 74.125.228.73, 74.125.228.78
74.125.228.64, 74.125.228.65, 74.125.228.66, 74.125.228.67, 74.125.228.68
74.125.228.69, 74.125.228.70



Pinging google.com [72.14.204.113] with 32 bytes of data:



Reply from 72.14.204.113: bytes=32 time=18ms TTL=53

Reply from 72.14.204.113: bytes=32 time=19ms TTL=53



Ping statistics for 72.14.204.113:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 19ms, Average = 18ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=105ms TTL=51

Reply from 72.30.38.140: bytes=32 time=124ms TTL=51



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 105ms, Maximum = 124ms, Average = 114ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c 6e a9 e5 06 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.104 192.168.1.104 20
192.168.1.104 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.104 192.168.1.104 20
224.0.0.0 240.0.0.0 192.168.1.104 192.168.1.104 20
255.255.255.255 255.255.255.255 192.168.1.104 192.168.1.104 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/19/2012 11:58:27 PM) (Source: Application Error) (User: )
Description: Faulting application nmapp.exe, version 5.5.9170.0, faulting module unknown, version 0.0.0.0, fault address 0x00005c1c.
Processing media-specific event for [nmapp.exe!ws!]

Error: (04/19/2012 07:26:36 PM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (04/19/2012 07:26:14 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]

Error: (04/19/2012 05:20:13 PM) (Source: MsiInstaller) (User: Administrator)Administrator
Description: Product: Apple Software Update -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action SoftwareUpdate_UnregServer, location: C:\Program Files\Apple Software Update\SoftwareUpdate.exe, command: /UnregServer

Error: (04/19/2012 05:14:24 PM) (Source: Application Hang) (User: )
Description: Hanging application A~NSISu_.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/19/2012 05:14:24 PM) (Source: Application Hang) (User: )
Description: Hanging application A~NSISu_.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/19/2012 04:10:54 PM) (Source: Application Hang) (User: )
Description: Hanging application nmapp .exe, version 5.0.8267.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/19/2012 04:09:11 PM) (Source: Application Hang) (User: )
Description: Hanging application nmctxth.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/19/2012 04:08:59 PM) (Source: Application Hang) (User: )
Description: Hanging application msnmsgr.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/19/2012 04:08:50 PM) (Source: Application Hang) (User: )
Description: Hanging application msnmsgr.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (04/22/2012 07:15:27 PM) (Source: 0) (User: )
Description: WORKGROUP :1d192.168.1.104192.168.1.108

Error: (04/22/2012 07:12:29 PM) (Source: Service Control Manager) (User: )
Description: The Wired AutoConfig service terminated unexpectedly. It has done this 1 time(s).

Error: (04/22/2012 07:00:43 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (04/19/2012 10:19:55 PM) (Source: Service Control Manager) (User: )
Description: The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/19/2012 10:11:54 PM) (Source: Service Control Manager) (User: )
Description: The Process Monitor service terminated unexpectedly. It has done this 1 time(s).

Error: (04/19/2012 10:08:12 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (04/19/2012 09:10:21 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (04/19/2012 08:50:41 PM) (Source: Service Control Manager) (User: )
Description: The Process Monitor service terminated unexpectedly. It has done this 1 time(s).

Error: (04/19/2012 08:17:38 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (04/19/2012 07:42:07 PM) (Source: Service Control Manager) (User: )
Description: The Process Monitor service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (04/19/2012 11:58:27 PM) (Source: Application Error)(User: )
Description: nmapp.exe5.5.9170.0unknown0.0.0.000005c1c

Error: (04/19/2012 07:26:36 PM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (04/19/2012 07:26:14 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.55120.0.0.000000000

Error: (04/19/2012 05:20:13 PM) (Source: MsiInstaller)(User: Administrator)Administrator
Description: Product: Apple Software Update -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action SoftwareUpdate_UnregServer, location: C:\Program Files\Apple Software Update\SoftwareUpdate.exe, command: /UnregServer (NULL)(NULL)(NULL)

Error: (04/19/2012 05:14:24 PM) (Source: Application Hang)(User: )
Description: A~NSISu_.exe0.0.0.0hungapp0.0.0.000000000

Error: (04/19/2012 05:14:24 PM) (Source: Application Hang)(User: )
Description: A~NSISu_.exe0.0.0.0hungapp0.0.0.000000000

Error: (04/19/2012 04:10:54 PM) (Source: Application Hang)(User: )
Description: nmapp .exe5.0.8267.0hungapp0.0.0.000000000

Error: (04/19/2012 04:09:11 PM) (Source: Application Hang)(User: )
Description: nmctxth.exe0.0.0.0hungapp0.0.0.000000000

Error: (04/19/2012 04:08:59 PM) (Source: Application Hang)(User: )
Description: msnmsgr.exe0.0.0.0hungapp0.0.0.000000000

Error: (04/19/2012 04:08:50 PM) (Source: Application Hang)(User: )
Description: msnmsgr.exe0.0.0.0hungapp0.0.0.000000000


=========================== Installed Programs ============================

AAC Decoder (Version: 7.1.0)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 10 Plugin (Version: 10.3.181.22)
Adobe Fonts All (Version: 2.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Picture Software
AutoUpdate (Version: 1.1)
Betty Bad
Blackhawk Striker
Blasterball 2
Blasterball Wild
Brother MFL-Pro Suite MFC-290C (Version: 1.1.8.0)
Cisco Network Magic (Version: 5.5.09195.0)
Coloreal
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Connect (Version: 1.0.0.1)
Corel Paint Shop Pro Photo X2 (Version: 12.50.0001)
Dark Orbit
DivX Codec (Version: 6.9.1)
DivX Converter (Version: 7.1.0)
DivX Player (Version: 7.2.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.1.0.9)
DivX Web Player (Version: 1.5.0)
easy Internet sign-up
Free YouTube to iPod Converter version 3.2
Free YouTube to MP3 Converter version 3.2
Gadwin PrintScreen (Version: 4.4)
GamePlayLabs Plugin
Google Chrome (Version: 13.0.782.112)
H.264 Decoder (Version: 1.1.0)
hp center
HP Digital Imaging Album Printing 1.0 (Version: 1.00.0000)
HP Instant Support (Version: 4.03.03)
HP Memories Disc (Version: 1.0.5.806)
HP Photo and Imaging 1.1 - Photosmart Cameras (Version: 2.0.0000)
Inactive HP Printer Drivers (Remove only)
IntelliMover Data Transfer Demo
InterVideo MP3 XPack (Version: 1.2)
InterVideo WinDVD Player (Version: 4.0-B11.389)
iPod for Windows 2006-03-23 (Version: 4.7.0)
iTunes (Version: 9.0.1.8)
Java™ 6 Update 16 (Version: 6.0.160)
Junk Mail filter update (Version: 14.0.8117.416)
kuler (Version: 2.0)
LiveReg (Symantec Corporation) (Version: 2.2.5.1678)
LiveUpdate 1.80 (Symantec Corporation) (Version: 1.80.19.0)
Logitech Vid (Version: 1.01.1015)
Logitech Webcam Software (Version: 12.00.1280)
Managed DirectX (0900) (Version: 4.09.00.0900)
Men in Black II CROSSFIRE Trial Version
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
MKV Splitter (Version: 1.0.1)
Mozilla Firefox (3.6.25) (Version: 3.6.25 (en-US))
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyDVD
Network Magic (Version: 5.5.9195.0)
OpenOffice.org 3.1 (Version: 3.1.9420)
PaperPort Image Printer (Version: 1.00.0000)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Picasa 3 (Version: 3.8)
PigPen
Pinnacle VideoSpin (Version: 1.1.2.542)
PS2
Pure Networks Platform (Version: 11.2.09195.1)
Python 2.2 combined Win32 extensions
Python 2.2.1 (Version: 2.2.1)
Quicken 2003 New User Edition (Version: 12.00.0000)
QuickTime (Version: 7.64.17.73)
RecordNow (Version: 4.56)
RecordNow Update Manager (Version: 2.71)
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile USB Modem 1.0 Software
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
Segoe UI (Version: 14.0.4327.805)
Snowboard Extreme
Space Rocks
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
Suite Shared Configuration CS4 (Version: 1.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.6513)
WildTangent Channel Manager
WildTangent Updater
WildTangent Web Driver
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 24.6.2012)
WordPerfect Productivity Pack
WordPerfect Productivity Pack (Version: 10)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 1023.36 MB
Available physical RAM: 289.05 MB
Total Pagefile: 2462.25 MB
Available Pagefile: 1843.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.47 MB

========================= Partitions: =====================================

2 Drive c: (HP_PAVILION) (Fixed) (Total:114.49 GB) (Free:6.54 GB) NTFS

========================= Users: ========================================

User accounts for \\SADAF

Administrator Guest HelpAssistant
SUPPORT_388945a0 SUPPORT_fddfa904


**** End of log ****
___________________________________________________________________________________________________

4. asw mbr


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 21:36:17
-----------------------------
21:36:17.484 OS Version: Windows 5.1.2600 Service Pack 3
21:36:17.484 Number of processors: 2 586 0x209
21:36:17.484 ComputerName: SADAF UserName:
21:36:20.250 Initialize success
21:39:09.984 AVAST engine defs: 12042201
21:39:17.000 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:39:17.000 Disk 0 Vendor: Maxtor_6Y120L0 YAR41BW0 Size: 117246MB BusType: 3
21:39:17.187 Disk 0 MBR read successfully
21:39:17.187 Disk 0 MBR scan
21:39:17.906 Disk 0 unknown MBR code
21:39:18.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 117239 MB offset 63
21:39:18.359 Disk 0 scanning sectors +240105600
21:39:19.718 Disk 0 scanning C:\WINDOWS\system32\drivers
21:40:28.546 Service scanning
21:41:24.078 Modules scanning
21:41:54.187 Disk 0 trace - called modules:
21:41:54.203 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:41:54.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87775ab8]
21:41:54.218 3 CLASSPNP.SYS[f782ffd7] -> nt!IofCallDriver -> \Device\00000061[0x8776c318]
21:41:54.218 5 ACPI.sys[f77a6620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8776b940]
21:41:58.171 AVAST engine scan C:\WINDOWS
21:42:49.015 AVAST engine scan C:\WINDOWS\system32
21:42:49.671 File: C:\WINDOWS\system32\6to4v32.dll **INFECTED** Win32:Agent-ANAI [Trj]
21:45:28.015 File: C:\WINDOWS\system32\teeqr50C.dll **INFECTED** Win32:MalOb-HH [Cryp]
21:47:07.484 AVAST engine scan C:\WINDOWS\system32\drivers
21:47:30.015 AVAST engine scan C:\Documents and Settings\Administrator
22:09:35.453 File: C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\1dc8303c-7b8a2718 **INFECTED** Win32:MalOb-HP [Cryp]
22:15:20.906 File: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe **INFECTED** Win32:MalOb-GN [Cryp]
22:56:44.515 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
22:56:44.562 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"
_____________________________________________________________________________________________________________________

Ill re run the other one again and post it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users