Question

Catastrophic

Asked by: Devilleman

I've recently had a catastrophic failure. Need I say more? What in the heck is that? And what in hell have I done? All I know is my Media Center will not open pictures and videos. And completely shuts down the Media Center when I select it. In Computer Management I found a message stating "The task image is either corrupt or has been tampered with. Now my Media Player won't play any of the files.(songs,videos,pictures,playlists. you name it) And when I'm just in Windows, when I click on anything in the "favorite links" in the left pane it tells me "This search cannot be completed because there is something wrong with this search folder. Im also getting mess's like "Microsoft Management console has stopped working. Problem with snap in." And "synaptics Touchpad enhancements has stopped working" And when I'm using Firefox it'll say "Application has failed to start because it's side by side configuration is incorrect. please see appl. event log for more detail." But when I try, there are no event logs. I also have several updates that fail and will not install. (KB941569, KB941569, KB942615, KB942624, KB943078, KB938123, KB938979. Can anyone help me?

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Catastrophic failure - Help!
    I had a perfectly working Interdev project yesterday(and for several weeks), today, I get a catastrophic failure from the server. And here's something else I just don't get. I load my project and all my recordset objects are red. I drop down the connection listbox and it...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: MeretePosted on 2007-12-30 at 06:56:43ID: 20550938

Hi Devilleman,
okay you have shared the disaster and the failure symptoms  but if you coudl tell us what you did to contribut to  that would help a lot.
We underrstand that sometimes we do stuff not realizing the consequences of it.
I cant really offer any course of action till Iknow what contributed to it.
Do you have system restore?
Use system restore

Can access safemode?
Scan for viruses in safemode

I sourced this not sure if its relevent
Event ID 708  Backward Compatible Task Registration
A backward compatible task is a Task Scheduler 1.0 task that is used in the Windows XP, Windows Server 2003, and Windows 2000 operating systems. A Task Scheduler 1.0 task can be registered (scheduled) to execute any of the following application or file types: Win32 applications, Win16 applications, OS/2 applications, MS-DOS applications, batch files (*.bat), command files (*.cmd), or any properly registered file type.

http://207.46.196.114/windowsserver2008/en/library/e63fd337-6930-4625-aa5c-9009655ce4c11033.mspx?mfr=true

 

by: MeretePosted on 2007-12-30 at 07:02:12ID: 20550952

. I also have several updates that fail and will not install. (KB941569, KB941569, KB942615, KB942624, KB943078, KB938123, KB938979. Can anyone help me?<< is this windows updates  if you were installing all these updates manually  you may have damaged your system, windows updates must be carefully checked to match the dates,, if installed incorrectly will damage the OS,
Please provide the OS version
XP  home /  pro
Media Center version
 manufacture and type PC laptop/ desktop
then I'll know  which course of repair to offer.
 For now try the system restore.

 

by: TapioLPosted on 2007-12-30 at 09:49:24ID: 20551476

You can try this on also! If you have System Restore enabled do following:
1. Select Start button, point to All Programs, point to Accessories, point to System Tools, and then click System Restore. System Restore starts.
2.On the Welcome to System Restore page, click Restore my computer to an earlier time (if it is not already selected), and then click Next.
4. On the Select a Restore Point page, click the most recent system checkpoint in the On this list,(pick a day witch you know the system worked OK) click a restore point list, and then click Next. A System Restore message may appear that lists configuration changes that System Restore will make. Click OK.
5. On the Confirm Restore Point Selection page, click Next. System Restore restores the previous Windows XP configuration, and then restarts the computer.
6. Log on to the computer as Administrator. The System Restore Restoration Complete page appears.  
7. Click OK.
More in from: http://support.microsoft.com/kb/306084/en-us
After this do virusscan and defrag your harddisk. Yous syste shoud work now!

 

by: MeretePosted on 2007-12-30 at 18:25:46ID: 20553081

Thanks for details TapioL I did suggest system restore without the details :)

 

by: TapioLPosted on 2007-12-31 at 07:09:34ID: 20555214

What is your situation ,still no go? Other defrag to use is pagedefrag from Microsoft(org. Sysinternals) try to run that one also, if that would help!

 

by: DevillemanPosted on 2007-12-31 at 12:25:06ID: 20557210

I think I have a virus. Everything shut down on me last night. My real time virus monitoring was disabled. My firewall service was shut down. Couldn't even access it to turn it on. The switch between windows feature was disabled. Every item in my security had red lights. Everything was going wrong. So I went into safe mode and did the sys. restore. Did a disc cleanup and defragged. Then ran a scan. The sys. restore only went back to the 19th. But it's been acting funny since before that. Everything seems to be copasetic now. But the thing is, Mcafee never warned me.

 

by: DevillemanPosted on 2007-12-31 at 12:35:39ID: 20557242

I still cannot view pictures and videos in the media center. It keeps shutting down.

 

by: MeretePosted on 2007-12-31 at 16:12:11ID: 20557964

How experienced are you?
How many files do you wish to keep?
If you are not confident dont do this take your computer to a prefessional

If it is not malfunctioning hardware. ie the hard drive is dying, space problems on the disc.
 or the cmos battery is nearly out of power, everytime you boot windows forgets things.
replace the cmos battery if your system is more than 4 years old.

Disconnect from the internet when running scans, run them in safemode and remove any external devices.
If your virus scans come up clean in safemode. Do you have a slaved HDD on there it maybe faulty. Unpug it.
You can stop the rebooting by disabling the restart
in safemode
r/click my computer properties advanced startup and recovery
untick automatically restart
you should get a bluescreen now..
whats the error

Check the boot.ini sometimes the boot.ini is changed
r/click my computer properties advanced startup and recovery edit, be very careful what you do here.
here is my boot.ini
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 DISCONNECT from the INTERNET

if you installed xpsp2 onto xpsp1  uninstall sp2 from add remove programs.

You have basically 4 choices now,
--------------
1- slave it
 take out the hdd and slave it to another system, desktop, if you have a desktop, laptop hdd are harder to slave,
you can slave it using the ide ribbon behind the cdrom if your rom is on the slave ribbon not behind the master hdd.
 If you choose to do this ensure you power off completely on both desktops pull the power out and wait 5 minutes, if you discharge any electricity you will kill the HDD not to mention other majour damage.
Dont stand on carpet helps
once you have removed the HDD,
Move the pin to slave, there is a diagram on top of the hdd.
slaving the hdd allows you access to the drive from the other dekstop windows as it nolonger uses windows, you can run full virus scans on the hard drive from here first then save off your files.
-----------------------------
2-run a chkdsk /r from recovery<< you need the setup disc ie xpsp2 not the single xps2 upgrade.
press del when post starts, set the bios to boot from cd first boot, put the xpcd full sp2 in the rom f10 to save and exit
reboot
press any key to start setup.
At the next screen press "R" to repair using the Recovery Console.
Press the number correlated with the Windows installation you want to fix.
 Typically this will be #1.
 In the Administrator password press [ENTER] if you have not set a password for it.
At the command promt type in chkdsk /r  then wait
once it has comppleted it will return you the CMD prompt a fsalsing curser,, take out the xpcd now
type in exit pres [ENTER] windows will reboot, tap F8 then choose start my computer from last known good config that worked. [ENTER]
it will reboot into windows.
--------------------------------------------------
2-Run a repair re-install, for xp home sp2 and xp pro sp2,
NOTE: its very important that you never run a repair from recovery for XP HOMEsp2

Perform a reinstallation of Windows XP, sometimes called a repair installation?
You will need the COA key on the sticker and the xp setup disc that is installed on the computer
Configure your computer to start from the CD-ROM drive. Then insert your Windows XP Setup CD, and restart your computer.
When the Press any key to boot from CD message is displayed on your screen, press a key to start your computer from the Windows XP CD.

 Press ENTER when you see the message:
 To setup Windows XP now, and then press ENTER displayed on the Welcome to Setup screen.
 
 [[  Do not choose the option to press R to use the Recovery Console. ]]
 
In the Windows XP Licensing Agreement, press F8 to agree to the license agreement.
 Make sure that your current installation of Windows XP is selected in the box, and then press R to repair Windows XP.
 Follow the instructions on the screen to complete Setup.
NOTE:
you will not lose your persoanl you will need to run the updates.

Here is some extra help illustrating the steps look below the typing.
http://www.webtree.ca/windowsxp/repair_xp.htm
http://www.theeldergeek.com/repairing_windows_xp.htm    
-------------------------------------------------
all the best

 

by: MeretePosted on 2007-12-31 at 16:42:24ID: 20558134

Just to add the Lsass.exe  is a worm that will reboot your system
are you seeing any messages
your windows is shutting in down in 60 secs?
Mcfee instructions included
http://vil.nai.com/vil/content/v_125007.htm

Stinger is a stand-alone utility used to detect and remove specific viruses when AC is disabled
stinger
http://vil.nai.com/vil/stinger/

 

by: rpggamergirlPosted on 2007-12-31 at 19:43:49ID: 20558647

Now that you rolled back to the 19th, can you run programs?

Can you run Hijackthis and show us the log please?
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
http://danborg.org/spy/hjt/alternativ.exe
Open Hijackthis, click "Do a system scan and save a logfile" please don't fix anything yet.


Also run Kaspersky's online scanner, it will not remove anything it finds but it should give us info if we're dealing with a file infector or not.
Using Internet Explorer, run Kaspersky Online Scanner
http://www.kaspersky.com/virusscanner
   
* Click 'Accept' in the window that pops up.
* You will be prompted to install an ActiveX component from Kaspersky, Click on the information bar and select Install ActiveX Control if so. This may happen more than once. That is OK. You also may get a warning from your Windows Firewall. You can tell it to unblock.
* The program will launch and then start to download the latest definition files.
* Once the scanner is installed and the definitions downloaded, click 'Next'.
* Now click on 'Scan Settings'
* In the scan settings make sure that the following are selected:
          o Scan using the following Anti-Virus database: 'Extended' (If available, otherwise 'Standard')
          o Scan Options: 'Scan Archives' and 'Scan Mail Bases'
* Click 'OK'
* Now under 'Select a target to scan' select 'My Computer'
* The scan will take a while, so be patient and let it run. Once the scan is complete, it will display whether your system has been infected.
* Now click on the 'Save Report As...' button:
* Make sure it says Save as a text file - change it if not
* Save the file to your desktop.

 

by: DevillemanPosted on 2008-01-02 at 22:28:28ID: 20571038

rpggamergirl thank you for being so thorough. I will try this now.

 

by: DevillemanPosted on 2008-01-02 at 22:45:47ID: 20571074

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:15 PM, on 1/2/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GRIMLOK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CI8NZT11\zunesetuppkg-x86[1].exe
j:\6be9d412be161e01509a414f\ZuneSetup.exe
C:\Users\GRIMLOK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QIN4M12T\HiJackThis[1].exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6821
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6821
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT6821
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {283A0EE3-2CC1-45AB-8207-B1D7B69C7F83} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CoolIrisIEHelperObject.CoolIrisIEBHO - {AD0BAB4B-212D-45D7-9E5B-CB1579132715} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] "C:\Program Files\McAfee\MSHR\ShrCL.EXE" /P7 /q C:\Users\GRIMLOK\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\CI8NZT11\STINGE~1.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] "C:\Program Files\McAfee\MSHR\ShrCL.EXE" /P7 /q C:\Users\GRIMLOK\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\CI8NZT11\STINGE~1.SH! (User 'Default user')
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - (no file)
O9 - Extra 'Tools' menuitem: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - (no file)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: wmpenv - {EE8ED5AF-15F2-4F72-BD21-DF6997F7FCD7} - (no file)
O21 - SSODL: wmpconf - {411A02BF-47DF-4C38-95A9-436B79881C12} - (no file)
O23 - Service: McAfee Application Installer Cleanup (0095751199259546) (0095751199259546mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\009575~1.EXE
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 9061 bytes

 

by: MeretePosted on 2008-01-02 at 23:39:03ID: 20571215

Hi Devilleman
results doesnt show any real  problems your analysed log
http://www.hijackthis.de/logfiles/1137fd4ba2efd3f0a446e07886320714.html

a few miscelainous not needed.

[?] - j:\6be9d412be161e01509a414f\ZuneSetup.exe
[N] - O2 - BHO: MSVPS System - {283A0EE3-2CC1-45AB-8207-B1D7B69C7F83} - (no file)
[N] - O9 - Extra button: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - (no file)
[N] - O9 - Extra 'Tools' menuitem: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - (no file)
[?] - O21 - SSODL: wmpenv - {EE8ED5AF-15F2-4F72-BD21-DF6997F7FCD7} - (no file)
[?] - O21 - SSODL: wmpconf - {411A02BF-47DF-4C38-95A9-436B79881C12} - (no file)
[?] - O23 - Service: McAfee Application Installer Cleanup (0095751199259546) (0095751199259546mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\009575~1.EXE

I believe your problem is not malware but an OS problem, please answer any questions already asked about what you did recently.
I gave you a comprehensive list of things to peform so far you have not responded to any these.

I still cannot view pictures and videos in the media center. It keeps shutting down. << maybe a video card problem.


 

by: rpggamergirlPosted on 2008-01-03 at 00:42:02ID: 20571393

You did have a malware infection there at some point, those dead "no file" entries in 02 and 021 lines are a leftover SDBot and Smitfraud entries.
Those entries shouldn't be causing any problems now.

What other things have you tried doing to fix the problem, scanners etc?

 

by: DevillemanPosted on 2008-01-03 at 03:30:53ID: 20571982

i tried the stinger but i don't understand it. All it told me was number of good files. And thats it. With no options to do anything. And of couse my own Mcafee.

 

by: MeretePosted on 2008-01-03 at 06:34:35ID: 20573065

fair eough its a funny tool but is quite simple, you install stinger first then download the latest patch so it uses that when running the scans, if it finds anything it will tell you if not it says nothing.
So I do believe there is no malware threats left on your system but often times after it is cleaned out some programs may not run the same.
I would recomend that you have a professioanl look at your computer  to save off your files and then repair the OS.
Repairing xp is not for the inexperienced when you have a lot you can lose.
You can slave your hdd and save off your files save the emails store folder etc.
This is what I recomend as I feel we have covered the best so far any further puts your system at risk.
All the best
Merete

 

by: TapioLPosted on 2008-01-03 at 09:04:38ID: 20574398

Here´s one thing to try! Unistall Mcafee, and if you have ATI display adapter unistall it´s driver also!
After reboot reinstall ATI drivers manualy. Does the system work now?  

 

by: DevillemanPosted on 2008-01-07 at 16:07:25ID: 20604570

thank you one and all.

 

by: MeretePosted on 2008-01-07 at 22:56:35ID: 20606501

:) your welcome

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...