I have got a problem with the pc (well obviously otherwise I would not be posting on here) I am running XP SP2.
For a couple of months been having problems with a couple of games that are installed on the pc (rollercoaster tycoon and wildlife park - kept getting messages that something was corrupt and the games would not load) then a few weeks ago AVG 7 started acting up (being off when pc switched on) and then it wouldn't work, so I uninstalled it and reinstalled it (it didnt want to download and when it would fully download some of the files kept coming up as being corrupt so I had to download it from the internet to the other pc and transfer it on a cd then it went on OK)
then the monitor screen started going off - there was still power going to the monitor so I thought as it was an older CRT model that it was on its way out so it has been replaced with my Grandads CRT monitor that he used for a couple of months before replacing with a flatscreen - nothing wrong with it however the screen continued to go blank (the only way to get anything back on screen was to switch pc off with the power button, after switching back on it worked fine again for a while before going blank again so I have replaced the graphics card for one the same)
Currently no antivirus as AVG started acting up again (before I changed the graphics card) everytime I started to download any antivirus protection I would get an error message or the screen would go off so all I had was windows XP firewall, spybot and adaware) A couple of web pages wont display either. Barclays are offering free kaspersky internet security and it wont install as files are once again corrupt.
I have followed the instructions and run ATF cleaner, new system restore point, malwarebytes quick scan which brought up 'Backdoor.Bot (I ran this yesterday and it came up then too and I thought I had it sortred so slightly puzzled) here is the file from today:
Malwarebytes' Anti-Malware 1.19
Database version: 927
Windows 5.1.2600 Service Pack 2
19:51:28 06/07/2008
mbam-log-7-6-2008 (19-51-28).txt
Scan type: Quick Scan
Objects scanned: 44297
Time elapsed: 4 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Works Update Detection (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I then did superantispyware and scanned both C and D and both are fixed drives and no harmful software was detected, then I did panda active scan, here are the results:
;*******************************************************************************
********************************************************************************
*
*******************
ANALYSIS: 2008-07-06 23:00:00
PROTECTIONS: 0
MALWARE: 2
SUSPECTS: 1
;*******************************************************************************
********************************************************************************
*
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
================================================================================
=
===================
;===============================================================================
================================================================================
=
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
================================================================================
=
===================
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\a-squared Anti-Malware\Quarantine\b9fe5c584611700e5764ed4a50f4c368.a2q[WINDOWS/system32/dllcache/winlogon.exe]
03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\a-squared Anti-Malware\Quarantine\e2a5746ba1bfe899620711d54efb9afc.a2q[hp/bin/KillWind.exe]
03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\a-squared Anti-Malware\Quarantine\593bcd2cf66a729a85be129951758eae.a2q[WINDOWS/system32/winlogon.exe]
03009106 W32/Xor-encoded.A Virus No 0 Yes No C:\Program Files\a-squared Anti-Malware\Quarantine\0ec52f12ab20fe692803dfae0a9e7ea3.a2q[WINDOWS/ServicePackFiles/i386/winlogon.exe]
;===============================================================================
================================================================================
=
===================
SUSPECTS
Sent Location e
;===============================================================================
================================================================================
=
===================
No C:\hp\bin\ProcessLogger.exe e
;===============================================================================
================================================================================
=
===================
VULNERABILITIES
Id Severity Description e
;===============================================================================
================================================================================
=
===================
182048 HIGH MS07-069 e
176382 HIGH MS07-057 e
170906 HIGH MS07-045 e
170904 HIGH MS07-043 e
164913 HIGH MS07-033 e
160623 HIGH MS07-027 e
150253 HIGH MS07-016 e
;===============================================================================
================================================================================
=
===================
Here is the uninstall list:
Ad-aware 6 Personal
Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Certificate in Web Applications Development CD-ROM
Creative MediaSource
DC-300 TWAIN driver
DLA
Easy-WebPrint
FinePixViewer Ver.4.0
FUJIFILM USB Driver
Gloop!
HandyTools for Web Designer 1.2
Hemera Products
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB915865)
hp center
ImageMixer VCD for FinePix
Intel® 845G Chipset Graphics Driver Software
Internet Explorer Q903235
InterVideo WinDVD
Java 2 Runtime Environment Standard Edition v1.3.1_01
KBD
Lizardtech Express View
Malwarebytes' Anti-Malware
MGI PhotoSuite III SE (Remove Only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft AutoRoute 2002
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard - WE 2002
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money
Microsoft Money System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Picture It! Photo 2002
Microsoft Publisher 98
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Microsoft Word 2002
Microsoft Works 2002 Setup Launcher
Microsoft Works 6.0
Microsoft Works Suite Add-in for Microsoft Word
MicroStaff WINASPI NT
NETGEAR WG111v3 wireless USB 2.0 adapter
NOMAD MuVo TX
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
Paint Shop Pro 7 Anniversary Edition
Panda ActiveScan 2.0
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RAW FILE CONVERTER LE
RealPlayer
RecordNow
S3Display
S3Gamma2
S3Info2
S3Overlay
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Shockwave
ShowShifter 1.60.1739
Sonic Update Manager
Spybot - Search & Destroy 1.3
SUPERAntiSpyware Free Edition
TC30SP
TT280 software
Tux Paint 0.9.15
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Wildlife Park Gold
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
XElemental
Xtras 2
I didnt do the windows updates as it updated itself only a couple of days ago and the update was for SP1 and I wasnt too sure whether to or not.
Then I rebooted and winlogon.exe encountered problems - here are the details in the error window:
szAppName: winlogon.exe
szAppVer: 0.0.0.0.
szModName: msv1_0.dll
szModVer: 5.1.26002180
offset: 000068c4
I also had the error message 'your system has recovered from a serious error. Here are the details:
BCCode: 10000050
BCP1: FFFFDA40
BCP2: 00000000
BCP3: BF9C34E1
BCP4: 00000000
OSVer: 5_1_2600
Product: 768_1
The monitor then decided to go black (screen) and I have had to turn off and then switch it all back on again.
I have tried to go to tiscali email to get the page with the link to download kaspersky (barclays free) and IE will not show the page. I have then tried to download it from a USB flash disk (off the other pc) and when I try and install it I am getting the corrupt files messages again- Error 1335. The cabinet file 'kis7.cab' required for this installation is corrupt and cannot be used - I clicked on ignore and then got a message - internal error 2350
I have deleted the files and tried to download from the kaspersky website - I am getting 'cannot install - corrupt'messages again.
If somebody can please help me I will be grateful as I have spent far too long trying to sort this out on my own (and have a 9 year old who is desperate to get back onto the pc)
(post edited to add uninstall list because I forgot)
Edited by Dizzy blonde, 06 July 2008 - 05:28 PM.