Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

.NET Framework Error, please help!

Started by Skeezee , Jun 07 2008 12:25 AM

  • Please log in to reply

#1
Skeezee
Posted 07 June 2008 - 12:25 AM

Skeezee

    New Member

  • Member
  • Pip
  • 4 posts
I can't update, uninstall, repair, or run programs involiving Windows .NET Framework. I got a "virus" from an unwanted pop-up add from the website BleachPortal.net. I'm 99% sure that is where it came from and I believe it used adobe reader to force its way onto my machine. My desktop background was turned blue with a warning to install anti-virus programs. I tried a system restore to correct this issue, which seemed to work at first but ever since I've been unable to run a program I use known as APR, or ApRadar (its for a video game). I realized that APR is dependent on .NET so I tried to download the latest version, and also the current version I was running. Both failed and I received the same error message from everything I tried to run involving .NET.

"*Program Name* has encountered a problem and needs to close. We are sorry for the invonvenience."

Please help me resolve this as I can't fully enjoy my favorite game as long as this problem persists. I've run VundoFix, and I believe I have scan reports from SmitFraud and CatchMe but as of now I'm still having problems. I'm currently running kaspersky online scan and saving the information. :)


**** Called Dell Support! I was not the one who purchased this machine, nor was I aware of any warranty or service plans that it was under, but I called Dell! They took remote access of my computer and the wonderful tech support woman showed me an AWESOME tool that completely rids your computer of any .NET Framework components that may be left behind by other uninstall methods. Upon reinstalling .NET 2.0 EVERYTHING thats didn't work before WORKED! ****

The tool can be found here! http://blogs.msdn.co.../08/406671.aspx
just click where it says "this link"

I hope this will be helpful to someone else as it was helpful to me! I understand that you guys @ GeeksToGo are very very busy that is why I was so dedicated to finding some way to correct my issue even if it wasn't from you. Posting my progress on your site was extremely helpful to me mentally for sure! THANKS!

Edited by Skeezee, 07 June 2008 - 04:48 PM.

  • 0

Advertisements

#2
Skeezee
Posted 07 June 2008 - 01:51 AM

Skeezee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
This is my Hijack Log (Created after using Vundo and Malwarebytes' Anti-Malware) Problem still persists

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:42:37, on 6/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\DellSupport\DSAgnt.exe

Edited by Skeezee, 07 June 2008 - 09:22 AM.

  • 0

#3
Skeezee
Posted 07 June 2008 - 09:31 AM

Skeezee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Heres what VundoFix removed

C:\windows\system32\awtrrss.dll
C:\windows\system32\tuvsqqr.dll

********************************

(((This is From SDFix's Report)))

SDFix: Version 1.188
Run by HERSHE on Fri 06/06/2008 at 09:27 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\Temp\0b9\tmpTF.log - Deleted
C:\Temp\iee\tmpZTF.log - Deleted
C:\WINDOWS\system32\o02PrEz\o02PrEz1065.exe - Deleted
C:\WINDOWS\system32\drivers\core.cache(2).dsk - Deleted
C:\WINDOWS\system32\drivers\core.cache(3).dsk - Deleted
C:\WINDOWS\poolsv.exe - Deleted
C:\WINDOWS\system32\drivers\core.cache.dsk - Deleted
C:\WINDOWS\wr.txt - Deleted
C:\WINDOWS\system32\drivers\core.sys - Deleted



Folder C:\Temp\0b9 - Removed
Folder C:\Temp\iee - Removed
Folder C:\Temp\tn3 - Removed
Folder C:\WINDOWS\system32\o02PrEz - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-06 21:39:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1146361369\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1146361369\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0b\\waol.exe"="C:\\Program Files\\America Online 9.0b\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0c\\waol.exe"="C:\\Program Files\\America Online 9.0c\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0d\\waol.exe"="C:\\Program Files\\America Online 9.0d\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0e\\waol.exe"="C:\\Program Files\\America Online 9.0e\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0f\\waol.exe"="C:\\Program Files\\America Online 9.0f\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"E:\\AOLSETUP.EXE"="E:\\AOLSETUP.EXE:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0g\\waol.exe"="C:\\Program Files\\America Online 9.0g\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Sierra Online\\FreeStyle Street Basketball™\\FreeStyle.exe"="C:\\Program Files\\Sierra Online\\FreeStyle Street Basketball™\\FreeStyle.exe:*:Enabled:FreeStyle"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Documents and Settings\\HERSHE\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\HERSHE\\Desktop\\utorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe"="C:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe:*:Enabled:PlayOnline Viewer"
"C:\\Documents and Settings\\HERSHE\\Desktop\\wowclient-downloader.exe"="C:\\Documents and Settings\\HERSHE\\Desktop\\wowclient-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"="C:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe:*:Enabled:LaunchPad"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:RTC App Sharing"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windowsr NetMeetingr"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Sony\\Station\\LaunchPad\\_aunchPad.exe"="C:\\Program Files\\Sony\\Station\\LaunchPad\\_aunchPad.exe:*:Disabled:_aunchPad"
"C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"="C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe:*:Disabled:CrazyTalk"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"E:\\AOLSETUP.EXE"="E:\\AOLSETUP.EXE:*:Enabled:AOL"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Sun 28 May 2006 4,932 A..H. --- "C:\Temp\t4.bak"
Sun 30 Jul 2006 1,427 A..H. --- "C:\Temp\t4.bak6"
Sun 28 May 2006 6,929 A..H. --- "C:\Temp\t4.bak1"
Wed 12 Jul 2006 4,942 A..H. --- "C:\Temp\t4.bak2"
Wed 12 Jul 2006 4,935 A..H. --- "C:\Temp\t4.bak3"
Wed 12 Jul 2006 4,928 A..H. --- "C:\Temp\t4.bak4"
Wed 12 Jul 2006 4,828 A..H. --- "C:\Temp\t4.bak5"
Sun 16 Dec 2007 88 ..SHR --- "C:\WINDOWS\system32\C2BFC48BEC.sys"
Wed 9 Apr 2008 56 ..SHR --- "C:\WINDOWS\system32\EC8BC4BFC2.sys"
Wed 9 Apr 2008 4,184 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Tue 26 Jun 2007 2,104,873 ..SH. --- "C:\WINDOWS\system32\srutv.bak1"
Mon 18 Jun 2007 1,836,092 ..SH. --- "C:\WINDOWS\system32\vvvwa.bak1"
Wed 19 Dec 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 3 May 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 3 May 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Common Files\Motorola Shared\MotPCSDrivers\difxapi.dll"
Tue 6 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\fd0264849c01086f3c6b505dc02dbd44\BITD.tmp"
Sun 13 May 2007 8 A..H. --- "C:\Documents and Settings\HERSHE\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Sun 13 May 2007 8 A..H. --- "C:\Documents and Settings\HERSHE\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Mon 14 May 2007 8 A..H. --- "C:\Documents and Settings\HERSHE\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sun 20 May 2007 8 A..H. --- "C:\Documents and Settings\HERSHE\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"

Finished!
  • 0

#4
Skeezee
Posted 07 June 2008 - 03:02 PM

Skeezee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I've done further investigation and tried several more approaches to fixing this problem this morning. I've found out the error is a DW20 type error message (which no longer gives me the option to report the error to windows). I was able to remove .net framework 2.0 using Windows Install Clean Up and successfully reinstalled it & updated it, but my APR program that I'm trying to get to work still fails to cooperate. Also upon reinstalling .net framework 1.1 i'm getting an error with the Service Pack 1 "SL3C,D,E,F,etc~ has encountered a problem and needs to close". Theres something fishy going on and I'd like to say I'm making progress towards finding out what, but at the same time I still feel like my efforts are futile. Please get back to me asap, even if its just to say that you have noticed my call for help. Until then I will continue to post anything new I have done and positive and negative results. :/
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP