Big Trouble, Red Alert Here!

I am posting this, I found it in my temp file here have a look:; OPK: EN_US
; Date: Tue Jul 22 2003 18:25:40 PST
; Type: Customer Build
; Build ID: 34NAheBLU2
; Build ID: 34NAheBLU2
; Created by: Shirley C So
; Created by: ZZZ
; Date: Sat Aug 23 05:27:57 2003
BlocksXP\34\Application\DVD_CD_MEDIA\RecordNow\Veritas_RecordNow_6_0_ALL_EN_6111-01
BlocksXP\34\Application\DVD_CD_MEDIA\WinDVD\InterVideo_WinDVD_4_0_11_389_ALL_WW_5770-03
BlocksXP\34\Application\ENTERTAINMENT\MS_Plus_DME_BLU_EN_5777-01
BlocksXP\34\Application\ENTERTAINMENT\Musicmatch\MusicMatchJukebox_7_50_1070a_BLU_EN_6134-01
BlocksXP\34\Application\ENTERTAINMENT\RealOneVideoPlayer\Real_Player_6_0_11_853_ALL_EN_6126-01
BlocksXP\34\Application\ENTERTAINMENT\WildTangent\WildTangent_HPCMPQ0307_ALL_WW_6172-02
BlocksXP\34\Application\Imaging\showbiz\ArcSoft_ShowBiz_2_0_0_99_ALL_WW_6189-02
BlocksXP\34\Application\Productivity\ADOBEReader\Adobe_Reader_6_0_ALL_EN_6107-01
BlocksXP\34\Application\Reference\Encarta\Encarta_Online_Deluxe_BLU_EN_US_2359-08
BlocksXP\34\Application\Security\NORTONANTIVIRUS\NortonAV_Virus_Defs_ALL_WW_0000-01
BlocksXP\34\Application\Security\NORTONFIREWALL\NortonPF2003_6_0_2_ALL_EN_5300-09
BlocksXP\34\BuildTools\51speakers\FiveOneSpeakers_ALL_WW_0000-06
BlocksXP\34\BuildTools\Beginbuild\OPK_beginbuild_WW_XP_0000-01
BlocksXP\34\BuildTools\ChangeVirtualMemory\ChangeVirtualMemory_ALL_WW_0000-02
BlocksXP\34\BuildTools\DMA\DMAOn_WW_XP_0000-07
BlocksXP\34\BuildTools\EndBuild\HP_EndBuild_ALL_WW_0000-13
BlocksXP\34\BuildTools\Factoryreboot\OPK_FactoryReboot_WW_0000-01
BlocksXP\34\BuildTools\HPSysinfo\HPSysInfo_ALL_WW_5951-02
BlocksXP\34\BuildTools\Keyboardupdateduringcmdline\Keyboard_update_ALL_WW_0000-01
BlocksXP\34\BuildTools\Latte\Latte_ALL_WW_0000-10
BlocksXP\34\BuildTools\Messagebeforeshutdownanddetect\before_shutdown_detect_and_remove_ALL_WW_0000-03
BlocksXP\34\BuildTools\Motherboardname\Fall03_All_boards_ALL_WW_0000-02
BlocksXP\34\BuildTools\PartitionSize\PartLog_ALL_WW_0000-03
BlocksXP\34\BuildTools\PrepBlock\OPK_HP_Build_PrepBlock_ALL_WW_0000-08
BlocksXP\34\BuildTools\SetRES_Icon_Desktop\SetRES_Icon_Desktop_ALL_WW_0000-02
BlocksXP\34\BuildTools\ShutdownandBackup1\ShutDown_and_Backup_ALL_WW_0000-01
BlocksXP\34\BuildTools\ShutdownandBackup1\ShutDown_and_Backup_ALL_WW_0000-01
BlocksXP\34\BuildTools\ShutdownanddetectandRemove\ShutDown_and_Detect_and_Remove_ALL_WW_0000-02
BlocksXP\34\BuildTools\sysprep\Sysprep_Close_ALL_WW_0000-01
BlocksXP\34\BuildTools\sysprep\Sysprep_Open_ALL_WW_0000-01
BlocksXP\34\BuildTools\Sysprepinfrestore\OPK_syspreprestore_ALL_WW_XP_0000-01
BlocksXP\34\BuildTools\Sysprepinfrestore\OPK_syspreprestore_ALL_WW_XP_0000-01
BlocksXP\34\BuildTools\Sysprepinfrestore\OPK_syspreprestore_ALL_WW_XP_0000-01
BlocksXP\34\BuildTools\Windex\Windex_All_WW_0000-04
BlocksXP\34\BuildTools\Windex\Windex_Cleanup_All_WW_0000-01
BlocksXP\34\CUE\CAMERA\PScamera_ALL_WW_XP_6188-01
BlocksXP\34\CUE\Deskjet\DJPreload_ALL_WW_6113-01
BlocksXP\34\CUE\PhotoSmart\PSptrPreloadAmericasEuroA_ALL_WW_XP_6184-01
BlocksXP\34\Driver\7_1\7_in_1_CardReader_6_04_ALL_WW_6181-02
BlocksXP\34\Driver\Audio\AUDIGY_SBLIVE\Creative_285RC6_1_2_ALL_WW_XP_5615-06
BlocksXP\34\Driver\Audio\AUDIGYII\Creative_Audigy_II_512326RC1_ALL_WW_6128-03
BlocksXP\34\Driver\Audio\Realtek\Realtek_5_10_00_5230_ALL_WW_XP_6152-01
BlocksXP\34\Driver\Chipset\nVidiaMemoryController\nForce_Memory_Controller_03_03_08_ALL_WW_XP_5921-03
BlocksXP\34\Driver\Chipset\nVidiaSMBUS\nForceSMBus_3_3_8_ALL_WW_XP_5920-03
BlocksXP\34\Driver\Chipset\Via\VIA_INF_5_01_00_0180_ALL_WW_XP_5918-01
BlocksXP\34\Driver\GART\nVidia\nForce_Agp_Gart_04_12_1_0334_ALL_WW_XP_5919-01
BlocksXP\34\Driver\GART\SiS\SiS_Agp_Gart_7_2_0_1160_ALL_WW_XP_5916-02
BlocksXP\34\Driver\Keyboard\Kbupdate_1_0_2_1_627_ALL_WW_6138-01
BlocksXP\34\Driver\modem\Agere\Cheetah3_Modem_V92_8_28_ALL_WW_XP_5857-03
BlocksXP\34\Driver\Monitor\Monitor_INF_ALL_WW_XP_5989-03
BlocksXP\34\Driver\NIC\nVidia\nForce_LAN_03_03_09_ALL_WW_XP_5913-02
BlocksXP\34\Driver\NIC\Realtek\Realtek_LAN_5_505_1004_ALL_WW_XP_5846-01
BlocksXP\34\Driver\NIC\Sis\SiS_LAN_1_16_0_6_ALL_WW_XP_5893-01
BlocksXP\34\Driver\NIC\VIA\VIA_LAN_3_15_0_0351_ALL_WW_XP_5854-01
BlocksXP\34\Driver\TestSignatures\Driver_Tweak_Thingy_ALL_WW_0000-04
BlocksXP\34\Driver\video\ATI\Remote_ATI_7_9_15_0_ALL_WW_XP_5879-01
BlocksXP\34\Driver\video\ATI\Video_ATI_7_88_0_0_ALL_WW_XP_6041-01
BlocksXP\34\Driver\video\Intel\865_Video_6_13_10_3510_ALL_WW_XP_5905-01
BlocksXP\34\Driver\video\nVidia\Video_nVidia_44_03_ALL_WW_XP_6011-04
BlocksXP\34\Driver\video\SiS\SiS_Video_06_14_10_2170_ALL_WW_XP_5917-01
BlocksXP\34\Driver\video\VIA_S3\VIA_ProSavageDDR_6_14_10_12_ALL_WW_XP_5967-01
BlocksXP\34\Driver\video\VIA_S3\VIA_UniChrome_Video_6_14_10_0035_ALL_WW_XP_6061-02
BlocksXP\34\HP\Backweb\Bacweb_630_ALL_WW_XP_6143-01
BlocksXP\34\HP\eHelp\eHelp_2_7_0_B_HOM_BLU_EN_US_5924-01
BlocksXP\34\HP\eHelp\JSharp\JSharp_Block_1_0_ALL_WW_6220-02
BlocksXP\34\HP\Kahuna\CLEANUP_hpcmerr_ALL_WW_XP_6192-01
BlocksXP\34\HP\Kahuna\HPImageZone_ALL_WW_XP_6193-02
BlocksXP\34\HP\Kahuna\HPImageZone_reset_date_ALL_WW_0000-01
BlocksXP\34\HP\Organize\HP_Organize_HOM_BLU_EN_US_XP_1_6090-01
BlocksXP\34\HP\PCDoctor\PC_Doctor_1_05_008_ALL_WW_5923-01
BlocksXP\34\HP\Recovery\RecoverySoftwareSuite\RecoverySWSuite_ALL_WW_6158-01
BlocksXP\34\HP\Recovery\RecoveryToolsCD\RecoveryToolsCD_ALL_WW_5955-03
BlocksXP\34\HP\SCG\SCG_BLU_WW_5114-06
BlocksXP\34\HP\Supercomponent\hpwarecore_ALL_WW_6155-01
BlocksXP\34\HP\Supercomponent\IAccess_Patch_ALL_WW_6171-01
BlocksXP\34\HP\SupportInfo\support_info_All_WW_6173-01
BlocksXP\34\HP\Vendorlink\HPWARE_VENDOR_LINK_3_4_2_BLU_WW_6154-01
BlocksXP\34\HP\video_music_toolkit\HPToolkit_ALL_WW_XP_1_6080-01
BlocksXP\34\HP\video_music_toolkit\PhotoWorks_ALL_EN_XP_1_6182-01
BlocksXP\34\InternetShortcut\HTMLpage\HardwareSplash_ALL_EN_6115-01
BlocksXP\34\InternetShortcut\HTMLpage\HotDeals_HTMLPage_All_EN_6116-01
BlocksXP\34\InternetShortcut\HTMLpage\HPMusicStore_BLU_WW_5851-01
BlocksXP\34\InternetShortcut\HTMLpage\MusicGamesSplash_ALL_EN_6177-01
BlocksXP\34\InternetShortcut\HTMLpage\SecuritySplash_ProtectMyPC_ALL_EN_6118-01
BlocksXP\34\Online2003Fall\EN_CA\AOL80canada_ALL_EN_CA_6121-01
BlocksXP\34\Online2003Fall\EN_US\AOL80PLUSus_ALL_EN_US_6122-01
BlocksXP\34\Online2003Fall\EN_US\CS_BLU_EN_US_5937-01
BlocksXP\34\Online2003Fall\EN_US\DigiTerra_BLU_EN_US_5768-01
BlocksXP\34\Online2003Fall\EN_US\EL_BLU_EN_US_5941-01
BlocksXP\34\Online2003Fall\EN_US\IEFavs_BLU_EN_US_5890-01
BlocksXP\34\Online2003Fall\EN_US\IEStartSearch_BLU_EN_US_5894-01
BlocksXP\34\Online2003Fall\EN_US\MFUREG_BLU_EN_US_6018-01
BlocksXP\34\Online2003Fall\EN_US\MSN80_BLU_EN_US_5940-01
BlocksXP\34\Online2003Fall\EN_US\MSNIconDropper_ALL_EN_US_5898-01
BlocksXP\34\Online2003Fall\EN_US\NAContent_BLU_EN_US_5887-01
BlocksXP\34\Online2003Fall\EN_US\YAHOO_BLU_EN_US_6208-01
BlocksXP\34\Online2003Fall\WW\AolCompanionPatch_ALL_WW_6092-01
BlocksXP\34\Online2003Fall\WW\cycleId_BLU_WW_5896-01
BlocksXP\34\Online2003Fall\WW\EasyInternetSignupFrontEnd_ALL_WW_6148-01
BlocksXP\34\Online2003Fall\WW\EISDtIconDropper_ALL_WW_5889-01
BlocksXP\34\Online2003Fall\WW\WISISPSignup_ALL_WW_5877-01
BlocksXP\34\OS\DIRECTX\WinOPK_DirectX_9_0_A_ALL_WW_SP1_5847-02
BlocksXP\34\OS\DotNetFramework\Windows_Dot_Net_Framework_ALL_EN_6153-01
BlocksXP\34\OS\HomeNetwork\Home_Network_config_ALL_EN_6079-01
BlocksXP\34\OS\HomeNetwork\Home_Network_offer_ALL_EN_5880-01
BlocksXP\34\OS\HomeNetwork\Home_Network_tutorial_ALL_EN_5881-01
BlocksXP\34\OS\Macromedia\SW_PLUGIN_FLASH_ALL_WW_5906-01
BlocksXP\34\OS\MediaPlayer9\WinOPK_MediaPlyr_v9_ALL_EN_5761-02
BlocksXP\34\OS\MessengerService\MessengerService_Manual_ALL_WW_0000-01
BlocksXP\34\OS\Moviemaker2\WinOPK_MovieMkr_ALL_EN_5761-02
BlocksXP\34\OS\PATCH\Patch_USB\Patch_USB_S3_ALL_WW_0000-01
BlocksXP\34\OS\PATCH\VIA686B\Patch_Via_686B_ALL_WW_0000-01
BlocksXP\34\OS\QFE\QFE329112\QFE_329112_DVD_4GBplus_ALL_WW_6175-02
BlocksXP\34\OS\QFE\QFE329256\QFE_329256_Enum_1394_ALL_WW_5244-03
BlocksXP\34\OS\QFE\QFE329909\QFE_329909_Storage_1394_ALL_WW_5241-04
BlocksXP\34\OS\QFE\QFE811789\QFE_811789_1394_Camera_Fix_ALL_WW_5553-03
BlocksXP\34\OS\supportfolder\SUPPORT_ALL_EN_SP1_00001302_A-01
BlocksXP\34\Productivity\CorelWP\Corel_WP_Office_11_try_ALL_EN_WW_5829-04
BlocksXP\34\SUPPORT\HP_Odometer\HP_Odometer_1_7_ALL_WW_1246-01
BlocksXP\BUDD\hpware_dtsshortcut_move_ALL_WW_0000-01
BlocksXP\BUDD\summer_2002_patch\help_and_support_ww_XP_00000000-01
BlocksXP\BUDD\summer_2002_patch\HP_OOBEpatch_HOOK_WW_XP_00000000-02
BlocksXP\BUDD\summer_2002_patch\Install_Fax_04_17_02_ALL_WW_00000000_A-02
blocksXP\BUDD\summer_2002_patch\Install_Fax_Service_WW_XP_SRZ020430000883-01
BlocksXP\Build\ActiveWallpaper\ActiveWallpaper_WW_0000-01
BlocksXP\Build\CheckConfig\CheckConfig_Sum_03_ALL_WW_0000-04
BlocksXP\Build\FullScreen\FullScreen_Summer2003_ALL_WW_0000-17
BlocksXP\Build\misc\AppSwitch0ff_ALL_WW_00000000_A-03
BlocksXP\Build\misc\AppSwitch0ff_ALL_WW_00000000_A-03
BlocksXP\Build\misc\AppSwitch0n_ALL_WW_00000000_A-03
BlocksXP\Build\misc\AppSwitch0n_ALL_WW_00000000_A-03
BlocksXP\Build\misc\BrandWarning_ALL_WW_XP_00000000_A-02
BlocksXP\Build\misc\FeatureBitWarning_ALL_WW_XP_00000000_A-01
BlocksXP\Build\misc\ForceNewTemplate_1_ALL_WW_0000-01
BlocksXP\Build\misc\HPBI_TimeOut_30_minutes_ALL_WW_0000-01
BlocksXP\Build\patch_sp1_upgrade\WinXP_SP1_Upgrade_Patch_ALL_WW_00000000_A-01
BlocksXP\Build\patchMSN\patchMSN_ALL_WW_0000-05
BlocksXP\Build\PowerMGT\Hibernate_WW_XP_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RebootNContinue\RebootNContinue_all_WW_0000-01
BlocksXP\Build\RecoveryConsole\RecoveryConsole_ALL_WW_0000-02
BlocksXP\Build\Scandta\Scandta_ww_XP_0000-07
BlocksXP\Build\sysprep\backup_run_sysprep_ALL_WW_XP_0000-03
BlocksXP\Drivers\Misc\remove_unknown_device_WW_XP_00000000_A-01
BlocksXP\Drivers\PwrMgt\Nic_PwrMgt_WW_XP_0000-02
BlocksXP\Drivers\USBPwrMGMT\USBPwrMGMT_WW_XP_0000-03
BlocksXP\Drivers2003\Misc\865_chipset\865_chipset_5_0_1008_ALL_WW_XP_5409-01
BlocksXP\Drivers2003\Misc\VIA_chipset\VIA_AGP_GART_5_01_00_3441_ALL_WW_XP_5330-01
BlocksXP\Drivers2003\NIC\MS_Broadband_NetWorking_1_00_229_ALL_EN_US_5384-01
BlocksXP\Drivers2003\Video\845\Trayicon_ALL_WW_00000000_A-01
BlocksXP\Entertainment\DettoMigrationKit\SUMMER03\Detto_IntelliMover_Demo_ALL_EN_5361-01
BlocksXP\Entertainment\Emusic\SUMMER03\Emusic_ALL_EN_5257-02
BlocksXP\Microsoft2\Indeo_Codec_QFE327979_ALL_WW_SP1_5124-02
BlocksXP\Microsoft2\OCA_MRK_ALL_WW_XP_00001419_A-01
BlocksXP\Microsoft2\QFE_331958_128GB_ALL_SP2_WW_0000-05
BlocksXP\Microsoft2\QFE_810243_Record_Show_ALL_WW_5328-01
BlocksXP\Online2003Summer\OnlineBackup\OnlineBackup_ALL_EN_5494-01
BlocksXP\Online2003Summer\WW\MyHPClub\MyHPClub_ALL_EN_5465-01
BlocksXP\Online2003Summer\WW\SpamSubtractDiskHP\SpamSubtractDiskHP_1_0_0_66_ALL_EN_5772-01
BlocksXP\Productivity\Money\Money_2003_Sum_03_ALL_EN_US_00001517_A-04
BlocksXP\Productivity\Quicken\Quicken_NUE_2003_Summer_ALL_EN_US_00001292_B-01
BlocksXP\Productivity\Works\MS_Works_7_0_SUM_03_ALL_EN_US_00001485_A-07
BlocksXP\Support\MenuShowDelay\Menu_Show_Delay_ALL_WW_XP_0000-01
BlocksXP\Support\NortonAntivirus\NortonAV2003_9_0_5_ALL_EN_1_5102-01
BlocksXP\Support\Softex_OmniPass\Softex_Omnipass_2_0_41_ALL_EN_5364-01
BlocksXP\Support\VALUEADD\VALUEADD_ALL_EN_SP1_00001302_A-01
BlocksXP\Support\VolumeIcon\Volume_Icon_WW_XP_00000000_A-03

I had to do a Recovery last night and as soon as I got back up I got hit with "Sasser" big time, from then till now my PC act's like it's having convulsions, crawls, when I got on to window's update there were 20 Critical patches waiting for me and 15 for Xp, I started to download them all and lost connection, when I tried to use Sygate it wouldn't open, Spybot and Ad-aware did nothing, so look closely at this, I don't know what it means, but I can't do anything, I 'm lucky I have been able to type this out so far.

I hope it post's, please let me know what you think and give me some remedy as this PC act's like it's going to keel over at a moment's notice. I couldn't even get the update's from Microshaft, another thing, it's has compromised every anti anything I HAVE. Email me soon, desperate, phew, I've been at it since last night.

Hardryve, help!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Would appreciate very much if someone could identify this it is tearing my PC to deathContinues to take over while online anywhere.

 

Hi Hardryve,

I am not sure what you have posted is all about, but it doesn't look good.

If you can try and do the following, maybe we can get a start on how to help you.

If Sygate is being disabled, then I would suggest that you enable XP's firewall for now to give you some protection. Select Start, right-click My Network Places, and choose Properties. Right-click the connection you want to protect, and choose Properties. Click the Advanced tab, and place a check in the box for Internet Connection Firewall. Click OK to turn it on.

Then try and do a full system scan at one of these free on-line virus scanners:
Panda On-Line Scanner
Trendmicro Housecall

Next, make sure you have all files and folders visible. Open Windows Explorer and go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and untick "hide extensions for known file types" . Click "Apply to all folders", then click "Apply", then "OK".

Then after the on-line scans have removed/deleted anything they found infected, try and download Hijackthis from this link: https://www.wilderssecurity.com/showthread.php?t=12516
Right-click on the Hijackthis.exe and save it to your hard drive:

Create a permanent folder for it on your C drive and place Hijackthis.exe into it (do not put it on your desktop or in a temp folder.)

***
Then disconnect from the internet and boot your computer into safe mode by tapping the F8 key just before Windows begins to load and empty your temp folder.

Navigate to C:\Documents and Settings\username\Local Settings\Temp\ and select all files in the temp folder and delete them. Clear IE's cache too by going to it's Tools -->Internet Options --> click the Delete Files button and mark the popup to also delete offline content.

While still off-line, open Hijackthis and run it by clicking on the Scan button. When the scan has finished, the "Scan" button will then change to a Save Log button. Press the "Save Log" button and save it as a .txt file to a location you can easily find it.

Please do NOT fix anything in Hijackthis by yourself. Most of what it lists will be harmless and even essential.

(If Hijackthis will not run, then try running it with your computer in Safe Mode.)

If you were able to download and run Hijackthis successfully, please copy & paste the entire contents of the saved log here in your next reply.

Regards,

snap