Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows classic theme, no sound


  • This topic is locked This topic is locked
3 replies to this topic

#1 soultea

soultea

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 15 March 2011 - 04:56 PM

-Windows randomly switches between 'classic' theme and XP theme
-No sound
-I occasionally receive this pop-up message upon start-up:

regedit.exe
The application failed to initialize properly (0xc0000005). Click on OK to terminate the application.


I followed your posting instructions, I tried to run dds.scr and I received the following pop-up message:

find.exe
The application failed to initialize properly (0xc0000005). Click on OK to terminate the application.

I then rebooted in safe mode and attempted to run dds.scr again, and it was successful:

.
DDS (Ver_11-03-05.01) - NTFSx86 MINIMAL
Run by Aee at 19:52:38.92 on 15/03/2011
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1014.815 [GMT 0:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Aee\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
mRun: [Look 'n' Stop] "c:\program files\soft4ever\looknstop\looknstop.exe" -auto
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tabuse~1.lnk - c:\windows\system32\wtablet\TabUserW.exe
uPolicies-explorer: NoSMHelp = 1 (0x1)
uPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
LSP: c:\windows\system32\imon.dll
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\aee\applic~1\mozilla\firefox\profiles\wangb4ia.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
============= SERVICES / DRIVERS ===============
.
S1 lnsfw1;lnsfw1;c:\windows\system32\drivers\lnsfw1.sys [2008-9-27 77184]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-9-28 15424]
S2 ASTSRV;Nalpeiron Licensing Service;c:\windows\system32\ASTSRV.EXE [2010-5-9 57344]
S2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2008-9-28 549256]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-9-27 808448]
.
=============== Created Last 30 ================
.
2011-03-15 15:09:26 29440 ----a-w- c:\windows\system32\uxtuneup.dll
2011-03-15 15:09:24 306432 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2011-03-09 19:07:25 -------- d-----w- c:\windows\system32\xircom
2011-03-09 19:07:25 -------- d-----w- c:\windows\system32\wbem\snmp
2011-03-09 19:07:25 -------- d-----w- c:\windows\system32\oobe
2011-03-09 19:07:25 -------- d-----w- c:\windows\system32\npp
2011-03-09 19:07:25 -------- d-----w- c:\windows\srchasst
2011-03-09 19:07:25 -------- d-----w- c:\windows\help
2011-03-09 19:07:25 -------- d-----w- c:\program files\msn gaming zone
2011-03-09 19:07:25 -------- d-----w- c:\program files\common files\speechengines
2011-03-09 16:45:59 -------- d-sha-r- C:\cmdcons
2011-03-09 16:41:27 89088 ----a-w- c:\windows\MBR.exe
2011-03-09 16:41:26 98816 ----a-w- c:\windows\sed.exe
2011-03-09 16:41:26 256512 ----a-w- c:\windows\PEV.exe
2011-03-09 16:41:26 161792 ----a-w- c:\windows\SWREG.exe
2011-03-09 16:07:23 -------- d-----w- c:\windows\system32\dllcache
2011-03-03 15:52:25 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-03-03 15:52:25 -------- d-----w- c:\windows\system32\wbem\Repository
2011-03-03 15:49:49 -------- d-----w- c:\docume~1\aee\locals~1\applic~1\Temp
2011-03-03 15:49:49 -------- d-----w- c:\docume~1\aee\locals~1\applic~1\ConduitEngine
2011-03-03 15:49:49 -------- d-----w- c:\docume~1\aee\locals~1\applic~1\Conduit
2011-02-28 16:46:18 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2011-02-28 16:46:16 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
.
==================== Find3M ====================
.
2011-01-25 07:24:09 2560 ----a-w- c:\windows\_MSRSTRT.EXE
.
============= FINISH: 19:53:26.25 ===============



I successfully ran GMER without any problems.
Any help sincerely appreciated!

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:20 PM

Posted 20 March 2011 - 05:21 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 soultea

soultea
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 21 March 2011 - 03:26 PM

Hi m0le, thank-you for the reply but I have now fixed the problem (some windows files were missing, ended up reinstalling windows again and it works perfectly now) so feel free to close this thread :)

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:20 PM

Posted 21 March 2011 - 05:02 PM

Thanks for letting me know :thumbup2:

-----------------------------------------------

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users