Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cant do a System Restore and outlook express is not working


  • This topic is locked This topic is locked
12 replies to this topic

#1 DirtSoldier

DirtSoldier

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 01:19 PM

Hello I am unable to do a system restore and my outlook express starts to recieve emails and then an error occurs. Please let me know how to proceed from here

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 PM

Posted 29 February 2012 - 01:39 PM

Hello,lets see what these logs show.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware

http://img233.imageshack.us/img233/7729/mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file,

    rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's

Teatimer), they may interfere or alert you. Temporarily disable such programs or permit

them to allow the changes.


  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in

    FAQ Section A: 4. Issues
    .
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating

    system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection

process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes

Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen

instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or

C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 DirtSoldier

DirtSoldier
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 02:20 PM

Ok here is the mini tool box results alos just noticed that internet explorer has also stopped working if I open it, it closes. Im using firefox now.

MiniToolBox by Farbar Version: 18-01-2012
Ran by BannersPlus (administrator) on 29-02-2012 at 12:01:32
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : PC1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : ph.cox.net



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : ph.cox.net

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-20-08-64-F2

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 68.105.28.11

68.105.29.11

68.105.28.12

Lease Obtained. . . . . . . . . . : Wednesday, February 29, 2012 11:55:07 AM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 8:14:07 PM

Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 74.125.239.6, 74.125.239.7, 74.125.239.8, 74.125.239.9
74.125.239.14, 74.125.239.0, 74.125.239.1, 74.125.239.2, 74.125.239.3
74.125.239.4, 74.125.239.5



Pinging google.com [74.125.224.196] with 32 bytes of data:



Reply from 74.125.224.196: bytes=32 time=23ms TTL=57

Reply from 74.125.224.196: bytes=32 time=23ms TTL=57



Ping statistics for 74.125.224.196:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 23ms, Average = 23ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 98.139.127.62



Pinging yahoo.com [98.139.127.62] with 32 bytes of data:



Reply from 98.139.127.62: bytes=32 time=83ms TTL=56

Reply from 98.139.127.62: bytes=32 time=140ms TTL=56



Ping statistics for 98.139.127.62:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 83ms, Maximum = 140ms, Average = 111ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 08 64 f2 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.3 192.168.0.3 20
192.168.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.3 192.168.0.3 20
224.0.0.0 240.0.0.0 192.168.0.3 192.168.0.3 20
255.255.255.255 255.255.255.255 192.168.0.3 192.168.0.3 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/29/2012 11:30:20 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/29/2012 05:11:00 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/28/2012 11:11:29 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/28/2012 11:57:44 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/28/2012 05:11:02 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 11:11:15 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 05:11:13 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 11:11:04 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 05:11:01 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (02/26/2012 11:11:14 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.


System errors:
=============
Error: (02/29/2012 11:55:25 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (02/29/2012 11:55:18 AM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service failed to start due to the following error:
%%2

Error: (02/29/2012 11:54:05 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/29/2012 11:37:04 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/29/2012 11:36:53 AM) (Source: DCOM) (User: BannersPlus)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (02/29/2012 11:36:30 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/29/2012 11:34:35 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (02/29/2012 11:34:29 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/29/2012 11:34:12 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
sbaphd
Tcpip

Error: (02/29/2012 11:34:12 AM) (Source: Service Control Manager) (User: )
Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31


Microsoft Office Sessions:
=========================
Error: (02/29/2012 11:30:20 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/29/2012 05:11:00 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/28/2012 11:11:29 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/28/2012 11:57:44 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/28/2012 05:11:02 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 11:11:15 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 05:11:13 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 11:11:04 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/27/2012 05:11:01 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (02/26/2012 11:11:14 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.


=========================== Installed Programs ============================

6200 (Version: 47.0.1.000)
6200_Help (Version: 47.0.1.000)
6200Trb (Version: 47.0.1.000)
Ad-Aware
Ad-Aware (Version: 8.2.0)
Ad-Aware SE Personal
Adobe Acrobat 6.0 Professional (Version: 006.000.000)
Adobe AIR (Version: 3.1.0.4880)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe Photoshop 7.0.1 (Version: 7.0.1)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe SVG Viewer 3.0 (Version: 3.0)
AiO_Scan (Version: 47.0.1.000)
AiOSoftware (Version: 47.0.1.000)
ATI Control Panel (Version: 6.14.10.5120)
ATI Display Driver (Version: 8.051-040825a-017900C-Dell)
Banctec Service Agreement (Version: 1.10.0000)
BufferChm (Version: 45.4.157.000)
CCleaner (Version: 3.00)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 45.4.157.000)
CP_AtenaShokunin1Config (Version: 45.4.131.000)
cp_dwShrek2Albums1 (Version: 45.4.157.000)
cp_dwShrek2Cards1 (Version: 45.4.157.000)
CreativeProjects (Version: 45.4.157.000)
CreativeProjectsTemplates (Version: 45.4.157.000)
CueTour (Version: 45.4.157.000)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Media Experience (Version: 3.00)
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell Support 5.0.0 (630)
Dell System Restore (Version: 2.00.0000)
Destinations (Version: 45.4.157.000)
Director (Version: 45.4.157.000)
DocProc (Version: 4.5.0.0)
DocumentViewer (Version: 45.4.157.000)
EPSON Scan
Fax (Version: 47.0.1.000)
FlexiSIGN-PRO 8.1v1 (Version: 1.00.0000)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.99)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (Version: 1.1.1905.1)
HP Extended Capabilities 4.7 (Version: 4.7)
HP Image Zone 4.7 (Version: 4.7)
HP LaserJet 3050/3052/3055/3390/3392 2.0 (Version: 2.0)
HP Product Assistant (Version: 2.0.0.0)
HP PSC & OfficeJet 4.7
HP Software Update (Version: 3.0.2.991)
hpp3390usg (Version: 000.105.00092)
hppFaxDrv3390 (Version: 000.105.00077)
hppFaxUtility (Version: 000.105.00094)
hppFonts (Version: 002.000.00004)
hppIOFiles (Version: 000.001.00010)
hppLJ3390 (Version: 000.105.00073)
hppManuals3390 (Version: 000.105.00096)
hppscan3390 (Version: 000.105.00067)
hppScanTo (Version: 000.105.00089)
hppSendFax (Version: 000.105.00081)
hppTooCool (Version: 000.105.00058)
hppToolBoxFX (Version: 001.002.00083)
HPSystemDiagnostics (Version: 1.6.0.0)
hpzTLBXFX (Version: 001.002.00139)
InstantShare (Version: 45.4.157.000)
Intel® 537EP V9x DF PCI Modem
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
Jasc Paint Shop Photo Album 5 (Version: 5.21)
Jasc Paint Shop Pro Studio, Dell Editon (Version: 1.01.0000)
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MarketResearch (Version: 45.4.158.000)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Windows Journal Viewer (Version: 1.5.2315.3)
Modem Event Monitor
Modem Helper (Version: 2.25)
Modem On Hold (Version: 1.12)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
MSN
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
NETGEAR Print Server Software
OE-Mail Recovery 1.7
PanoStandAlone (Version: 45.4.157.000)
PhotoGallery (Version: 45.4.157.000)
PowerDVD 5.3
ProductContext (Version: 47.0.1.000)
QFolder (Version: 1.00.0000)
QuickTime
Readme (Version: 47.0.1.000)
RealPlayer Basic
Recovery Toolbox for Outlook Express 1.1
SAi Production Suite (Version: 1.00.0000)
Scan (Version: 4.9.0.0)
ScannerCopy (Version: 4.5.0.0)
Sentinel Protection Installer 7.4.0 (Version: 7.4.0)
Sentinel System Driver
SkinsHP1 (Version: 45.4.157.000)
Sonic DLA (Version: 4.95)
Sonic RecordNow! (Version: 7.3)
Sonic Update Manager (Version: 2.9)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.0.1144)
TrayApp (Version: 45.4.157.000)
Unload (Version: 4.5.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebEx
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 45.4.157.000)
Windows Defender Signatures (Version: 1.20.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Connect
Windows Media Connect (Version: 1.0.0.0)
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Service Pack 3 (Version: 20080414.031525)
ZipForm Desktop

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 2046.07 MB
Available physical RAM: 1520.14 MB
Total Pagefile: 2663.36 MB
Available Pagefile: 2374.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.61 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:71.01 GB) (Free:41.23 GB) NTFS
5 Drive p: (Backup) (Network) (Total:37.27 GB) (Free:5.04 GB) NTFS

========================= Users: ========================================

User accounts for \\PC1

Administrator BannersPlus Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****



Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.29.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
BannersPlus :: PC1 [administrator]

2/29/2012 12:13:07 PM
mbam-log-2012-02-29 (12-13-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209254
Time elapsed: 7 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 PM

Posted 29 February 2012 - 03:30 PM

You have a lot of errors,run SFC

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 DirtSoldier

DirtSoldier
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 04:49 PM

Ok all I can find is the OS CD for windows xp media edition not the home edition which is on this computer. Will this work or do I need to keep looking? Thanks

#6 DirtSoldier

DirtSoldier
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 06:45 PM

Ok found the cd, I did the SFC scan and it never asked for the cd to fix or repair anything. So thats where were at now.....

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 PM

Posted 29 February 2012 - 07:03 PM

Hello,run this next,if it doesn't do it we can move you and get a deeper look.
reboot when done and check.

We need to repair some of windows' internal registration settings
  • Please download Dial-A-Fix from one of the following mirrors:
  • Extract the zip file to your desktop.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:
    Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.
    Posted Image
  • Exit/Close Dial-A-Fix

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 DirtSoldier

DirtSoldier
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 07:25 PM

Ok did that and it said there were alot of corupt files and I needed to contact dial a fix so an exception could be made for my application. When it started it also said it could not reconize my version of internet explorer?

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 PM

Posted 29 February 2012 - 07:43 PM

OK, now reboot and see where its at.

Edited by boopme, 29 February 2012 - 07:43 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 DirtSoldier

DirtSoldier
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 08:26 PM

No changes after reboot. Issues are still there. Please let me know where to go from here.....Thanks

#11 DirtSoldier

DirtSoldier
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:02:54 PM

Posted 29 February 2012 - 08:28 PM

Also still cant use Internet Explorer

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 PM

Posted 29 February 2012 - 08:31 PM

Ok,we have to move you and get a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.

Edited by boopme, 29 February 2012 - 08:32 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:54 PM

Posted 29 February 2012 - 09:53 PM

That looks good and I combined your posts into one.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users