Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Seem to have Malware/Viruses. Help!


  • Please log in to reply
52 replies to this topic

#16 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 01:29 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 01:26 on 26/05/2012 by Michael
Administrator - Elevation successful

========== folderfind ==========

Searching for "{907f608c-6a94-736b-86c1-2a2e04274b7d}"
No folders found.

-= EOF =-


I am hoping this means the nasty things are gone?

BC AdBot (Login to Remove)

 


#17 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:41 PM

Posted 26 May 2012 - 02:05 AM

yes :thumbup2:

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Let me know current issues you face?

#18 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 02:09 AM

MiniToolBox by Farbar Version: 14-01-2012
Ran by Michael (administrator) on 26-05-2012 at 02:08:36
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.socks_version", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================


WARNING: Could not obtain host information from machine: [YUME]. Some commands may not be available.
The specified module could not be found.



# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Yume

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.



Ethernet adapter Wireless Network Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Belkin Wireless G Desktop Card #2

Physical Address. . . . . . . . . : 00-17-3F-2D-20-D7



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : hsd1.il.comcast.net.

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2

Physical Address. . . . . . . . . : 00-21-9B-28-00-50

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

75.75.75.75

75.75.76.76

Lease Obtained. . . . . . . . . . : Saturday, May 26, 2012 1:20:03 AM

Lease Expires . . . . . . . . . . : Sunday, May 27, 2012 1:20:03 AM

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.225.97, 74.125.225.110, 74.125.225.103, 74.125.225.98
74.125.225.100, 74.125.225.105, 74.125.225.104, 74.125.225.96, 74.125.225.99
74.125.225.101, 74.125.225.102



Pinging google.com [74.125.225.97] with 32 bytes of data:



Reply from 74.125.225.97: bytes=32 time=15ms TTL=55

Reply from 74.125.225.97: bytes=32 time=12ms TTL=55



Ping statistics for 74.125.225.97:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 12ms, Maximum = 15ms, Average = 13ms

Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=41ms TTL=50

Reply from 209.191.122.70: bytes=32 time=43ms TTL=50



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 41ms, Maximum = 43ms, Average = 42ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 17 3f 2d 20 d7 ...... Belkin Wireless G Desktop Card #2 - Packet Scheduler Miniport
0x3 ...00 21 9b 28 00 50 ...... Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 10
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 10
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 10
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/26/2012 01:22:36 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 03:03:01 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 pcdrcui.exe, P2 6.0.5907.39, P3 4f847f62, P4 mscorlib, P5 2.0.0.0, P6 4ef6c16f, P7 f4f, P8 7, P9 clr20r30, P10 clr20r31.

Error: (05/25/2012 00:08:01 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 03:23:05 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 02:04:07 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:57:36 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:53:33 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:46:03 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:40:50 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 00:10:23 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.


System errors:
=============
Error: (05/25/2012 03:19:12 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 02:04:05 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 02:02:03 AM) (Source: 0) (User: )
Description:

Error: (05/25/2012 02:00:52 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 02:00:51 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 01:58:50 AM) (Source: 0) (User: )
Description:

Error: (05/24/2012 10:50:04 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/24/2012 10:49:48 PM) (Source: DCOM) (User: Michael)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (05/24/2012 10:49:47 PM) (Source: DCOM) (User: Michael)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (05/24/2012 10:49:40 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (05/26/2012 01:22:36 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 03:03:01 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3pcdrcui.exe6.0.5907.394f847f62mscorlib2.0.0.04ef6c16ff4f7n3ctrye2kn3c34sgl4zqyrbfte4m13nbNIL

Error: (05/25/2012 00:08:01 PM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 03:23:05 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 02:04:07 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:57:36 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:53:33 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:46:03 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:40:50 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 00:10:23 AM) (Source: WinMgmt)(User: )
Description:


=========================== Installed Programs ============================

µTorrent (Version: 2.2.0)
3 Stars of Destiny
3D Fish School Screen Saver 4.7 (Version: 4.7)
7-Zip 4.65
AC-3 ACM Codec
Acrobat.com (Version: 0.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.2.202.228)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Ahriman's Prophecy (Version: 1.0)
AIM 7
Alpha Kimori 1 (Version: 1.00)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMVapp 2.1 (Version: 2.1)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Application Profiles (Version: 2.0.4331.36041)
ATI AVIVO Codecs (Version: 10.0.0.40103)
Aveyond
Aveyond 2
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.1913)
Awakening (Version: 1.00)
banjo Screen Saver
Big Fish Games: Game Manager (Version: 3.0.1.60)
Blades of Heaven
BurnAware Free 4.2
Castle Oblivion
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1205.2146.38999)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2146.38999)
Catalyst Control Center InstallProxy (Version: 2011.1205.2146.38999)
Catalyst Control Center Localization All (Version: 2011.1205.2146.38999)
ccc-utility (Version: 2011.1205.2146.38999)
CCC Help Chinese Standard (Version: 2011.1205.2145.38999)
CCC Help Chinese Traditional (Version: 2011.1205.2145.38999)
CCC Help Czech (Version: 2011.1205.2145.38999)
CCC Help Danish (Version: 2011.1205.2145.38999)
CCC Help Dutch (Version: 2011.1205.2145.38999)
CCC Help English (Version: 2011.1205.2145.38999)
CCC Help Finnish (Version: 2011.1205.2145.38999)
CCC Help French (Version: 2011.1205.2145.38999)
CCC Help German (Version: 2011.1205.2145.38999)
CCC Help Greek (Version: 2011.1205.2145.38999)
CCC Help Hungarian (Version: 2011.1205.2145.38999)
CCC Help Italian (Version: 2011.1205.2145.38999)
CCC Help Japanese (Version: 2011.1205.2145.38999)
CCC Help Korean (Version: 2011.1205.2145.38999)
CCC Help Norwegian (Version: 2011.1205.2145.38999)
CCC Help Polish (Version: 2011.1205.2145.38999)
CCC Help Portuguese (Version: 2011.1205.2145.38999)
CCC Help Russian (Version: 2011.1205.2145.38999)
CCC Help Spanish (Version: 2011.1205.2145.38999)
CCC Help Swedish (Version: 2011.1205.2145.38999)
CCC Help Thai (Version: 2011.1205.2145.38999)
CCC Help Turkish (Version: 2011.1205.2145.38999)
Chopper XP 2.3 (Version: 2.3)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
Comcast Desktop Software (v1.2.0.9) (Version: 23)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Convert VOB to AVI 1.7
Critical Update for Windows Media Player 11 (KB959772)
DAEMON Tools Toolbar (Version: 1.0.7.0088)
Dawn's Light: A Christmas Tale 1.0
Deadly Sin
Deadly Sin 2: Shining Faith
Deep Space 3D Screensaver 1.0 (Version: 1.0)
Dell Backup and Recovery Manager (Version: 1.3)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Support Center (Version: 3.1.5907.39)
Demonbane USA 1.0
Desktop Doctor (Version: 2.5.5)
Diagnostics Utility (Version: 1.00.0000)
DivX Plus DirectShow Filters
Dreamscape
dux Screen Saver
DVD Flick 1.3.0.6 (Version: 1.3.0.6)
eGames GameButler
Ella's Hope
ESET Online Scanner v3
Everlong v3.23
Facebook Plug-In
Family Project v1.0
Fated Haven: Chapter One
ffdshow (remove only)
FreeMind (Version: 0.8.1)
FreeRIP v3.66 (Version: 3.66)
Glary Registry Repair 3.0
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk (remove only)
Google Update Helper (Version: 1.3.21.111)
HandBrake 0.9.5 (Version: 0.9.5)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HiJackThis (Version: 1.0.0)
Intel® Matrix Storage Manager
IrfanView (remove only)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 7 (Version: 1.6.0.70)
Jewel Drop (Version: 1.00.05.10.17)
Kira Kira
Koi Fish 3D Screensaver 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Marshmallow Peeps Screensaver Screen Saver
max Screen Saver
Media Go (Version: 2.1.392)
Media Go Video Playback Engine 1.88.106.12050 (Version: 1.88.106.12050)
MediaInfo 0.7.16 (Version: 0.7.16)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft AppLocale (Version: 1.0.0)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Windows Application Compatibility Database
Microsoft Windows Media Video 9 VCM
MKVtoolnix 2.8.0 (Version: 2.8.0)
Mozilla Firefox (3.6.28) (Version: 3.6.28 (en-US))
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 6.0 Parser (KB927977) (Version: 6.00.3890.0)
mug Screen Saver
Myth Xaran
nacho Screen Saver
nash Screen Saver
Nature 3D Screensaver 1.1 (Version: 1.1)
NWZ-E460 WALKMAN Guide (Version: 2.0.2.04130)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.0 (Version: 3.0.9379)
oz Screen Saver
Penguin Puzzle
pesto Screen Saver
PlayStation®Network Downloader (Version: 2.07.00849)
PlayStation®Store (Version: 4.7.14.14146)
PowerDVD (Version: 8.1)
QuickTime (Version: 7.71.80.42)
Quintessence - The Blighted Venom [Chapter 1 - 11]
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek Ethernet Diagnostic Utility (Version: 1.00.0000)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.30.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5678)
RealUpgrade 1.1 (Version: 1.1.0)
Recettear: An Item Shop's Tale
RGSS-RTP Standard (Version: 1.04)
rio Screen Saver
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
RPG Maker VX RTP (Version: 1.02)
Segoe UI (Version: 14.0.4327.805)
Sim AQUARIUM 2 (Version: 2.6a)
Skype Click to Call (Version: 5.11.9874)
Skype·5.9 (Version: 5.9.115)
Software Bisque TheSky (Remove only)
Solar System - Earth 3D Screensaver v1.3
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
SoulSeek 157 NS 13c
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
swirl Screen Saver
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.4.24.0)
The Lore of Lorewyn
The Witch and The Warrior
Uninstall 1.0.0.1
Unlocker 1.8.7 (Version: 1.8.7)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB Video Driver (Version: 1.00)
Vagrant Hearts
VideoLAN VLC media player 0.8.6i (Version: 0.8.6i)
Viewpoint Media Player
Violet Princess and Frogs from the Fire Lake
VirtualDubMOD 1.5.10.3 US (Version: 1.5.10.3)
Virtue - Espiritus ~ Just For Fun Games
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.7523)
Whisper of a Rose Gold 3.00
Winamp (remove only)
Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0) (Version: 08/31/2007 5.7.0831.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0) (Version: 08/31/2007 5.7.0831.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR archiver
Wireless LAN (Version: 1.4.0)
XML Paper Specification Shared Components Pack 1.0
XviD MPEG-4 Video Codec (Version: XviD-1.0.3-20122004)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 3070.91 MB
Available physical RAM: 2431.64 MB
Total Pagefile: 4955.32 MB
Available Pagefile: 4293.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.45 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:298.03 GB) (Free:145.41 GB) NTFS

========================= Users: ========================================

User accounts for \\YUME

Administrator Guest HelpAssistant
Michael SUPPORT_388945a0


**** End of log ****

#19 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:41 PM

Posted 26 May 2012 - 02:22 AM

Create a restore point before trying this

Press Windows+R key and type

regedit and click ok

Go to

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32

On right side ,double click on Default key and change it to

C:\WINDOWS\system32\wbem\wbemess.dll

Click ok

Download

winsock fixit

Run it & Restart the PC

Launch mini toolbox again

Checkmark following boxes:

List content of Hosts
List IP configuration
List last 10 Event Viewer log

Click GO and post the log

what are you current issues?

Edited by narenxp, 26 May 2012 - 02:24 AM.


#20 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 03:04 AM

Fix It told me it had to restart and I did. My icons are messed up again and I cannot find a way to actually run Fix It. It as if it is not being installed. I will move on to the next step

#21 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 03:07 AM

MiniToolBox by Farbar Version: 14-01-2012
Ran by Michael (administrator) on 26-05-2012 at 03:06:38
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 2 (Connected)
Belkin Wireless G Desktop Card = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Yume

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.



Ethernet adapter Wireless Network Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Belkin Wireless G Desktop Card #2

Physical Address. . . . . . . . . : 00-17-3F-2D-20-D7



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : hsd1.il.comcast.net.

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2

Physical Address. . . . . . . . . : 00-21-9B-28-00-50

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

75.75.75.75

75.75.76.76

Lease Obtained. . . . . . . . . . : Saturday, May 26, 2012 2:58:42 AM

Lease Expires . . . . . . . . . . : Sunday, May 27, 2012 2:58:42 AM

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.225.136, 74.125.225.130, 74.125.225.134, 74.125.225.128
74.125.225.131, 74.125.225.142, 74.125.225.133, 74.125.225.135, 74.125.225.137
74.125.225.129, 74.125.225.132



Pinging google.com [74.125.225.102] with 32 bytes of data:



Reply from 74.125.225.102: bytes=32 time=11ms TTL=55

Reply from 74.125.225.102: bytes=32 time=12ms TTL=55



Ping statistics for 74.125.225.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 12ms, Average = 11ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=72ms TTL=50

Reply from 72.30.38.140: bytes=32 time=72ms TTL=50



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 72ms, Maximum = 72ms, Average = 72ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 17 3f 2d 20 d7 ...... Belkin Wireless G Desktop Card #2 - Packet Scheduler Miniport
0x3 ...00 21 9b 28 00 50 ...... Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 10
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 10
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 10
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/26/2012 01:22:36 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 03:03:01 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 pcdrcui.exe, P2 6.0.5907.39, P3 4f847f62, P4 mscorlib, P5 2.0.0.0, P6 4ef6c16f, P7 f4f, P8 7, P9 clr20r30, P10 clr20r31.

Error: (05/25/2012 00:08:01 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 03:23:05 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 02:04:07 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:57:36 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:53:33 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:46:03 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 01:40:50 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (05/25/2012 00:10:23 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.


System errors:
=============
Error: (05/26/2012 03:01:19 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (05/26/2012 03:01:19 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (05/26/2012 03:01:19 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (05/25/2012 03:19:12 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 02:04:05 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 02:02:03 AM) (Source: 0) (User: )
Description:

Error: (05/25/2012 02:00:52 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 02:00:51 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 01:58:50 AM) (Source: 0) (User: )
Description:

Error: (05/24/2012 10:50:04 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (05/26/2012 01:22:36 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 03:03:01 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3pcdrcui.exe6.0.5907.394f847f62mscorlib2.0.0.04ef6c16ff4f7n3ctrye2kn3c34sgl4zqyrbfte4m13nbNIL

Error: (05/25/2012 00:08:01 PM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 03:23:05 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 02:04:07 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:57:36 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:53:33 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:46:03 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 01:40:50 AM) (Source: WinMgmt)(User: )
Description:

Error: (05/25/2012 00:10:23 AM) (Source: WinMgmt)(User: )
Description:


**** End of log ****

#22 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:41 PM

Posted 26 May 2012 - 03:08 AM

Fix It told me it had to restart and I did. My icons are messed up again and I cannot find a way to actually run Fix It. It as if it is not being installed. I will move on to the next step

ok,please explain your issue regarding icons.if you can take a screenshot,it would be better :thumbup2:

#23 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 03:29 AM

Below is how I manually set it up based on how it normally is,

Posted Image

Randomly, as well as when I restart, it arranges like this,

Posted Image


I do not have it set to auto arrange and the option is not clicked. I had read it could be caused by a virus. I have found that folders are not retaining view settings despite the option to do so being checked.

Also, I ran aswMBR in between some of the steps taken a short while ago and it listed on thing that i was concerned about,
ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys spau.sys hal.dll >>UNKNOWN [0x8ac82938]<<

Does the Toolbox Log above offer any clues?

Edited by MrBear, 26 May 2012 - 04:37 AM.


#24 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 03:08 PM

I am also now unable to access Windows Firewall. It looks like the Toolbox scan indicated a variety of errors in various Windows components, which I wonder about. If it seems all infection is gone and it is now a matter of fixing errors I can move this to the proper forum if preferred.

#25 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:41 PM

Posted 26 May 2012 - 03:51 PM

Regarding the icons issue,try this

http://answers.microsoft.com/en-us/windows/forum/windows_7-desktop/keep-desktop-icons-where-i-have-put-them-when-the/b54f2192-f984-4e2e-812c-3672a07e2c11

Make sure to export the key before editing it


Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#26 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 04:33 PM

I am a bit perplexed by linked directions.

"2. Click Start, Turn Off computer.
3. Press and hold the CTRL, ALT and the SHIFT keys, and click the Cancel button."

Do I follow Step 3 while the computer is shutting down or while it is off?

#27 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:41 PM

Posted 26 May 2012 - 04:41 PM

Actually ignore other steps,just export the registry key and save it.Edit it key as instructed,restart the PC

Now customize the desktop icons placement,restart the PC.

good luck

#28 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 04:43 PM

Will I transfer the exported key back to the registry at any point?

#29 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:41 PM

Posted 26 May 2012 - 04:48 PM

Will I transfer the exported key back to the registry at any point?

Will not be needed if this solution works :)

#30 MrBear

MrBear
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:IL
  • Local time:06:41 PM

Posted 26 May 2012 - 04:53 PM

Unfortunately it did not work. :( Does any of the data within the key have any bearing?

Edited by MrBear, 26 May 2012 - 05:24 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users