Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black screen of death - help please


  • Please log in to reply
20 replies to this topic

#1 rhodes

rhodes

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 14 March 2014 - 04:41 AM

Hi, I am getting a black screen and the only way to get around it is to switch off and back on.  It does not occur at the same point each time.  The usual sequence is that it fails during start-up a few times then I get a bit further and it fails a minute after I've got my desk top up, then perhaps 10 minutes into using it.  Eventually it stays up for quite a while but will still fail after an hour or so.  However, if I start in safe mode (with networking) I do not have this problem at all, so I think it is software rather than hardware.  I have run AVG free antivirus and scan disc but it made no difference. 

Can someone help me please. 


Edited by hamluis, 21 March 2014 - 05:37 PM.
Moved from XP to Am I infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 johnebadbak

johnebadbak

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mount gambier S.A
  • Local time:11:01 AM

Posted 16 March 2014 - 10:15 PM

check out make and model of the graphics card and go to the site of the manufacturer and see if drivers are available.

 

 if the graphics are on board check out the motherboard make and model and again go to the manufacturer site to download all drivers available for the mother board..



#3 TechGranny

TechGranny

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Georgia
  • Local time:08:31 PM

Posted 19 March 2014 - 04:43 PM

My opinion is you are hitting the nail on the head. I own a 4 year old HP desktop because the owner decided to shoot it for having the same problem but all I did was open the case, remove the expensive video card he had added for gaming so that it used the on board connection and she is now happily humming along as an XP Pro machine that I use for personal use and run my home theater system on.

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 54,818 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:31 PM

Posted 19 March 2014 - 05:42 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#5 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 21 March 2014 - 12:22 PM

Hi Louis, thanks for your help. I have just loged in in normal mode and run MiniToolBox. I'll send this (before computer crashes again), then send the snapshop after.,:-

 

CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CueTour (Version: 53.0.13.000)
Fax (Version: 50.0.206.000)
FoxTab FLV Player
FullDPAppQFolder (Version: 1.00.0000)
GOM Player (Version: 2.1.28.5039)
Google Chrome (Version: 33.0.1750.154)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.5)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 22.50.231.0)
HP Image Zone 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Photo Creations (Version: 1.0.0.11352)
HP PSC & OfficeJet 5.3.B
HP Update (Version: 5.002.006.003)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 53.0.13.000)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 39 (Version: 6.0.390)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Excel 2000 SR-1 (Version: 9.00.3821)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word 2000 SR-1 (Version: 9.00.3821)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 2.00.02.01)
Nero Media Player
Nero OEM
NeroVision Express 2
NewCopy (Version: 50.0.206.000)
PhotoGallery (Version: 53.0.13.000)
Platform (Version: 1.34)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.206.000)
Realtek High Definition Audio Driver (Version: 5.10.0.6299)
Scan (Version: 5.2.0.0)
Shopping Helper Smartbar Engine (Version: 1.153.63.12705)
SkinsHP1 (Version: 53.0.13.000)
Sonic_PrimoSDK (Version: 53.0.13.000)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.3.222.g317ab79d)
Turbo Lister 2 (Version: 2.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Display Driver 6.14.10.0099
VIA Platform Device Manager (Version: 1.34)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.00 beta 1 (32-bit) (Version: 4.00.1)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 1982.42 MB
Available physical RAM: 1198.18 MB
Total Pagefile: 3365.29 MB
Available Pagefile: 2646.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.8 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:95.19 GB) NTFS

========================= Users: ========================================

User accounts for \\PAUL-D8B4D81983

Administrator            ASPNET                   Guest                   
HelpAssistant            Paul                     SUPPORT_388945a0        

**** End of log ****



#6 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 21 March 2014 - 12:30 PM

And here is the Speccy Snaphot

 

http://speccy.piriform.com/results/VvcT4X7CfF5iWreyqfoA8MY

 

Thanks,



#7 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 21 March 2014 - 12:47 PM

Just notices that first attempt to post my MiniToolBox report was incomplete - here is the full version.

 

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Paul (administrator) on 21-03-2014 at 17:42:27
Running from "C:\Documents and Settings\Paul\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/21/2014 07:33:31 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/21/2014 06:56:56 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/20/2014 08:10:39 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/19/2014 08:16:28 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/18/2014 10:38:31 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/18/2014 01:25:58 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/18/2014 10:43:25 AM) (Source: MsiInstaller) (User: PAUL-D8B4D81983)
Description: Product: Microsoft Excel 2000 SR-1 -- Error 1706. No valid source could be found for product Microsoft Excel 2000 SR-1.  The Windows installer cannot continue.

Error: (03/18/2014 10:40:23 AM) (Source: MsiInstaller) (User: PAUL-D8B4D81983)
Description: Product: Microsoft Excel 2000 SR-1 -- Error 1706. No valid source could be found for product Microsoft Excel 2000 SR-1.  The Windows installer cannot continue.

Error: (03/17/2014 10:30:16 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/15/2014 05:44:30 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

System errors:
=============
Error: (03/21/2014 05:13:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/21/2014 03:14:50 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/21/2014 03:14:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
Fips
intelppm

Error: (03/21/2014 03:14:37 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Error: (03/21/2014 08:21:44 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/21/2014 07:33:31 AM) (Source: DCOM) (User: PAUL-D8B4D81983)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/21/2014 07:23:22 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
Fips
intelppm

Error: (03/21/2014 07:23:22 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Error: (03/21/2014 07:22:18 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/21/2014 07:20:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Microsoft Office Sessions:
=========================
Error: (03/21/2014 07:33:31 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/21/2014 06:56:56 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/20/2014 08:10:39 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/19/2014 08:16:28 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/18/2014 10:38:31 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/18/2014 01:25:58 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/18/2014 10:43:25 AM) (Source: MsiInstaller)(User: PAUL-D8B4D81983)
Description: Product: Microsoft Excel 2000 SR-1 -- Error 1706. No valid source could be found for product Microsoft Excel 2000 SR-1.  The Windows installer cannot continue.(NULL)(NULL)(NULL)

Error: (03/18/2014 10:40:23 AM) (Source: MsiInstaller)(User: PAUL-D8B4D81983)
Description: Product: Microsoft Excel 2000 SR-1 -- Error 1706. No valid source could be found for product Microsoft Excel 2000 SR-1.  The Windows installer cannot continue.(NULL)(NULL)(NULL)

Error: (03/17/2014 10:30:16 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/15/2014 05:44:30 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
AVG 2012 (Version: 12.0.2178)
AVG 2014 (Version: 14.0.3722)
AVG 2014 (Version: 14.0.4336)
AVG 2014 (Version: 2014.0.4336)
BCWipe 2.0
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
CoffeeCup Free FTP (Version: 4.3.2)
Coupon Printer for Windows (Version: 5.0.0.0)
CP_AtenaShokunin1Config (Version: 53.0.13.000)
CP_CalendarTemplates1 (Version: 53.0.13.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CueTour (Version: 53.0.13.000)
Fax (Version: 50.0.206.000)
FoxTab FLV Player
FullDPAppQFolder (Version: 1.00.0000)
GOM Player (Version: 2.1.28.5039)
Google Chrome (Version: 33.0.1750.154)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.5)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 22.50.231.0)
HP Image Zone 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Photo Creations (Version: 1.0.0.11352)
HP PSC & OfficeJet 5.3.B
HP Update (Version: 5.002.006.003)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 53.0.13.000)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 39 (Version: 6.0.390)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Excel 2000 SR-1 (Version: 9.00.3821)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word 2000 SR-1 (Version: 9.00.3821)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 2.00.02.01)
Nero Media Player
Nero OEM
NeroVision Express 2
NewCopy (Version: 50.0.206.000)
PhotoGallery (Version: 53.0.13.000)
Platform (Version: 1.34)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.206.000)
Realtek High Definition Audio Driver (Version: 5.10.0.6299)
Scan (Version: 5.2.0.0)
Shopping Helper Smartbar Engine (Version: 1.153.63.12705)
SkinsHP1 (Version: 53.0.13.000)
Sonic_PrimoSDK (Version: 53.0.13.000)
Speccy (Version: 1.25)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.3.222.g317ab79d)
Turbo Lister 2 (Version: 2.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Display Driver 6.14.10.0099
VIA Platform Device Manager (Version: 1.34)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.00 beta 1 (32-bit) (Version: 4.00.1)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 1982.42 MB
Available physical RAM: 1226.07 MB
Total Pagefile: 3365.29 MB
Available Pagefile: 2679.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.8 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:95.18 GB) NTFS

========================= Users: ========================================

User accounts for \\PAUL-D8B4D81983

Administrator            ASPNET                   Guest                   
HelpAssistant            Paul                     SUPPORT_388945a0        

**** End of log ****



#8 hamluis

hamluis

    Moderator


  • Moderator
  • 54,818 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:31 PM

Posted 21 March 2014 - 05:36 PM

Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
AVG 2012 (Version: 12.0.2178)
AVG 2014 (Version: 14.0.3722)
AVG 2014 (Version: 14.0.4336)
AVG 2014 (Version: 2014.0.4336)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 39 (Version: 6.0.390)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.5)

 

Shopping Helper Smartbar Engine (Version: 1.153.63.12705)

 

It appears that you have some malware on your system, moving topic to Am I Infected for a better look by the more knowledgeable :).

 

Louis



#9 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 31 March 2014 - 04:21 PM

I am still very interested in getting help from a moderator to cure the problem.

 

Please HELP!!!



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:31 PM

Posted 02 April 2014 - 11:14 AM

Have you done post 2 yet?

We can remove the ad and malware too.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 02 April 2014 - 06:49 PM

Thanks for your reply.  Can I perform these operations in safe mode or does it have to be in normal mode?  In normal mode it can crash at any time, but if that what I've got to do then I'll do it.

 

Also by asking "Have you done post 2 yet?" do you mean getting the drivers for my graphics card?

 

Thanks

".



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:31 PM

Posted 02 April 2014 - 06:55 PM

Yes, use Safe Mode with Networking.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 04 April 2014 - 02:15 AM

Here is the minitoolkit report.  This is step one of your instructions. I will post each result seperately.

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Paul (administrator) on 04-04-2014 at 08:11:16
Running from "C:\Documents and Settings\Paul\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

VIA Compatable Fast Ethernet Adapter = Local Area Connection (Connected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : paul-d8b4d81983

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : VIA Compatable Fast Ethernet Adapter

        Physical Address. . . . . . . . . : 00-E0-4D-3A-4D-E1

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.7

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : 04 April 2014 07:36:24

        Lease Expires . . . . . . . . . . : 05 April 2014 07:36:24

Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  173.194.41.135, 173.194.41.137, 173.194.41.132, 173.194.41.136
   173.194.41.131, 173.194.41.128, 173.194.41.142, 173.194.41.130, 173.194.41.133
   173.194.41.134, 173.194.41.129

 

Pinging google.com [173.194.41.137] with 32 bytes of data:

 

Reply from 173.194.41.137: bytes=32 time=13ms TTL=54

Reply from 173.194.41.137: bytes=32 time=12ms TTL=54

 

Ping statistics for 173.194.41.137:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 12ms, Maximum = 13ms, Average = 12ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

 

Reply from 206.190.36.45: bytes=32 time=178ms TTL=50

Reply from 206.190.36.45: bytes=32 time=178ms TTL=50

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 178ms, Maximum = 178ms, Average = 178ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 e0 4d 3a 4d e1 ...... VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.7   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0      192.168.1.7     192.168.1.7   20
      192.168.1.7  255.255.255.255        127.0.0.1       127.0.0.1   20
    192.168.1.255  255.255.255.255      192.168.1.7     192.168.1.7   20
        224.0.0.0        240.0.0.0      192.168.1.7     192.168.1.7   20
  255.255.255.255  255.255.255.255      192.168.1.7     192.168.1.7   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/02/2014 10:37:13 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/31/2014 09:36:09 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/30/2014 00:29:14 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/28/2014 04:12:39 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/27/2014 04:55:16 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/27/2014 08:56:42 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/22/2014 09:41:38 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/21/2014 08:30:23 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/21/2014 08:33:31 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (03/21/2014 07:56:56 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

System errors:
=============
Error: (04/04/2014 07:40:42 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/04/2014 07:38:02 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
Fips
intelppm

Error: (04/04/2014 07:38:02 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Error: (04/03/2014 00:49:49 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/03/2014 00:04:38 AM) (Source: 0) (User: )
Description: C:

Error: (04/03/2014 00:04:12 AM) (Source: DCOM) (User: PAUL-D8B4D81983)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/02/2014 10:37:13 PM) (Source: DCOM) (User: PAUL-D8B4D81983)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/02/2014 03:55:04 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
Fips
intelppm

Error: (04/02/2014 03:55:04 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Error: (04/02/2014 03:54:27 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Microsoft Office Sessions:
=========================
Error: (04/02/2014 10:37:13 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/31/2014 09:36:09 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/30/2014 00:29:14 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/28/2014 04:12:39 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/27/2014 04:55:16 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/27/2014 08:56:42 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/22/2014 09:41:38 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/21/2014 08:30:23 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/21/2014 08:33:31 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (03/21/2014 07:56:56 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Ask Toolbar Updater (Version: 1.2.2.23821)
AVG 2012 (Version: 12.0.2178)
AVG 2014 (Version: 14.0.3722)
AVG 2014 (Version: 14.0.4355)
AVG 2014 (Version: 2014.0.4355)
BCWipe 2.0
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
CoffeeCup Free FTP (Version: 4.3.2)
Coupon Printer for Windows (Version: 5.0.0.0)
CP_AtenaShokunin1Config (Version: 53.0.13.000)
CP_CalendarTemplates1 (Version: 53.0.13.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CueTour (Version: 53.0.13.000)
Fax (Version: 50.0.206.000)
FoxTab FLV Player
FullDPAppQFolder (Version: 1.00.0000)
GOM Player (Version: 2.1.28.5039)
Google Chrome (Version: 33.0.1750.154)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.22.5)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 22.50.231.0)
HP Image Zone 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Photo Creations (Version: 1.0.0.11352)
HP PSC & OfficeJet 5.3.B
HP Update (Version: 5.002.006.003)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 53.0.13.000)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 39 (Version: 6.0.390)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Excel 2000 SR-1 (Version: 9.00.3821)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word 2000 SR-1 (Version: 9.00.3821)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 2.00.02.01)
Nero Media Player
Nero OEM
NeroVision Express 2
NewCopy (Version: 50.0.206.000)
PhotoGallery (Version: 53.0.13.000)
Platform (Version: 1.34)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.206.000)
Realtek High Definition Audio Driver (Version: 5.10.0.6299)
Scan (Version: 5.2.0.0)
Shopping Helper Smartbar Engine (Version: 1.153.63.12705)
SkinsHP1 (Version: 53.0.13.000)
Sonic_PrimoSDK (Version: 53.0.13.000)
Speccy (Version: 1.25)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.3.222.g317ab79d)
Turbo Lister 2 (Version: 2.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB2934207) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Display Driver 6.14.10.0099
VIA Platform Device Manager (Version: 1.34)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.00 beta 1 (32-bit) (Version: 4.00.1)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 1982.42 MB
Available physical RAM: 1616.38 MB
Total Pagefile: 3368.82 MB
Available Pagefile: 3179.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.98 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:95.02 GB) NTFS

========================= Users: ========================================

User accounts for \\PAUL-D8B4D81983

Administrator            ASPNET                   Guest                   
HelpAssistant            Paul                     SUPPORT_388945a0        

**** End of log ****



#14 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 04 April 2014 - 02:46 AM

Step 2 TDSSCleaner - No threats found

 

Step 3 AdwCleaner - here is the log file:-

 

# AdwCleaner v3.023 - Report created 04/04/2014 at 08:37:09
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Paul - PAUL-D8B4D81983
# Running from : C:\Documents and Settings\Paul\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Yontoo Layers Runtime
Folder Deleted : C:\Documents and Settings\Paul\Local Settings\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\Paul\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\Paul\Application Data\BabylonToolbar
[!] Folder Deleted : C:\Documents and Settings\Paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v33.0.1750.154

[ File : C:\Documents and Settings\Paul\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [11367 octets] - [04/04/2014 08:23:57]
AdwCleaner[S0].txt - [10821 octets] - [04/04/2014 08:37:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10882 octets] ##########



#15 rhodes

rhodes
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 04 April 2014 - 02:59 AM

Step 4 JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by Paul on 04/04/2014 at  8:51:44.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/04/2014 at  8:55:34.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users