Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Redirects and audio ads in the background


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
Connecting wired is easier. No encryption to worry about.

It sounds like it can't find netsh

Can you check if it's at C:\WINDOWS\system32\netsh.exe ?
  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
Going to be off-line for a bit. Got to watch TV with my wife.
  • 0

#33
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Duty calls, I'm with ya. Thanks again for you help man, way cool of you.



I found netsh, ran it as admin, typed winsock (netsh winsock>)
At the prompt typed reset and it still says cannot find the file specified. It's as if the catalog doesn't exist.

-J
  • 0

#34
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Still no luck with wired connection, both into the router and directly to modem. After troubleshooting it states "LAN does not have a valid IP configuration."
  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
I'm back.

Let's look at another key:

Copy the next line:

reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock /s > \junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Then attach c:\junk.txt to your next post.

Right click on Computer and select Manage (Continue) then Device Manager. Find the Network Adapters and click on the arrow in front in order to open it up. Right click on each network adapter and Delete. When you reboot it will reinstall them. Sometimes we get lucky.



Let also see if we can get msinfo to work. From an elevated command prompt like you just opened, type

msinfo32

Once it opens, File, Save, call it mav and save it to your desktop. OK. It takes it a minute or two to finish. When it finishes, close msinfo32 and move the mav.nfo file to your good PC. I don't think the forum will allow it to be attached so rename it to mav.txt If it doesn't let you attach it because it's too big I will send you an email address to send it to.
  • 0

#36
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Just a few kb too big!




Registry values:


HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock
ErrorControl REG_DWORD 0x1
Start REG_DWORD 0x3
Type REG_DWORD 0x4

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration
Setup Version REG_DWORD 0x1009
Provider List REG_MULTI_SZ
Known Static Providers REG_MULTI_SZ Tcpip\0Tcpip6\0NwlnkIpx\0NwlnkSpx\0AppleTalk\0IsoTp\0Psched

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Well Known Guids
IsoTp REG_BINARY B0CBE489C1B9CF1195C800805F48A192
McsXns REG_BINARY B1CBE489C1B9CF1195C800805F48A192
AppleTalk REG_BINARY A0173B2CDFC6CF1195C800805F48A192
  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
Something missing from winsock.

Download the attached win.reg file and save it. Move it to the sick PC and right click and Merge. Then reboot.
  • 0

#38
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Still no luck :/
  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
rerun the

reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock /s > \junk.txt

command and let's see if it took.

Does the netsh command still say the same thing?

Did you see my PM?
  • 0

#40
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Now for the first time netsh says it successfully reset the catalog. Waiting for reboot and then will paste the reg. entry
  • 0

Advertisements


#41
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
It's working now!!!



HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock
ErrorControl REG_DWORD 0x1
Start REG_DWORD 0x3
Type REG_DWORD 0x4

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Parameters
Transports REG_MULTI_SZ Tcpip6\0Psched\0Tcpip\0NetBIOS

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration
Setup Version REG_DWORD 0x1009
Provider List REG_MULTI_SZ Tcpip6\0Psched\0Tcpip
Known Static Providers REG_MULTI_SZ Tcpip\0Tcpip6\0NwlnkIpx\0NwlnkSpx\0AppleTalk\0IsoTp\0Psched

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers\Psched
WinSock 2.0 Provider ID REG_BINARY E0A9609D7A33D011BD880000C082E69A

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers\Tcpip
WinSock 2.0 Provider ID REG_BINARY A01A0FE78BABCF118CA300805F48A192

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers\Tcpip6
WinSock 2.0 Provider ID REG_BINARY C0B0EAF9D426D011BBBF00AA006C34E4

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock\Setup Migration\Well Known Guids
IsoTp REG_BINARY B0CBE489C1B9CF1195C800805F48A192
McsXns REG_BINARY B1CBE489C1B9CF1195C800805F48A192
AppleTalk REG_BINARY A0173B2CDFC6CF1195C800805F48A192
  • 0

#42
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
Great.

Let's make sure it's clean:

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. (Like 3 or 4 hours)
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom. Click on it and copy and paste the report (even if it says nothing found).
  • 0

#43
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Alright,

Here are the two reports. Thank again for everything Ron!

ESET:

C:\Qoobox\Quarantine\C\Program Files (x86)\I Want This\I Want This.dll.vir a variant of Win32/Toolbar.CrossRider.A application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_03.18.59\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_03.18.59\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_03.18.59\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_03.18.59\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_03.18.59\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_18.01.46\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_18.01.46\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_18.01.46\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_18.01.46\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.09.2012_18.01.46\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined


BitDEFENDER:


QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Fri Sep 21 17:07:04 2012
Machine ID: C881A29C



No infection found.
-------------------



Processes
---------
iTunes 3252 C:\Program Files (x86)\iTunes\iTunesHelper.exe
Kaspersky Anti-Virus 3672 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
SyncServer 5212 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
Windows® Internet Explorer 4280 C:\Program Files (x86)\Internet Explorer\iexplore.exe


Autoruns and critical files
---------------------------
Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
iTunes C:\Program Files (x86)\iTunes\iTunesHelper.exe
Kaspersky Anti-Virus C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Windows® Internet Explorer c:\windows\syswow64\webcheck.dll


Browser plugins
---------------
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Toolbar for Internet Explorer c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
Java™ Platform SE 6 U25 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
Java™ Platform SE 6 U25 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
Kaspersky Anti-Virus C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
Kaspersky Anti-Virus C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
Kaspersky Anti-Virus C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin\npurladvisor.dll
Kaspersky Anti-Virus C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin\npvkplugin.dll
Kaspersky Anti-Virus C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin\npabplugin.dll
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System C:\windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\windows\System32\nlaapi.dll
NP_wtapp.dll C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
PDFlite Browser Plugin C:\Program Files (x86)\PDFlite\npPdfViewer.dll
Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer c:\windows\syswow64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\windows\System32\winrnr.dll


Scan
----
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: 5937e46ecdcd514c7a74d64e4ef5e21d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: 82cc8f77e9ec61c6b4d48dd4d5ca78e7 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: 24aa9776d6ab032071b61c88089aea59 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: e53b389aabc47a86a41884e94c9a3012 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 5f3347eba403ee64780980a5baf10304 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: ba28e3782bb7da6b4db32fbd83b34be7 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
MD5: fc7a868decc3ab027f29178ec8a7f252 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 09b7e7cd6f202247b3cf2306108589c2 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: e5b6d88b36bddad5039764fbf80284dd C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: 1d75bc73585969f41ba7ef0c882dff2b C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 6fa5ad27178be38094c64933bf38bd3e C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
MD5: 282f84e0096499c42102d7234a4d14ef C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 26655ca3645c49da4a79ac18fe84ee11 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: 1f942930893ed98204ae67260e03ee26 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 240d42cbd1691c6b7d54af4e3365baac C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: d339d7f6e52aecca9c0898cb547b2902 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL
MD5: 8195b745a9c3235e4715f0a1b59206cf C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: a5299d04ed225d64cf07a568a3e1bf8c C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: ab781c0e4c09e08f464081d17c0f6184 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 30a1782bf1bf9dc1732507b70028512a C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
MD5: 81179b79aac9859b35c437010219b561 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer_main.dll
MD5: 3cd902a82a6ffd91d790cfc798dd2670 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices.dll
MD5: 680280fe7cdf31784fa08733e659601c C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServicesUI.dll
MD5: 72794d112cbaff3bc0c29bf7350d4741 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
MD5: cf39a105cd553eed31e2255aff4c6742 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MD5: 12b79422a23814429cda9e734c58f78f C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
MD5: 300e3336b7bd92a29404e6157521c120 c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
MD5: 98b16e756243bea9410e32025b19c06f C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
MD5: 7a78ed1088890114dfde2c4ab038d6b6 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
MD5: 20aa5135c856c44b08333365ebfa8087 C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MD5: 868722237aa095367491785e5c41ef0d C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: 93569d46d79f9756ed077156496afe23 C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: 7b845bfe314509d08ab5865cb141e332 C:\Program Files (x86)\iTunes\iTunesHelper.dll
MD5: 4affdcaadcb1dbbffaf06c7f82e7f6fc C:\Program Files (x86)\iTunes\iTunesHelper.exe
MD5: 9dee004269dadee715bd572410aa6076 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: a7146c0c90d7ba0f251ac073e655d4d2 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: c1680c34de8a405c8829ab93236576fd C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: ec48890b04d283371dc2cadac40ad5b5 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
MD5: ed5394c852ae873d5a67e14e8049881d C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 2718dc27571bd1e37813f5759d2dc118 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
MD5: 821127ca5f45638a12d6df1f2c9103e9 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\eka_meta.dll
MD5: b58849104a5e76875b34f23dcb82efe9 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
MD5: 8e7d50e2c4a39bccd5f5c407240615fe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\kltbar.dll
MD5: 35006646bc1e5684f2a8be96631c69d5 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
MD5: 8964a832459dbe95d718288a48b9c236 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbcl.dll
MD5: dd4b100fde022b01537288c7c73c22f8 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblc.dll
MD5: 7f83050bc48915104a3b1ac105187d42 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\params.ppl
MD5: bbd6eadac482a006bebf0227dc763092 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\prloader.dll
MD5: eed1fbd0fde9f97eb90bd8f5075ca0df C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\prremote.dll
MD5: 0386c3cdc977a98c81de7ec62db5dd71 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\pxstub.ppl
MD5: b68cdb7f0d1c509459573c51262f59f2 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\scrchpg.dll
MD5: c94c955f69a65d54b3ce8eb8ab00e8de C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\service.dll
MD5: 71afa4402f0b456a55afec899f5fa93f C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\winreg.ppl
MD5: 13693b6354dd6e72dc5131da7d764b90 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
MD5: c3cddd18f43d44ab713cf8c4916f7696 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
MD5: 711a2e6a55ec7bfd59b5f649d58b704b c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
MD5: 2f86be1818c2d7ac90478e3323ee7fcb C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
MD5: 56554eb3ad01d73d67b810c639e15648 C:\Program Files (x86)\PDFlite\npPdfViewer.dll
MD5: 71c321649b28638ee80a2eeb164c1dc8 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
MD5: ba72cfc2bf952da409a953e89d6fe2cd C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
MD5: c403c5db49a0f9aaf4f2128edc0106d8 C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
MD5: 0a1ff0b674e2f268799442a434a63bb3 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: afb5b500ad69e24ed1bc15d1161641ef C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 2bacd71123f42cea603f4e205e1ae337 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MD5: 6e50cfa46527b39015b750aad161c5cc C:\Program Files\iPod\bin\iPodService.exe
MD5: 1c73689b900428c7d054a41c4687f55c C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
MD5: 29d0886cf250fcef1bf9e65ab8d2c0c8 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
MD5: 06c8fa1cf39de6a735b54d906ba791c6 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: e3bf29ced96790cdaafa981ffddf53a3 C:\Program Files\Windows Sidebar\sidebar.exe
MD5: 7a69a61e6ed2b58143c73d1ceae7581d C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin\npurladvisor.dll
MD5: f8b30a08c2e7f1d5c11e7dd8fbbedb35 C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin\npvkplugin.dll
MD5: 268bf86145b0e8f496e4a78218b49574 C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin\npabplugin.dll
MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 773212b2aaa24c1e31f10246b15b276c C:\windows\servicing\TrustedInstaller.exe
MD5: 37ce7a79d901235504f9add99a7ac177 C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\windows\system32\apphelp.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\windows\system32\AUDIOSES.DLL
MD5: 7a6986dd659b96398a11af5173892715 C:\windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\windows\system32\credssp.dll
MD5: 6316957bb3431dfb06bffa98c0f1926e C:\windows\system32\cryptnet.dll
MD5: 06e771aa596b8761107ab57e99f128d7 C:\windows\system32\cryptsvc.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\windows\system32\cscapi.dll
MD5: 35cede6439ff0d8903223a0817ffe46c C:\windows\system32\d2d1.dll
MD5: 2de90400a63818fa38c4c5c9adb166bf C:\windows\system32\d3d10_1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\windows\system32\d3d10_1core.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\windows\system32\d3d9.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\windows\system32\dnsapi.DLL
MD5: 062373995eae5f0eac9eaa9192136bfb C:\windows\system32\dnssd.dll
MD5: a29d734f650f958424743be3baa052c8 C:\windows\system32\DWrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\windows\system32\dxgi.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\windows\system32\Explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\windows\system32\explorerframe.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\windows\System32\fwpuclnt.dll
MD5: ed6f6fbbcdec95483b7351e23f4fcdf6 C:\windows\system32\IEADVPACK.DLL
MD5: 32e15ecf5854f5610bc895490bc3246a C:\windows\system32\IEFRAME.dll
MD5: 2cc34eff09799a50fa44299599f6589f C:\windows\system32\IEUI.dll
MD5: fe45a1512e2ec883e1de72f9a2842ee5 C:\windows\system32\igd10umd32.dll
MD5: 933421733c2c4be8cb161d18e9652e69 C:\windows\system32\igdumd32.dll
MD5: 2b7db3e2c6dc1bc4d3682838bdb1304c C:\windows\system32\igdumdx32.dll
MD5: 68563ac389f92ee79f1c714288ba1dce C:\windows\system32\ImgUtil.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\windows\system32\iphlpapi.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\windows\System32\MMDevApi.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\windows\system32\mscms.dll
MD5: 7940c04ce581288a3498d57ec4ee47d2 C:\windows\system32\msfeeds.dll
MD5: 5e8e869e1342308752a37a2c90cca79d C:\windows\system32\MSHTML.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\windows\system32\msiexec.exe
MD5: 35aae2e841aa1a949775168e119482c9 C:\windows\system32\msls31.dll
MD5: 0b8fe658bd033ec8b1f6fbc305cc65e7 C:\windows\system32\MSRATING.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\windows\system32\mswsock.dll
MD5: 1cdea9188899e76d4ffd54c9d512ccdb C:\windows\System32\msxml3.dll
MD5: d9a9702e43a5859896f34898d5fd3fec C:\windows\System32\msxml6.dll
MD5: 8b57a1ad493653bb57f281fe75dd175b C:\windows\System32\NaturalLanguage6.dll
MD5: 591fe0a6ceb19bf886ceb1331f591940 C:\windows\system32\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\windows\system32\NETAPI32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\windows\system32\netutils.dll
MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\windows\system32\NetworkExplorer.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\windows\System32\nlaapi.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\windows\system32\ntshrui.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\windows\system32\OLEACC.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\windows\system32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\windows\system32\provsvc.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\windows\system32\samcli.dll
MD5: 6581b52e133cc6d00661c58968c7e212 C:\windows\system32\SearchFolder.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\windows\system32\SearchIndexer.exe
MD5: f93674263f6b07c77956e966953242d9 C:\windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\windows\system32\sessenv.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\windows\System32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\windows\system32\srvcli.dll
MD5: 6a1e8deb746912df47cf651e138401d7 C:\windows\System32\StructuredQuery.dll
MD5: ecdb182f885292145826c58252b53000 C:\windows\System32\svchost.exe
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\windows\system32\SXS.DLL
MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\windows\system32\T2EMBED.DLL
MD5: 613bf4820361543956909043a265c6ac C:\windows\System32\tapisrv.dll
MD5: 465dbf63a5049e4db4bc5c12ffe781cb C:\windows\system32\tquery.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\windows\System32\wcncsvc.dll
MD5: a9d880f97530d5b8fee278923349929d C:\windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\windows\system32\webio.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\windows\system32\windowscodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\windows\system32\wkscli.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\windows\system32\Wtsapi32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\windows\system32\xmllite.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\SysWOW64\actxprxy.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\windows\syswow64\ADVAPI32.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\windows\syswow64\comdlg32.dll
MD5: 1295338cfe6f249823ef9bc8d4368a84 C:\windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\windows\syswow64\DEVOBJ.dll
MD5: 19779242217d7403577c34afd95c8626 C:\Windows\SysWOW64\dispex.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\windows\syswow64\GDI32.dll
MD5: ee9d715af1b928982f417238b9914484 C:\Windows\SysWOW64\ieapfltr.dll
MD5: 32e15ecf5854f5610bc895490bc3246a c:\windows\syswow64\ieframe.dll
MD5: b17adbbbdc97148d28f995f32c380f2e C:\windows\syswow64\iertutil.dll
MD5: b2db6aba2e292235749b80a9c3dfa867 C:\windows\syswow64\imagehlp.dll
MD5: a2c5a505398a160af30121e307ae996e C:\Windows\SysWOW64\jscript.dll
MD5: 9f179da6bf972f2b8b7f90978d02d719 C:\Windows\SysWOW64\jscript9.dll
MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\windows\syswow64\kernel32.dll
MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\windows\syswow64\KERNELBASE.dll
MD5: c7d41058eeb57f425fbd1585f9de71c4 C:\windows\SysWOW64\Macromed\Flash\Flash32_11_4_402_265.ocx
MD5: b2b64af436faccfa854dd397027c5360 C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 938f39b50bafe13d6f58c7790682c010 C:\windows\syswow64\MSASN1.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\windows\syswow64\msvcrt.dll
MD5: e73b0f1819602cb6ef176fb78d76a47b C:\windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\windows\syswow64\ole32.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\windows\syswow64\OLEAUT32.dll
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\windows\syswow64\RPCRT4.dll
MD5: 3d3cbd1847f980fb03343a63671e7886 C:\windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\windows\syswow64\SETUPAPI.dll
MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\windows\syswow64\SHLWAPI.dll
MD5: eda7ad21df8945528f01f0a86d69e524 C:\windows\syswow64\SspiCli.dll
MD5: 667981f2e7c26275f0694b58eee303b9 C:\windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\windows\syswow64\USER32.dll
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\windows\syswow64\USP10.dll
MD5: 5e7a2cf7719161c5e6c0e47d67ad45ae C:\Windows\SysWOW64\vbscript.dll
MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\syswow64\webcheck.dll
MD5: 75a97a2c060e72ab49e071e08c7dd2ba C:\windows\syswow64\WININET.dll
MD5: a7d79e9f660340ab20cd73f12910985f C:\windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\windows\syswow64\WS2_32.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 1.22 KB recvd
Scanned 339 files and modules - 38 seconds

==============================================================================
  • 0

#44
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
That looks good. The only thing ESET found was stuff we had already killed off so malware wise we are clean.

You do have an obsolete Java:

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 25
Java™ 6 Update 22

Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.

Currently there is an exploit out that works on all Java Version 7 software so we are recommending that if you do not visit websites that absolutely require Java that you turn it off in your browser per the instructions in http://www.geekstogo...ur-web-browser/
If you use websites that require Java and you trust them then we recommend that you use either Firefox with the NoScript add-on or Chrome with the ScriptNo add-on and avoid IE. NoScript/ScriptNo will turn off Java and Javascript on all websites you visit except for those that you specifically approve. More info on the exploit is here: http://krebsonsecuri...y-java-exploit/

Java 7 Version 7 is the latest version which still has a problem. Until Java 7 Version 8 comes out be very careful with Java.

Internet Explorer is also under a security cloud right now and should not be used until the fix that was supposed to be released today gets installed anyway. The exploit also tries to use an Adobe Flash exploit so make sure you have the latest Adobe Flash (if you have it).

We (and the malware) may have damaged Kaspersky so it would be a good idea to download a new copy, uninstall the old copy and reboot. then install the new copy. You will no doubt need to have your activation code handy.

Let's look at your error logs again to make sure there is no other damage that needs to be repaired.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#45
maverick0987

maverick0987

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 22/09/2012 5:52:14 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/09/2012 9:42:51 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/09/2012 9:41:15 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP