Computer will not create desktop

[raz]

Hello Mel,

I have run TFC and Malware fighter, log below.

 

Define Version: 1044

Time Elapsed: 00:40:48

Objects Scanned: 77243

Threats Found: 19

Save Time: 11/19/2011 11:57:52 AM

 

|Name|Type|Description|ID|

Trojan.Crypt - Quarantined, FILE, C:\sound driver\Sound Driver\Sys\Cleanup.exe, 4070082

Trojan.Dropper - Quarantined, FILE, C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe, 4017830

Trojan.Generic - Quarantined, FILE, C:\Program Files\Adultpdf\DecryptPDF\PDFDecrypt.exe, 4071790

Trojan.Agent - Quarantined, FILE, C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\Printme\ConsoleApp.exe, 4044338

Trojan.Generic - Quarantined, FILE, C:\WINNT\$NtUninstallKB941202-OE6SP1-20070820.120000$\msimn.exe, 4061633

Adware.IeDefender - Quarantined, FILE, C:\DRIVERS\VIDEO\PDESKCMD.EXE, 4015632

Adware.IeDefender - Quarantined, FILE, C:\IBMTOOLS\DRIVERS\VIDEO\MATROX\PDESKCMD.EXE, 4015632

Adware.IeDefender - Quarantined, FILE, G:\DRIVERS\VIDEO\PDESKCMD.EXE, 4015632

Trojan.Generic - Quarantined, FILE, I:\HousecallLauncher.exe, 4061390

Trojan.Crypt - Quarantined, FILE, I:\sound driver\Sound Driver\Sys\Cleanup.exe, 4070082

Trojan.Dropper - Quarantined, FILE, I:\Program Files\Rosemount Inc\Quotetool\Temp.dll, 4048971

Trojan.Dropper - Quarantined, FILE, I:\Program Files\FilmOn HDi Player\QtNetwork4.dll, 4061025

Trojan.Dropper - Quarantined, FILE, I:\Program Files\ewido anti-spyware 4.0\Uninstall.exe, 4017830

Trojan.Generic - Quarantined, FILE, I:\Program Files\Adultpdf\DecryptPDF\PDFDecrypt.exe, 4071790

Trojan.Agent - Quarantined, FILE, I:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\Printme\ConsoleApp.exe, 4044338

Trojan.Generic - Quarantined, FILE, I:\WINNT\$NtUninstallKB941202-OE6SP1-20070820.120000$\msimn.exe, 4061633

Adware.IeDefender - Quarantined, FILE, I:\DRIVERS\VIDEO\PDESKCMD.EXE, 4015632

Adware.IeDefender - Quarantined, FILE, I:\IBMTOOLS\DRIVERS\VIDEO\MATROX\PDESKCMD.EXE, 4015632

Misleading.Intelinet - Delete, FOLDER, C:\Program Files\Intelinet, 301856

[raz]

dds.txt

 

DDS (Ver_2011-06-23.01) - FAT32x86

Internet Explorer: 6.0.2800.1106 BrowserJavaVersion: 1.6.0_22

Run by Administrator at 12:00:19 on 2011-11-19

.

============== Running Processes ===============

.

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\GNU\GnuPG\dirmngr.exe

C:\Program Files\ewido anti-spyware 4.0\guard.exe

C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe

C:\WINNT\system32\hidserv.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\LCFD.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINNT\system32\MSTask.exe

C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

C:\WINNT\System32\tcpsvcs.exe

C:\WINNT\System32\snmp.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\IObit\IObit Malware Fighter\IMF.exe

C:\dds.pif

C:\WINNT\System32\svchost.exe -k netsvcs

.

============== Pseudo HJT Report ===============

.

uStart Page = https://www.buyautomation.com/

uSearch Bar = hxxp://www.google.com/ie

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: {011f9246-da13-4555-9998-6e4805bd533f} - No File

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\acrobat\activex\AcroIEHelper.dll

BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File

BHO: {AE7CD045-E861-484f-8273-0445EE161910} - No File

BHO: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - No File

BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No File

TB: {011f9246-da13-4555-9998-6e4805bd533f} - No File

TB: {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No File

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

EB: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File

EB: {014DA6CE-189F-421A-88CD-07CFE51CFF10} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] ctfmon.exe

uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart

mRun: [lcfep] "c:\program files\tivoli\lcf\bin\w32-ix86\mrt\lcfep.exe"

mRun: [PLXSTART] c:\progra~1\plexto~1\PLXSTART.EXE

mRun: [PLXTASK] c:\progra~1\plexto~1\PLXTASK.EXE

mRun: [CallControl 4.5] c:\program files\faxtalk communicator\FTCtrl32.exe /autoload

mRun: [MSN Video Enhanced] "c:\program files\msn video enhanced\MSNVE.exe"

mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [Xerox PanelMgr] c:\winnt\xerox\panelmgr\SSMMgr.exe /autorun

mRun: [WHITNEY2_XRX_S2P] c:\program files\xerox\xerox phaser 3200mfp\psu\Scan2pc.exe

mRun: [NSCSysTrayUI_XEROX] "c:\program files\xerox\networkscan\NSCSysUI_XEROX.exe" /HIDEUI

mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"

mRun: [seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm

IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm

IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm

IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm

IE: E&xport to Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: bitdefender.com\www

Trusted Zone: trendmicro-europe.com\prerelease

Trusted Zone: trendmicro.com\housecall

Trusted Zone: trendmicro.com\housecall65

Trusted Zone: trendmicro.com\www

DPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab

DPF: {07B3E2A7-3F18-4B19-BAFC-793692F48851} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} - hxxp://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB

DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {31564D57-0000-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmvax.cab

DPF: {32564D57-0000-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv8ax.cab

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {3F3A4C2B-716F-4C23-AA6A-07BBD5CC3CA1} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {4110D6F0-A459-48B2-AE98-23DF944DBE78} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {41D7541C-71BE-4DEA-853A-8EAA9BD85FDA} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {44934A5E-CD6E-4147-B206-B110D91C00B7} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {51A1AD3E-036B-4056-99AA-0F2ED45250C5} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {533B1A6B-D23C-48E4-9FCB-092D7383E7F7} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {5AC308B6-63A2-4422-9E07-B475B2BA4F15} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {5D3F7D84-E425-4756-89B0-B3EE9A7874A2} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {6C0FD8C3-6A35-41BB-A1FD-0970989F86BA} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

DPF: {716C346F-CBC8-4259-9C87-58DAD06BF08F} - hxxp://www.buyautomation.com/RTC/Install/invMSFiles.CAB

DPF: {77081C4A-2467-4BF1-96CF-848583AE9EAF} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {810B1274-674C-46C3-8CF6-F67695F20585} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {8BF42B58-38D9-4F98-8692-E130674994E6} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {94573E3F-E764-413A-BC8C-567BC47007F4} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {975344B4-EB30-479D-88C6-72FB557B2669} - hxxp://www.iastore.com/RTC/Install/invBasket.CAB

DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38415.4065046296

DPF: {B0398DFF-7088-4B0E-B52D-E752EC243CFB} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {BC0E239B-6C7E-4812-B766-2A50300E1895} - hxxp://www.buyautomation.com/RTC/Install/invRTC.CAB

DPF: {BF554490-F89C-4D18-8AAB-442B1B2361A9} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} - hxxp://www.verizon.net/checkmypc/includes/MotivePreQual.cab

DPF: {C812FE36-C480-4E32-96D8-A82161DFEE64} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CD4F23C1-2CE4-4749-ABC5-1A0AE1CC7852} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {CE5BC8FC-DE3F-4514-B567-28A7F9C856DB} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {D7E23CE2-ADAF-477A-ABC1-1F17E3532C41} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

DPF: {D8FC83C8-ECAE-472F-9817-ECC48E1EB384} - hxxp://www.buyautomation.com/RTC/Install/invBasket.CAB

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{5B044533-8E4A-4F1A-A606-BB6C9881D169} : DhcpNameServer = 192.168.2.1

Notify: IObitLogon - c:\program files\iobit\advanced systemcare 5\\IObitLogon.dll

AppInit_DLLs: NVDESK32.DLL

SEH: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - No File

LSA: Authentication Packages = msv1_0 TivoliAP relog_ap

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ml60fw35.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ml60fw35.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL

.

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 3000000

FF - user.js: content.maxtextrun - 4095

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 1000000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 1000000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 1000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

.

============= SERVICES / DRIVERS ===============

.

.

=============== Created Last 30 ================

.

2011-11-19 17:59:57 607017 ------r- C:\dds.pif

2011-11-19 16:42:36 446464 ----a-w- C:\TFC.exe

2011-11-10 15:37:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-11-10 15:37:35 924632 ----a-w- c:\program files\mozilla firefox\firefox.exe

2011-11-10 15:37:35 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-11-10 15:37:35 801752 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-11-10 15:37:35 478168 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-11-10 15:37:35 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2011-11-10 15:37:35 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2011-11-10 15:37:35 1989592 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-11-10 15:37:35 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

.

==================== Find3M ====================

.

2011-10-12 17:11:58 1409 ----a-w- c:\winnt\QTFont.for

.

============= FINISH: 12:00:44.59 ===============

[raz]

attach.txt

 

 

==== Installed Programs ======================

.

AAC Decoder

ABB Program Suite

Access IBM

Adobe Acrobat 6.0.1 Professional

Adobe Flash Player 11 Plugin

Adobe Flash Player ActiveX

Adobe Photoshop 7.0

Adobe Reader 9.4.2

Adult PDF Password Recovery v2.2.0

Advanced SystemCare 5

AutoUpdate

BearShare

BitLord 1.1

BitTorrent 5.0.6

CoffeeCup Visual Site Designer Software

Compatibility Pack for the 2007 Office system

ConfigSafe

Defraggler (remove only)

DivX Codec

DivX Converter

DivX Player

DivX Plus DirectShow Filters

DivX Version Checker

DivX Web Player

DriverAgent by eSupport.com

FaxTalk Communicator 4.5

ffdshow [rev 3128] [2009-11-08]

File Scavenger 3.2 (English)

FileZilla Client 3.1.2

FilmOn HDi Player

Free Download Manager 3.0

Free Mp3 Wma Converter V 1.7.3

Free Window Registry Repair

Freecorder

Gpg4win (2.0.1)

H.264 Decoder

Hard Disk Low Level Format Tool 2.36 build 1181

Hotfix for MDAC 2.53 (KB927779)

IBM Update Connector

Intel Security Driver

Intel® PRO Ethernet Adapter and Software

IObit Malware Fighter

Japanese Fonts Support For Adobe Reader 9

Java 2 Runtime Environment, SE v1.4.1_02

Java Auto Updater

Java Web Start

Java 6 Update 2

Java 6 Update 22

Java 6 Update 3

Java 6 Update 7

Java SE Runtime Environment 6 Update 1

Macromedia Flash Player 8

Microsoft .NET Framework 2.0

Microsoft Application Error Reporting

Microsoft Data Access Components KB870669

Microsoft IntelliType Pro 6.1

Microsoft Office 2000 Premium

Microsoft Office Converter Pack

Microsoft Office FrontPage 2003

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

MKV Splitter

Moffsoft FreeCalc

Monkey's Audio

Mouse Suite

Mozilla Firefox 8.0 (x86 en-US)

Mozilla Thunderbird (1.5)

MSN Video Enhanced

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 6 Service Pack 2 (KB954459)

Netscape (7.1)

Network Scan

Nimo Codecs Pack v5.0 (Remove Only)

Norton Ghost

NVIDIA Windows 2000 Display Drivers

OGT-Diagnostic Tool

OpenOffice.org 3.3

PartitionMagic

Plextor Manager 2000

PowerQuest PartitionMagic 8.0

PTDD Super Fdisk 1.0

QuickTime

RealPlayer

Roxio Easy Media Creator 7

Seagate*DiscWizard

SeaTools Enterprise

Security Update for DirectX 9.0 (KB971633)

Security Update for DirectX 9.0 (KB975560)

Security Update for DirectX 9.0 (KB975562)

Security Update for Microsoft .NET Framework 2.0 (KB928365)

Security Update for Microsoft .NET Framework 2.0 (KB947746)

Security Update for Windows 2000 (KB904706)

Security Update for Windows 2000 (KB923689)

Security Update for Windows 2000 (KB941569)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB975025)

Security Update for Windows Media Player (KB977816)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 6.4 (KB954600)

Security Update for Windows Media Player 6.4 (KB974112)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows Media Player 9 (KB973540)

SIW version 2010.07.14

Smart Defrag 2

The Weather Channel Desktop 6

Toolkit 167

TopMax For Windows

TV-Browser 2.7.5

TVUPlayer 2.2.0

TweakNow PowerPack 2011 SP1a

Update Rollup 1 for Windows 2000 SP4

VC80CRTRedist - 8.0.50727.762

Visioneer PaperPort 5.3

VLC media player 1.1.4

WebFldrs

Winamp (remove only)

WinAVI VideoConverter

Windows 2000 Hotfix - KB833407

Windows 2000 Hotfix - KB842773

Windows 2000 Hotfix - KB867282

Windows 2000 Hotfix - KB890202

Windows 2000 Hotfix - KB893756

Windows 2000 Hotfix - KB896358

Windows 2000 Hotfix - KB896423

Windows 2000 Hotfix - KB899587

Windows 2000 Hotfix - KB899589

Windows 2000 Hotfix - KB900725

Windows 2000 Hotfix - KB901017

Windows 2000 Hotfix - KB901214

Windows 2000 Hotfix - KB905414

Windows 2000 Hotfix - KB905495

Windows 2000 Hotfix - KB905749

Windows 2000 Hotfix - KB908519

Windows 2000 Hotfix - KB908531

Windows 2000 Hotfix - KB911280

Windows 2000 Hotfix - KB913580

Windows 2000 Hotfix - KB914388

Windows 2000 Hotfix - KB914389

Windows 2000 Hotfix - KB917008

Windows 2000 Hotfix - KB917953

Windows 2000 Hotfix - KB918118

Windows 2000 Hotfix - KB920213

Windows 2000 Hotfix - KB920670

Windows 2000 Hotfix - KB920683

Windows 2000 Hotfix - KB920685

Windows 2000 Hotfix - KB921398

Windows 2000 Hotfix - KB921503

Windows 2000 Hotfix - KB922582

Windows 2000 Hotfix - KB923191

Windows 2000 Hotfix - KB923414

Windows 2000 Hotfix - KB923561

Windows 2000 Hotfix - KB923810

Windows 2000 Hotfix - KB923980

Windows 2000 Hotfix - KB924270

Windows 2000 Hotfix - KB924667

Windows 2000 Hotfix - KB925902

Windows 2000 Hotfix - KB926122

Windows 2000 Hotfix - KB926247

Windows 2000 Hotfix - KB926436

Windows 2000 Hotfix - KB927891

Windows 2000 Hotfix - KB928843

Windows 2000 Hotfix - KB930178

Windows 2000 Hotfix - KB931784

Windows 2000 Hotfix - KB933729

Windows 2000 Hotfix - KB935839

Windows 2000 Hotfix - KB935840

Windows 2000 Hotfix - KB936021

Windows 2000 Hotfix - KB937894

Windows 2000 Hotfix - KB938127

Windows 2000 Hotfix - KB938464

Windows 2000 Hotfix - KB938827

Windows 2000 Hotfix - KB938829

Windows 2000 Hotfix - KB939653

Windows 2000 Hotfix - KB941202

Windows 2000 Hotfix - KB943055

Windows 2000 Hotfix - KB943485

Windows 2000 Hotfix - KB944338

Windows 2000 Hotfix - KB945553

Windows 2000 Hotfix - KB950749

Windows 2000 Hotfix - KB950974

Windows 2000 Hotfix - KB951748

Windows 2000 Hotfix - KB951748-V2

Windows 2000 Hotfix - KB952004

Windows 2000 Hotfix - KB952954

Windows 2000 Hotfix - KB955069

Windows 2000 Hotfix - KB955759

Windows 2000 Hotfix - KB956802

Windows 2000 Hotfix - KB956844

Windows 2000 Hotfix - KB957097

Windows 2000 Hotfix - KB958470

Windows 2000 Hotfix - KB958644

Windows 2000 Hotfix - KB958687

Windows 2000 Hotfix - KB958869

Windows 2000 Hotfix - KB959426

Windows 2000 Hotfix - KB960225

Windows 2000 Hotfix - KB960803

Windows 2000 Hotfix - KB960859

Windows 2000 Hotfix - KB961501

Windows 2000 Hotfix - KB967715

Windows 2000 Hotfix - KB968537

Windows 2000 Hotfix - KB969059

Windows 2000 Hotfix - KB970238

Windows 2000 Hotfix - KB971468

Windows 2000 Hotfix - KB971961

Windows 2000 Hotfix - KB972260

Windows 2000 Hotfix - KB972270

Windows 2000 Hotfix - KB973346

Windows 2000 Hotfix - KB973507

Windows 2000 Hotfix - KB973869

Windows 2000 Hotfix - KB973904

Windows 2000 Hotfix - KB974318

Windows 2000 Hotfix - KB974392

Windows 2000 Hotfix - KB974571

Windows 2000 Hotfix - KB977914

Windows 2000 Hotfix - KB978037

Windows 2000 Hotfix - KB978542

Windows 2000 Hotfix - KB978601

Windows 2000 Hotfix - KB978706

Windows 2000 Hotfix - KB979309

Windows 2000 Hotfix - KB979482

Windows 2000 Hotfix - KB979559

Windows 2000 Hotfix - KB979683

Windows 2000 Hotfix - KB980195

Windows 2000 Hotfix - KB980218

Windows 2000 Hotfix - KB980232

Windows 2000 Hotfix - KB981350

Windows 2000 Hotfix - KB982381

Windows 2000 Hotfix (SP5) Q818043

Windows Installer 3.0 (KB884016)

Windows Installer 3.1 (KB893803)

Windows Installer Clean Up

Windows Media Player Hotfix [see Q828026 for more information]

Windows Media Player system update (9 Series)

Xerox Phaser 3200MFP

Xvid 1.2.2 final uninstall

.

==== End Of File ===========================

[raz]

Malwarebytes will not run

[Superdave]

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

What symptoms are you experiencing on your computer besides the cannot create shortcuts?

Windows 2000 is a very old OS and not too many of my tools will run on that. I would suggest an upgrade.

 

P2P - I see you have P2P software installed on your machine. BearShare, BitLord 1.1 and BitTorrent 5.0.6We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

 

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

 

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

**************************************************

Update Your Java (JRE)

 

Old versions of Java have vulnerabilities that malware can use to infect your system.

 

First Verify your Java Version

 

If there are any other version(s) installed then update now.

 

Get the new version (if needed)

 

If your version is out of date install the newest version of the Sun Java Runtime Environment.

 

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

 

Be sure to close ALL open web browsers before starting the installation.

 

Remove any old versions

 

1. Download JavaRa and unzip the file to your Desktop.

2. Open JavaRA.exe and choose Remove Older Versions

3. Once complete exit JavaRA.

 

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.

[raz]

...What symptoms are you experiencing on your computer besides the cannot create shortcuts? I really don't know the extent of the damage done by the un-install, because I cannot access the computer fully, explorer is one program that will not function.

 

Windows 2000 is a very old OS and not too many of my tools will run on that. I would suggest an upgrade.

 

P2P - I see you have P2P software ...

I do not use them anymore, haven't used them in probably more than a year.

 

Update Your Java (JRE)

 

Old versions of Java have vulnerabilities that malware can use to infect your system.

 

First Verify your Java Version

 

If there are any other version(s) installed then update now.

got the message,"Can not access windows installer...."

 

Get the new version (if needed)

 

If your version is out of date install the newest version of the Sun Java Runtime Environment.

got the message,"Can not access windows installer...."

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

 

Be sure to close ALL open web browsers before starting the installation.

 

Remove any old versions

Can't find Windows un-installer, tried IObit uninstaller got the message,"Can not access windows installer...."

[Melvin_Deal]

Hi Raz!

 

Hi Bill, do you by chance have the original Windows 2000 rescue disc??

 

Are you able to export your valuable personal files at this point? Can you access and move your pictures, documents etc. to an independent isolated drive so they can be saved? if so... do it now! Save your stuff!

 

-Mel

 

Sorry Dave, for posting on your thread. If he is able to salvage some stuff this seems like a good time to do it.

[Superdave]

Hi Bill, do you by chance have the original Windows 2000 rescue disc??

 

Are you able to export your valuable personal files at this point? Can you access and move your pictures, documents etc. to an independent isolated drive so they can be saved? if so... do it now! Save your stuff!

 

-Mel

 

Sorry Dave, for posting on your thread. If he is able to salvage some stuff this seems like a good time to do it.

I hardly think that this is an infection problem. No one is writing malware to infect Win2k. If he has his OS disk or diskettes he should reinstall his OS or upgrade to at least Windows XP.

[raz]

I hardly think that this is an infection problem. No one is writing malware to infect Win2k. If he has his OS disk or diskettes he should reinstall his OS or upgrade to at least Windows XP.

Well, even though the malware progs cleaned a few infections since, I did not have this crippling problem, before the uninstall, so... I am inclined to agree Dave.

[raz]

I do have an NT backup file from 8-21, but I believe because nothing works correctly in the system. I cannot select files, folders or drives to restore, in the backup program and if I select the backup file anyway, the backup prog says that the file is unusable.

[raz]

Can anyone please tell me about these?

 

I take it they are backups made by some section of the IObit package, but what info do they actually contain?

 

mryahc.reg 3Kb 11/14/2011

xgrjsh.reg 48Kb 11/11/2011

 

Etc.....

 

Found in the folder: H:\Documents and Settings\Administrator\Application Data\IObit\Advanced SystemCare\Backup

 

Thanks

[raz]

BTW... H: is the drive that I am trying to return to functionality.

 

It is C: when I boot from it. Doh...

[raz]

Well... my trials, tribulation, wailing, gnashing of teeth and semi-regular outbursts of foul utterances, have for the moment, passed.☺♪♪♫

 

I was saved, by a piece of software (that I had forgotten about:oops:), provided with the original OS install disks, that came with the IBM 6866s, imagine LAN - Configsafe. It had a taken snapshot, of all the vital files, I guess at its' own direction. I was able to restore the registries and other configuration files, to a few days before the disaster, in seconds. :-D Business as usual tomorrow, except I'll be a bit tired.:shock:

 

http://www.configsafe.com/configsafe/csv8.html

 

Thanks for all your help, Mel and Dave.

 

Regards,

Bill

[Superdave]

That's good news. Unfortunately, I couldn't help you very much.

[Melvin_Deal]

Hi Raz!!

 

As I was of absolutely no help... I'm glad you found a solution!!! :-D Evidently that software provides some kind of limited image of your system for emergencies just like the one you encountered! Macrium Reflect generates a complete image of your machine. Should you upgrade your OS in the near future... I highly recommend you take advantage of Macrium!

 

Best of luck!

 

-Mel

[raz]

Hey Guys and Cicely,

Many times, a software's behavior cannot be fully predicted or explained and a fix, is not always available, much less an easy one.

 

It's all good, when at least someone responds and tries to help.

 

Thanks,

Raz

[Cicely]

Hi raz,

 

We are so sorry for the troubles you have encountered and glad to hear that you have solved this issue.:grin:

 

At the same time, our engineers have developed a solution to this issue, we really hope you can help us confirm whether it works.

 

1) Please download the attached files and extract it to get Suc12_Uninstal.exe.

 

2) Please replace the original Suc12_Uninstal.exe in program files of Advanced SystemCare 5.

 

Usual path: C:\Program Files\IObit\Advanced SystemCare 5 or C:\Program Files (x86)\IObit\Advanced SystemCare 5

 

3) Please uninstall the Google toolbar again with IObit Uninstaller as before, then Please help us to see whether the issue is reproduced or not.

 

Thanks in advance!!!

Suc12_Uninstal.rar