wicked infection desktop icons gone

[SuperDave]

Please download MiniToolBox to Desktop and run it.



Checkmark the following boxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• List content of Hosts
• List IP Configuration
• Lst Last 10 Event Viewer Errors
• List Users, Partitions and Memory Size
[/b]

Click Go and copy/paste the log (Result.txt) into your next post.

[trynfix]

this is what i got:


MiniToolBox by Farbar  Version:21-04-2013
Ran by Sherra (administrator) on 12-06-2013 at 15:06:06
Running from "C:\Users\Sherra\Desktop"
Windows Vista (TM) Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Gwen
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
  1 ........................... Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2013 03:00:43 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/12/2013 03:00:43 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/10/2013 09:45:30 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/10/2013 09:45:30 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/09/2013 11:16:01 PM) (Source: Application Error) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module rvrender.dll, version 10.0.1.64, time stamp 0x4775b667, exception code 0xc0000005, fault offset 0x0000c472,
process id 0x%9, application start time 0xExplorer.EXE0.

Error: (06/09/2013 09:49:19 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (06/09/2013 09:14:29 PM) (Source: Application Error) (User: )
Description: Faulting application dvdmaker.exe, version 6.0.6002.18005, time stamp 0x49e02385, faulting module mcspmpeg.ax, version 1.0.1.3, time stamp 0x428b56aa, exception code 0xc0000005, fault offset 0x000027d0,
process id 0x1278, application start time 0xdvdmaker.exe0.

Error: (06/09/2013 08:41:10 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/09/2013 08:41:09 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/09/2013 11:14:07 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{A304A585-4E0E-4796-8F22-4B08496CD985}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (04/11/2009 08:20:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 219474 seconds with 3720 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-06-09 21:43:51.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Webroot\Spy Sweeper\WRSS\i386\SSIDRV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 21:43:49.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Webroot\Spy Sweeper\WRSS\i386\SSIDRV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 21:43:47.422
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Webroot\Spy Sweeper\WRSS\i386\SSIDRV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 21:43:45.449
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Webroot\Spy Sweeper\WRSS\i386\SSIDRV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 09:38:41.911
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 09:38:40.065
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 09:38:38.276
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 09:38:36.319
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 09:38:34.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-09 09:38:32.662
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.


========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 2941.76 MB
Available physical RAM: 1853.7 MB
Total Pagefile: 6092 MB
Available Pagefile: 5110.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.85 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:454.81 GB) (Free:54.36 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.95 GB) (Free:5.2 GB) NTFS
4 Drive f: (HTC Sync Manager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
8 Drive j: (BABY_CAN_READ_VOL_1) (CDROM) (Total:1.63 GB) (Free:0 GB) UDF
10 Drive l: (CDROM) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\GWEN

Administrator            Guest                    Sherra                   


**** End of log ****


[recovering disk space, attachment deleted by admin]

[SuperDave]

Please download Farbar Service Scanner and run it on the computer with the issue.

• Press "Scan".
  
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

[trynfix]

there were several options to select.  i chose internet services, of course and got this :


Farbar Service Scanner Version: 31-05-2013 01
Ran by Sherra (administrator) on 12-06-2013 at 18:54:00
Running from "C:\Users\Sherra\Desktop"
Windows Vista (TM) Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error.
Attempt to access Yahoo.com returned error: Other errors


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



[recovering disk space, attachment deleted by admin]

[SuperDave]

A couple of things to try.

Make sure, your computer is set to obtain IP address automatically.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol (TCP/IP), make sure it is checked, and then click Properties
6. Click Obtain an IP Address Automatically, and then click OK.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Restart computer.

[trynfix]

Ok.  I tried that.  Here's the thing,  my computer does not show the lan connection.  I tried putting in the commands into the command prompt.  When I got to ipconfig /release, I got the following message: the operation failed as no adapter is in the state permissible for this operation.  I got the same message for the ipconfig /renew.

[trynfix]

Another thing to mention, the items under the network adapters in the device manager all have the yellow triangle with the exclamation mark inside.  Those items include 6TO4 adapter, Microsoft 6to4 adapters #10, #21, #50, #127, #14, #18, #194, #7, nvidia nforce networking controller, wan miniports (ipv6), (ip), (l2tp), (network monitor), (pppoe), (pptp), and (sstp).

[SuperDave]

the operation failed as no adapter is in the state permissible for this operation. 

The problem is probably with your network card. You may need to try a new one.

[trynfix]

Ok. I will get another and get back to you.  In the meantime, do you know what I can try for my start menu items and my desktop icons?  Again, i do appreciate your help.

[trynfix]

Hey Dave, I wanted to ask.  I was about to start ordering a new network card and upon doing the research on the card I have, I came across some suggestions.  It seems that antivirus/anti-malware, etc software can cause issues with the network drivers and registries.  What do you think of this? Are you familiar with this? I've seen where some people advise to reinstall the drivers.  The yellow exclamation mark comes with error code 31.  Which says: "This driver is not working properly because Windows cannot load the drivers required for this device."

[SuperDave]

It seems that antivirus/anti-malware, etc software can cause issues with the network drivers and registries.  What do you think of this? Are you familiar with this? I've seen where some people advise to reinstall the drivers.  The yellow exclamation mark comes with error code 31.  Which says: "This driver is not working properly because Windows cannot load the drivers required for this device."

That's true but you usually won't get this warning: (the operation failed as no adapter is in the state permissible for this operation.) In fact, you get no warning at all; just no connection. As for the drivers part, you can try re-loading the drivers before ordering the network card.