System Restore window "PC Performance & Stability analysis rep
Started by
maezhou
, Oct 22 2011 03:20 AM
#46
Posted 24 October 2011 - 11:59 AM
#47
Posted 24 October 2011 - 12:10 PM
Nothing's happened so far.
#48
Posted 24 October 2011 - 12:55 PM
OK try the other programme now.
At this stage it may be advisable to back up all your important data and be prepared for a reinstall
At this stage it may be advisable to back up all your important data and be prepared for a reinstall
#49
Posted 24 October 2011 - 01:00 PM
I don't think i'm up for that. Any other possible solution where there's no need to reinstall applications/files?
#50
Posted 24 October 2011 - 01:12 PM
There is a repair install option - but if you are game we will try to fix it
#51
Posted 24 October 2011 - 01:27 PM
I don't have hard drive with me right now (i'm at work) where I can store my files for back-up. I'll do it once I got back home.
If ever, will it affect applications? Or files and documents only? Files and documents are fine. It's the applications i'm worried about.
I have a VPN connected for work, which I'm afraid will be the most problematic if it will be reinstalled.
If ever, will it affect applications? Or files and documents only? Files and documents are fine. It's the applications i'm worried about.
I have a VPN connected for work, which I'm afraid will be the most problematic if it will be reinstalled.
#52
Posted 24 October 2011 - 01:38 PM
Applications will need to be re-installed but files and documents will be safe
But lets see what rootkit revealer finds first
But lets see what rootkit revealer finds first
#53
Posted 24 October 2011 - 02:16 PM
OK. Thanks. I'll get back once I've stored my files to the external hard drive.
#54
Posted 25 October 2011 - 09:57 AM
Hi Essexboy, just an update, I was just able to start copying files to external hard drive this morning. I have tons of files on my machine. It says copying will be done in 4 hours! So I just leave it at home doing the file transfers.
#55
Posted 25 October 2011 - 12:25 PM
Good it is always usefull to have a backup in case something untoward occurs
Once done we shall see what rootkit revealer finds
Once done we shall see what rootkit revealer finds
#56
Posted 25 October 2011 - 02:16 PM
Thing is I will be out of town from tomorrow until this weekend. I can't be able to bring my laptop with me. I will be back Monday. So do I have to PM you to reactivate this?
#57
Posted 25 October 2011 - 02:39 PM
Only if I inadvertently close it, but I shouldn't unless I have a senior moment
#58
Posted 01 November 2011 - 08:07 PM
Hi there, i'm back. Hopefully, will be able to fix this. Keeping my fingers crossed. I'm going to run rookitrevealer in a short while.
#59
Posted 01 November 2011 - 10:03 PM
RookitReveler was not able to complete scanning. It encountered an error on CMD.EXE -- not sure if it's CMD.EXE though. I thought I was able to take a screenshot of the error message, but turned out that I was not able to. And I was not able to take note of the error message.
Should I do it again?
Anyways, here's the TXT report:
HKU\S-1-5-21-2528014064-590018410-3601204245-1000\console_combofixbackup 10/22/2011 2:29 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN 3/25/2011 11:51 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping 3/25/2011 11:51 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client 11/2/2006 5:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener 11/2/2006 5:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin 3/25/2011 11:51 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service 11/2/2006 5:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS 10/15/2008 1:36 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell 10/15/2008 1:36 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009 11/2/2006 3:33 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C041448-C69A-4D8B-A774-4F3948997407}\DynamicInfo 11/1/2011 7:25 PM 28 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Swearware\backup\winsock2 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries 10/23/2011 3:46 PM 0 bytes Security mismatch.
Should I do it again?
Anyways, here's the TXT report:
HKU\S-1-5-21-2528014064-590018410-3601204245-1000\console_combofixbackup 10/22/2011 2:29 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN 3/25/2011 11:51 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping 3/25/2011 11:51 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client 11/2/2006 5:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener 11/2/2006 5:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin 3/25/2011 11:51 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service 11/2/2006 5:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS 10/15/2008 1:36 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell 10/15/2008 1:36 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009 11/2/2006 3:33 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C041448-C69A-4D8B-A774-4F3948997407}\DynamicInfo 11/1/2011 7:25 PM 28 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Swearware\backup\winsock2 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9 10/23/2011 3:46 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries 10/23/2011 3:46 PM 0 bytes Security mismatch.
Edited by maezhou, 01 November 2011 - 10:04 PM.
#60
Posted 02 November 2011 - 12:45 PM
This is being a bit of a cuss - OK could you run me a fresh OTL scan please ensuring all users is selected. There will be just one log this time
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users