Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop running slow - Windows explorer failing [Solved]


  • This topic is locked This topic is locked

#16
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Download Windows Repair (all in one) from this site

Install the program then run

Go to step 2 and allow it to run Disc check
Posted Image

Once that is done then go to step 3 and allow it to run SFC
Posted Image

On the start repairs tab select advanced mode and click start
Posted Image

Select the items below (remove the ticks from the rest ) and tick restart system when finished
Reset Registry permisions
reset File permisions
repair WMI
repair windows firewall
repair internet explorer
remove policies set by infection
repair winsock & DNS cache
remove temp files
repair proxy settings
repair windows update
  • 0

Advertisements


#17
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
SO here's an update as to whats been going on. I was able to get the first two steps of the latest process done. I did the check disk thing on step 2 of the program you had me install. And I did the step 3 system file check. After that, whenever I booted up the computer normally I would be met with a black screen. No background image nothing. I was finally able to get step 4 down but now whenever I start the computer I have about 10 - 15 secs before Windows Explorer fails. It's almost as if where back to phase 1. The windows bar on the bottom of the computer shows up now at least. But I cant do anything on the computer. Should I go back and try one of your earlier steps now, or should I be trying something new?

Edited by FutureWoWplayer, 12 November 2012 - 03:14 PM.

  • 0

#18
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Bumping to the top.
  • 0

#19
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello FutureWoWplayer



Please download Kaspersky Virus Removal Tool and SAVE it to your desktop

  • Right click and run as admin (xp please double click to run)
  • select lang
  • accept the license aggreement
  • click on settings (gear looking thing on the right)
  • put check mark in
    • system memory
      hidden objects
      disk boot sectors
      computer
  • go back to automatic scan
  • click on start scan
  • For this scan select skip for anything found
  • when the scan is complete click on the report button (looks like a peace of paper on the right of the gear looking thing)
  • on the left you will see
    status
    Detected threats<-- click on this one
    automatic Scan report
    Manual disinfection report
  • click on the save button
    save to a location that you can find it ( default is in the document folder)
  • copy and paste this report in your next post

  • 0

#20
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
I can't get on the computer long enough to run the scan you asked for. Whenever I start up the computer, I type in my password and it takes a long time to load up. Once it does, Windows Explorer immediately fails. I get a message window that says:

Windows Explorer has failed, restarting program
(Then there is a progress bar below this message that just goes forever)

At this point the if I hit ctrl+alt+delete to start the task manager to try and run the internet, the task manager fails. I click on new task and nothing happens. Then it says Windows Taks Manager (Not responding)

If I hold the power but down the computer shuts off, and when I click the power button again to turn the computer back on, it gives me the option to start in safe mode. But that's about as far as I can get. I've been having to post from my girlfriends computer the last few post cause I can't do anything on my computer.

Edited by FutureWoWplayer, 13 November 2012 - 04:10 AM.

  • 0

#21
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Bumping to the top again
  • 0

#22
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Bumping to the top
  • 0

#23
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Sorry for not responding sooner just needed some time to go thru the topic and come up with a plan



I want you to try and do a system restore to befor we ran CCleaner


gringo
  • 0

#24
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
How do I go about doing that if I can't access anything on the computer? The computer locks up on me as soon as I start it up. I can't access the task manager, control panel, nothing.

From doing a little research online I have the Windows Explorer restarting loop. The main problem that I am having now, over everyone else is I can't boot up the system in safe mode or normal mode to run anything. I can't get a command prompt window cause windows explorer fails before I can open it up. New task in the task manager isn't working either so I feel like I'm sorta screwed

Edited by FutureWoWplayer, 15 November 2012 - 03:37 PM.

  • 0

#25
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
ello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.

[*]First Press the Scan button.
[*]It will make a log (FRST.txt)

[*]Second Type the following in the edit box after "Search:". services.exe
[*]Click the Search button
[*]It will make a log (Search.txt)
[/list]
I want you to poste Both the FRST.txt report and the Search.txt into your reply to me

Gringo
  • 0

Advertisements


#26
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Here are the two reports you asked for. I apologize if it seems like I'm frustrated, but I've never had this kind of problem on my computer before and it's frustrating to me. I appreciate the help I do.

Frst.txt report:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2012
Ran by SYSTEM at 15-11-2012 17:33:41
Running from C:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

Tcpip\Parameters: [DhcpNameServer] 66.60.130.158

==================== Services (Whitelisted) ===================


==================== Drivers (Whitelisted) =====================

3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-15 17:33 - 2012-11-15 17:33 - 00000000 ____D C:\FRST
2012-11-13 01:34 - 2012-11-13 01:34 - 00000000 __SHD C:\found.003
2012-11-11 19:07 - 2012-11-11 19:07 - 00275096 ____A C:\Windows\Minidump\111112-16270-01.dmp
2012-11-11 14:28 - 2012-11-11 14:28 - 00019549 ____A C:\ComboFix.txt
2012-11-10 10:57 - 2008-05-07 22:03 - 00303616 ____A ( ) C:\SetACL.exe
2012-11-10 10:41 - 2004-06-11 16:33 - 00290304 ____A (Microsoft Corporation) C:\subinacl.exe
2012-11-10 03:49 - 2012-11-10 03:49 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-11-10 03:48 - 2012-11-10 03:48 - 05345318 ____A C:\Users\Dr. Grouch\Downloads\tweaking.com_windows_repair_aio_setup.exe
2012-11-10 03:48 - 2012-11-10 03:48 - 00002298 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-11-10 03:48 - 2012-11-10 03:48 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2012-11-10 03:41 - 2012-11-10 03:41 - 00001912 ____A C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2012-11-10 03:41 - 2012-11-10 03:41 - 00000020 ____A C:\Windows\reimage.ini
2012-11-10 03:41 - 2012-11-10 03:41 - 00000000 ____D C:\rei
2012-11-10 03:41 - 2012-11-10 03:41 - 00000000 ____D C:\Program Files\Reimage
2012-11-10 03:40 - 2012-11-10 03:40 - 00626712 ____A (Reimage®) C:\Users\Dr. Grouch\Downloads\ReimageRepair.exe
2012-11-09 20:44 - 2012-11-09 20:46 - 00015784 ____A C:\Users\Dr. Grouch\Downloads\SystemLook.txt
2012-11-09 20:44 - 2012-11-09 20:44 - 00165376 ____A C:\Users\Dr. Grouch\Downloads\SystemLook_x64.exe
2012-11-09 04:03 - 2012-11-09 04:03 - 00000833 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-11-09 04:03 - 2012-11-09 04:03 - 00000000 ____D C:\Program Files\CCleaner
2012-11-09 04:01 - 2012-11-09 04:02 - 04011968 ____A (Piriform Ltd) C:\Users\Dr. Grouch\Downloads\ccsetup324.exe
2012-11-09 03:57 - 2012-11-09 03:57 - 00000000 ____D C:\Users\All Users\Sun
2012-11-09 03:53 - 2012-11-09 03:52 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-11-09 03:53 - 2012-11-09 03:52 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-11-09 03:53 - 2012-11-09 03:52 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-11-09 03:52 - 2012-11-09 03:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-11-09 03:52 - 2012-11-09 03:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-11-09 03:52 - 2012-11-09 03:52 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-11-09 03:52 - 2012-11-09 03:52 - 00000000 ____D C:\Program Files (x86)\Java
2012-11-09 03:51 - 2012-11-09 03:51 - 00000000 ____D C:\Users\All Users\McAfee
2012-11-09 03:50 - 2012-11-09 03:50 - 00895464 ____A (Oracle Corporation) C:\Users\Dr. Grouch\Downloads\chromeinstall-7u9.exe
2012-11-09 03:45 - 2012-11-09 03:45 - 00002030 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2012-11-09 03:45 - 2012-11-09 03:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-11-09 03:19 - 2012-11-09 03:19 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dr. Grouch\Downloads\revosetup.exe
2012-11-09 03:19 - 2012-11-09 03:19 - 00014639 ____A C:\Users\Dr. Grouch\Desktop\start_freeware_download.html
2012-11-09 03:19 - 2012-11-09 03:19 - 00001275 ____A C:\Users\Dr. Grouch\Desktop\Revo Uninstaller.lnk
2012-11-09 03:19 - 2012-11-09 03:19 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-11-08 04:59 - 2012-11-11 14:28 - 00000000 ____D C:\Qoobox
2012-11-08 04:59 - 2012-11-08 05:10 - 00000000 ____D C:\Windows\erdnt
2012-11-08 04:59 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-11-08 04:59 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-11-08 04:59 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-11-08 04:59 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-11-08 04:59 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-11-08 04:59 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-11-08 04:59 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-11-08 04:59 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-11-08 04:58 - 2012-11-11 14:19 - 05000000 ____R (Swearware) C:\Users\Dr. Grouch\Desktop\ComboFix.exe
2012-11-08 00:42 - 2012-11-08 00:43 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (4).exe
2012-11-08 00:38 - 2012-11-08 00:38 - 00000884 ____A C:\AdwCleaner[S1].txt
2012-11-08 00:37 - 2012-11-08 00:37 - 00541569 ____A C:\Users\Dr. Grouch\Downloads\adwcleaner (1).exe
2012-11-08 00:36 - 2012-11-08 00:36 - 00541569 ____A C:\Users\Dr. Grouch\Downloads\adwcleaner.exe
2012-11-07 17:32 - 2012-11-07 17:32 - 00688901 ____R (Swearware) C:\Users\Dr. Grouch\Downloads\dds.com
2012-11-07 17:07 - 2012-11-07 17:07 - 00881833 ____A C:\Users\Dr. Grouch\Downloads\SecurityCheck.exe
2012-11-07 17:04 - 2012-11-07 17:04 - 00050477 ____A C:\Users\Dr. Grouch\Downloads\Defogger.exe
2012-11-07 17:04 - 2012-11-07 17:04 - 00000482 ____A C:\Users\Dr. Grouch\Downloads\defogger_disable.log
2012-11-07 17:04 - 2012-11-07 17:04 - 00000000 ____A C:\Users\Dr. Grouch\defogger_reenable
2012-11-07 01:07 - 2012-11-07 01:07 - 00602112 ____A (OldTimer Tools) C:\Users\Dr. Grouch\Downloads\OTL.exe
2012-11-07 00:54 - 2012-11-07 00:54 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (3).exe
2012-11-07 00:53 - 2012-11-07 00:53 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (2).exe
2012-11-07 00:52 - 2012-11-07 00:52 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (1).exe
2012-11-07 00:51 - 2012-11-07 00:51 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller.exe
2012-11-07 00:34 - 2012-11-07 00:34 - 00000000 ____D C:\found.002
2012-11-06 23:49 - 2012-11-06 23:49 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Roaming\Malwarebytes
2012-11-06 23:48 - 2012-11-06 23:48 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-06 23:46 - 2012-11-06 23:46 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Dr. Grouch\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-06 21:07 - 2012-11-06 21:07 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Roaming\SUPERAntiSpyware.com
2012-11-06 21:00 - 2012-11-06 21:01 - 21636096 ____A (SUPERAntiSpyware.com) C:\Users\Dr. Grouch\Downloads\SUPERAntiSpyware (1).exe
2012-11-06 21:00 - 2012-11-06 21:00 - 21636096 ____A (SUPERAntiSpyware.com) C:\Users\Dr. Grouch\Downloads\SUPERAntiSpyware.exe
2012-11-06 20:52 - 2012-11-06 20:52 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-06 02:18 - 2012-11-06 02:18 - 00282808 ____A C:\Windows\Minidump\110612-24070-01.dmp
2012-10-18 22:22 - 2012-10-18 22:26 - 00000000 ____D C:\1f3e828dfe29d330bc9e292698cde4dc

==================== One Month Modified Files and Folders =======

2012-11-15 14:22 - 2009-07-13 21:13 - 00728982 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-15 14:21 - 2009-07-13 20:51 - 00036651 ____A C:\Windows\setupact.log
2012-11-15 13:49 - 2012-10-14 17:23 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Local\CrashDumps
2012-11-15 13:49 - 2010-07-18 17:28 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-15 13:47 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-15 13:28 - 2010-07-18 17:28 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-13 01:34 - 2012-11-13 01:34 - 00000000 __SHD C:\found.003
2012-11-13 01:30 - 2011-03-19 08:16 - 01432145 ____A C:\Windows\WindowsUpdate.log
2012-11-11 19:35 - 2009-07-13 21:08 - 00027228 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-11 19:17 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-11 19:15 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-11 19:07 - 2012-11-11 19:07 - 00275096 ____A C:\Windows\Minidump\111112-16270-01.dmp
2012-11-11 19:07 - 2012-10-14 19:48 - 00000000 ____D C:\Windows\Minidump
2012-11-11 19:07 - 2012-10-14 09:44 - 309435412 ____A C:\Windows\MEMORY.DMP
2012-11-11 18:53 - 2011-03-19 08:59 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Local\Apps\2.0
2012-11-11 14:33 - 2010-07-18 17:36 - 00233556 ____A C:\Windows\PFRO.log
2012-11-11 14:28 - 2012-11-11 14:28 - 00019549 ____A C:\ComboFix.txt
2012-11-11 14:28 - 2012-11-08 04:59 - 00000000 ____D C:\Qoobox
2012-11-11 14:26 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2012-11-11 14:19 - 2012-11-08 04:58 - 05000000 ____R (Swearware) C:\Users\Dr. Grouch\Desktop\ComboFix.exe
2012-11-10 11:50 - 2009-07-13 20:45 - 00280560 ____A C:\Windows\System32\FNTCACHE.DAT
2012-11-10 10:59 - 2011-03-22 16:25 - 00727334 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-11-10 03:49 - 2012-11-10 03:49 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2012-11-10 03:48 - 2012-11-10 03:48 - 05345318 ____A C:\Users\Dr. Grouch\Downloads\tweaking.com_windows_repair_aio_setup.exe
2012-11-10 03:48 - 2012-11-10 03:48 - 00002298 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2012-11-10 03:48 - 2012-11-10 03:48 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2012-11-10 03:41 - 2012-11-10 03:41 - 00001912 ____A C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2012-11-10 03:41 - 2012-11-10 03:41 - 00000020 ____A C:\Windows\reimage.ini
2012-11-10 03:41 - 2012-11-10 03:41 - 00000000 ____D C:\rei
2012-11-10 03:41 - 2012-11-10 03:41 - 00000000 ____D C:\Program Files\Reimage
2012-11-10 03:40 - 2012-11-10 03:40 - 00626712 ____A (Reimage®) C:\Users\Dr. Grouch\Downloads\ReimageRepair.exe
2012-11-09 20:46 - 2012-11-09 20:44 - 00015784 ____A C:\Users\Dr. Grouch\Downloads\SystemLook.txt
2012-11-09 20:44 - 2012-11-09 20:44 - 00165376 ____A C:\Users\Dr. Grouch\Downloads\SystemLook_x64.exe
2012-11-09 04:03 - 2012-11-09 04:03 - 00000833 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-11-09 04:03 - 2012-11-09 04:03 - 00000000 ____D C:\Program Files\CCleaner
2012-11-09 04:02 - 2012-11-09 04:01 - 04011968 ____A (Piriform Ltd) C:\Users\Dr. Grouch\Downloads\ccsetup324.exe
2012-11-09 03:57 - 2012-11-09 03:57 - 00000000 ____D C:\Users\All Users\Sun
2012-11-09 03:52 - 2012-11-09 03:53 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-11-09 03:52 - 2012-11-09 03:53 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-11-09 03:52 - 2012-11-09 03:53 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-11-09 03:52 - 2012-11-09 03:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-11-09 03:52 - 2012-11-09 03:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-11-09 03:52 - 2012-11-09 03:52 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-11-09 03:52 - 2012-11-09 03:52 - 00000000 ____D C:\Program Files (x86)\Java
2012-11-09 03:51 - 2012-11-09 03:51 - 00000000 ____D C:\Users\All Users\McAfee
2012-11-09 03:50 - 2012-11-09 03:50 - 00895464 ____A (Oracle Corporation) C:\Users\Dr. Grouch\Downloads\chromeinstall-7u9.exe
2012-11-09 03:48 - 2010-07-18 17:28 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-09 03:45 - 2012-11-09 03:45 - 00002030 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2012-11-09 03:45 - 2012-11-09 03:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-11-09 03:24 - 2011-03-29 08:25 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Local\Adobe
2012-11-09 03:19 - 2012-11-09 03:19 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dr. Grouch\Downloads\revosetup.exe
2012-11-09 03:19 - 2012-11-09 03:19 - 00014639 ____A C:\Users\Dr. Grouch\Desktop\start_freeware_download.html
2012-11-09 03:19 - 2012-11-09 03:19 - 00001275 ____A C:\Users\Dr. Grouch\Desktop\Revo Uninstaller.lnk
2012-11-09 03:19 - 2012-11-09 03:19 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-11-08 14:16 - 2010-07-18 17:28 - 00000000 ____D C:\Program Files\Google
2012-11-08 14:16 - 2010-07-18 17:28 - 00000000 ____D C:\Program Files (x86)\Google
2012-11-08 05:10 - 2012-11-08 04:59 - 00000000 ____D C:\Windows\erdnt
2012-11-08 04:49 - 2011-03-22 08:42 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Local\Google
2012-11-08 04:48 - 2011-03-19 08:37 - 00000000 ____D C:\Users\All Users\Norton
2012-11-08 00:43 - 2012-11-08 00:42 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (4).exe
2012-11-08 00:38 - 2012-11-08 00:38 - 00000884 ____A C:\AdwCleaner[S1].txt
2012-11-08 00:37 - 2012-11-08 00:37 - 00541569 ____A C:\Users\Dr. Grouch\Downloads\adwcleaner (1).exe
2012-11-08 00:36 - 2012-11-08 00:36 - 00541569 ____A C:\Users\Dr. Grouch\Downloads\adwcleaner.exe
2012-11-07 17:32 - 2012-11-07 17:32 - 00688901 ____R (Swearware) C:\Users\Dr. Grouch\Downloads\dds.com
2012-11-07 17:07 - 2012-11-07 17:07 - 00881833 ____A C:\Users\Dr. Grouch\Downloads\SecurityCheck.exe
2012-11-07 17:04 - 2012-11-07 17:04 - 00050477 ____A C:\Users\Dr. Grouch\Downloads\Defogger.exe
2012-11-07 17:04 - 2012-11-07 17:04 - 00000482 ____A C:\Users\Dr. Grouch\Downloads\defogger_disable.log
2012-11-07 17:04 - 2012-11-07 17:04 - 00000000 ____A C:\Users\Dr. Grouch\defogger_reenable
2012-11-07 17:04 - 2011-03-19 08:56 - 00000000 ____D C:\users\Dr. Grouch
2012-11-07 01:07 - 2012-11-07 01:07 - 00602112 ____A (OldTimer Tools) C:\Users\Dr. Grouch\Downloads\OTL.exe
2012-11-07 00:54 - 2012-11-07 00:54 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (3).exe
2012-11-07 00:53 - 2012-11-07 00:53 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (2).exe
2012-11-07 00:52 - 2012-11-07 00:52 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller (1).exe
2012-11-07 00:51 - 2012-11-07 00:51 - 00662016 ____A C:\Users\Dr. Grouch\Downloads\RogueKiller.exe
2012-11-07 00:34 - 2012-11-07 00:34 - 00000000 ____D C:\found.002
2012-11-06 23:49 - 2012-11-06 23:49 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Roaming\Malwarebytes
2012-11-06 23:48 - 2012-11-06 23:48 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-06 23:46 - 2012-11-06 23:46 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Dr. Grouch\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-06 21:07 - 2012-11-06 21:07 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Roaming\SUPERAntiSpyware.com
2012-11-06 21:01 - 2012-11-06 21:00 - 21636096 ____A (SUPERAntiSpyware.com) C:\Users\Dr. Grouch\Downloads\SUPERAntiSpyware (1).exe
2012-11-06 21:00 - 2012-11-06 21:00 - 21636096 ____A (SUPERAntiSpyware.com) C:\Users\Dr. Grouch\Downloads\SUPERAntiSpyware.exe
2012-11-06 20:52 - 2012-11-06 20:52 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-06 20:52 - 2012-02-21 19:55 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-06 02:18 - 2012-11-06 02:18 - 00282808 ____A C:\Windows\Minidump\110612-24070-01.dmp
2012-11-06 01:59 - 2011-03-22 16:26 - 00000000 ____D C:\Users\Dr. Grouch\AppData\Roaming\SoftGrid Client
2012-10-18 22:26 - 2012-10-18 22:22 - 00000000 ____D C:\1f3e828dfe29d330bc9e292698cde4dc


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 2810.9 MB
Available physical RAM: 2322.93 MB
Total Pagefile: 2809.05 MB
Available Pagefile: 2308.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (TI105949W0C) (Fixed) (Total:286.57 GB) (Free:253.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (TRAVELDRIVE) (Removable) (Total:3.6 GB) (Free:0.74 GB) FAT32

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 3696 MB 0 B
Disk 2 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 286 GB 1501 MB
Partition 3 Primary 10 GB 288 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E System NTFS Partition 1500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI105949W0C NTFS Partition 286 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3692 MB 4032 KB

==================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 Y TRAVELDRIVE FAT32 Removable 3692 MB Healthy

=========================================================

Last Boot: 2012-06-22 21:02

==================== End Of Log =============================

Search.txt report:

Farbar Recovery Scan Tool (x64) Version: 12-11-2012
Ran by SYSTEM at 2012-11-15 17:35:48
Running from C:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\erdnt\cache64\services.exe
[2012-11-08 05:11] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

====== End Of Search ======
  • 0

#27
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


before I try anything I still want you to try and use system restore you can access it from the system recovery options


Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select System Restore
[/list]
  • 0

#28
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
I kept the computer on the System Recovery options from the last test. When I click on system restore I got the message:

There was an unexpected error:

The system cannot find the specified. (0x80070002)

Please close System Restore and try again.

I clicked ok and shut down the system.

I got back to the System Recovery Options again by hitting F8

When I click on System restore again another window popped up saying:

No restore points have been created on your computer's system drive. To create a restore point open System Protection.

I can click on System Protection and when I do I get a message that says:

Your computer is running in a limited diagnostic state. If you use System Restore in this limited state, you cannot undo the restore operation.

I click okay, but the next button is grayed out.

I can click cancel and it take me back to the System Recovery Options but that's how far I can get with the System restore.
  • 0

#29
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flash drive as fixlist.txt

Last Boot: 2012-06-22 21:02 


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flash drive (Fixlog.txt) please post it to your reply.

Gringo[/b]
  • 0

#30
FutureWoWplayer

FutureWoWplayer

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Here is the fixlog I got from running Frst64:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-11-2012
Ran by SYSTEM at 2012-11-15 22:35:15 Run:1
Running from G:\

==============================================

DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.

==== End of Fixlog ====
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP