Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Recovery; Post removal help


  • Please log in to reply
No replies to this topic

#1 BoloPM

BoloPM

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 14 June 2011 - 02:34 PM

First I want to thank everyone for the help you have posted regarding the Windows 7 Recovery Virus. I was able to remove this virus with malwarebytes, but as a result, now have a black desktop background and missing files (that aren't really missing) in the Start Up menu.

I followed the directions that were given in another thread recently, and copied the necessary items into the start up menu folder, but nothing has changed.

I wasn't able to run RKUnhookerLE.
Here is the error I got:

Exception code : 0xC0000005
Instruction address : 0x00402EAA
Attempt to read at address : 0xFFFFFFFF


Please help, and thank you in advance!


C:\Users\BRENDA~1\AppData\Local\Temp\smtmp - Parameters: "/s"

---Files---
None found.

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1 d------ [03:00 14/06/2011]
Default Programs.lnk ------- 1282 bytes [05:01 14/07/2009] [05:01 14/07/2009]
desktop.ini --ahs-- 442 bytes [04:49 14/07/2009] [05:01 14/07/2009]
My Identity Protection.url --a---- 224 bytes [20:10 03/06/2011] [20:10 03/06/2011]
PhotoStage.lnk ------- 2074 bytes [20:03 03/06/2011] [20:03 03/06/2011]
Windows Update.lnk ------- 1266 bytes [04:49 14/07/2009] [04:49 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs d------ [03:00 14/06/2011]
Adobe Reader 9.lnk --a---- 2441 bytes [19:57 03/06/2011] [19:57 03/06/2011]
Apple Software Update.lnk --a---- 2519 bytes [02:06 12/06/2011] [02:06 12/06/2011]
Dell Help Documentation.lnk --a---- 1979 bytes [21:02 11/06/2011] [21:02 11/06/2011]
desktop.ini --ahs-- 1748 bytes [04:54 14/07/2009] [20:24 03/06/2011]
Media Center.lnk --a---- 1345 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Microsoft Default Manager.lnk --a---- 1382 bytes [20:10 03/06/2011] [20:10 03/06/2011]
Microsoft Office 2010.lnk --a---- 2435 bytes [20:02 03/06/2011] [20:02 03/06/2011]
Mozilla Firefox.lnk --a---- 1156 bytes [22:16 11/06/2011] [22:16 11/06/2011]
Sidebar.lnk --a---- 1330 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Windows Anytime Upgrade.lnk --a---- 1352 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Windows DVD Maker.lnk --a---- 1326 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Windows Fax and Scan.lnk --a---- 1210 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Windows Live Mail.lnk --a---- 1460 bytes [20:07 03/06/2011] [20:07 03/06/2011]
Windows Live Messenger.lnk --a---- 2488 bytes [20:07 03/06/2011] [20:07 03/06/2011]
Windows Live Movie Maker.lnk --a---- 1307 bytes [20:07 03/06/2011] [20:07 03/06/2011]
Windows Live Photo Gallery.lnk --a---- 1376 bytes [20:07 03/06/2011] [20:07 03/06/2011]
Windows Media Player.lnk --a---- 1547 bytes [04:57 14/07/2009] [20:24 03/06/2011]
XPS Viewer.lnk --a---- 1246 bytes [04:57 14/07/2009] [04:57 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Accessories d------ [03:00 14/06/2011]
Calculator.lnk --a---- 1230 bytes [04:55 14/07/2009] [04:55 14/07/2009]
Desktop.ini --ahs-- 1726 bytes [02:36 14/07/2009] [21:46 03/06/2011]
displayswitch.lnk --a---- 1266 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Math Input Panel.lnk --a---- 1364 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Mobility Center.lnk --a---- 1238 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Paint.lnk --a---- 1242 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Remote Desktop Connection.lnk --a---- 1367 bytes [04:53 14/07/2009] [04:53 14/07/2009]
Snipping Tool.lnk --a---- 1272 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Sound Recorder.lnk --a---- 1330 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Sticky Notes.lnk --a---- 1351 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Sync Center.lnk --a---- 1254 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Welcome Center.lnk --a---- 1579 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Wordpad.lnk --a---- 1322 bytes [04:54 14/07/2009] [04:54 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility d------ [03:00 14/06/2011]
Desktop.ini --ahs-- 370 bytes [02:36 14/07/2009] [04:57 14/07/2009]
Speech Recognition.lnk --a---- 1388 bytes [04:57 14/07/2009] [04:57 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools d------ [03:00 14/06/2011]
Character Map.lnk --a---- 1248 bytes [04:55 14/07/2009] [04:55 14/07/2009]
Desktop.ini --ahs-- 1338 bytes [02:36 14/07/2009] [04:57 14/07/2009]
dfrgui.lnk --a---- 1290 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Disk Cleanup.lnk --a---- 1252 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Resource Monitor.lnk --a---- 1242 bytes [04:53 14/07/2009] [04:53 14/07/2009]
System Information.lnk --a---- 1250 bytes [04:53 14/07/2009] [04:53 14/07/2009]
System Restore.lnk --a---- 1246 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Task Scheduler.lnk --a---- 1268 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Windows Easy Transfer Reports.lnk --a---- 1320 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Windows Easy Transfer.lnk --a---- 1316 bytes [04:57 14/07/2009] [04:57 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC d------ [03:00 14/06/2011]
Desktop.ini --ahs-- 343 bytes [07:44 14/07/2009] [21:46 03/06/2011]
ShapeCollector.lnk --a---- 1436 bytes [21:46 03/06/2011] [21:46 03/06/2011]
TabTip.lnk --a---- 1386 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Windows Journal.lnk --a---- 1316 bytes [21:46 03/06/2011] [21:46 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell d------ [03:00 14/06/2011]
desktop.ini --ahs-- 216 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Windows PowerShell (x86).lnk --a---- 1989 bytes [05:32 14/07/2009] [05:32 14/07/2009]
Windows PowerShell ISE (x86).lnk --a---- 1468 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Windows PowerShell ISE.lnk --a---- 1468 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Windows PowerShell.lnk --a---- 1899 bytes [05:32 14/07/2009] [05:32 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools d------ [03:00 14/06/2011]
Component Services.lnk --a---- 1242 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Computer Management.lnk --a---- 1294 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Data Sources (ODBC).lnk --a---- 1270 bytes [04:53 14/07/2009] [04:53 14/07/2009]
desktop.ini --ahs-- 1674 bytes [04:53 14/07/2009] [04:57 14/07/2009]
Event Viewer.lnk --a---- 1298 bytes [04:54 14/07/2009] [04:54 14/07/2009]
iSCSI Initiator.lnk --a---- 1274 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Memory Diagnostics Tool.lnk --a---- 1268 bytes [04:53 14/07/2009] [04:53 14/07/2009]
Performance Monitor.lnk --a---- 1232 bytes [04:53 14/07/2009] [04:53 14/07/2009]
services.lnk --a---- 1288 bytes [04:54 14/07/2009] [04:54 14/07/2009]
System Configuration.lnk --a---- 1246 bytes [04:53 14/07/2009] [04:53 14/07/2009]
Task Scheduler.lnk --a---- 1262 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Windows Firewall with Advanced Security.lnk --a---- 1274 bytes [04:53 14/07/2009] [04:53 14/07/2009]
Windows PowerShell Modules.lnk --a---- 2741 bytes [05:32 14/07/2009] [05:32 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\AIM d------ [03:00 14/06/2011]
AIM.lnk --a---- 1935 bytes [17:34 12/06/2011] [17:34 12/06/2011]
Uninstall AIM.lnk --a---- 1064 bytes [17:34 12/06/2011] [17:34 12/06/2011]
Visit AIM on the Web.url --a---- 44 bytes [17:34 12/06/2011] [17:34 12/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center d------ [03:00 14/06/2011]
CCC - Advanced.lnk --a---- 2094 bytes [19:53 03/06/2011] [19:53 03/06/2011]
CCC - Wizard.lnk --a---- 2088 bytes [19:53 03/06/2011] [19:53 03/06/2011]
CCC.lnk --a---- 2082 bytes [19:53 03/06/2011] [19:53 03/06/2011]
Help.lnk --a---- 2096 bytes [19:53 03/06/2011] [19:53 03/06/2011]
Restart Runtime.lnk --a---- 2078 bytes [19:53 03/06/2011] [19:53 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Creative d------ [03:00 14/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Creative\THX TruStudio PC d------ [03:00 14/06/2011]
Readme.lnk --a---- 2116 bytes [20:01 03/06/2011] [20:01 03/06/2011]
THX Audio Control Panel.lnk --a---- 2299 bytes [20:01 03/06/2011] [20:01 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell d------ [03:00 14/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell\Dell Software & Utilities d------ [03:00 14/06/2011]
Dell Getting Started Guide.lnk --a---- 1137 bytes [20:15 03/06/2011] [20:15 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell\Service Agreements d------ [03:00 14/06/2011]
InHome.pdf.lnk --a---- 2471 bytes [19:59 03/06/2011] [19:59 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell DataSafe d------ [03:00 14/06/2011]
Dell DataSafe Local Backup.lnk --a---- 1862 bytes [19:59 03/06/2011] [19:59 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell DataSafe Online d------ [03:00 14/06/2011]
Dell DataSafe Online.lnk --a---- 2451 bytes [20:08 03/06/2011] [20:08 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell Stage d------ [03:00 14/06/2011]
Dell Stage.lnk --a---- 2199 bytes [20:15 03/06/2011] [20:15 03/06/2011]
desktop.ini --ahs-- 114 bytes [20:03 03/06/2011] [20:03 03/06/2011]
MusicStage.lnk --a---- 2064 bytes [20:03 03/06/2011] [20:03 03/06/2011]
PhotoStage.lnk --a---- 2086 bytes [20:03 03/06/2011] [20:03 03/06/2011]
VideoStage.lnk --a---- 2046 bytes [20:03 03/06/2011] [20:03 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Dell Support Center d------ [03:00 14/06/2011]
Dell Support Center.lnk --a---- 1056 bytes [20:09 03/06/2011] [20:09 03/06/2011]
desktop.ini --ahs-- 143 bytes [20:09 03/06/2011] [20:09 03/06/2011]
PC Checkup.lnk --a---- 1116 bytes [20:09 03/06/2011] [20:09 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Games d------ [03:00 14/06/2011]
Chess.lnk --a---- 352 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Desktop.ini --ahs-- 1128 bytes [05:32 14/07/2009] [21:46 03/06/2011]
FreeCell.lnk --a---- 364 bytes [04:55 14/07/2009] [04:55 14/07/2009]
GameExplorer.lnk --a---- 258 bytes [04:54 14/07/2009] [04:54 14/07/2009]
Hearts.lnk --a---- 356 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Internet Backgammon.lnk --a---- 474 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Internet Checkers.lnk --a---- 470 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Internet Spades.lnk --a---- 466 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Mahjong.lnk --a---- 360 bytes [21:46 03/06/2011] [21:46 03/06/2011]
Minesweeper.lnk --a---- 376 bytes [04:57 14/07/2009] [04:57 14/07/2009]
More Games from Microsoft.lnk --a---- 370 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Purble Place.lnk --a---- 378 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Solitaire.lnk --a---- 368 bytes [04:55 14/07/2009] [04:55 14/07/2009]
Spider Solitaire.lnk --a---- 392 bytes [04:57 14/07/2009] [04:57 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Intel d------ [03:00 14/06/2011]
desktop.ini --ahs-- 195 bytes [19:56 03/06/2011] [19:56 03/06/2011]
Intel Control Center.lnk --a---- 1429 bytes [19:56 03/06/2011] [19:56 03/06/2011]
Intel® Rapid Storage Technology.lnk --a---- 1488 bytes [19:56 03/06/2011] [19:56 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\iTunes d------ [03:00 14/06/2011]
About iTunes.lnk --a---- 2107 bytes [02:08 12/06/2011] [02:08 12/06/2011]
iTunes.lnk --a---- 1803 bytes [02:08 12/06/2011] [02:08 12/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Maintenance d------ [03:00 14/06/2011]
Backup and Restore Center.lnk --a---- 1304 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Create Recovery Disc.lnk --a---- 1248 bytes [04:57 14/07/2009] [04:57 14/07/2009]
Desktop.ini --ahs-- 606 bytes [02:36 14/07/2009] [04:57 14/07/2009]
Remote Assistance.lnk --a---- 1212 bytes [04:57 14/07/2009] [04:57 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\McAfee d------ [03:00 14/06/2011]
McAfee SecurityCenter.lnk --a---- 1848 bytes [00:13 14/06/2011] [00:13 14/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Microsoft Silverlight d------ [03:00 14/06/2011]
Microsoft Silverlight.lnk --a---- 2269 bytes [20:05 03/06/2011] [20:05 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\QuickTime d------ [03:00 14/06/2011]
About QuickTime.lnk --a---- 2441 bytes [02:06 12/06/2011] [02:06 12/06/2011]
PictureViewer.lnk --a---- 2471 bytes [02:06 12/06/2011] [02:06 12/06/2011]
QuickTime Player.lnk --a---- 2441 bytes [02:06 12/06/2011] [02:06 12/06/2011]
Uninstall QuickTime.lnk --a---- 1818 bytes [02:06 12/06/2011] [02:06 12/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Roxio Creator Starter d------ [03:00 14/06/2011]
Roxio Burn Options.lnk --a---- 1087 bytes [20:14 03/06/2011] [20:14 03/06/2011]
Roxio Burn.lnk --a---- 1109 bytes [20:14 03/06/2011] [20:14 03/06/2011]
Roxio Creator Starter.lnk --a---- 2164 bytes [20:13 03/06/2011] [20:13 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Startup d------ [03:00 14/06/2011]
desktop.ini --ahs-- 174 bytes [04:54 14/07/2009] [04:54 14/07/2009]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Steam d------ [03:00 14/06/2011]
Steam Support Center.lnk --a---- 2573 bytes [22:18 11/06/2011] [22:18 11/06/2011]
Steam.lnk --a---- 937 bytes [22:18 11/06/2011] [22:18 11/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Tablet PC d------ [03:00 14/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\1\Programs\Windows Live d------ [03:00 14/06/2011]
desktop.ini --ahs-- 164 bytes [20:08 03/06/2011] [20:08 03/06/2011]
Windows Live Mesh.lnk --a---- 2068 bytes [20:08 03/06/2011] [20:08 03/06/2011]
Windows Live Writer.lnk --a---- 2350 bytes [20:08 03/06/2011] [20:08 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\3 d------ [03:00 14/06/2011]
desktop.ini --ahs-- 151 bytes [21:05 11/06/2011] [22:41 11/06/2011]
Mozilla Firefox.lnk ------- 1156 bytes [22:16 11/06/2011] [22:16 11/06/2011]
Windows Explorer.lnk ------- 1228 bytes [21:05 11/06/2011] [04:49 14/07/2009]
Windows Media Player.lnk ------- 1547 bytes [21:05 11/06/2011] [20:24 03/06/2011]

C:\Users\BRENDA~1\AppData\Local\Temp\smtmp\4 d------ [03:00 14/06/2011]
AIM.lnk ------- 1917 bytes [17:34 12/06/2011] [17:34 12/06/2011]
desktop.ini --ahs-- 174 bytes [04:54 14/07/2009] [04:54 14/07/2009]
eBay.lnk ------- 1997 bytes [20:01 03/06/2011] [20:01 03/06/2011]
iTunes.lnk ------- 1785 bytes [02:08 12/06/2011] [02:08 12/06/2011]
Mozilla Firefox.lnk ------- 1144 bytes [22:16 11/06/2011] [22:16 11/06/2011]
My Identity Protection.url ------- 204 bytes [20:10 03/06/2011] [20:10 03/06/2011]
QuickTime Player.lnk ------- 1847 bytes [02:06 12/06/2011] [02:06 12/06/2011]
Steam.lnk ------- 919 bytes [22:18 11/06/2011] [22:18 11/06/2011]

-= EOF =-

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users