Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black Screen with Cursor After Log in


  • Please log in to reply
9 replies to this topic

#1 hikittie

hikittie

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:53 PM

Posted 05 June 2014 - 02:16 PM

I noticed my home page was changed to a different site every time I tried to access the Internet so I downloaded and ran malaware. It detected 70 items. I hit quarantine and restarted as directed. Now after the laptop starts and I login my screen is black with a cursor that moves. I have a lenovo laptop running windows 7. Any help is greatly appreciated.

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:53 AM

Posted 05 June 2014 - 08:13 PM

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
Click Go and copy / paste the result (Result.txt).
 

Next -

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with Rkill log.
Post it in your next reply.

 

NOTE. RKill.txt log will also be present on your desktop.



#3 hikittie

hikittie
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:53 PM

Posted 05 June 2014 - 11:30 PM

I did everything in safe mode as I can't access anything in regular mode.

Here are the logs:

 

 Results of screen317's Security Check version 0.99.83  
 Windows 7  x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 34.0.1847.137  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by pbelvin1 (administrator) on 05-06-2014 at 21:26:38
Running from "C:\Users\pbelvin1\Desktop"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/30/2014 03:29:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 03:29:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 03:29:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 03:29:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 02:29:10 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (05/30/2014 02:29:10 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to read the header of logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
 
System errors:
=============
Error: (06/05/2014 09:21:48 PM) (Source: DCOM) (User: )
Description: 1084defragsvc{D20A3293-3341-4AE8-9AAF-8E397CB63C34}
 
Error: (06/05/2014 09:04:26 PM) (Source: DCOM) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (06/05/2014 08:58:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:13 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/05/2014 08:58:11 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (05/30/2014 03:29:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 03:29:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 03:29:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 03:29:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 02:59:09 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 02:29:10 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (05/30/2014 02:29:10 AM) (Source: ESENT)(User: )
Description: wuaueng.dll944SUS20ClientDataStore: C:\windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
 
=========================== Installed Programs ============================
 
Active Protection System (Version: 1.70.11)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.214)
Adobe Photoshop CS6 (Version: 13.0.0.0)
Adobe Reader 9.5.5 (Version: 9.5.5)
Atheros Client Installation Program (Version: 7.0)
avast! Free Antivirus (Version: 9.0.2018)
Best Buy pc app (Version: 3.2.0.0)
Best Buy pc app (Version: 3.2.420.5)
BioExcess (Version: 7.0.67.0)
BitTorrent (Version: 7.9.1.31141)
CCleaner (Version: 4.12)
ConvertXtoDVD 4.1.19.365 (Version: 4.1.19.365)
CyberLink YouCam (Version: 3.1.3603)
D3DX10 (Version: 15.4.2368.0902)
EgisTec ES603 WDM Driver (Version: 3.0.10.4)
Energy Management (Version: 6.0.2.1)
Google Chrome (Version: 35.0.1916.114)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.24.7)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® Rapid Storage Technology (Version: 10.1.5.1001)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo EasyCamera (Version: 13.10.1201.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.6)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo PowerDVD 10 (Version: 10.0.2318.52)
Lenovo Security Suite (Version: 2.0.11.0)
Lenovo_Wireless_Driver (Version: 1.02.01)
Malwarebytes Anti-Malware version 2.0.2.1012 (Version: 2.0.2.1012)
McAfee AntiVirus Plus (Version: 11.0.543)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Paint Shop Pro 7 Evaluation (Version: 7.0.0.0000)
Port Locker (Version: 1.0.5.24)
Power2Go (Version: 5.6.0.7303)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6282)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10008)
Synaptics Pointing Device Driver (Version: 15.2.7.0)
VeriFace (Version: 4.0.0.1224)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 18.0 (Version: 18.0.10661)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 13%
Total physical RAM: 4010.14 MB
Available physical RAM: 3477.18 MB
Total Pagefile: 8018.43 MB
Available Pagefile: 7506.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.92 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:421.81 GB) (Free:319.6 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.72 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PBELVIN1-PC
 
Administrator            Guest                    pbelvin1                 
 
 
**** End of log ****
 
 

Rkill 2.6.6 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 06/05/2014 11:26:11 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 06/05/2014 11:26:37 PM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)
 


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:53 AM

Posted 06 June 2014 - 12:23 AM

Windows 7  x64 (UAC is enabled)   Out of date service pack!! << Link will lead to SP1 to update it.

First install Service Pack 1 for Windows 7. It is required .....

 

Note : You have 2 Antivirus prograns installed, please remove 1 of them (directions below)

 

What is McAfee AntiVirus Plus ?  (from McAfee)
How to >>> uninstall McAfee Security Scan Plus.
Our powerful combination of performance, accuracy, and reinforcing protections keeps criminals away from your PC and data. From startup to on-access scans, get high performance to minimize scan times and extend battery life. Find and seal up holes in Windows and your favorite browsers and applications. Block threats like viruses, Trojans, and spyware in your files.

 

Or uninstall >> avast! Free Antivirus

 

** (I note that you already have Malwarebytes installed)

Run a scan with Malwarebytes Anti-Malware version 2.0.2. and use Chameleom -

* Download Malwarebytes Anti-Malware Free and save it to your desktop
* Double click the desktop icon, click Run, then OK
* Click Next
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>
----------
** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) -

A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com
----------
** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply

 

 

If you can get out of Safe Mode, please run this, it will not run in Safe Mode

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only post the link)



#5 hikittie

hikittie
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:53 PM

Posted 08 June 2014 - 04:37 PM

I installed the service pack for Windows 7 and removed McAfee, then ran Malawarebytes and nothing was detected. I've tried numerous times to log on without safe mode and my wallpaper now shows for a second then the screen turns black with the cursor again. Here is the log from malawarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/6/2014
Scan Time: 4:37:41 AM
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.06.03
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: pbelvin1
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 257581
Time Elapsed: 7 min, 36 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:53 AM

Posted 08 June 2014 - 05:45 PM

What is the actual problem now.

Are you able to start normally ??



#7 hikittie

hikittie
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:53 PM

Posted 08 June 2014 - 05:54 PM

When I log on normally the wallpaper will show up now but only briefly then the screen goes black again

#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:53 AM

Posted 10 June 2014 - 02:06 AM

The Server service depends on the Security Accounts Manager service which failed to start because of the following error:
%%1058

Your main error -
For the services, if you open the Start Menu and type Services into the Search programs and files, you will get a few options.
Right click on the option with gears as the icon and Run as administrator.
The Computer Browser service depends on the Server service
Right click any services that are complaining that their dependencies are not running (the services I put in bold above mainly).
Click Properties.
Go to the Dependencies tab, and in the first box, a list of services that service depends on will be given.
Write down the services that need to start for dependencies to be resolved.
Make sure these services are all set to start automatically by

  • right clicking (or double clicking) those services,
  • clicking properties,
  • going to the General tab,
  • and making the Startup type Automatic.

 

 

 

Download AdwCleaner by Xplode and save to your Desktop.

•Double click on AdwCleaner.exe to run the tool.
•Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.(only once)
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Uncheck any elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review.

• Now you're ready to clean it all up.....click the Clean button..(only once)
• Click OK - The computer will ask to confirm to Reboot Click OK
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted (if necessary):
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

 

 

Please download Temp File Cleaner by Old Timer
Usage Instructions:

  • Download TFC from the download link above and save the file on your desktop.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press Exit, and reboot your computer and finish the cleanup.


#9 hikittie

hikittie
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:53 PM

Posted 12 June 2014 - 12:16 AM

I did everything and now when I log on the screen no longer turns black but when I try to access anything it just freezes, the cursor moves but nothing happens. 

 

Here is the log from AdwCleaner:

 

# AdwCleaner v3.212 - Report created 11/06/2014 at 01:09:53
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : pbelvin1 - PBELVIN1-PC
# Running from : C:\Users\pbelvin1\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : Partner Service
 
***** [ Files / Folders ] *****
 
File Found : C:\windows\System32\Tasks\MySearchDial
File Found : C:\windows\Tasks\MySearchDial.job
Folder Found : C:\ProgramData\Partner
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Found : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\pbelvin1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [3861 octets] - [11/06/2014 01:09:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3921 octets] ##########


#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:53 AM

Posted 12 June 2014 - 05:35 AM

AdwCleaner is OK to run Clean -

These are just a few of the problem programs - 

MySearchDial

UpdateTask_RASMANCS

kt_bho.KettleBho

ask.com/web

 

 

 

Click on the Clean button (only once) to remove the selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

 

After you have cleaned the files and posted the log. re-open it and hit Uninstall to remove the Quarantined items.

If tou ever need the program again, just upload the new current version.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users