Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows wont start, System Repair does'nt help


  • This topic is locked This topic is locked
3 replies to this topic

#1 Motrius

Motrius

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:40 AM

Posted 26 October 2016 - 12:29 PM

Hallo everyone,
 
so i have searched and tried everyway i know that is possible to fix this problem and i got nowhere but i did find a similar problem that was posted here in 2012 under the Name:
Windows Failed to Start, System Repair Can't Discover Problem
so what happend is i was updating the Drivers for my Toshiba Satalite e205  running on win7 32 bit and i didnt restart the computer till i was done installing all the Drivers and among those Drivers i had an update for BOIS that asked me go to BIOS after restarting and set back the defualt settings.
I did so and after that my laptop reachs the Windows Logo and restart again and go to the startup repair which also wasnt helpfull as i am getting : Startup repair connot repair this Computer automatically
 
Problem details:
 
Problem signature:
problem Event Name :                    StartupRepairOffline
Problemsignature01:                       6.1.7600.16385
Problemsignature02:                       6.1.7600.16385
Problemsignature03:                       unknown
Problemsignature04:                       21199850
Problemsignature05:                       AutoFaiover
Problemsignature06:                       13
Problemsignature07:                       NoRootCouse
OS Version:                                       6.1.7600.2.0.0.256.1
Locale ID:                                          1033
 
anyway as i tried every other way i know and didnt work i thought i can try to use the FRST32.exe as i saw in the Topic mentioned above so i downloaded the tool and ran the scan and it genereated the File FRST.txt (that i attached to the Topic)and that is where i got stuck as i have no idea how to deal with it and how to determinant the Problem

so my quasion is can anyone pleaaaassssse help me with that from here ......?
 
Mod Edit:  Merged posts, moved from Win 7 to MRL - Hamluis.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2016
Ran by SYSTEM on MININT-7P2TTLL (26-10-2016 17:50:48)
Running from h:\
Platform: Windows 7 Home Premium (X86) Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-24] (Realtek Semiconductor)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [611672 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1328480 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [467816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [30040 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [947176 2012-09-12] (Microsoft Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [480608 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [460088 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [742712 2009-10-25] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [fst_de_19] => [X]
HKLM\...\Run: [t4pc_en_3] => [X]
HKLM\...\Run: [fst_de_48] => [X]
HKLM\...\Run: [t4pc_en_6] => [X]
HKLM\...\Run: [fst_de_56] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [273544 2013-03-09] (RealNetworks, Inc.)
HKLM\...\Run: [kbdsprt] => [X]
HKLM\...\RunOnce: [ConnecitfyTemp d] => cmd /Q /C "rmdir /S /Q C:\Users\TOSHIBA\AppData\Local\Temp\Connectify\d" <===== ATTENTION
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [262656 2009-07-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Windows\runkey.exe [424592 2016-08-05] ()
HKU\fadi\...\Policies\system: [LogonHoursAction] 2
HKU\fadi\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\TOSHIBA\...\Run: [Connectify-Installer] => "C:\Users\TOSHIBA\AppData\Local\Temp\Connectify\Connectify2015Installer(1).exe" /NOLIC=1 <===== ATTENTION
HKU\TOSHIBA\...\Policies\system: [LogonHoursAction] 2
HKU\TOSHIBA\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\TOSHIBA\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
AppInit_DLLs: _______C:\PROGRA~1\SEARCH~2\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll [215312 2015-01-05] ()
AppInit_DLLs:  c:\progra~1\suptab\search~1.dll => No File
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger]  
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1202621064-2582587725-2604084314-1003\User: Restriction <======= ATTENTION
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-10-27] (TOSHIBA CORPORATION)
S4 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [3312960 2014-11-27] ()
S4 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [537256 2008-02-18] ( )
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20472 2012-09-12] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [287824 2012-09-12] (Microsoft Corporation)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-04-23] ()
S4 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [103736 2013-04-23] ()
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [189808 2010-04-06] (TOSHIBA Corporation)
S3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [677232 2010-02-05] (TOSHIBA Corporation)
S3 Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S4 HWDeviceService.exe; "C:\ProgramData\DatacardService\HWDeviceService.exe" -/service [X]
S2 Update Solution Real; "C:\Program Files\Solution Real\updateSolutionReal.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-13] (Microsoft Corporation)
S1 aiptektp; C:\Windows\System32\DRIVERS\aiptektp.sys [22528 2006-06-05] (WALTOP International Corp.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [24576 2015-01-25] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [29696 2015-01-25] (LG Electronics Inc.)
S3 AR9271; C:\Windows\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2015-10-11] (Sony Mobile Communications)
S3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [67184 2010-09-27] (Atheros Communications, Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation)
S3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn01.sys [10385824 2015-03-25] (Intel Corporation)
S3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2012-01-18] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [184192 2014-10-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
S1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52928 2014-03-26] (StdLib)
S1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w; C:\Windows\System32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w.sys [52928 2014-06-16] (StdLib)
S1 {af16abf4-eac1-49b4-93fc-58f6ca799135}w; C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}w.sys [52928 2014-06-09] (StdLib)
S1 bkuuzxib; \??\C:\Windows\system32\drivers\bkuuzxib.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S5 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
S1 wiylqdde; \??\C:\Windows\system32\drivers\wiylqdde.sys [X]
S1 wopqmzte; \??\C:\Windows\system32\drivers\wopqmzte.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-26 17:50 - 2016-10-26 17:50 - 00000000 ____D C:\FRST
2016-10-25 17:12 - 2016-10-25 17:12 - 00000000 ____D C:\ProgramData\Book Place
2016-10-25 17:10 - 2016-10-25 17:10 - 00000000 ____D C:\Users\Public\Book Place
2016-10-25 17:07 - 2016-10-25 17:11 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\Kjs.AppLife.Update
2016-10-25 17:06 - 2016-10-25 17:06 - 00000000 ____D C:\Users\TOSHIBA\Documents\Book Place
2016-10-25 14:45 - 2016-10-26 04:01 - 00000000 ____D C:\se20v130
2016-10-25 07:41 - 2016-10-26 04:18 - 00000000 ____D C:\Program Files\Connectify
2016-10-25 07:40 - 2016-10-25 07:45 - 00000000 ____D C:\ProgramData\Connectify
2016-10-25 07:15 - 2016-10-26 04:18 - 00000000 ____D C:\Program Files\ab1925d8c28980e1c40628bca1ee602e
2016-10-25 07:15 - 2016-10-25 07:15 - 00000000 ____D C:\ProgramData\dbg
2016-10-25 07:13 - 2016-10-25 07:13 - 00000000 ____D C:\ProgramData\Avg
2016-10-25 07:11 - 2016-10-25 07:43 - 00000000 ____D C:\Users\TOSHIBA\AppData\Roaming\Atigupy
2016-10-25 07:10 - 2016-10-26 04:18 - 00000000 ____D C:\Program Files\Dregurydering
2016-10-25 07:10 - 2016-10-25 07:33 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\Shadose
2016-10-25 06:23 - 2016-10-26 04:18 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\BEETmobile
2016-10-25 06:23 - 2016-10-25 07:33 - 00000000 ____D C:\Program Files\BEETmobile
2016-10-24 14:21 - 2016-10-24 14:21 - 00004552 _____ C:\Users\TOSHIBA\Desktop\Bestaetigung.htm
2016-10-24 14:21 - 2016-10-24 14:21 - 00000000 ____D C:\Users\TOSHIBA\Desktop\Bestaetigung_files
2016-10-24 10:10 - 2016-10-24 10:10 - 00233472 _____ (d) C:\Users\TOSHIBA\Documents\infected.exe
2016-10-24 09:55 - 2016-10-24 09:55 - 00000000 ____D C:\Users\TOSHIBA\Downloads\Predat0r Keylogger New v2
2016-10-24 09:34 - 2016-10-24 09:34 - 03898555 _____ C:\Users\TOSHIBA\Downloads\Predat0r Keylogger New v2.rar
2016-10-24 09:33 - 2016-10-24 09:34 - 17373412 _____ C:\Users\TOSHIBA\Downloads\shr7 predat0r.rar
2016-10-23 03:43 - 2016-10-23 03:43 - 00000000 ____D C:\Users\TOSHIBA\Documents\Add-in Express
2016-10-23 03:07 - 2016-10-23 03:07 - 00334927 _____ C:\unp305513252872161707.mdmp
2016-10-23 02:54 - 2016-10-23 02:54 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-23 02:46 - 2016-10-23 02:46 - 00000000 ____D C:\ProgramData\UniqueId
2016-10-23 02:45 - 2016-10-23 03:44 - 00000000 ____D C:\ProgramData\WinZip
2016-10-23 02:42 - 2016-10-23 02:42 - 00000000 ____D C:\ProgramData\BSD
2016-10-23 02:41 - 2016-10-23 02:41 - 00000000 ____D C:\ProgramData\PCVARK
2016-10-23 02:40 - 2016-10-25 07:33 - 00000000 ____D C:\Program Files\Winhotspot
2016-10-23 02:40 - 2016-10-23 03:41 - 00000000 ____D C:\Users\TOSHIBA\AppData\Roaming\Nico Mak Computing
2016-10-23 02:39 - 2016-10-26 04:18 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-23 02:38 - 2016-10-23 02:39 - 00000000 ____D C:\Users\TOSHIBA\Documents\PROPCCleaner
2016-10-23 02:02 - 2016-10-26 04:18 - 00000000 ____D C:\Program Files\MyPublicWiFi
2016-10-23 02:02 - 2016-10-26 04:18 - 00000000 ____D C:\864B69466849
2016-10-23 02:02 - 2016-10-23 02:02 - 01143096 _____ (TRUE Software ) C:\Users\TOSHIBA\Downloads\MyPublicWiFi.exe
2016-10-23 01:58 - 2016-10-23 01:58 - 01177464 _____ (adsafiliados) C:\Users\TOSHIBA\Downloads\MyPublicWiFi_Crack_Full_Version_Serial_Key_Free_rel_.exe
2016-10-23 01:52 - 2016-10-23 01:52 - 05191856 _____ (The company ) C:\Users\TOSHIBA\Downloads\MyPublicWiFi Crack Download Full Version.exe
2016-10-23 01:23 - 2016-10-23 01:23 - 00093018 _____ C:\Users\TOSHIBA\Downloads\The_Office - season 1.en.zip
2016-10-16 15:28 - 2016-10-16 15:28 - 00000000 ____D C:\Users\TOSHIBA\AppData\Roaming\PE Explorer
2016-10-16 15:27 - 2016-10-26 04:18 - 00000000 ____D C:\Program Files\PE Explorer
2016-10-16 15:27 - 2016-10-16 15:27 - 03828712 _____ (Heaventools Software) C:\Users\TOSHIBA\Downloads\PE.Explorer_setup.exe
2016-10-16 08:13 - 2016-10-16 08:13 - 00320428 _____ C:\Users\TOSHIBA\Downloads\TAR.6C494389D39A.pdf
2016-10-16 08:09 - 2016-10-16 08:09 - 00218058 _____ C:\Users\TOSHIBA\Downloads\TAP-16-596(3).pdf
2016-10-14 03:40 - 2016-10-14 03:40 - 05142744 _____ (Simple.Company ) C:\Users\TOSHIBA\Downloads\Ardamax Keylogger 4.3.3 Full   Crack NQQ.00.exe
2016-10-14 03:33 - 2016-10-14 03:33 - 00000000 _RSHD C:\ProgramData\{972DC8CA-126D-23FD-11AA-92876DD12AFD}
2016-10-14 03:33 - 2016-08-05 01:19 - 00424592 _____ C:\Windows\runkey.exe
2016-10-14 03:32 - 2016-10-26 04:18 - 00000000 ____D C:\ProgramData\Spyrix Free Keylogger
2016-10-14 03:32 - 2016-10-26 04:18 - 00000000 ____D C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
2016-10-14 03:32 - 2016-10-14 03:32 - 09353472 _____ (Spyrix Security Inc.) C:\Users\TOSHIBA\Downloads\sfk_setup.exe
2016-10-14 03:16 - 2016-10-14 03:18 - 00000000 ___HD C:\ProgramData\FreeKey
2016-10-14 03:15 - 2016-10-14 03:15 - 02599496 _____ (HeavenWard) C:\Users\TOSHIBA\Downloads\FKPackage_4.3.17.0.exe
2016-10-14 03:15 - 2016-10-14 03:15 - 02599496 _____ (HeavenWard) C:\Users\TOSHIBA\Downloads\FKPackage_4.3.15.1.exe
2016-10-10 04:02 - 2016-10-10 04:02 - 00350406 _____ C:\Users\TOSHIBA\Downloads\Kreditkartenantrag_ICS_VISA_World_Card.pdf
2016-10-07 01:15 - 2016-10-07 01:15 - 03083823 _____ C:\Users\TOSHIBA\Downloads\رد__DHL_Awb___5821414594_mailed_by___dwerner.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-26 04:19 - 2013-07-30 12:07 - 00000000 ___RD C:\Users\TOSHIBA\Documents\Notes
2016-10-26 04:19 - 2013-03-09 01:00 - 00000000 ____D C:\users\TOSHIBA
2016-10-26 04:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
2016-10-26 04:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-10-26 04:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\AppCompat
2016-10-26 04:18 - 2016-07-12 04:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-10-26 04:18 - 2016-03-26 05:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-26 04:18 - 2015-10-12 15:46 - 00000000 ____D C:\Program Files\Common Files\Java
2016-10-26 04:18 - 2014-12-09 09:09 - 00000000 ____D C:\Program Files\Android Commander
2016-10-26 04:18 - 2013-11-22 14:30 - 00000000 ____D C:\Program Files\MPC-HC
2016-10-26 04:18 - 2013-03-09 05:29 - 00000000 ____D C:\Program Files\Common Files\postureAgent
2016-10-26 04:17 - 2015-06-03 05:14 - 00000000 ____D C:\Users\TOSHIBA\Downloads\arcor+dsl+wlan+modem+200+quick+starter_10924_i14782997_il345.exe
2016-10-26 04:17 - 2013-03-09 01:00 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\VirtualStore
2016-10-26 04:17 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
2016-10-26 04:16 - 2014-08-28 22:59 - 00000000 ____D C:\ProgramData\Oracle
2016-10-26 04:16 - 2013-07-09 06:19 - 00000000 ____D C:\users\fadi
2016-10-26 04:16 - 2013-03-09 08:35 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\Google
2016-10-26 04:16 - 2013-03-09 03:58 - 00000000 ____D C:\Program Files\TOSHIBA
2016-10-26 04:16 - 2009-07-13 20:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-10-26 04:15 - 2014-12-11 15:57 - 00000000 ____D C:\Program Files\SearchProtect
2016-10-26 04:15 - 2013-07-16 14:22 - 00000000 ____D C:\Program Files\Java
2016-10-26 04:15 - 2013-07-16 10:27 - 00000000 ____D C:\Program Files\Google
2016-10-26 04:15 - 2013-03-09 08:44 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-26 04:15 - 2013-03-09 05:29 - 00000000 ____D C:\Program Files\Intel
2016-10-26 04:15 - 2013-03-09 04:23 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-10-25 17:21 - 2013-11-16 15:53 - 00000000 ____D C:\Users\TOSHIBA\AppData\Roaming\Media Player Classic
2016-10-25 17:12 - 2013-03-09 06:01 - 00000000 ____D C:\Users\TOSHIBA\AppData\Roaming\Book Place
2016-10-25 07:33 - 2015-10-11 09:30 - 00000000 ____D C:\Program Files\Sony Mobile
2016-10-25 07:33 - 2015-05-04 09:30 - 00000000 ____D C:\Program Files\Hp
2016-10-25 07:33 - 2015-01-16 02:45 - 00000000 ____D C:\Program Files\MionnimuemPricE
2016-10-25 07:33 - 2015-01-16 02:37 - 00000000 ____D C:\Program Files\Solution Real
2016-10-25 07:33 - 2015-01-16 02:32 - 00000000 ____D C:\Program Files\ENjoYCoUpeon
2016-10-25 07:33 - 2014-12-11 17:23 - 00000000 ____D C:\Program Files\HTC
2016-10-25 07:33 - 2014-12-11 15:15 - 00000000 ____D C:\Program Files\Android
2016-10-25 07:33 - 2014-12-09 08:45 - 00000000 ____D C:\Program Files\Droid Explorer
2016-10-25 07:33 - 2014-12-09 08:01 - 00000000 ____D C:\Program Files\Softland
2016-10-25 07:33 - 2014-05-19 13:40 - 00000000 ____D C:\Program Files\TakeTThECoupoin
2016-10-25 07:33 - 2014-05-19 13:40 - 00000000 ____D C:\Program Files\RuEGulareDeals
2016-10-25 07:33 - 2014-05-19 12:34 - 00000000 ____D C:\Program Files\ScanTack
2016-10-25 07:33 - 2014-05-19 12:34 - 00000000 ____D C:\Program Files\predm
2016-10-25 07:33 - 2014-05-19 12:31 - 00000000 ____D C:\Program Files\WaatchIttAdBlOckee
2016-10-25 07:33 - 2014-05-19 11:49 - 00000000 ____D C:\Program Files\globalUpdate
2016-10-25 07:33 - 2014-02-07 08:14 - 00000000 ____D C:\Program Files\websaveo
2016-10-25 07:33 - 2014-02-03 18:17 - 00000000 ____D C:\Program Files\WebSparkle
2016-10-25 07:33 - 2013-12-13 17:41 - 00000000 ____D C:\Program Files\i-Funbox DevTeam
2016-10-25 07:33 - 2013-11-13 13:02 - 00000000 ____D C:\Program Files\WebSearch
2016-10-25 07:33 - 2013-11-13 13:02 - 00000000 ____D C:\Program Files\Sk.Enhancer
2016-10-25 07:33 - 2013-11-13 13:01 - 00000000 ____D C:\Program Files\surf And kueeep
2016-10-25 07:33 - 2013-10-18 08:00 - 00000000 ____D C:\Program Files\Ss.Helper
2016-10-25 07:33 - 2013-06-15 13:29 - 00000000 ____D C:\Program Files\88f858a1
2016-10-25 07:33 - 2013-05-20 22:00 - 00000000 ____D C:\Program Files\Graboid
2016-10-25 07:33 - 2013-05-16 07:55 - 00000000 ____D C:\Program Files\Counter-Strike Source
2016-10-25 07:33 - 2013-04-24 11:33 - 00000000 ____D C:\Program Files\VideoLAN
2016-10-25 07:33 - 2013-04-24 11:32 - 00000000 ____D C:\Program Files\SweetIM
2016-10-25 07:33 - 2013-04-07 12:50 - 00000000 ____D C:\Program Files\Easeware
2016-10-25 07:33 - 2013-03-24 14:29 - 00000000 ____D C:\Program Files\HDD Regenerator
2016-10-25 07:33 - 2013-03-09 08:49 - 00000000 ____D C:\Program Files\WinRAR
2016-10-25 07:33 - 2009-07-13 20:52 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-10-24 02:06 - 2013-12-14 15:06 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\88A6E915-F447-4070-A4E6-304A257EF62B.aplzod
2016-10-23 04:36 - 2013-03-09 06:58 - 00113528 _____ C:\Users\TOSHIBA\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-23 02:01 - 2009-07-13 20:34 - 00026496 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 02:01 - 2009-07-13 20:34 - 00026496 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 01:53 - 2015-01-28 12:30 - 00015360 _____ C:\Windows\System32\umstartup.etl
2016-10-23 01:46 - 2015-01-28 12:30 - 00012288 _____ C:\Windows\System32\umstartup000.etl
2016-10-23 01:43 - 2013-03-29 14:21 - 00000435 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2016-10-08 14:12 - 2014-12-15 02:08 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\Adobe
2016-10-08 13:37 - 2013-03-20 02:23 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2016-10-08 13:37 - 2013-03-20 02:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2016-10-08 13:37 - 2013-03-20 02:23 - 00000000 ____D C:\Windows\System32\Macromed
2016-10-01 10:44 - 2013-05-27 06:11 - 02010698 _____ C:\Windows\System32\perfh00D.dat
2016-10-01 10:44 - 2013-05-27 06:11 - 01636078 _____ C:\Windows\System32\perfc00D.dat
2016-10-01 10:44 - 2013-03-09 01:04 - 00006586 _____ C:\Windows\System32\PerfStringBackup.INI
2016-09-27 10:10 - 2013-03-09 07:05 - 00000000 ____D C:\Users\TOSHIBA\AppData\Local\ElevatedDiagnostics
 
Files to move or delete:
====================
C:\Users\TOSHIBA\adb.exe
C:\Users\TOSHIBA\AdbWinApi.dll
C:\Users\TOSHIBA\AdbWinUsbApi.dll
C:\Users\TOSHIBA\AutomaticUpdaterWPF.dll
C:\Users\TOSHIBA\fastboot.exe
C:\Users\TOSHIBA\fbchathistory.dat
C:\Users\TOSHIBA\HTC One Toolkit.exe
C:\Users\TOSHIBA\htcdriver.exe
C:\Users\TOSHIBA\Project1.exe
C:\Users\TOSHIBA\wyUpdate.exe
 
 
Some files in TEMP:
====================
C:\Users\TOSHIBA\AppData\Local\Temp\B1FreeArchiver_1.7.120.exe
C:\Users\TOSHIBA\AppData\Local\Temp\freekeyloggerpkg_4.3.17.0.exe
C:\Users\TOSHIBA\AppData\Local\Temp\ICReinstall_MyPublicWiFi_Crack_Full_Version_Serial_Key_Free_rel_.exe
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
Restore point date: 2016-10-25 06:39
Restore point date: 2016-10-25 06:40
Restore point date: 2016-10-25 06:50
Restore point date: 2016-10-25 07:29
Restore point date: 2016-10-25 07:41
Restore point date: 2016-10-25 15:27
Restore point date: 2016-10-25 15:49
Restore point date: 2016-10-25 15:56
Restore point date: 2016-10-25 16:04
Restore point date: 2016-10-25 16:05
Restore point date: 2016-10-25 16:05
Restore point date: 2016-10-25 16:11
Restore point date: 2016-10-25 16:13
Restore point date: 2016-10-25 16:33
Restore point date: 2016-10-25 16:43
Restore point date: 2016-10-25 17:10
Restore point date: 2016-10-26 04:54
 
==================== Memory info ===========================  
 
Percentage of memory in use: 13%
Total physical RAM: 3894.78 MB
Available physical RAM: 3354.55 MB
Total Virtual: 3893.06 MB
Available Virtual: 3359.51 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:161.04 GB) (Free:60.11 GB) NTFS
Drive e: () (Fixed) (Total:161.13 GB) (Free:28.96 GB) NTFS
Drive f: () (Fixed) (Total:143.49 GB) (Free:21.83 GB) NTFS
Drive h: (MHD ALRIFAI) (Removable) (Total:7.46 GB) (Free:7.46 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C09FE554)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=161 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=161.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=143.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
 
LastRegBack: 2016-10-24 14:58
 
==================== End of FRST.txt ============================

Edited by hamluis, 26 October 2016 - 03:05 PM.


BC AdBot (Login to Remove)

 


#2 Motrius

Motrius
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:40 AM

Posted 27 October 2016 - 03:26 PM

still here waiting for help
can anyone help with that here :blush: :blush: :blush:



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:40 AM

Posted 31 October 2016 - 12:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/630654 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:40 AM

Posted 05 November 2016 - 12:35 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users