Jump to content

AllanGay

Honorary Members
  • Content Count

    76
  • Joined

  • Last visited

Community Reputation

0 Neutral

About AllanGay

  • Rank
    Regular Member
  1. Ok, working on this. The first registry key was not there, so I'll skip it and find the ones I can find.
  2. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2013 01 Ran by SYSTEM at 27-02-2013 00:05:33 Running from F:\ Windows Vista Home Premium (X86) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [igfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE [x] HKLM\...\Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE [x] HKLM\...\Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE [x] HKLM\...\Run: [TPwrMain] .EXE [x] HKLM\...\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [448080 2007-06-15] (TO
  3. Frst.txt Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-02-2013 (ATTENTION: FRST version is 20 days old) Ran by SYSTEM at 26-02-2013 19:08:52 Running from F:\ Windows Vista Home Premium (X86) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [igfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE [x] HKLM\...\Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE [x] HKLM\...\Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE [x] HKLM\...\Run: [TPwrMain] .EXE [x] HKLM\...\Run: [smoothView] %ProgramFiles%\Toshiba\Sm
  4. i'm getting nowhere. everytime the system has to restart. nothing happens due to the fact that none of these programs work in normal mode. Combofix ran. it found rootkit.zeroaccess. it needed to reboot to remove the rootkit. it said if the internet services did not return to run Combofix one more time. nothing changed. so, i ran combo fix again, and, the same results happened twice. there was no log created. i went to c:\combofix to search for the text file. i did not find it. while in combo fix i double clicked on some of the .cmd and some of them ran, sme returned failed attempts due to not
  5. FSS.text Farbar Service Scanner Version: 30-01-2013 Ran by Morgan (administrator) on 25-02-2013 at 19:56:24 Running from "C:\Users\Morgan\Desktop" Windows Vista Home Premium Service Pack 2 (X86) Boot Mode: Network **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Attempt to access Google.com returned error: Other errors Attempt to access Yahoo IP returned error. Attempt to access Yahoo.com returned error: Other errors Windows Fire
  6. After running ServicesRepairTool(SafeMode) this is the FFS.txt log Farbar Service Scanner Version: 30-01-2013 Ran by Morgan (administrator) on 25-02-2013 at 18:37:46 Running from "C:\Users\Morgan\Desktop" Windows Vista Home Premium Service Pack 2 (X86) Boot Mode: Network **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Attempt to access Google.com returned error: Other errors Attempt to access Yahoo IP returned error. Attempt to
  7. RoguekillerReport RogueKiller V8.5.0 [Feb 9 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Safe mode with network support User : Morgan [Admin rights] Mode : Scan -- Date : 02/25/2013 18:08:57 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [iFEO] HKLM\[...]\d3d9caps.dat : Debugger (IFEO_Dummy.exe) -> FOUND
  8. exehelperlog.txt exeHelper by Raktor Build 20100414 Run at 17:58:26 on 02/25/13 Now searching... Checking for numerical processes... Checking for sysguard processes... Checking for bad processes... Checking for bad files... Checking for bad registry entries... Resetting filetype association for .exe Resetting filetype association for .com Resetting userinit and shell values... Resetting policies... --Finished-- FSSlog.txt Farbar Service Scanner Version: 30-01-2013 Ran by Morgan (administrator) on 25-02-2013 at 18:00:48 Running from "C:\Users\Morgan\Desktop" Windows Vista Home Premium Service
  9. I found these 2 registry entries, i think they are not helping HKLM\Software\Polocies\Microsoft\Windows NT\SystemRestore - DisableSR HKLM\Software\Polocies\Microsoft\Windows NT\SystemRestore - DisableConfig
  10. Next i selected the Registry tab and deleted the following: HJPOL HKCU Software\Micrsoft\Windows\CurrentVersion\Policies\System Disableregistrytools RogueKiller V8.5.0 [Feb 9 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Safe mode with network support User : Morgan [Admin rights] Mode : Remove -- Date : 02/25/2013 13:04:21 | ARK || FAK
  11. OK, there were missing registry keys that need to be replaced, You attached the following zip files: legacy_mpssvc.zip legacy_bfe.zip legacy_sdrsvc.zip legacy_bits.zip I unzipped those files and saved to the Desktop, They were renamed: legacy_mpssvc.reg legacy_bfe.reg legacy_sdrsvc.reg legacy_bits.reg Next I did the following: Windows key+R), type regedit and clicked OK. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root Right-Click Root and selected Permissions... Clicked Advanced. Under Owner tab selected the entry starting with my user name, example: Farbar(Farbar-PC\Farbar)
  12. Also, there is no tweaking.com_windows_repair_log. It never appeared to fully run. because apon system restart it would not work in normal mode and if I pressed f8 it still never cntinued any further actions maybe that is why there is not a log.
  13. ok Kevin there has been much progress. There are some things still unresolved also. Originally in normal mode the following items returned the response, The specified service does not exist as an installed service: The Local Internet Connection/Connect to a network Volume Control USB ports Any files ending .exe McAfee anti virus Malwarebytes Anti-Malware Pictures Videos Now, at this point the Volume Control, USB ports, Pictures and Videos have returned in normal mode. Some funtionality to the Network Connection has returned but not all. if you hover over the computer icon in the system tray i
  14. Ok i ran the program from Tweaking.com as instructed above. however, there was no file named c:\tweaking.com_windows_repair_logs. I did find these logs in the log folder in the tweaking.com folder: Windows_repair_hkey_local_machine_3_log.txt WARNING HKEY_LOCAL_MACHINE\SOFTWARE\Classes\* : registry key is skipped (contains wildcard) WARNING HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard) WARNING HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\iexplore\AllowedDomains\
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.