Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

computer crash [Solved]


  • This topic is locked This topic is locked
120 replies to this topic

#31 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 26 May 2014 - 10:13 AM

Your system is through a variety of errors.  Things are starting as they should.  I'm not seeing any malware, so let's see if we can kick start the operating system.

 

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22002979.gif



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22002980.gif


Go to Step 4 and under "System Restore" click on Create button:

p22002982.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22003030.gif

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

    Advertisements

Register to Remove


#32 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 29 May 2014 - 07:27 AM


System Variables
--------------------------------------------------------------------------------
OS: Windows 8
OS Architecture: 64-bit
OS Version: 6.2.9200
OS Service Pack:
Computer Name: PURPLE
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\l
Current Profile SID: S-1-5-21-2497467096-1107912187-4260812050-1001
Current Profile Classes: S-1-5-21-2497467096-1107912187-4260812050-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\l\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:05:37

Process Count: 63
Commit Total: 1.56 GB
Commit Limit: 12.31 GB
Commit Peak: 2.38 GB
Handle Count: 23731
Kernel Total: 296.94 MB
Kernel Paged: 197.67 MB
Kernel Non Paged: 99.27 MB
System Cache: 1.42 GB
Thread Count: 986
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 11.92 GB
Memory Used: 1.49 GB(12.5231%)
Memory Avail.: 10.43 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 11.92 GB
Memory Used: 1.31 GB(11.0113%)
Memory Avail.: 10.61 GB
--------------------------------------------------------------------------------

Starting Repairs...
Start (5/28/2014 8:01:50 AM)

01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (5/28/2014 8:01:53 AM)
Running Repair Under Current User Account
Done (5/28/2014 8:01:57 AM)

01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (5/28/2014 8:01:57 AM)
Running Repair Under System Account
Done (5/28/2014 8:04:06 AM)

01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (5/28/2014 8:04:06 AM)
Running Repair Under System Account
Done (5/28/2014 8:04:44 AM)

03 - Reset Service Permissions
Start (5/28/2014 8:04:44 AM)
Running Repair Under System Account
Done (5/28/2014 8:04:49 AM)

04 - Register System Files
Start (5/28/2014 8:04:49 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:05:26 AM)

05 - Repair WMI
Start (5/28/2014 8:05:26 AM)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
Windows Defender Exported.
avast! Antivirus Exported.

Exporting AntiSpyware Info...
Windows Defender Exported.
avast! Antivirus Exported.

Exporting 3rd Party Firewall Info...
avast! Antivirus Exported.

Running Repair Under Current User Account
Done (5/28/2014 8:09:35 AM)

06 - Repair Windows Firewall
Start (5/28/2014 8:09:35 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:11:07 AM)

07 - Repair Internet Explorer
Start (5/28/2014 8:11:07 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:11:29 AM)

08 - Repair MDAC/MS Jet
Start (5/28/2014 8:11:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:11:38 AM)

09 - Repair Hosts File
Start (5/28/2014 8:11:38 AM)
Running Repair Under System Account
Done (5/28/2014 8:11:40 AM)

10 - Remove Policies Set By Infections
Start (5/28/2014 8:11:40 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:11:45 AM)

11 - Repair Start Menu Icons Removed By Infections
Start (5/28/2014 8:11:45 AM)
Running Repair Under System Account
Done (5/28/2014 8:11:47 AM)

12 - Repair Icons
Start (5/28/2014 8:11:47 AM)
Running Repair Under Current User Account
Done (5/28/2014 8:11:49 AM)

13 - Repair Winsock & DNS Cache
Start (5/28/2014 8:11:49 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:00 AM)

15 - Repair Proxy Settings
Start (5/28/2014 8:12:00 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:05 AM)

17 - Repair Windows Updates
Start (5/28/2014 8:12:05 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:22 AM)

18 - Repair CD/DVD Missing/Not Working
Start (5/28/2014 8:12:22 AM)
iTunes not found, not applying UpperFilters iTunes Reg Key
Done (5/28/2014 8:12:22 AM)

19 - Repair Volume Shadow Copy Service
Start (5/28/2014 8:12:22 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:29 AM)

21 - Repair MSI (Windows Installer)
Start (5/28/2014 8:12:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:38 AM)

23.01 - Repair bat Association
Start (5/28/2014 8:12:38 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:42 AM)

23.02 - Repair cmd Association
Start (5/28/2014 8:12:42 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:47 AM)

23.03 - Repair com Association
Start (5/28/2014 8:12:47 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:52 AM)

23.04 - Repair Directory Association
Start (5/28/2014 8:12:52 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:12:56 AM)

23.05 - Repair Drive Association
Start (5/28/2014 8:12:56 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:01 AM)

23.06 - Repair exe Association
Start (5/28/2014 8:13:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:06 AM)

23.07 - Repair Folder Association
Start (5/28/2014 8:13:06 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:10 AM)

23.08 - Repair inf Association
Start (5/28/2014 8:13:10 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:15 AM)

23.09 - Repair lnk (Shortcuts) Association
Start (5/28/2014 8:13:15 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:20 AM)

23.10 - Repair msc Association
Start (5/28/2014 8:13:20 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:24 AM)

23.11 - Repair reg Association
Start (5/28/2014 8:13:24 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:29 AM)

23.12 - Repair scr Association
Start (5/28/2014 8:13:29 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:34 AM)

24 - Repair Windows Safe Mode
Start (5/28/2014 8:13:34 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:38 AM)

25 - Repair Print Spooler
Start (5/28/2014 8:13:38 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:51 AM)

26 - Restore Important Windows Services
Start (5/28/2014 8:13:51 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:13:56 AM)

27 - Set Windows Services To Default Startup
Start (5/28/2014 8:13:56 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:14:00 AM)

28 - Repair Windows 8 App Store
Start (5/28/2014 8:14:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/28/2014 8:14:15 AM)

29 - Repair Windows 8 Component Store
Start (5/28/2014 8:14:15 AM)
Running Repair Under Current User Account
Done (5/28/2014 8:54:30 AM)

30 - Restore Windows 8 COM+ Unmarshalers
Start (5/28/2014 8:54:30 AM)
Running Repair Under System Account
Processing ACL of: <classes_root\Unmarshalers>

SetACL finished with error(s):
SetACL error message: The call to SetNamedSecurityInfo () failed
Operating system error message: Access is denied.

Done (5/28/2014 8:54:33 AM)

Cleaning up empty logs...

All Selected Repairs Done.
Done (5/28/2014 8:54:33 AM)
Total Repair Time: 00:52:45


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account

#33 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 30 May 2014 - 11:34 AM

So... how does it seem to be running now?


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#34 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 31 May 2014 - 05:22 AM

seems ok but not much time on it. My network set up by my hubby is dosgatos. I still don't know what all this purple jazz is. My administrator name is also purple.

#35 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 01 June 2014 - 10:31 PM

I may be misunderstanding again.

 

Is your administrator name supposed to be purple or is this something "unknown" to you?

 

Based on the information in the logs you have provided... your computers name is purple.  I can't seem to get my AVAST! to give me network information like you saw... but my believe is that it told you that the computer named purple was connected to the internet through Time Warner.


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#36 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 02 June 2014 - 05:11 AM

I have no clue what my administrator name should be, I know I would not set up up as purple and the "another" network AVAST found purple.wi.rr.com is still unknown to me. The network my husband set up and that I put in the password for when I set the computer up is dosgatos.

Yesterday I found $900 worth of fraudulent charges on a credit card that hasn't left my possession. I am assuming it is related to whatever was going on with the computer before. Strange networks bother me. I am guessing BestBuy set up the administrator stuff, but I never even gave them a road runner addy AND I never heard of purple@wi.rr.com until we started working. True enough that I do connect to the internet via road runner. How does the computer determine the administrator?

I am probably going to get a new router soon because the one I have is old as dirt. When I set it up will that get rid of all this purple nonsense?

Edited by wilma1313, 02 June 2014 - 07:39 AM.


#37 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 02 June 2014 - 10:27 AM

The name "purple" should have nothing to do with your router.  It is the name of your computer.

 

Have a look here where you can see the name and change it if you wish:  http://www.eightforu...indows-8-a.html


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#38 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 02 June 2014 - 09:10 PM

I know we have been going round and round with this but I still don't understand this purple network or purple roadrunner address BUT I am actually leaving town tomorrow and won't be back until next Monday.

Computer seems to be running great. I am guessing we probably still have a few things that need doing. Are you able to wait for me to return home?

#39 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 03 June 2014 - 11:59 AM

I'll be here. :)

 

All we have is housekeeping:

 

 

  • Click START then RUN
  •  
  • Now type ComboFix /Uninstall in the runbox  and click OK.
  • Note the space between the X and the U, it needs to be there.
  • Combofix_uninstall_image.jpg

The above procedure will:

  • Implement some cleanup procedures.
  • Reset System Restore.

 

 

We need to remove the tools we've used during cleaning your machine
 

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run

The program will run for a few moments and then notepad will open with a log. I don't need to see it, so you don't need to post it.

Please re-enable any security that was disabled.

 

 

The following is my standard advice for the future.  Use what you can and pat yourself on the back for what you're already doing.

Please take time to read Preventing Malware - Tools and Practices for Safe Computing.  Very important information for your consideration is contained therein.

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein


Also: "How to prevent malware" 
by miekiemoes

Please respond back that you understand the above and let me know if you have any questions.  Otherwise, this thread will be closed Resolved.  :thumbup:
 


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#40 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 09 June 2014 - 07:27 AM

HI,
I don't have a start button so not sure how to get to the run function?

    Advertisements

Register to Remove


#41 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 09 June 2014 - 07:53 AM

Hold the windows logo key and then press R.  This will bring up the run box.


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#42 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 09 June 2014 - 08:18 AM

HI,

The first time I tried to download Delfix I was directed to a page saying it couldn't be opened but that I could fix it by clicking a link. I did NOT click the link. Second time the Delfix download worked. Obviously the first try was a misdirect and probably would have not been good had I clicked that link.

I am unable to open PDF's at the moment also.

#43 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 09 June 2014 - 08:34 AM

What do you usually use for .pdf files?  Adobe Reader?


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#44 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 09 June 2014 - 08:47 AM

Doggone it I have something new going on. Very slow computer now and more redirects than not when I try to go anywhere. I believe it is adobe I use for PDF's, not sure, they always just opened before. Hubby uses this computer. NOt sure where he keeps picking up this junk.

Here is a copy paste of where I keep getting redirected. Buggers can't even spell.

Internet Explorer cannot display the web page
Launch HP Network Check
________________________________________
An issue prevented Internet Explorer from displaying the web page. Click the button above to launch HP Network Check to automatically diagnose and repair the issue.
About HP Network Check
• Can automatically detect, diagnose and repair many common network issues
• Integrated with Windows Network Diagnostics Framework, so it runs both simultaneusly
• Provides clear instructions to resolve issues that cannot be fixed automatically
• Shows key system and network information for easier troubleshooting

#45 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 10 June 2014 - 07:34 AM

Yesterday I had a clean Malware bytes scan. Today I have 242 malicious items. I have not deleted them yet and I saved a copy of the scan log. I really don't get it. We hardly even use this computer.

Edited by wilma1313, 10 June 2014 - 08:03 AM.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users