Having problems logging into my laptop in normal boot

[RoNiN1991]

As the title states, I'm having problems with logging in. I am currently typing this up on my laptop in safe mode with networking. Logging into safe mode always seems to work. I already tried changing the settings in MSConfig, and although it worked right off the bat, it logged me in and everything seemed fine. When i decided to click on Firefox to figure out what I could do to figure out what was wrong, the taskbar froze. My mouse was still moveable and i could highlight things on the desktop. When i tried double-clicking on something on the desktop, that froze as well, and my whole computer was rendered immobile. no ctrl-alt-dlt, no ctrl-shift-esc. Nothing.


A few days ago, I had the FBI scam invade my laptop, I got rid of it with MS security essentials, and eventually malwarebytes. As soon as Malwarebytes deleted the last of it yesterday, it started having this problem. Any help would be appreciated, thank you.

Specs:

Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz (2 of these.)
2GB RAM

 

[cottonball]

RoNiN1991,

See if you can download the programs that follow in Safe Mode with Networking:


Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:
Select the version with the x64.
Click the dark-blue button to download.
Save to the Desktop.


Close all windows and browsers.

Right-click and select: Run as Administrator


At the program console, wait for the prescan to finish. (Under Status, it says: Prescan finished.)


Press: SCAN


When done, a report opens on the Desktop: RKreport.txt


Please provide the RKreport.txt (Mode: Scan) in your reply.







~~~~
Also download the Farbar Recovery Scan Tool
Select the 64-bit version.



Save it to your Desktop.

• Double-click the downloaded file to run it.
• When the tool opens click Yes to disclaimer.
• Press the Scan button.
• FRST64 makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).

Please provide the FRST.txt in your reply. <<---



The first time the tool is run, it also makes another log: Addition.txt
Also post the Addition.txt in your reply. <<---

 

[RoNiN1991]

View attachment Addition.txt

View attachment FRST.txt

View attachment RKreport[1]_S_05242013_02d2142.txt

Ok, so i just got back from work and did as you asked.

Attached are the reports! thanks,

Ronin

 

[cottonball]

It appears you ran the reports from normal Windows. Also, do not see any malware.

Please open Malwarebytes Anti-Malware, and go to the Logs tab.

Find the reports that dealt with the ransomware issue, and provide them in your reply.
Let's see what those removed.

 

[RoNiN1991]

Oh yeah, sorry I forgot to mention that I system restored a bit after posting this. It seems to have solved the problem, but I don't know if it got rid of the bug.. as for Malware bytes, this System Restore is before i installed MB, so I no longer have it installed. I apologize for that.

 

[cottonball]

If you went the System Restore route, can I presume you went to a point before you got the ransomware?

The FRST report showed these files:
C:\Windows\system32\drivers\qdxohhti.sys [x]
C:\Windows\system32\drivers\ryzqqooa.sys [x]

However, they look like inactive remnants. Please do a search and see if they are present, but, I doubt it.

 

[RoNiN1991]

No, this is after, as this was the earliest restore point i had. I did not find any of those "drivers" in the drivers folder. when I did log on, i got a SVChost error, which my buddy came to the conclusion it could very have been the bug dying off.

 

[cottonball]

Try the computer for a couple of days and see how it goes.

If you have any malware problems, post back.

Good luck!!

 

[RoNiN1991]

Will do, thanks a lot, guru guy!