Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC Won't Boot After AVG and Tuneup Scan

Started by dogbiscuit , Jul 25 2012 07:04 AM

  • Please log in to reply

#31
dogbiscuit
Posted 05 August 2012 - 10:55 AM

dogbiscuit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
All processes killed
========== OTL ==========
ADS C:\Users\Craig\Documents\cd template.pdf:KAVICHS deleted successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\Program Files (x86)\Common Files\microsoft shared:ZcMchpRxZM2lNr8iw3FWl6 deleted successfully.
ADS C:\ProgramData\Microsoft:H9gunSY2oVEBJrR8T1DAY2Np5 deleted successfully.
ADS C:\Program Files (x86)\Common Files\microsoft shared:cljO77IkAzDa0qBu deleted successfully.
ADS C:\ProgramData\TEMP:05D195EC deleted successfully.
ADS C:\Program Files (x86)\Common Files\microsoft shared:ipnEUZJzYf9e5dwcxhQbyUqOexk deleted successfully.
ADS C:\ProgramData\Microsoft:raYbUrgggiliYrsLwG3bgxm deleted successfully.
ADS C:\ProgramData\Microsoft:ntizPTZpAk6D6hXPFAxCsL8WLKj deleted successfully.
ADS C:\ProgramData\Microsoft:IRrMIt4FL0bjIKAVKtkA4rL deleted successfully.
ADS C:\ProgramData\Microsoft:piE57bDemQnlPaGKgWB7qierbkVE deleted successfully.
ADS C:\ProgramData\Microsoft:q47BEU6QYafQatq9DV2a deleted successfully.
ADS C:\ProgramData\Microsoft:CLbvzHtVjGwubWAhmeX9ofy deleted successfully.
ADS C:\Users\Craig\AppData\Local\jCaV5HoWNYv691:lZpZQFdzcXrXNoaWRYKg deleted successfully.
ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
ADS C:\Program Files\Common Files\Microsoft Shared:cljO77IkAzDa0qBu deleted successfully.
Mount Point C:\Windows\system64 removed successfully!
========== FILES ==========
C:\Users\Craig\AppData\Local\jCaV5HoWNYv691 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Craig
->Temp folder emptied: 472111911 bytes
->Temporary Internet Files folder emptied: 9073197 bytes
->Java cache emptied: 468226 bytes
->FireFox cache emptied: 53728398 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 73324 bytes
->Flash cache emptied: 831 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 111319 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 1657080 bytes

Total Files Cleaned = 512.00 mb


OTL by OldTimer - Version 3.2.55.0 log created on 08052012_175040

Files\Folders moved on Reboot...
C:\Users\Craig\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Craig\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...
  • 0

Advertisements

#32
Amlak
Posted 06 August 2012 - 04:20 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
  • Go to here
  • Click the download button under Kaspersky Security Scan
  • Download and run the file
  • It will start to download the Kaspersky Security Scan program data
  • Once downloaded the installer will begin
  • Click Next
  • Accept the License Agreement
  • Click Install
  • The program will now install
  • Click Finish
  • Kaspersky Security Scan will now start

    Posted Image
  • Click the Full Scan button

    Posted Image
  • The scan will take about an hour or two depending on the amount of data on your hard drive
  • If the scan detects problems it will open a Problems found window (you can click Details to view the scan results)

    Posted Image
  • Once the scan is complete do the following:
    • For XP: Navigate to C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot
      For Vista/7: Navigate to C:\ProgramData\Kaspersky Lab\KSS2\DataRoot
    • Right-click on the HtmlReport folder --> Click Send to --> Click Compressed (zipped) folder
    • Attach the HtmlReport zipped folder to your next post
      Posted Image
      Posted Image
      Posted Image
  • You can now close Kaspersky Security Scan

  • 0

#33
dogbiscuit
Posted 07 August 2012 - 09:14 AM

dogbiscuit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
Ok, here it is.

Attached Files


  • 0

#34
Amlak
Posted 07 August 2012 - 05:43 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  • 0

#35
dogbiscuit
Posted 09 August 2012 - 09:17 AM

dogbiscuit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.6
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 26
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 12.0 Firefox out of Date!
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.60
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#36
Amlak
Posted 11 August 2012 - 05:37 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Oops, forgot about you. Sorry about that. There's still a few more left to do. Hold on.
  • 0

#37
Amlak
Posted 11 August 2012 - 06:01 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, dogbiscuit. Any issues still with the Internet?

Please update Mozilla Firefox and Adobe Reader to the latest versions respectively.

Also, update Java to the latest version, too. An easy way would be the following:

Please download JavaRa to the Desktop and unzip it to its own folder.
  • Run JavaRa.exe, pick the language of your choice and click Select.
  • Then click Remove Older Versions. Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button.
  • Download and install the latest Java Runtime Environment (JRE) version for your computer.

******
NEXT
******

Warning This fix is only relevant for this system and no other, using it on another computer may cause problems

Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :Files
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Deleted Items\301A01A1-0000002F.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Deleted Items\45AA026D-0000002A.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Deleted Items\687A5249-00000028.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\00E25DF4-0000390D.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\1443614A-000033F1.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\18630F59-0000009F.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\1945053A-00003313.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\28967E79-000033ED.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\5D75253C-00000145.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\5E0C74C4-000033E8.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\6DF15AF1-000000A5.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Deleted Items\5D8E28CF-0000012D.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Deleted Items\6A404265-00000123.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Mail\Local Folders\Deleted Items\34BB6E03-00000124.eml
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Mail\Local Folders\Deleted Items\6B480872-0000012E.eml
  • Then click the Run Fix button at the top.
  • Post the log it produces in your next reply.

  • 0

#38
dogbiscuit
Posted 11 August 2012 - 11:00 AM

dogbiscuit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
Ok, done all that. Still no more internet problems.
Here is the log:

========== FILES ==========
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Deleted Items\301A01A1-0000002F.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Deleted Items\45AA026D-0000002A.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Deleted Items\687A5249-00000028.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\00E25DF4-0000390D.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\1443614A-000033F1.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\18630F59-0000009F.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\1945053A-00003313.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\28967E79-000033ED.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\5D75253C-00000145.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\5E0C74C4-000033E8.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\pop.iomartm 71f\Junk E-mail\6DF15AF1-000000A5.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Deleted Items\5D8E28CF-0000012D.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Deleted Items\6A404265-00000123.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Mail\Local Folders\Deleted Items\34BB6E03-00000124.eml moved successfully.
C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows Mail\Local Folders\Deleted Items\6B480872-0000012E.eml moved successfully.

OTL by OldTimer - Version 3.2.55.0 log created on 08112012_175855
  • 0

#39
Amlak
Posted 11 August 2012 - 11:52 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Congratulations, your computer seems all good now. Time to wrap things up for good this time!

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the Cleanup button. It will remove all the program we may have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use may change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Now that you are clean, to help protect your computer in the future I recommend that you get/keep the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Enjoy your computer.
  • 1

#40
dogbiscuit
Posted 11 August 2012 - 04:20 PM

dogbiscuit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
Great stuff Amlak! Thanks so much for all your time and expertise :D I was really worried when my PC first crashed as I felt I was running out of options, and you have saved the day! It's muchly appreciated.
So to summarize, we've removed the bug and taken measures to make sure it's all secure now?
How do I go about making a small donation?
  • 0

Advertisements

#41
Amlak
Posted 11 August 2012 - 07:03 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
You're welcome, dogbiscuit. I'm very happy for you. As I said before, I can't really guarantee that your computer is perfectly secure, but from what I can see I believe it is.

Concerning the Internet issue, if it ever does happen again, you could always try the Networking section of this forum (as I believe it's not a malware issue but something else). Hopefully, the issue has been resolved, though.

As for donation, as I don't have an account set up for donation, if you're feeling grateful, you could always click the + next to the Like button at the bottom of my posts to give me a rep instead. That would be more than enough thanks for me. :P
  • 1

#42
dogbiscuit
Posted 13 August 2012 - 05:04 PM

dogbiscuit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
Oki doki Amlak, I will do just that. Thanks for the advice, I suspected also that the internet hasn't been a malware issue. Still working fine though so hopefully sorted.
Many thanks! :)
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP