Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer won't boot after using malwarebytes -- FRST log included

Started by SJ1280 , Feb 16 2015 12:41 PM

  • This topic is locked This topic is locked

#1
SJ1280
Posted 16 February 2015 - 12:41 PM

SJ1280

    New Member

  • Member
  • Pip
  • 2 posts

Hi everyone,

 

I'm not exactly sure what I'm doing here, but I recently installed and used Malware Bytes. It detected and fixed one corrupted file and then told me to restart. However, my computer will no longer boot. The first time, it seemed to boot, but only my desktop background image came up and nothing else loaded. I tried a few more times, and now only a block screen comes up. I've tried a system repair and a system recovery to no avail. Here is the log from my frst64 scan. Thanks in advance for any help I may receive!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by SYSTEM on MININT-TSM1EQK on 16-02-2015 12:27:41
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2012-02-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-02-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-02-25] (Lenovo)
HKLM-x32\...\Run: [S6000Mnt] => C:\windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [383344 2010-12-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-02-25] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Stephen Jandovitz\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\Stephen Jandovitz\...\Run: [Spotify Web Helper] => C:\Users\Stephen Jandovitz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-20] (Spotify Ltd)
HKU\Stephen Jandovitz\...\Run: [googletalk] => C:\Users\Stephen Jandovitz\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\Stephen Jandovitz\...\Run: [ROC_ROC_APR2013_AV] => C:\Users\Stephen Jandovitz\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 25d79b24fe3347d0995b2197b736c1a0-d1848bbdc20f50e480597ff1685d5bf33d334f24 --CMPID ROC_APR2 (the data entry has 24 more characters).
HKU\Stephen Jandovitz\...\Run: [Google Update] => C:\Users\Stephen Jandovitz\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-30] (Google Inc.)
HKU\Stephen Jandovitz\...\Run: [MusicManager] => C:\Users\Stephen Jandovitz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2014-11-13] (Google Inc.)
HKU\Stephen Jandovitz\...\RunOnce: [Uninstall C:\Users\Stephen Jandovitz\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephen Jandovitz\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\Stephen Jandovitz\...\RunOnce: [Uninstall C:\Users\Stephen Jandovitz\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephen Jandovitz\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714"
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-15] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-11] (Microsoft Corporation)
S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2014-11-03] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293272 2010-12-23] (Windows ® Win 7 DDK provider)
S3 BcmSqlStartupSvc; No ImagePath
S2 CLKMSVC10_3A60B698; No ImagePath
S2 CLKMSVC10_C3B3B687; No ImagePath
S2 DriverService; No ImagePath
S2 IAStorDataMgrSvc; No ImagePath
S2 iATAgentService; No ImagePath
S2 idealife Update Service; No ImagePath
S3 IGRS; No ImagePath
S2 IviRegMgr; No ImagePath
S2 nvUpdatusService; No ImagePath
S2 Oasis2Service; No ImagePath
S2 PCCarerService; No ImagePath
S2 ReadyComm.DirectRouter; No ImagePath
S2 RichVideo; No ImagePath
S2 RtLedService; No ImagePath
S2 SeaPort; No ImagePath
S2 SoftwareService; No ImagePath
S3 SQLWriter; No ImagePath
S2 Stereo Service; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 12:27 - 2015-02-16 12:27 - 00000000 ____D () C:\FRST
2015-02-16 07:01 - 2015-02-16 08:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-02-16 07:01 - 2015-02-16 07:01 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-16 07:00 - 2015-02-16 07:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-16 07:00 - 2015-02-16 07:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-16 07:00 - 2014-11-21 03:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-02-16 07:00 - 2014-11-21 03:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2015-02-16 07:00 - 2014-11-21 03:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2015-02-16 06:53 - 2015-02-16 06:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephen Jandovitz\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-16 05:20 - 2015-02-16 06:45 - 00005425 _____ () C:\Users\Stephen Jandovitz\Desktop\avgrep.txt
2015-02-15 07:38 - 2015-02-15 08:17 - 00002720 _____ () C:\Windows\System32\avgrep.txt
2015-02-14 03:54 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-02-14 03:54 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-02-14 03:54 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 03:54 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-13 06:09 - 2015-02-13 06:09 - 00062438 _____ () C:\Users\Stephen Jandovitz\Downloads\open source 30012015 - Edited (with tracked changes) (1).odt
2015-02-13 06:02 - 2015-02-13 06:02 - 00062438 _____ () C:\Users\Stephen Jandovitz\Downloads\open source 30012015 - Edited (with tracked changes).odt
2015-02-11 04:33 - 2015-02-11 04:33 - 00031999 _____ () C:\Users\Stephen Jandovitz\Downloads\open source 30012015  - kind of fixed.odt
2015-02-11 02:28 - 2015-02-11 02:28 - 00000000 ____D () C:\ecf5d2d8a4c4cf62ff7fc2b646
2015-02-11 00:27 - 2015-02-11 00:27 - 00000000 ____D () C:\3242d8dd8e0924a4649c91
2015-02-10 20:34 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-02-10 20:34 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 20:34 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-02-10 20:34 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-02-10 20:34 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-02-10 20:34 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-02-10 20:34 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-02-10 20:34 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-02-10 20:34 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-02-10 20:34 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-02-10 20:34 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-02-10 20:34 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-02-10 20:34 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-02-10 20:34 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-02-10 20:34 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-02-10 20:34 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 20:34 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-10 20:34 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 20:34 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-02-10 20:34 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-10 20:34 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 20:34 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-02-10 20:34 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-02-10 20:34 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 20:34 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 20:34 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 20:34 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-02-10 20:34 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 20:34 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 20:34 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 20:34 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 20:34 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 20:34 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-02-10 20:34 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-02-10 20:34 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-02-10 20:34 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-02-10 20:34 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 20:34 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-02-10 20:34 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 20:34 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 20:34 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 20:34 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 20:34 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-02-10 20:34 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 20:34 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 20:34 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 20:34 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 20:34 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-02-10 20:34 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-02-10 20:34 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 20:34 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 20:34 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 20:34 - 2014-10-03 18:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-02-10 20:34 - 2014-10-03 17:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 20:34 - 2014-10-03 17:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 20:33 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-02-10 20:33 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-02-10 20:33 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-02-10 20:33 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-02-10 20:33 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-02-10 20:33 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2015-02-10 20:33 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-02-10 20:33 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2015-02-10 20:33 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-02-10 20:33 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-02-10 20:33 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-02-10 20:33 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-02-10 20:33 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-02-10 20:33 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-02-10 20:33 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 20:33 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 20:30 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-02-10 20:30 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-02-10 20:30 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-02-10 20:30 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-02-10 20:30 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-02-10 20:30 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-02-10 20:30 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-02-10 20:30 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-02-10 20:30 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-02-10 20:30 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-02-10 20:30 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-02-10 20:30 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 20:30 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 20:30 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 20:30 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 20:30 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 20:30 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 20:30 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2015-02-10 20:30 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-02-10 20:30 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-02-10 20:30 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-02-10 20:30 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-02-10 20:30 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 20:30 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 20:30 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 20:30 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2015-02-10 20:30 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 20:30 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-02-10 20:30 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 20:30 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2015-02-10 20:30 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 20:30 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2015-02-10 20:30 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 20:30 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-02-10 20:30 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-02-10 20:30 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 20:30 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 20:29 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-02-06 16:40 - 2015-02-06 16:40 - 00007933 _____ () C:\Users\Stephen Jandovitz\Downloads\Istvan Invoice 2.6.15.xlsx
2015-02-06 00:56 - 2015-02-08 01:26 - 00196608 _____ () C:\Users\Stephen Jandovitz\Documents\Bleacher Report February Invoice.xls
2015-02-04 11:04 - 2013-04-04 02:00 - 00391168 _____ (CANON INC.) C:\Windows\System32\CNMLMBV.DLL
2015-02-04 11:03 - 2013-02-04 12:12 - 00367104 _____ (CANON INC.) C:\Windows\System32\CNC_BVL.dll
2015-02-04 11:03 - 2012-11-26 09:32 - 00088576 _____ () C:\Windows\System32\CNC176ED.TBL
2015-02-04 11:03 - 2012-11-08 10:04 - 00282624 _____ (CANON INC.) C:\Windows\System32\CNC_BVC.dll
2015-02-04 11:03 - 2012-11-08 10:03 - 00106496 _____ (CANON INC.) C:\Windows\System32\CNC_BVI.dll
2015-02-01 10:07 - 2015-02-01 10:07 - 00007880 _____ () C:\Users\Stephen Jandovitz\Downloads\Istvan Invoice 1.30.15.xlsx
2015-01-31 20:14 - 2015-01-31 20:14 - 00196608 _____ () C:\Users\Stephen Jandovitz\Downloads\Stephen Jandovitz Bleacher Report January Invoice.xls
2015-01-31 20:13 - 2015-01-31 20:13 - 00196608 _____ () C:\Users\Stephen Jandovitz\Documents\Stephen Jandovitz Bleacher Report January Invoice.xls
2015-01-31 19:57 - 2015-01-31 19:57 - 00050416 _____ () C:\Users\Stephen Jandovitz\Downloads\Stephen Jandovitz Personalized Cheat Sheet - Week 5.xlsx
2015-01-25 10:47 - 2015-01-26 08:26 - 00196608 _____ () C:\Users\Stephen Jandovitz\Downloads\S_Jandovitz Bleacher Report January Invoice.xls
2015-01-25 08:27 - 2015-01-25 08:27 - 00050216 _____ () C:\Users\Stephen Jandovitz\Downloads\Stephen Jandovitz Personalized Cheat Sheet - Week 4 (2).xlsx
2015-01-24 09:19 - 2015-01-24 09:19 - 00000128 ____H () C:\Users\Stephen Jandovitz\Downloads\.~lock.apcheatsheet.doc#
2015-01-23 23:53 - 2015-01-23 23:53 - 00007974 _____ () C:\Users\Stephen Jandovitz\Downloads\Istvan Invoice 1.23.15.xlsx
2015-01-23 23:07 - 2015-01-23 23:07 - 00050258 _____ () C:\Users\Stephen Jandovitz\Downloads\Stephen Jandovitz Personalized Cheat Sheet - Week 4 (1).xlsx
2015-01-23 10:28 - 2015-01-23 10:28 - 00050191 _____ () C:\Users\Stephen Jandovitz\Downloads\Stephen Jandovitz Personalized Cheat Sheet - Week 4.xlsx
2015-01-20 08:20 - 2015-01-20 08:21 - 00262144 _____ () C:\Windows\Minidump\012015-45489-01.dmp
2015-01-18 00:41 - 2015-01-18 00:41 - 00008049 _____ () C:\Users\Stephen Jandovitz\Downloads\Istvan Invoice 1.16.15.xlsx
2015-01-18 00:35 - 2015-01-31 20:09 - 00196608 _____ () C:\Users\Stephen Jandovitz\Documents\Bleacher Report January Invoice.xls
2015-01-18 00:05 - 2015-01-18 00:05 - 00049843 _____ () C:\Users\Stephen Jandovitz\Downloads\Stephen Jandovitz Personalized Cheat Sheet.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 09:09 - 2012-02-25 07:03 - 00155071 _____ () C:\Windows\System32\fastboot.set
2015-02-16 09:05 - 2012-02-25 06:50 - 07659250 _____ () C:\FaceProv.log
2015-02-16 09:04 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-16 09:04 - 2009-07-13 20:51 - 00097165 _____ () C:\Windows\setupact.log
2015-02-16 08:36 - 2012-02-25 06:59 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-16 08:34 - 2012-02-25 06:59 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-16 08:05 - 2010-11-20 19:47 - 00149674 _____ () C:\Windows\PFRO.log
2015-02-16 08:03 - 2012-02-25 06:12 - 01920234 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 08:02 - 2013-10-30 16:45 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3323780571-4172756269-1259186514-1000UA.job
2015-02-16 08:02 - 2011-02-22 03:42 - 00000000 ____D () C:\Windows\ShellNew
2015-02-16 06:57 - 2009-07-13 21:13 - 00782510 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-02-16 06:57 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 06:57 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 06:54 - 2012-07-07 04:43 - 00000000 ____D () C:\Windows\System32\Drivers\AVG
2015-02-16 06:51 - 2012-02-25 06:50 - 00000000 ____D () C:\ProgramData\VeriFace
2015-02-13 13:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-02-13 12:52 - 2013-01-16 01:49 - 00000000 ____D () C:\Users\Stephen Jandovitz\AppData\Roaming\Skype
2015-02-13 12:41 - 2012-05-04 16:11 - 00000000 ____D () C:\Users\Stephen Jandovitz\AppData\Roaming\Spotify
2015-02-13 06:44 - 2012-05-04 16:12 - 00000000 ____D () C:\Users\Stephen Jandovitz\AppData\Local\Spotify
2015-02-13 02:36 - 2014-12-21 00:25 - 00000000 ____D () C:\Windows\System32\appraiser
2015-02-13 02:36 - 2014-05-06 23:00 - 00000000 ___SD () C:\Windows\System32\CompatTel
2015-02-13 02:02 - 2013-10-30 16:45 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3323780571-4172756269-1259186514-1000Core.job
2015-02-13 00:04 - 2012-05-05 06:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 02:23 - 2009-07-13 20:45 - 00465736 _____ () C:\Windows\System32\FNTCACHE.DAT
2015-02-11 00:26 - 2013-07-25 23:00 - 00000000 ____D () C:\Windows\System32\MRT
2015-02-11 00:03 - 2013-02-23 22:52 - 116773704 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-02-07 01:57 - 2013-10-30 16:45 - 00003950 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3323780571-4172756269-1259186514-1000UA
2015-02-07 01:57 - 2013-10-30 16:45 - 00003554 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3323780571-4172756269-1259186514-1000Core
2015-02-04 08:25 - 2012-02-25 06:59 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 08:25 - 2012-02-25 06:59 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-20 08:20 - 2013-02-15 13:48 - 502846853 _____ () C:\Windows\MEMORY.DMP
2015-01-20 08:20 - 2013-02-15 13:48 - 00000000 ____D () C:\Windows\Minidump
2015-01-17 00:05 - 2012-05-05 05:55 - 00775124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
 
Some content of TEMP:
====================
C:\Users\Stephen Jandovitz\AppData\Local\Temp\fx-runtime.exe
C:\Users\Stephen Jandovitz\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Stephen Jandovitz\AppData\Local\Temp\JavaIC.dll
C:\Users\Stephen Jandovitz\AppData\Local\Temp\msscct32.dll
C:\Users\Stephen Jandovitz\AppData\Local\Temp\oDeskUninstaller.exe
C:\Users\Stephen Jandovitz\AppData\Local\Temp\oDeskUpdater.exe
C:\Users\Stephen Jandovitz\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stephen Jandovitz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
Restore point made on: 2015-01-25 14:24:51
Restore point made on: 2015-02-02 11:28:37
Restore point made on: 2015-02-10 09:29:54
Restore point made on: 2015-02-11 00:01:23
Restore point made on: 2015-02-11 02:28:31
Restore point made on: 2015-02-13 00:00:53
Restore point made on: 2015-02-16 06:55:30
 
==================== Memory info =========================== 
 
Percentage of memory in use: 17%
Total physical RAM: 4010.14 MB
Available physical RAM: 3320.5 MB
Total Pagefile: 4008.34 MB
Available Pagefile: 3347.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:421.81 GB) (Free:347.66 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.79 GB) NTFS
Drive g: (USB20FD) (Removable) (Total:7.52 GB) (Free:7.52 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1FFD8F5D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
 
 
LastRegBack: 2015-02-13 13:12
 
==================== End Of Log ============================
 

  • 0

Advertisements

#2
BrianDrab
Posted 16 February 2015 - 03:00 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.

 

 

 

Let's see what we can do. Have you tried Last Known Good Configuration (advanced) on the Advanced Boot Options menu?

 

 


  • 0

#3
SJ1280
Posted 16 February 2015 - 03:35 PM

SJ1280

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Hi Brian,

 

That was one of the first things I tried doing, but that was before I fooled around with some of the other stuff, including FRST. I just tried it again, and now all that comes up is a black screen and the cursor.


Edited by SJ1280, 16 February 2015 - 03:43 PM.

  • 0

#4
BrianDrab
Posted 16 February 2015 - 08:39 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

OK, no problem. I don't get notified when you edit an existing post so sorry for the late reply. If you need to add something just add a post and at least I'll get notified. Otherwise it may be 48 hours before I manually check if there was an update to an existing post. It's not specifically stated so I wanted to ask, did you try any of the Safe Mode options? Let's do the following two things.

 

Step#1 - Retrieve Malwarebytes Log

It would be nice to see what Malwarebytes found and fixed before your machine had issues. Please boot back into the Command-Prompt from the Recovery Environment. Once you are at the command prompt, please do the following.

Type the information below and hit enter after each line.

C:

cd\

cd programdata

cd malwarebytes

cd malwarebytes anti-malware

cd logs

copy mbam* g:       <---replace g: with whatever letter your USB drive is

 

The USB drive will now have all of the scan logs. Please attach the most recent one to your next post.

 

 

Step#2 - Run ChkDsk

After you do Step#1 (even if you are unable to find the logs...let's do this step), type the following in the command-prompt window and hit enter.

chkdsk c: /R    <----note that there is a space after the C: and before the /R.

 

You may get a message asking if you wish to dismount the volume. Answer with a Y and hit enter. Once it finishes, copy the results into notepad and save on to your USB drive. If you don't know how to copy from the command-prompt, instructions are below.

 

To Copy Information from the Command-Prompt

1. Click the control box in the upper left corner of the Command-Prompt Window.

ControlBox.JPG

 

2. Choose Edit...Mark

Mark.JPG

 

3. Now you can scroll up if need be in the command-prompt window to find the beginning of the process, click and hold your mouse down in the upper left of the command-prompt window and drag down to the lower right until everything is selected.

4. Hit Enter on your keyboard to copy it to your clipboard.

5. Type notepad.exe and hit enter to open notepad.

6. Paste the contents of the clipboard into notepad by pressing CTRL-V or choosing Edit Paste from the menu.

7. Save the file to your USB drive and paste the contents in your next reply.

 

 

 

Items for your next post

1. Did you try any of the Safe Mode Options?

2. Attach Malware bytes log if you can.

3. Chkdsk results if you can.

 

 

 


  • 0

#5
BrianDrab
Posted 21 February 2015 - 08:48 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP