Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Samsung laptop won't boot - doesn't reach login creen [Closed]


  • This topic is locked This topic is locked

#1
vinyls27

vinyls27

    New Member

  • Member
  • Pip
  • 3 posts

My laptop only boots before the login screen part. I'm stuck with a black screen and a cursor that I can move around but nothing really happens. I've tried using the other safe mode options, but the same thing just keeps happening. Help please? I know it's malware related because I downloaded some files two days ago, and my laptop worked fine before that. Also, is there any way I can fix my laptop without losing my files? Thanks.

 

Here's the FRST logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by SYSTEM on MININT-MBFJPFP (21-11-2015 19:09:31)
Running from h:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-01] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2569616 2015-09-30] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [iTunesHelper] => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [mcpltui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-10] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-07] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-16] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\Sharee Mae F B\...\Run: [Facebook Update] => C:\Users\Sharee Mae F B\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-11] (Facebook Inc.)
HKU\Sharee Mae F B\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Sharee Mae F B\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\Sharee Mae F B\...\CurrentVersion\Windows: [Load] C:\ProgramData\mstbotcfv.exe <===== ATTENTION
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-07] (NVIDIA Corporation)
Startup: C:\Users\Sharee Mae F B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk [2012-06-23]
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Sharee Mae F B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2014-01-18]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Sharee Mae F B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk [2015-11-19]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-14] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-28] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-04] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-04] (Avast Software)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-05] (Dropbox, Inc.)
S2 HPSLPSVC; C:\Users\Sharee Mae F B\AppData\Local\Temp\7zS5B18\hpslpsvc64.dll [1039360 2012-08-27] (Hewlett-Packard Co.)
S2 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2012-10-04] ()
S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1261936 2012-10-02] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-11-30] ()
S2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2013-06-09] ()
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-28] (AVG Secure Search)
S2 vToolbarUpdater18.9.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [1862032 2015-09-30] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [X]
S2 DefaultTabUpdate; "C:\Users\Sharee Mae F B\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [X]
S2 HomeNetSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X]
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McNaiAnn; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [X]
S4 McOobeSv; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mcpltsvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McProxy; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [X]
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfevtp; "C:\windows\system32\mfevtps.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-04] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-04] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-04] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-04] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-04] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-04] (AVAST Software)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-22] (Windows ® 2003 DDK 3790 provider)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-04] (Avast Software)
S1 avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [X]
S3 cfwids; system32\drivers\cfwids.sys [X]
S3 HipShieldK; system32\drivers\HipShieldK.sys [X]
S3 mfeapfk; system32\drivers\mfeapfk.sys [X]
S3 mfeavfk; system32\drivers\mfeavfk.sys [X]
S3 mfefirek; system32\drivers\mfefirek.sys [X]
S0 mfehidk; system32\drivers\mfehidk.sys [X]
S3 mfencbdc; system32\DRIVERS\mfencbdc.sys [X]
S3 mfencrk; system32\DRIVERS\mfencrk.sys [X]
S0 mfewfpk; system32\drivers\mfewfpk.sys [X]
S2 SPDRIVER_1.35.1.155; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-21 18:50 - 2015-11-21 18:53 - 00000000 ____D C:\FRST
2015-11-21 16:46 - 2011-10-19 12:55 - 00267776 _____ (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00160256 _____ (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00114176 _____ (Microsoft Corporation) C:\Windows\System32\admparse.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2015-11-21 16:46 - 2011-10-19 12:55 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2015-11-21 16:46 - 2011-10-18 21:27 - 00174640 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2015-11-21 16:46 - 2011-10-18 21:27 - 00007440 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2015-11-21 16:46 - 2011-03-05 13:45 - 00795752 _____ (NVIDIA Corporation) C:\Windows\System32\easyUpdatusAPIU64.dll
2015-11-21 16:46 - 2010-11-20 19:24 - 00412160 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-11-21 16:46 - 2009-06-10 12:45 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2015-11-19 09:19 - 2015-11-19 09:19 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-19 09:17 - 2015-11-19 09:17 - 00001213 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-19 09:17 - 2015-11-19 09:17 - 00001213 _____ C:\ProgramData\Desktop\Adobe Creative Cloud.lnk
2015-11-19 09:14 - 2015-11-19 09:14 - 00000000 ____D C:\Users\Sharee Mae F B\Desktop\New folder (2)
2015-11-19 07:26 - 2015-11-19 08:10 - 00003424 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2015-11-19 07:14 - 2015-11-19 07:16 - 00000000 ____D C:\Users\Sharee Mae F B\Desktop\Adobe
2015-11-16 10:31 - 2015-11-16 10:31 - 00000000 __SHD C:\found.034
2015-11-12 06:43 - 2015-11-03 09:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-11-11 12:45 - 2015-11-11 12:45 - 00184305 _____ C:\Users\Sharee Mae F B\Documents\Solid Waste Management.pptx
2015-11-11 06:49 - 2015-11-03 13:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 06:49 - 2015-10-30 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-11-11 06:49 - 2015-10-30 15:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-11-11 06:49 - 2015-10-30 15:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-11-11 06:49 - 2015-10-30 15:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-11-11 06:49 - 2015-10-30 14:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 06:49 - 2015-10-30 14:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 06:49 - 2015-10-30 14:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-11-11 06:49 - 2015-10-30 14:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 06:49 - 2015-10-30 14:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 06:49 - 2015-10-30 13:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-11-11 06:49 - 2015-10-20 10:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-11-11 06:49 - 2015-10-20 10:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-11-11 06:49 - 2015-10-20 10:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-11-11 06:49 - 2015-10-20 10:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-11-11 06:49 - 2015-10-20 10:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 06:49 - 2015-10-20 09:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 06:49 - 2015-10-20 09:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 06:48 - 2015-11-03 14:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-11-11 06:48 - 2015-10-30 15:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-11-11 06:48 - 2015-10-30 15:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-11-11 06:48 - 2015-10-30 15:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-11-11 06:48 - 2015-10-30 15:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-11-11 06:48 - 2015-10-30 15:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-11-11 06:48 - 2015-10-30 15:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-11-11 06:48 - 2015-10-30 15:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-11-11 06:48 - 2015-10-30 15:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-11-11 06:48 - 2015-10-30 15:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-11-11 06:48 - 2015-10-30 15:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-11-11 06:48 - 2015-10-30 15:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-11-11 06:48 - 2015-10-30 15:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-11-11 06:48 - 2015-10-30 15:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-11-11 06:48 - 2015-10-30 15:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-11 06:48 - 2015-10-30 15:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-11-11 06:48 - 2015-10-30 14:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 06:48 - 2015-10-30 14:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-11 06:48 - 2015-10-30 14:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 06:48 - 2015-10-30 14:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-11-11 06:48 - 2015-10-30 14:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-11-11 06:48 - 2015-10-30 14:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 06:48 - 2015-10-30 14:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-11-11 06:48 - 2015-10-30 14:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 06:48 - 2015-10-30 14:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 06:48 - 2015-10-30 14:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2015-11-11 06:48 - 2015-10-30 14:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 06:48 - 2015-10-30 14:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 06:48 - 2015-10-30 14:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 06:48 - 2015-10-30 14:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 06:48 - 2015-10-30 14:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 06:48 - 2015-10-30 14:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 06:48 - 2015-10-30 14:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 06:48 - 2015-10-30 14:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-11-11 06:48 - 2015-10-30 14:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-11-11 06:48 - 2015-10-30 14:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-11-11 06:48 - 2015-10-30 14:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-11-11 06:48 - 2015-10-30 14:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 06:48 - 2015-10-30 14:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 06:48 - 2015-10-30 14:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-11-11 06:48 - 2015-10-30 14:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 06:48 - 2015-10-30 14:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 06:48 - 2015-10-30 14:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-11-11 06:48 - 2015-10-30 14:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 06:48 - 2015-10-30 14:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 06:48 - 2015-10-30 14:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 06:48 - 2015-10-30 14:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 06:48 - 2015-10-30 14:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 06:48 - 2015-10-30 14:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 06:48 - 2015-10-30 14:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-11-11 06:48 - 2015-10-30 13:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-11-11 06:48 - 2015-10-30 13:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 06:48 - 2015-10-30 13:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2015-11-11 06:47 - 2015-10-29 09:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2015-11-11 06:47 - 2015-10-29 09:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 06:47 - 2015-10-29 09:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 06:47 - 2015-10-29 09:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 06:47 - 2015-10-13 08:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2015-11-11 06:47 - 2015-10-13 08:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2015-11-11 06:47 - 2015-10-12 20:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2015-11-11 06:47 - 2015-10-01 10:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2015-11-11 06:47 - 2015-10-01 10:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\jnwmon.dll
2015-11-11 06:47 - 2015-10-01 09:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 05:59 - 2015-11-11 05:59 - 00000000 __SHD C:\found.033
2015-11-10 06:09 - 2015-11-10 06:09 - 00000000 _____ C:\Users\Sharee Mae F B\AppData\Local\{8DE8764D-2E21-44BC-86E0-13065BFED885}
2015-11-05 02:23 - 2015-11-05 02:23 - 00000000 _____ C:\Users\Sharee Mae F B\AppData\Local\{DCEEEB52-722F-4B88-81DE-B8ACEF9ACE80}
2015-10-27 07:48 - 2015-10-27 07:48 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\FocalFilter
2015-10-27 07:46 - 2015-10-27 07:47 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\FocalFilter
2015-10-27 07:41 - 2015-10-27 07:41 - 00001909 _____ C:\Users\Public\Desktop\FocalFilter.lnk
2015-10-27 07:41 - 2015-10-27 07:41 - 00001909 _____ C:\ProgramData\Desktop\FocalFilter.lnk
2015-10-27 07:41 - 2015-10-27 07:41 - 00000000 ____D C:\Program Files (x86)\FocalFilter
2015-10-27 07:40 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Downloaded Installations
2015-10-25 11:18 - 2015-10-25 11:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-10-25 10:10 - 2015-10-25 10:10 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\CEF
2015-10-25 10:03 - 2015-10-25 10:03 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-25 10:02 - 2015-10-25 10:02 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-25 10:02 - 2015-10-25 10:02 - 00002047 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2015-10-24 11:18 - 2015-10-25 11:18 - 00001934 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-10-24 11:18 - 2015-10-25 11:18 - 00001934 _____ C:\ProgramData\Desktop\McAfee Security Scan Plus.lnk
2015-10-24 11:18 - 2015-10-24 11:18 - 00000000 ____D C:\ProgramData\McAfee Security Scan
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-21 16:48 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-11-21 16:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2015-11-21 16:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2015-11-21 16:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
2015-11-19 09:23 - 2011-10-19 13:02 - 02021267 _____ C:\Windows\WindowsUpdate.log
2015-11-19 09:16 - 2014-11-13 09:24 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-19 08:56 - 2015-09-05 09:51 - 00000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-19 08:45 - 2012-06-23 11:39 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Google
2015-11-19 08:44 - 2012-06-23 11:34 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\Adobe
2015-11-19 08:42 - 2012-08-02 06:26 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Adobe
2015-11-19 08:38 - 2011-10-18 21:17 - 00000000 ____D C:\ProgramData\Temp
2015-11-19 08:27 - 2015-10-07 04:22 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-19 08:21 - 2009-07-13 20:45 - 00006192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-19 08:21 - 2009-07-13 20:45 - 00006192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-19 08:14 - 2015-09-05 09:57 - 00000000 ___RD C:\Users\Sharee Mae F B\Dropbox
2015-11-19 08:14 - 2015-03-14 08:46 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\Dropbox
2015-11-19 08:07 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 08:07 - 2009-07-13 20:51 - 00337704 _____ C:\Windows\setupact.log
2015-11-19 07:19 - 2009-07-13 21:13 - 00826460 _____ C:\Windows\System32\PerfStringBackup.INI
2015-11-19 07:14 - 2015-03-14 08:33 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-18 12:43 - 2012-10-11 06:38 - 00000964 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3927208205-3014712141-1529014274-1001UA.job
2015-11-17 12:39 - 2012-10-15 10:16 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\Microsoft Help
2015-11-17 09:48 - 2012-10-15 10:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-17 09:47 - 2012-06-27 10:29 - 00819074 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-16 09:32 - 2013-08-02 03:32 - 00000000 ____D C:\Windows\System32\MRT
2015-11-16 09:15 - 2012-07-09 10:16 - 145617392 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-11-16 07:59 - 2009-07-13 20:45 - 02419568 _____ C:\Windows\System32\FNTCACHE.DAT
2015-11-16 07:04 - 2010-11-20 19:47 - 01018926 _____ C:\Windows\PFRO.log
2015-11-15 11:15 - 2011-10-19 12:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-12 07:05 - 2015-09-05 09:50 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-12 06:02 - 2012-08-14 03:41 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\vlc
2015-11-12 05:34 - 2009-07-13 21:08 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-08 10:54 - 2015-10-19 06:39 - 00000000 ____D C:\Users\Sharee Mae F B\Documents\School Stuff
2015-11-07 07:26 - 2015-03-14 08:32 - 01059656 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsnx.sys
2015-11-07 07:26 - 2015-03-14 08:32 - 00449992 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2015-11-05 19:17 - 2012-06-23 11:31 - 00132352 _____ C:\Users\Sharee Mae F B\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-04 08:25 - 2013-10-11 08:40 - 00014848 _____ C:\Users\Sharee Mae F B\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-31 11:28 - 2012-07-15 11:28 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Roaming\Azureus
2015-10-31 06:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-10-27 07:41 - 2012-06-24 11:07 - 00000000 ____D C:\users\Sharee Mae F B
2015-10-25 10:08 - 2015-05-25 10:04 - 00000000 ____D C:\Users\Sharee Mae F B\Documents\lol
2015-10-25 10:02 - 2014-10-15 06:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-24 11:22 - 2012-07-12 07:18 - 00000000 ____D C:\Users\Sharee Mae F B\AppData\Local\CrashDumps
 
Files to move or delete:
====================
C:\ProgramData\mstbotcfv.exe
 
 
Some files in TEMP:
====================
C:\Users\Sharee Mae F B\AppData\Local\Temp\avguidx.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\BackupSetup.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\bitool.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\cdo2153927807.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpupvujx.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\i4jdel0.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\i4jdel1.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\ICReinstall_sam-and-cat-s01e12-motorcycle-mystery-web-dl-aac-x264-nogrp_BitLord.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (1).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (2).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (3).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_39e101af-9268-4583-8e9c-1a2fd9df438a_TX_DB_ (4).exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\SetupProPlusRetail.x86.en-us.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\simbo.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\Tsu029EDF03.dll
C:\Users\Sharee Mae F B\AppData\Local\Temp\tu17p84.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Sharee Mae F B\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Sharee Mae F B\AppData\Local\Temp\wget.exe
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 12%
Total physical RAM: 6057.55 MB
Available physical RAM: 5277.63 MB
Total Virtual: 6055.75 MB
Available Virtual: 5280.45 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:146 GB) (Free:5.61 GB) NTFS
Drive d: () (Fixed) (Total:297.43 GB) (Free:34.97 GB) NTFS
Drive f: (SAMSUNG_REC) (Fixed) (Total:22.23 GB) (Free:0.99 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:7.46 GB) (Free:2.01 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D37C3F46)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=297.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=22.2 GB) - (Type=27)
 
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
 
LastRegBack: 2014-05-28 06:28
 
==================== End of FRST.txt ============================

 


  • 0

Advertisements


#2
vinyls27

vinyls27

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Also, if it helps, it stops loading at aswRvrt.sys when I try safe mode.


  • 0

#3
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hello Vinyls27 and :welcome:

My name is Bruce1270 and I will be helping you with your malware problem.

Please Note: I am still in training and my fixes have to be approved by my instructor so there may be a slight delay in my replies. Look upon it as a good thing though in that you have two people looking at your problem.

A few things before we get started.
  • Please read all instructions carefully. If there is anything you do not understand please ask me first before doing anything.
  • Please be patient. I am a volunteer who does this in my spare time so I will try to get back to you as soon as possible.
  • Please follow all instructions in the order given.
  • Please do not install any other software unless advised. This may hinder the removal process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • Please make sure you reply within 4 days to my responses, if there is no reply within 4 days, the topic will be closed and you will need to request the topic be reopened.


    Important!

    Please save or print off these instructions. Part of this fix may require you to be in safe mode where you will not be able to access the internet or my instructions!

    I would strongly recommend you back up your personal data and folders before we begin.

    Malware removal can be very long, complicated and may take multiple steps. I understand this may be frustrating but please stay with this topic until your machine is declared clean. The results will hopefully be very rewarding. :happy:
    As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.

    OK. Let's move on. I need a bit of time to analyse your logs and will get back to you.

  • 0

#4
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi Vinyls27

Try running this script and then see if you can boot normally.

Step1 - FRST fix

Download the attached fixlist.txt file and save it on the removable drive as fixlist.txt.Attached File  fixlist.txt   3.93KB   567 downloads

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Please enter System Recovery Options, as we've done previously.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the removable drive (Fixlog.txt) please post it to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Also tell me if your computer has booted up normally after the fix. If it has please proceed with step2.


Step2 - Fresh FRST logs


Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click on the file and select run as administrator (if you don't have this option just double click the file to run it). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from (this should be your desktop).
  • Please copy (CTRL + C) and paste (CTRL + V) the FRST.txt log back here.
  • The first time the tool is run it generates another log Addition.txt - also located in the same directory as FRST.exe.
  • Please also paste that along with the FRST.txt into your reply.
    Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.


  • 0

#5
vinyls27

vinyls27

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hi Bruce1270. Unfortunately, my computer still hasn't booted up normally after the fix. it's still stuck on the same black screen with a cursor.

 

 

Attached Files


  • 0

#6
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi Vinyl27

Sorry for the delay. We will uninstall AVAST to see if this helps.

Step1 - FRST fix

Download the attached fixlist.txt file and save it on the removable drive as fixlist.txt.Attached File  fixlist.txt   1.27KB   491 downloads

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Please enter System Recovery Options, as we've done previously.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the removable drive (Fixlog.txt) please post it to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Things for your next post:
  • fixlog.txt
  • Are you now able to boot normally?

  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP