My Samsung laptop is stuck on start up with a black screen and cursor, and won't boot even in safe mode. I downloaded the FRST application & have performed a scan. If anyone can help me with what I should do next re: running a fix, I'd be very grateful. Thank you.
Here's the frst.txt output:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by SYSTEM on MININT-GABU2RE (06-01-2016 10:03:14)
Running from g:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-12] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1593640 2015-01-30] (Sophos Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\InprocServer32: [Default-wbemess] <==== ATTENTION
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] <==== ATTENTION
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI] <==== ATTENTION
HKU\Lou\...\Run: [f.lux] => C:\Users\Lou\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\Lou\...\Run: [Dropbox Update] => C:\Users\Lou\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
HKU\Lou\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\Lou\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\Lou\...\Policies\Explorer: []
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217672 2015-01-19] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2015-01-19] (Sophos Limited)
Startup: C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-06]
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JL Victorian Calendar.lnk [2016-01-04]
ShortcutTarget: JL Victorian Calendar.lnk -> C:\Program Files (x86)\JL Victorian Calendar\JL Victorian Calendar.exe ()
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-06] (Autodesk, Inc.)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-17] (Malwarebytes Corporation)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-11-30] ()
S2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-08-31] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-01-19] (Sophos Limited)
S2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [340776 2015-01-30] (Sophos Limited)
S2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2015-01-19] (Sophos Limited)
S2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3274536 2015-01-19] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2015-01-19] (Sophos Limited)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-17] (Malwarebytes Corporation)
S1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2015-08-31] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2015-08-31] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2015-08-31] (Sophos Limited)
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-06 10:01 - 2016-01-06 10:03 - 00000000 ____D C:\FRST
2016-01-04 21:02 - 2011-07-28 20:23 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2016-01-04 21:02 - 2011-07-28 20:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2016-01-04 21:02 - 2011-07-28 20:23 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2016-01-04 21:02 - 2011-07-28 20:23 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2016-01-04 21:02 - 2011-07-28 20:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2016-01-04 21:02 - 2011-07-28 16:15 - 00174640 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2016-01-04 21:02 - 2011-07-28 16:15 - 00007440 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2016-01-04 21:02 - 2009-06-10 12:45 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2016-01-04 21:01 - 2011-07-28 20:23 - 00267776 _____ (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2016-01-04 21:01 - 2011-07-28 20:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2016-01-04 21:01 - 2011-07-28 20:23 - 00160256 _____ (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2016-01-04 21:01 - 2011-07-28 20:23 - 00114176 _____ (Microsoft Corporation) C:\Windows\System32\admparse.dll
2016-01-04 12:42 - 2016-01-04 12:42 - 00003288 ____N C:\bootsqm.dat
2016-01-04 12:25 - 2016-01-04 13:15 - 01438780 _____ C:\Windows\ntbtlog.txt
2015-12-21 01:30 - 2015-12-21 01:30 - 00000000 __SHD C:\found.001
2015-12-18 13:19 - 2015-12-18 13:19 - 00000000 ____D C:\Users\Lou\AppData\Local\{59D0256D-2309-4726-AB64-C88372C4650E}
2015-12-18 08:45 - 2015-12-18 08:45 - 00131877 _____ C:\Users\Lou\Downloads\18th December 2015.pdf
2015-12-18 08:44 - 2015-12-18 08:44 - 00320333 _____ C:\Users\Lou\Downloads\Library Newsletter December 2015.pdf
2015-12-16 14:00 - 2015-12-16 14:00 - 00031431 _____ C:\Users\Lou\Desktop\myHermeslabel.pdf
2015-12-16 06:40 - 2015-12-16 06:40 - 00000000 ____D C:\Users\Lou\AppData\Local\{9BCE48C6-D675-436B-935C-FB9C46CBD552}
2015-12-15 14:42 - 2015-12-19 10:29 - 00000000 ____D C:\Users\Lou\Desktop\to print dec 15
2015-12-15 13:37 - 2015-12-15 13:37 - 00000000 ____D C:\Users\Lou\AppData\Local\{D50B4BEC-3E32-4036-9194-5D0253055C6A}
2015-12-15 03:35 - 2015-12-15 03:35 - 01546921 _____ C:\Users\Lou\Documents\IMG_20151215_0005.pdf
2015-12-15 03:35 - 2015-12-15 03:35 - 00776800 _____ C:\Users\Lou\Downloads\IMG_20151215_0004.pdf
2015-12-15 03:34 - 2015-12-15 03:34 - 00776800 _____ C:\Users\Lou\Documents\IMG_20151215_0004.pdf
2015-12-15 01:37 - 2015-12-15 01:37 - 00000000 ____D C:\Users\Lou\AppData\Local\{0ED26ACE-0741-4813-876A-C9A220805FCE}
2015-12-14 14:18 - 2015-12-14 14:18 - 00394928 _____ C:\Users\Lou\Downloads\4th December 2015 (1).pdf
2015-12-14 14:18 - 2015-12-14 14:18 - 00147823 _____ C:\Users\Lou\Downloads\Home School Agreement November 2015 consultation with parents (1) (1).pdf
2015-12-14 14:17 - 2015-12-14 14:17 - 00193207 _____ C:\Users\Lou\Downloads\27th November 2015 (1).pdf
2015-12-14 14:16 - 2015-12-14 14:16 - 00324374 _____ C:\Users\Lou\Downloads\20th November 2015.pdf
2015-12-14 14:16 - 2015-12-14 14:16 - 00208974 _____ C:\Users\Lou\Downloads\6th November 2015.pdf
2015-12-14 14:15 - 2015-12-14 14:15 - 00335008 _____ C:\Users\Lou\Downloads\16th October 2015 (1).pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00169169 _____ C:\Users\Lou\Desktop\Smile account statement Harriss Parrack 2.pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00169015 _____ C:\Users\Lou\Desktop\Smile account statement Harriss Parrack 1.pdf
2015-12-09 13:48 - 2016-01-04 10:52 - 08888512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-08 03:25 - 2015-12-08 03:25 - 00000000 ____D C:\Users\Lou\AppData\Local\{70EFFED7-52DA-45CC-9DF7-4EFE3D28641F}
2015-12-08 03:25 - 2015-12-08 03:25 - 00000000 ____D C:\Users\Lou\AppData\Local\{5377FA1D-AD94-4191-8C45-22AB484BD44E}
2015-12-07 23:45 - 2015-12-07 23:45 - 00000000 ____D C:\Users\Lou\AppData\Local\ElevatedDiagnostics
2015-12-07 10:04 - 2015-12-07 10:04 - 00394928 _____ C:\Users\Lou\Downloads\4th December 2015.pdf
2015-12-07 10:01 - 2015-12-07 10:02 - 00147823 _____ C:\Users\Lou\Downloads\Home School Agreement November 2015 consultation with parents (1).pdf
2015-12-07 03:59 - 2015-12-07 04:00 - 00000000 ____D C:\Program Files (x86)\EndNote X6
2015-12-07 02:56 - 2015-12-07 02:57 - 00028772 _____ C:\Users\Lou\Downloads\arpaper.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-06 01:35 - 2013-11-29 06:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-06 01:35 - 2009-07-13 20:45 - 00021200 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-06 01:35 - 2009-07-13 20:45 - 00021200 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-06 01:27 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-04 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2016-01-04 21:03 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2016-01-04 21:03 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2016-01-04 13:27 - 2009-07-13 20:45 - 00528152 _____ C:\Windows\System32\FNTCACHE.DAT
2016-01-04 12:25 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2016-01-04 12:11 - 2015-06-30 12:04 - 00000858 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-592597040-2687735098-3077039613-1000Core.job
2016-01-04 12:11 - 2013-11-11 04:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-04 10:50 - 2015-06-30 12:04 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-592597040-2687735098-3077039613-1000UA.job
2016-01-04 10:50 - 2013-11-11 04:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 15:29 - 2015-08-31 10:47 - 00000542 _____ C:\Windows\Tasks\Wednesday 9pm Scan.job
2015-12-21 08:41 - 2014-03-19 04:08 - 00000000 ___RD C:\Users\Lou\Dropbox
2015-12-21 01:37 - 2014-03-19 03:52 - 00000000 ____D C:\Users\Lou\AppData\Roaming\Dropbox
2015-12-18 07:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-17 03:16 - 2013-11-17 07:18 - 00000000 ____D C:\Users\Lou\AppData\Local\CrashDumps
2015-12-16 07:34 - 2015-03-17 00:43 - 00000000 ____D C:\Users\Lou\Desktop\DCIM
2015-12-15 05:34 - 2013-11-11 04:07 - 00674304 ___SH C:\Users\Lou\Desktop\Thumbs.db
2015-12-15 05:15 - 2014-07-07 07:50 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-12-09 13:48 - 2013-11-29 06:18 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 13:48 - 2013-11-29 06:18 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 13:48 - 2013-11-29 06:18 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-08 03:39 - 2009-07-13 21:13 - 00782492 _____ C:\Windows\System32\PerfStringBackup.INI
2015-12-08 03:23 - 2015-01-06 11:53 - 00691200 ___SH C:\Users\Lou\Documents\Thumbs.db
2015-12-07 11:56 - 2013-11-11 03:46 - 00000000 ____D C:\Users\Lou\Documents\Outlook Files
2015-12-07 04:55 - 2014-01-10 07:37 - 00000000 ____D C:\Users\Lou\AppData\Roaming\EndNote
2015-12-07 04:00 - 2014-01-10 07:32 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
Files to move or delete:
====================
C:\Users\Lou\survey_486817_SPSS_data_file.dat
Some files in TEMP:
====================
C:\Users\Lou\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfzakoj.dll
C:\Users\Lou\AppData\Local\Temp\Risweb32.exe
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2015-10-26 23:50
Restore point date: 2015-11-06 08:51
Restore point date: 2015-11-28 04:36
Restore point date: 2015-11-28 07:06
Restore point date: 2015-12-05 14:50
Restore point date: 2015-12-05 14:52
Restore point date: 2015-12-07 03:58
Restore point date: 2015-12-22 02:23
Restore point date: 2016-01-04 21:03
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 4009.55 MB
Available physical RAM: 3355.76 MB
Total Virtual: 4007.75 MB
Available Virtual: 3348.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:442.3 GB) (Free:280.46 GB) NTFS
Drive e: (SAMSUNG_REC) (Fixed) (Total:23.36 GB) (Free:0.94 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (KINGSTON) (Removable) (Total:1.92 GB) (Free:1.85 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 010722F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=442.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23.4 GB) - (Type=27)
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2016-01-04 10:50
==================== End of FRST.txt ============================