Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Boot Repair Startuprepair Offline Bad Driver sig 04 21199353


  • This topic is locked This topic is locked
5 replies to this topic

#1 Peky

Peky

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:47 PM

Posted 01 September 2015 - 09:22 AM

Hi everyone!

 

As the title says i do have  a problem with win 7 boot.

win repair doesent work, chkdsk doesent find any bad sectors, hirens boot loads mini xp and I can browse files on the disk.

 

These are the log files from frst64

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by SYSTEM on MININT-KM9IQ70 (01-09-2015 15:36:57)
Running from G:\
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6962400 2012-12-28] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190472 2009-09-16] (Logitech Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-22] (MSI)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => d:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-24] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKU\Malleus\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\Malleus\...\Run: [MyComGames] => C:\Users\Malleus\AppData\Local\MyComGames\MyComGames.exe [4111304 2015-08-30] (MY.COM B.V.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
S2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [164736 2012-11-06] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-13] (Malwarebytes Corporation)
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
S2 RichVideo64; C:\Program Files\Cyberlink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
S2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-24] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-24] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-13] (Malwarebytes Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 SaiK1709; C:\Windows\System32\DRIVERS\SaiK1709.sys [180544 2012-09-20] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 SaiU1709; C:\Windows\System32\DRIVERS\SaiU1709.sys [47168 2012-09-20] (Saitek)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-08-30] ()
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 15:36 - 2015-09-01 15:36 - 00000000 ____D C:\FRST
2015-08-30 15:25 - 2015-08-30 15:25 - 00000811 _____ C:\Users\Malleus\Desktop\KSP - Shortcut.lnk
2015-08-30 15:25 - 2015-08-30 15:25 - 00000000 ____D C:\Users\Malleus\AppData\Roaming\.mono
2015-08-30 12:05 - 2015-08-30 12:07 - 00000000 ____D C:\Users\Malleus\AppData\Local\MyComGames
2015-08-30 12:05 - 2015-08-30 12:05 - 00001988 _____ C:\Users\Malleus\Desktop\My.com Game Center.lnk
2015-08-30 12:03 - 2015-08-30 12:03 - 05206512 _____ (MY.COM B.V.) C:\Users\Malleus\Downloads\ArmwarMycomLoader.exe
2015-08-30 11:18 - 2015-08-30 11:18 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-08-30 11:17 - 2015-08-30 11:17 - 00679936 _____ C:\Users\Malleus\Downloads\Detection (1).msi
2015-08-30 09:46 - 2015-08-30 09:46 - 00094656 _____ (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2015-08-27 14:03 - 2015-08-27 14:03 - 00508365 _____ C:\Users\Malleus\Downloads\DockingPortAlignment-6.2.zip
2015-08-27 14:02 - 2015-08-27 14:04 - 44115833 _____ C:\Users\Malleus\Downloads\MarkIVSystem2_0_0.zip
2015-08-27 12:24 - 2015-08-27 12:24 - 01024093 _____ C:\Users\Malleus\Downloads\KerbalEngineer-1.0.18.0.zip
2015-08-27 10:15 - 2015-08-27 10:15 - 03768761 _____ C:\Users\Malleus\Downloads\B9_Aerospace_Procedural_Parts-0.40.zip
2015-08-27 06:28 - 2015-08-27 06:28 - 00679936 _____ C:\Users\Malleus\Downloads\Detection.msi
2015-08-27 03:07 - 2015-08-27 03:07 - 00095536 _____ C:\Users\Malleus\Documents\MALLEUS-PC.html
2015-08-27 02:23 - 2015-08-27 02:23 - 01629552 _____ ( ) C:\Users\Malleus\Downloads\cpu-z_1.73-en.exe
2015-08-27 02:23 - 2015-08-27 02:23 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-08-27 02:23 - 2015-08-27 02:23 - 00000000 ____D C:\Program Files\CPUID
2015-08-20 12:39 - 2015-08-20 13:06 - 615051685 ____R C:\Users\Malleus\Downloads\ksp-win-1-0-4.zip
2015-08-20 12:39 - 2015-08-20 12:39 - 00012260 _____ C:\Users\Malleus\Downloads\[kat.cr]kerbal.space.program.1.0.4.windows.torrent
2015-08-20 12:37 - 2015-08-20 12:37 - 00000000 ____D C:\Users\Malleus\Downloads\Avengers.Age.of.Ultron.2015.720p.WEB-DL.DD5.1.H264-RARBG
2015-08-20 12:36 - 2015-08-20 12:36 - 00088286 _____ C:\Users\Malleus\Downloads\[kat.cr]avengers.age.of.ultron.2015.720p.web.dl.dd5.1.h264.rarbg.torrent
2015-08-13 15:51 - 2015-08-13 15:51 - 00111869 _____ C:\Users\Malleus\Downloads\[kat.cr]fantastic.four.2015.hdts.xvid.ac3.hq.hive.cm8.torrent
2015-08-12 13:51 - 2015-08-12 14:24 - 00000000 ____D C:\Users\Malleus\Downloads\Vikings Season 1 Complete 480p HDTV x264 [VectoR]
2015-08-12 13:51 - 2015-08-12 13:51 - 00014718 _____ C:\Users\Malleus\Downloads\[kat.cr]vikings.season.1.complete.480p.hdtv.x264.vector.torrent
2015-08-11 14:38 - 2015-08-07 07:33 - 01477569 _____ C:\Users\Malleus\Desktop\20150807_1723_usa-A80_T26_E4_SuperPershing_04_himmelsdorf.wotreplay
2015-08-11 09:55 - 2015-08-11 09:55 - 00038487 _____ C:\Users\Malleus\Downloads\Pantera - 5 Minutes Alone (Pro).gp3
2015-08-11 02:37 - 2015-08-11 02:37 - 00037730 _____ C:\Users\Malleus\Downloads\teenage-mutant-ninja-turtles-english-yify-30947.zip
2015-08-11 02:24 - 2015-08-11 02:41 - 00000000 ____D C:\Users\Malleus\Downloads\Minions 2015 720p HDTS x264 AAC-CPG
2015-08-11 02:24 - 2015-08-11 02:24 - 00147972 _____ C:\Users\Malleus\Downloads\[kat.cr]minions.2015.720p.hdts.x264.aac.cpg.torrent
2015-08-10 01:35 - 2015-08-10 02:00 - 00000000 ____D C:\Users\Malleus\Downloads\Lucifer-Pilot.HDTV.x264-LOL[ettv]
2015-08-07 11:48 - 2015-08-11 02:38 - 00000000 ____D C:\Users\Malleus\Downloads\Teenage Mutant Ninja Turtles (2014) [1080p]
2015-08-07 11:46 - 2015-08-11 09:02 - 00000000 ____D C:\Users\Malleus\Downloads\Interstellar (2014)
2015-08-06 11:00 - 2015-08-06 11:00 - 00000000 ____D C:\Users\Malleus\AppData\Local\Ndemic Creations
2015-08-06 10:28 - 2015-08-06 10:29 - 00000000 ____D C:\Users\Malleus\Downloads\ANT-MAN.2015.TS.XVID-EVE
2015-08-06 10:18 - 2015-08-06 11:54 - 00000000 ____D C:\Users\Malleus\Downloads\Dracula (1992) [1080p]
2015-08-02 09:01 - 2015-08-02 09:01 - 00000000 ____D C:\Program Files (x86)\Windows Phone
2015-08-02 08:59 - 2015-08-02 08:59 - 06745792 _____ (Microsoft Corporation) C:\Users\Malleus\Downloads\WindowsPhone.exe
2015-08-02 08:59 - 2015-08-02 08:59 - 00000000 ____D C:\ProgramData\Applications

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-30 17:03 - 2014-07-19 02:33 - 01108081 _____ C:\Windows\WindowsUpdate.log
2015-08-30 16:57 - 2014-07-20 15:36 - 00000000 ____D C:\Users\Malleus\AppData\Roaming\uTorrent
2015-08-30 16:44 - 2014-12-13 08:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-30 16:10 - 2015-04-12 10:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 11:10 - 2015-04-12 10:15 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 11:05 - 2015-04-12 10:15 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 11:05 - 2015-04-12 10:15 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-30 09:57 - 2014-07-19 05:25 - 00000000 ____D C:\ProgramData\MFAData
2015-08-30 09:53 - 2009-07-13 20:45 - 00016944 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-30 09:53 - 2009-07-13 20:45 - 00016944 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-30 09:46 - 2015-04-02 05:22 - 00001004 _____ C:\Windows\Tasks\NZNGkqvMJiAw.job
2015-08-30 09:46 - 2014-07-19 03:14 - 00277428 _____ C:\Windows\PFRO.log
2015-08-30 09:46 - 2014-07-19 02:50 - 00034752 _____ C:\Windows\System32\Drivers\WPRO_41_2001.sys
2015-08-30 09:46 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-30 09:46 - 2009-07-13 20:51 - 00096390 _____ C:\Windows\setupact.log
2015-08-27 13:58 - 2009-07-13 21:13 - 00779724 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-24 09:04 - 2014-07-20 13:14 - 00000000 ____D C:\Users\Malleus\AppData\Roaming\TS3Client
2015-08-24 06:15 - 2014-12-16 03:20 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-22 21:33 - 2015-04-12 10:17 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 15:13 - 2014-07-26 05:31 - 00000000 ____D C:\Users\Malleus\AppData\Local\CrashDumps
2015-08-11 11:44 - 2014-12-13 08:35 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 11:44 - 2014-07-19 05:27 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 11:44 - 2014-07-19 05:27 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
C:\Users\Malleus\AppData\Local\Temp\AutoRun.exe
C:\Users\Malleus\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Malleus\AppData\Local\Temp\bdfilters.dll
C:\Users\Malleus\AppData\Local\Temp\devcon64.exe
C:\Users\Malleus\AppData\Local\Temp\EAInstall.dll
C:\Users\Malleus\AppData\Local\Temp\eauninstall.exe
C:\Users\Malleus\AppData\Local\Temp\ExPromo.exe
C:\Users\Malleus\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Malleus\AppData\Local\Temp\Need for Speed Carbon_uninst.exe
C:\Users\Malleus\AppData\Local\Temp\NSISCodec.dll
C:\Users\Malleus\AppData\Local\Temp\raptrpatch.exe
C:\Users\Malleus\AppData\Local\Temp\raptr_stub.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 12235.19 MB
Available physical RAM: 11304.9 MB
Total Virtual: 12233.34 MB
Available Virtual: 11300.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.73 GB) (Free:2.35 GB) NTFS
Drive d: () (Fixed) (Total:184.05 GB) (Free:54.45 GB) NTFS
Drive g: (STICK) (Removable) (Total:14.44 GB) (Free:1.08 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 12F912F9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=184 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=07 NTFS)


LastRegBack: 2015-08-23 10:21

==================== End of FRST.txt ============================

 

 

And frst64 explorer search

 

Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by SYSTEM (2015-09-01 15:57:42)
Running from G:\
Boot Mode: Recovery

================== Search Files: "explorer.exe" =============

C:\Windows\explorer.exe
[2009-07-13 15:56][2009-07-13 17:39] 2868224 ____A (Microsoft Corporation) C235A51CB740E45FFA0EBFB9BAFCDA64

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009-07-13 15:41][2009-07-13 17:14] 2613248 ____A (Microsoft Corporation) 15BC38A7492BEFE831966ADB477CF76F

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009-07-13 15:56][2009-07-13 17:39] 2868224 ____A (Microsoft Corporation) C235A51CB740E45FFA0EBFB9BAFCDA64

C:\Windows\SysWOW64\explorer.exe
[2009-07-13 15:41][2009-07-13 17:14] 2613248 ____A (Microsoft Corporation) 15BC38A7492BEFE831966ADB477CF76F

====== End of Search ======

 

 

Thnx!!


Edited by Peky, 01 September 2015 - 09:32 AM.


BC AdBot (Login to Remove)

 


#2 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 01 September 2015 - 03:51 PM

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello Peky,

My name is mAL_rEm018, but feel free to call me mAL.  I'm an undergraduate trainee and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.
 

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.


Cobian Backup
DriveImage XML


To make sure everything goes smoothly, I would like you to observe the following rules:

  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread.  Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum.  Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

I am currently reviewing you logs and will return as soon as possible, with additional instructions.


Edited by mAL_rEm018, 01 September 2015 - 09:23 PM.

Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed


#3 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 02 September 2015 - 12:45 AM

Hello Peky,

Please answer the following questions..

  • I noticed that you ran a search for Explorer.exe, is there any specific reason for this?
  • In your title you wrote:

    Startuprepair Offline Bad Driver sig 04 21199353

    Is this a message you received?
  • Did you make any recent changes to your computer?

Please do the following..


  • If your computer is running please shut it down.
  • Remove any USB, External Hard Drive, CD and/or DVDs from your computer.
  • Try to re-boot your computer as would normally do.
  • Let me know if you were able to log in to Windows.

If the steps above did not work do the following..

Last Known Good Configuration


  • If your computer is running please shut it down.
  • Remove any USB, External Hard Drive, CD and/or DVDs from your computer.
  • Press the F8 key repeatedly (if this does not work try the F5 key).
  • The Advanced Boot Options menu should now appear.
  • Locate and select Last Known Good Configuration (Advanced) by using the up and down arrows.
  • Let me know if this method worked in your next post.


-----------------------------------------
In your next reply, I would like to see..

  • Answer to my questions.
  • Were you able to boot into Windows?
    Please post everything in the order given.

 


Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed


#4 Peky

Peky
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:47 PM

Posted 02 September 2015 - 03:21 AM

Hi mAL!

Thank you for your time spent resolving the problem.
Unfortunatly half an hour before your reply I've inserted HB cd and copied all of my sensitive data and reinstalled my windows and it is running fine now.
Then why have I asked for help? Because I wanted to evade downloading countless gb of games and software :/


But I can answer your questions that may help you in the future.
1. Why i ran explorer.exe search- I thouth that it will be of use
2. I did recive an error message that my comp is not repairable and would get a generic message with the same walues as others exsept sig 4 with the code wrote on in the title.
3. Yes, installed 8 gb of memory (now 12gb), and it worked fine for a day.
I've taken out the sticks of ram and changed bios settings to default, eve that didn't help.
I've don all of the things listed and nothig made any changes.
On the bsod screen it mentioned that I need to scan my computer for viruses, malware and trijans nothig else was weitten.
Sorry for my bad eng, it's not my native language.
If you have any more questions regarding this error I will be glad to answer it to you.

Thank you again

#5 mAL_rEm018

mAL_rEm018

  • Malware Response Team
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 02 September 2015 - 03:38 AM

Thank you for your time spent resolving the problem.

You're welcome :)
 

Unfortunatly half an hour before your reply I've inserted HB cd and copied all of my sensitive data and reinstalled my windows and it is running fine now.

No problem :)  I'm glad you got everything sorted out.  Since you no longer need help I will request for this topic to be closed.  Take care and stay safe!


Edited by mAL_rEm018, 02 September 2015 - 03:47 AM.

Teacher at the Malware Removal University.

Member of UNITE

 

Failure to post replies within 4 days will result in this thread being closed


#6 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 PM

Posted 02 September 2015 - 03:55 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users