Can't Boot - FRST.txt File From Scan

Coleon · August 7, 2013

So I installed Avast on a computer that Norton had expired on. I ran a full scan and the computer hasn't booted since. System restore confirms the files are all there but a normal boot or safe mood boot still doesn't go through. Here's the status:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2013 03
Ran by SYSTEM on 07-08-2013 14:38:42
Running from G:\
Windows 7 Home Premium (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [startCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [sVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-07-09] (TOSHIBA CORPORATION)
HKLM\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [425984 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [476512 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2416480 2012-01-24] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [EKAiO2StatusMonitor] - C:\windows\system32\spool\DRIVERS\W32X86\3\EKAiO2MUI.exe [2717696 2011-08-26] (Eastman Kodak Company)
HKLM\...\Run: [Conime] - %windir%\system32\conime.exe [x]
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM\...\RunOnce: [*Restore] - C:\windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKU\Guest\...\Run: [MyTOSHIBA] - "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO [x]
HKU\Guest.Michael-PC\...\Run: [E1D.exe] - C:\Users\Guest.Michael-PC\AppData\Roaming\Microsoft\271B\E1D.exe [x]
HKU\Guest.Michael-PC\...\Winlogon: [shell] explorer.exe <==== ATTENTION
HKU\Michael\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-08-27] (Google Inc.)
HKU\Michael\...\Run: [Google Update] - C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-05-07] (Google Inc.)
HKU\Michael\...\Run: [Adobe] - C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll [ 2012-10-30] () <===== ATTENTION
HKU\QBPOSDBSrvUser\...\Run: [Adobe] - C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll [ 2012-10-30] () <===== ATTENTION

========================== Services (Whitelisted) =================

S2 atashost; C:\windows\system32\atashost.exe [133944 2012-05-07] (Cisco WebEx LLC)
S3 Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [1322648 2008-06-05] (Autodesk, Inc.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [192776 2011-08-02] (AVG Technologies CZ, s.r.o.)
S2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [562688 2012-07-17] ()
S2 DefaultTabUpdate; C:\Users\Michael\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2012-09-24] ()
S2 Intuit Entitlement Service v6.0; C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe [20480 2009-06-02] (Intuit, Inc.)
S2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [393648 2011-09-05] (Eastman Kodak Company)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-02] (McAfee, Inc.)
S2 QBPOSDBServiceV10; C:\Program Files\Intuit\QuickBooks Point of Sale 10.0\DatabaseServer\QBPOSDBService.exe [2702712 2010-09-23] (Intuit Inc.)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)
S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-08-03] (TOSHIBA Corporation)

==================== Drivers (Whitelisted) ====================

S0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [372736 2009-08-13] (Realtek Semiconductor Corporation )
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\System32\DRIVERS\AGRSM.sys 7E10E3BB9B258AD8A9300F91214D67B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys C97BE8350FBCB1960B22FAD2E6C2B514
C:\Windows\System32\DRIVERS\AtiPcie.sys B73C832088DD54B55E04FF6F9646AD8C
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys BFAAA92861526BB0ADCD01E964AB6609
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys E4A2E810CB2607C9C159C0DFB0BD4C88
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LPCFilter.sys 6E3D3816749E107883EEC5734CE44493
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mcdbus.sys 8FD868E32459ECE2A1BB0169F513D31E
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 81189C3D7763838E55C397759D49007A
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys EF8B2AFC3C0751C5E5A59983C8893260
C:\Windows\System32\DRIVERS\Rt86win7.sys 26A9D6227D12B9D9DA5A81BB9B55D810
C:\Windows\System32\DRIVERS\RTL8187Se.sys 5BD298BDF62E6A8A0FC69F73A82A52BB
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys EDB05BD63148796F23EA78506404A538
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 8BD10DC8809DC69A1C5A795CB10ADD76
C:\Windows\System32\drivers\tcpip.sys 65D10B191C59C5501A1263FC33F6894B
C:\Windows\System32\DRIVERS\tcpip.sys 65D10B191C59C5501A1263FC33F6894B
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdcmdpst.sys 4084EA00D50C858D6F9038F86AE2E2D0
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS FC24015B4052600C324C43E3A79C0664
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 8BF5D980CDCE35FB26F05047144BB57E
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\System32\DRIVERS\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\system32\drivers\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-08-05 15:44 - 2013-08-06 17:24 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-05 15:43 - 2013-08-06 17:25 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-05 15:34 - 2013-08-05 15:37 - 04887880 _____ (Support.com ) C:\Users\Michael\Downloads\ARO2013_tbt(2).exe
2013-08-05 15:34 - 2013-08-05 15:36 - 04887880 _____ (Support.com ) C:\Users\Michael\Downloads\ARO2013_tbt.exe
2013-08-05 15:34 - 2013-08-05 15:36 - 04887880 _____ (Support.com ) C:\Users\Michael\Downloads\ARO2013_tbt(1).exe
2013-08-05 15:32 - 2013-08-05 15:41 - 117478104 _____ C:\Users\Michael\Downloads\avast_free_antivirus_setup(1).exe
2013-08-05 15:29 - 2013-08-05 15:40 - 117478104 _____ C:\Users\Michael\Downloads\avast_free_antivirus_setup.exe
2013-07-31 15:03 - 2013-07-31 15:04 - 00143336 _____ C:\Windows\Minidump\073113-29016-01.dmp
2013-07-18 10:42 - 2013-07-18 10:43 - 00143336 _____ C:\Windows\Minidump\071813-29094-01.dmp
2013-07-17 12:45 - 2013-07-31 13:19 - 00011258 _____ C:\Users\Michael\Documents\July19.xlsx
2013-07-15 10:23 - 2013-07-15 10:23 - 00143336 _____ C:\Windows\Minidump\071513-25755-01.dmp
2013-07-09 08:11 - 2013-07-09 12:20 - 00011240 _____ C:\Users\Michael\Documents\July 11.xlsx
114

==================== One Month Modified Files and Folders =======

2013-08-07 13:36 - 2013-08-07 13:36 - 00000000 ____D C:\FRST
2013-08-07 12:19 - 2012-02-21 06:06 - 00000000 ___HD C:\ProgramData\Yahoo! Companion
2013-08-07 12:19 - 2012-01-13 18:51 - 00000000 ___HD C:\ProgramData\AVG2012
2013-08-07 12:19 - 2012-01-13 18:51 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2013-08-07 12:19 - 2012-01-13 18:43 - 00000000 ___HD C:\ProgramData\MFAData
2013-08-07 12:19 - 2012-01-09 16:52 - 00000000 ___HD C:\users\Guest.Michael-PC
2013-08-07 12:19 - 2012-01-05 11:36 - 00000000 ____D C:\Windows\Minidump
2013-08-07 12:19 - 2011-12-24 18:44 - 00000000 ____D C:\Program Files\Bonjour
2013-08-07 12:19 - 2011-11-18 17:20 - 00000000 ___HD C:\ProgramData\Kodak
2013-08-07 12:19 - 2011-11-12 12:22 - 00000000 ___HD C:\ProgramData\McAfee Security Scan
2013-08-07 12:19 - 2010-12-13 00:34 - 00000000 ____D C:\Users\Michael\AppData\Local\Alibre Design
2013-08-07 12:19 - 2010-12-12 17:22 - 00000000 ____D C:\users\Michael
2013-08-07 12:19 - 2009-08-27 20:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-07 12:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\TAPI
2013-08-07 12:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\wfp
2013-08-07 12:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
2013-08-07 12:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\AppCompat
2013-08-07 12:17 - 2012-02-10 18:57 - 00000000 ____D C:\Program Files\LP
2013-08-07 12:16 - 2010-05-24 13:13 - 00000000 __RHD C:\MSOCache
2013-08-06 17:25 - 2013-08-05 15:43 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-06 17:24 - 2013-08-05 15:44 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-05 15:41 - 2013-08-05 15:32 - 117478104 _____ C:\Users\Michael\Downloads\avast_free_antivirus_setup(1).exe
2013-08-05 15:40 - 2013-08-05 15:29 - 117478104 _____ C:\Users\Michael\Downloads\avast_free_antivirus_setup.exe
2013-08-05 15:37 - 2013-08-05 15:34 - 04887880 _____ (Support.com ) C:\Users\Michael\Downloads\ARO2013_tbt(2).exe
2013-08-05 15:36 - 2013-08-05 15:34 - 04887880 _____ (Support.com ) C:\Users\Michael\Downloads\ARO2013_tbt.exe
2013-08-05 15:36 - 2013-08-05 15:34 - 04887880 _____ (Support.com ) C:\Users\Michael\Downloads\ARO2013_tbt(1).exe
2013-08-05 15:11 - 2010-05-24 13:08 - 01165734 _____ C:\Windows\WindowsUpdate.log
2013-08-05 07:36 - 2009-07-13 20:34 - 00016304 _____ C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 07:36 - 2009-07-13 20:34 - 00016304 _____ C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 07:28 - 2009-07-13 20:39 - 00064569 _____ C:\Windows\setupact.log
2013-08-01 07:57 - 2012-05-07 10:45 - 00002384 _____ C:\Users\Michael\Desktop\Google Chrome.lnk
2013-07-31 15:04 - 2013-07-31 15:03 - 00143336 _____ C:\Windows\Minidump\073113-29016-01.dmp
2013-07-31 15:03 - 2012-01-05 11:36 - 254860678 _____ C:\Windows\MEMORY.DMP
2013-07-31 13:19 - 2013-07-17 12:45 - 00011258 _____ C:\Users\Michael\Documents\July19.xlsx
2013-07-18 10:43 - 2013-07-18 10:42 - 00143336 _____ C:\Windows\Minidump\071813-29094-01.dmp
2013-07-15 10:23 - 2013-07-15 10:23 - 00143336 _____ C:\Windows\Minidump\071513-25755-01.dmp
2013-07-13 16:09 - 2009-08-27 20:23 - 00375670 _____ C:\Windows\PFRO.log
2013-07-09 14:38 - 2013-06-01 16:11 - 00240128 _____ C:\Users\Michael\Documents\Dawg pound coupon.pub
2013-07-09 12:20 - 2013-07-09 08:11 - 00011240 _____ C:\Users\Michael\Documents\July 11.xlsx

Files to move or delete:
====================
C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-07-16 07:03:42
Restore point made on: 2013-07-17 06:50:29
Restore point made on: 2013-07-18 06:43:51
Restore point made on: 2013-07-19 07:06:29
Restore point made on: 2013-07-20 06:32:54
Restore point made on: 2013-07-21 09:22:53
Restore point made on: 2013-07-22 18:29:22
Restore point made on: 2013-07-23 18:10:25
Restore point made on: 2013-07-24 04:45:51
Restore point made on: 2013-07-26 07:05:12
Restore point made on: 2013-07-27 06:35:56
Restore point made on: 2013-07-28 10:10:05
Restore point made on: 2013-07-29 07:07:46
Restore point made on: 2013-07-29 23:01:00
Restore point made on: 2013-07-30 23:01:20
Restore point made on: 2013-08-01 07:52:12
Restore point made on: 2013-08-02 06:40:16
Restore point made on: 2013-08-03 08:08:55
Restore point made on: 2013-08-03 09:21:38
Restore point made on: 2013-08-03 10:09:45
Restore point made on: 2013-08-05 06:46:47
Restore point made on: 2013-08-05 15:44:26
Restore point made on: 2013-08-05 15:53:58
Restore point made on: 2013-08-05 15:59:45
Restore point made on: 2013-08-06 07:18:17

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=D:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {ad9382c7-677f-11df-8085-fc2ec68f4bd0}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \windows
resumeobject {ad9382c7-677f-11df-8085-fc2ec68f4bd0}
nx OptIn
bootlog No

Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{ad9382ca-677f-11df-8085-fc2ec68f4bd0}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{ad9382ca-677f-11df-8085-fc2ec68f4bd0}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {ad9382c7-677f-11df-8085-fc2ec68f4bd0}
device partition=C:
path \windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=D:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
custom:26000022 Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {ad9382ca-677f-11df-8085-fc2ec68f4bd0}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 1790.42 MB
Available physical RAM: 1391.75 MB
Total Pagefile: 1790.42 MB
Available Pagefile: 1397.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.55 MB

==================== Drives ================================

Drive c: (TI105866W0A) (Fixed) (Total:223.33 GB) (Free:170.7 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.28 GB) NTFS ==>[system with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive d: detected.
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (Cruzer) (Removable) (Total:3.74 GB) (Free:3.71 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 96360D50)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=17)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

LastRegBack: 2013-06-05 14:21

==================== End Of Log ============================

D-FRED-BROWN · August 7, 2013

This should get you going.

Please do the following:

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
Right-click in the open notepad and select Paste).
Save it on the flashdrive as fixlist.txt

HKU\Guest.Michael-PC\...\Winlogon: [shell] explorer.exe <==== ATTENTION
HKU\Michael\...\Run: [Adobe] - C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll [ 2012-10-30] () <===== ATTENTION
HKU\QBPOSDBSrvUser\...\Run: [Adobe] - C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll [ 2012-10-30] () <===== ATTENTION
TDL4: custom:26000022 <===== ATTENTION!
C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply.

After that- are you able to boot into normal mode? Let me know when you can as we have more malware to remove.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"

-------> Your topic will be closed if you haven't replied within 3 days! <--------
(If I don't respond within 24 hours, please send me a PM)

-DFB

Coleon · August 7, 2013

Thank you for the hasty reply! Doing now.

Coleon · August 7, 2013

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-08-2013 03
Ran by SYSTEM at 2013-08-07 19:18:34 Run:1
Running from G:\
Boot Mode: Recovery

==============================================

HKU\Guest.Michael-PC\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Michael\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe => Value deleted successfully.
HKU\QBPOSDBSrvUser\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe => Value deleted successfully.

The operation completed successfully.
The operation completed successfully.
C:\Users\Michael\AppData\Local\Alibre Design\Adobe\mbtva.dll => Moved successfully.

==== End of Fixlog ====

Coleon · August 7, 2013

I can boot in normal mode now btw. No clue how to edit posts on here.

D-FRED-BROWN · August 8, 2013

No worries, if you can't edit just stick it in a new post .

Glad to hear you can boot. Let's start getting rid of the rest of it:

----------Step 1----------------
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
If TDSSKiller does not run, try renaming it.
To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
Click the Start Scan button.
Do not use the computer during the scan
If the scan completes with nothing found, click Close to exit.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.

----------Step 2----------------
Please download Malwarebytes Anti-Rootkit from HERE

Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

----------Step 3----------------
Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

----------Step 4----------------
Please download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 5----------------
In your next reply, please include the following:

TDSSKiller's logfile
MBAR mbar-log.txt and system-log.txt
ComboFix's report (C:\ComboFix.txt)
Security Check checkup.txt

After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask.

Coleon · August 8, 2013

I'll make sure to check back when I get my friends computer again. I'll PM you the scans.

D-FRED-BROWN · August 8, 2013

Sounds good

D-FRED-BROWN · August 12, 2013

Still with me?

AdvancedSetup · August 16, 2013

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Can't Boot - FRST.txt File From Scan

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information