Jump to content

Recommended Posts

Hi all,

I'm in a BSOD loop with the Windows 8 RE. I can't get to the desktop, not even in Safe Mode. I can get to the command line by disabling auto recovery. This tells me that there's a problem with the file MBAMSwissArmy.sys. Trying to delete this via command line has no effect -- it doesn't recognize sc delete as a command. Attached is the FRST scan file. Any help would be appreciated.

Thanks in advance,

-MG

FRST.txt

Link to post
Share on other sites

  • Root Admin

Hello @MechaGodzilla

I do not see our driver loading to do any type of removal. There is usually a driver and a scheduled task for removals which are not present in your logs.

What is possibly more likely is file, folder corruption. The following entries are due to data not being able to be written to the hard drive properly.

 

2020-06-15 05:17 - 2020-06-15 05:17 - 000000000 __SHD C:\found.005
2020-06-15 04:51 - 2020-06-15 04:51 - 000000000 __SHD C:\found.004
2020-06-15 04:51 - 2020-06-15 04:51 - 000000000 __SHD C:\found.003

 

S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *

The Malwarebytes service is a much older version of Malwarebytes but again, no entries telling it to remove anything. We can remove it though if you like.

Then the bootexecute tells it to check the hard drive, which if it sees it as dirty it would keep running a check on each boot if not resolved. Or, it may not be flagged as dirty to run when in fact the hard drive is having issues and running a disk check may fix it.

From the command prompt try running one.

CHKDSK  C:  /F

Here is a link with some information on helping to possibly fix it as well

https://neosmart.net/wiki/startup-repair-infinite-loop/

Let me know how things go

Thanks

 

Link to post
Share on other sites

  • Root Admin

Great, glad to hear. I would advise running a full FRST scan now in Normal Mode and include the Additions.txt log as well so that we can review what's going on with the system.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.