CCWTech

Member
  • Content Count

    12
  • Joined

  • Last visited

Community Reputation

1 Neutral

About CCWTech

  • Rank
    Member

Profile Information

  • Gender
    Not Telling
  1. Elise - Posting the PM here in case anyone ever needs the reference. The simplest thing to do would be to delete the blzblk.exe and blzblk.dat files using the recovery environment. (located in c:\windows\system32). To be sure I"d either copy them to a flashdrive or just rename them (blzblk.exe.old for example). You only posted a help request a day ago, you received a reply today, so unfortunately I can't take into account the fact that this has been a problem for more than a day as you state. BlitzBlank is an advanced tool and as its disclaimer states, is used at your own risk. That worked great. Are there any other things I need to do now that I am in Windows to clean up the tool?
  2. I was able to boot into recovery mode and get a command prompt. Here is the FRST file. Keep in mind instructions to fix the issue must be done in consideration for not being able to boot windows. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014 Ran by SYSTEM on MININT-RA44TTV on 20-05-2014 08:09:59 Running from F:\ Platform: Windows Server 2012 R2 Datacenter (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b] The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [Popup] => C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe [61440 2011-05-30] (LSI) HKLM-x32\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [350184 2012-08-03] (Cyber Power Systems, Inc.) HKLM-x32\...\Run: [AdvancedMonitoringSysTray] => C:\Program Files (x86)\Advanced Monitoring Agent GP\systray\Launcher.exe [290304 2014-03-21] () HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\SBAMTray.exe [3232152 2013-05-28] (Managed Antivirus) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKLM\...\Policies\Explorer: [ShowSuperHidden] 1 HKU\.NET v4.5\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) HKU\.NET v4.5 Classic\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) HKU\acrist\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\Administrator\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) HKU\MSSQL$MICROSOFT##WID\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) HKU\root\...\Run: [Akamai NetSession Interface] => C:\Users\root\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKU\root\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 Lsa: [Notification Packages] scecli rassfm SecurityProviders: credssp.dll, pwdssp.dll ==================== Services (Whitelisted) ================= S2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent GP\winagent.exe [7685120 2014-04-21] (Remote Monitoring) S2 ADWS; C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe [478720 2013-11-16] (Microsoft Corporation) S2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-08-15] (CrashPlan) S2 Dfs; C:\Windows\system32\dfssvc.exe [451072 2013-11-16] (Microsoft Corporation) S2 DFSR; C:\Windows\system32\DFSRs.exe [3832832 2013-11-16] (Microsoft Corporation) S2 DHCPServer; C:\Windows\System32\dhcpssvc.dll [1051648 2013-11-16] (Microsoft Corporation) S2 DNS; C:\Windows\system32\dns.exe [1581056 2013-11-16] (Microsoft Corporation) S3 DsRoleSvc; C:\Windows\system32\dsrolesrv.dll [279552 2013-11-16] (Microsoft Corporation) S2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent GP\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.) S2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2013-11-16] (Microsoft Corporation) S2 IsmServ; C:\Windows\System32\ismserv.exe [64512 2013-11-16] (Microsoft Corporation) S2 Kdc; C:\Windows\system32\kdcsvc.dll [568320 2013-09-03] (Microsoft Corporation) S3 KdsSvc; C:\Windows\system32\KdsSvc.dll [36352 2013-11-16] (Microsoft Corporation) S3 KPSSVC; C:\Windows\system32\kpssvc.dll [173056 2013-08-22] (Microsoft Corporation) S2 MegaMonitorSrv; C:\Program Files (x86)\MegaRAID Storage Manager\MegaMonitor\mrmonitor.exe [536576 2011-04-05] () S2 MSMFramework; C:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe [72760 2011-05-30] () S2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-11-16] (Microsoft Corporation) S2 MSSQL$MICROSOFT##WID; C:\Windows\WID\Binn\sqlservr.exe [191064 2013-11-16] (Microsoft Corporation) S2 NTDS; C:\Windows\system32\ntdsa.dll [97280 2013-11-16] (Microsoft Corporation) S4 NtFrs; C:\Windows\system32\ntfrs.exe [1001472 2013-11-16] (Microsoft Corporation) S2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [1017832 2012-08-03] (Cyber Power Systems, Inc.) S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [85504 2013-08-22] (Microsoft Corporation) S3 sacsvr; C:\Windows\system32\sacsvr.dll [15872 2013-08-22] (Microsoft Corporation) S2 SBAMSvc; C:\Program Files (x86)\Advanced Monitoring Agent GP\managedav\SBAMSvc.exe [3681016 2013-05-28] (ThreatTrack Security, Inc.) S2 SNMP; C:\Windows\System32\snmp.exe [50688 2013-11-16] (Microsoft Corporation) S2 SNMP; C:\Windows\SysWOW64\snmp.exe [46080 2013-11-16] (Microsoft Corporation) S2 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [47424 2014-03-31] (Spiceworks, Inc.) S3 SrmReports; C:\Windows\system32\srmhost.exe [137216 2013-11-16] (Microsoft Corporation) S2 SrmSvc; C:\Windows\system32\srmsvc.dll [5874688 2013-11-16] (Microsoft Corporation) S2 stunnel; C:\Program Files (x86)\stunnel\stunnel.exe [105472 2013-03-22] (Michal Trojnara) S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [245760 2013-12-07] (Microsoft Corporation) S2 UALSVC; C:\Windows\System32\ualsvc.dll [248832 2013-08-22] (Microsoft Corporation) S2 vmms; C:\Windows\system32\vmms.exe [13368832 2013-12-07] (Microsoft Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-16] (Microsoft Corporation) S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-16] (Microsoft Corporation) S2 WDSServer; C:\Windows\system32\wdssrv.dll [139264 2013-11-16] (Microsoft Corporation) S3 WIDWriter; C:\Windows\WID\Binn\sqlwriter.exe [129624 2013-11-16] (Microsoft Corporation) S2 WinVNC4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2360048 2011-02-04] (RealVNC Ltd) S3 WSusCertServer; C:\Program Files\Update Services\Services\WSusCertServer.exe [64512 2013-11-16] (Microsoft Corporation) S2 WsusService; C:\Program Files\Update Services\Services\WsusService.exe [17920 2013-11-16] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) S0 bfadfcoei; C:\Windows\System32\drivers\bfadfcoei.sys [2265440 2013-08-22] (Brocade Communications Systems, Inc.) S0 bfadi; C:\Windows\System32\drivers\bfadi.sys [2265440 2013-08-22] (Brocade Communications Systems, Inc.) S0 bxfcoe; C:\Windows\System32\drivers\bxfcoe.sys [187744 2013-08-22] (Broadcom Corporation) S0 bxois; C:\Windows\System32\drivers\bxois.sys [560480 2013-08-22] (Broadcom Corporation) S0 Cbafilt; C:\Windows\System32\drivers\cbafilt.sys [45920 2013-11-16] (Microsoft Corporation) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [605672 2013-06-18] (Chelsio Communications) S0 Datascrn; C:\Windows\System32\drivers\datascrn.sys [126304 2013-11-16] (Microsoft Corporation) S1 DfsDriver; C:\Windows\System32\drivers\dfs.sys [54624 2013-11-16] (Microsoft Corporation) S0 DfsrRo; C:\Windows\System32\drivers\dfsrro.sys [66400 2013-11-16] (Microsoft Corporation) S0 elxfcoe; C:\Windows\System32\drivers\elxfcoe.sys [712032 2013-08-22] (Emulex) S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [32768 2013-08-22] (Microsoft Corporation) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security) S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2012-02-13] (GFI Software) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security) S1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2013-11-16] (Microsoft Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) S0 ibbus; C:\Windows\System32\drivers\ibbus.sys [463712 2013-08-22] (Mellanox) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2013-11-16] (Microsoft Corporation) S0 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [426336 2013-08-22] (Mellanox) S3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-11-16] (Microsoft Corporation) S3 MsLbfoProvider; C:\Windows\system32\DRIVERS\MsLbfoProvider.sys [115712 2013-12-07] (Microsoft Corporation) S0 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [66400 2013-08-22] (Mellanox) S3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.) S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2013-11-16] (Microsoft Corporation) S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-09-07] (Microsoft Corporation) S0 ql2300i; C:\Windows\System32\drivers\ql2300i.sys [1508704 2013-08-22] (QLogic Corporation) S0 ql40xx2i; C:\Windows\System32\drivers\ql40xx2i.sys [475488 2013-08-22] (QLogic Corporation) S0 qlfcoei; C:\Windows\System32\drivers\qlfcoei.sys [1300320 2013-08-22] (QLogic Corporation) S0 Quota; C:\Windows\System32\drivers\quota.sys [173408 2013-11-16] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [74752 2013-04-03] (Identive) S0 sacdrv; C:\Windows\System32\DRIVERS\sacdrv.sys [94048 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-11] (Microsoft Corporation) S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [145920 2013-09-11] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-07] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [19456 2013-11-16] (Microsoft Corporation) S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-12-07] (Microsoft Corporation) S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-12-07] (Microsoft Corporation) S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-12-07] (Microsoft Corporation) S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-12-07] (Microsoft Corporation) S0 WinMad; C:\Windows\System32\drivers\winmad.sys [28000 2013-08-22] (Mellanox) S3 WinNat; C:\Windows\System32\drivers\winnat.sys [172544 2013-08-22] (Microsoft Corporation) S0 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59744 2013-08-22] (Mellanox) S3 WLBS; C:\Windows\system32\DRIVERS\NLB.sys [337920 2013-11-16] (Microsoft Corporation) S3 wtlmdrv; C:\Windows\System32\drivers\wtlmdrv.sys [31232 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== NETSVC: sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2014-05-20 08:08 - 2014-05-20 08:09 - 00000000 ____D () C:\FRST 2014-05-19 18:05 - 2014-05-19 20:25 - 00000000 _____ () C:\Recovery.txt 2014-05-18 11:27 - 2014-05-20 05:52 - 321608776 _____ () C:\blitzblank.log 2014-05-18 11:25 - 2014-05-18 11:25 - 00074240 _____ () C:\Windows\System32\blzblk.exe 2014-05-18 11:25 - 2014-05-18 11:25 - 00000040 _____ () C:\Windows\System32\blzblk.dat 2014-05-18 10:40 - 2014-05-18 10:40 - 01583405 _____ () C:\Users\root\Desktop\long_path_tool.zip 2014-05-18 09:49 - 2014-05-18 09:49 - 01153912 _____ (Emsi Software GmbH) C:\Users\root\Desktop\BlitzBlank.exe 2014-05-17 22:21 - 2014-05-18 11:08 - 00053668 _____ () C:\Windows\WindowsUpdate.log 2014-05-14 20:12 - 2014-05-14 20:12 - 21186352 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2014-05-14 20:12 - 2014-05-14 20:12 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 23134208 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-08 18:54 - 2014-05-08 18:54 - 00000000 ____D () C:\Users\root\AppData\Roaming\TeamViewer 2014-04-21 04:59 - 2014-04-21 04:59 - 00359516 _____ () C:\Users\root\AppData\Local\dd_vcredistMSI6251.txt 2014-04-21 04:59 - 2014-04-21 04:59 - 00011154 _____ () C:\Users\root\AppData\Local\dd_vcredistUI6251.txt ==================== One Month Modified Files and Folders ======= 2014-05-20 08:09 - 2014-05-20 08:08 - 00000000 ____D () C:\FRST 2014-05-20 05:52 - 2014-05-18 11:27 - 321608776 _____ () C:\blitzblank.log 2014-05-19 20:25 - 2014-05-19 18:05 - 00000000 _____ () C:\Recovery.txt 2014-05-18 11:25 - 2014-05-18 11:25 - 00074240 _____ () C:\Windows\System32\blzblk.exe 2014-05-18 11:25 - 2014-05-18 11:25 - 00000040 _____ () C:\Windows\System32\blzblk.dat 2014-05-18 11:25 - 2013-11-16 22:57 - 00000000 ____D () C:\Windows\System32\dhcp 2014-05-18 11:25 - 2013-08-22 07:39 - 00000000 ____D () C:\Windows\System32\inetsrv 2014-05-18 11:25 - 2013-08-22 06:48 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-18 11:24 - 2013-04-10 17:14 - 00000000 ____D () C:\Program Files (x86)\Advanced Monitoring Agent GP 2014-05-18 11:15 - 2013-07-25 10:14 - 00000000 ____D () C:\DFSReports 2014-05-18 11:08 - 2014-05-17 22:21 - 00053668 _____ () C:\Windows\WindowsUpdate.log 2014-05-18 11:02 - 2013-04-06 08:35 - 00000000 ____D () C:\Windows\NTDS 2014-05-18 10:57 - 2013-11-16 22:12 - 27590656 _____ () C:\Windows\System32\vmguest.iso 2014-05-18 10:53 - 2013-11-16 22:02 - 01215608 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-05-18 10:52 - 2013-04-06 08:38 - 00006224 _____ () C:\Windows\System32\config\netlogon.dnb 2014-05-18 10:52 - 2013-04-06 08:38 - 00002131 _____ () C:\Windows\System32\config\netlogon.dns 2014-05-18 10:48 - 2013-11-16 22:18 - 00013832 __RSH () C:\ProgramData\ntuser.pol 2014-05-18 10:47 - 2013-11-16 22:57 - 00000000 ____D () C:\Windows\System32\dns 2014-05-18 10:47 - 2013-07-26 17:06 - 00000000 ____D () C:\Program Files (x86)\CyberPower PowerPanel Personal Edition 2014-05-18 10:47 - 2013-04-18 18:49 - 00001024 _____ () C:\.rnd 2014-05-18 10:40 - 2014-05-18 10:40 - 01583405 _____ () C:\Users\root\Desktop\long_path_tool.zip 2014-05-18 09:49 - 2014-05-18 09:49 - 01153912 _____ (Emsi Software GmbH) C:\Users\root\Desktop\BlitzBlank.exe 2014-05-18 05:11 - 2013-04-10 17:39 - 00000000 ____D () C:\Windows\Patches 2014-05-17 18:02 - 2013-11-16 22:57 - 00000000 ____D () C:\Windows\System32\msmq 2014-05-16 04:54 - 2013-08-22 07:39 - 00000000 ____D () C:\Windows\rescache 2014-05-15 13:09 - 2013-04-13 11:21 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1678482896-1809306790-2796102246-1104 2014-05-15 12:52 - 2013-08-22 05:25 - 00008192 ___SH () C:\Windows\System32\config\BBI 2014-05-15 06:40 - 2013-08-22 07:39 - 00000000 ___RD () C:\Windows\ToastData 2014-05-15 06:40 - 2013-08-22 07:39 - 00000000 ____D () C:\Windows\System32\SecureBootUpdates 2014-05-14 20:13 - 2013-11-16 22:57 - 05410816 _____ (Microsoft Corporation) C:\Windows\System32\gppref.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 05023232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gppref.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 03214848 _____ (Microsoft Corporation) C:\Windows\System32\propshts.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 02411008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propshts.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 00756224 _____ (Microsoft Corporation) C:\Windows\System32\gpprefbr.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 00577024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefbr.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 00271360 _____ (Microsoft Corporation) C:\Windows\System32\gpregistrybrowser.dll 2014-05-14 20:13 - 2013-11-16 22:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcn.dll 2014-05-14 20:12 - 2014-05-14 20:12 - 21186352 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2014-05-14 20:12 - 2014-05-14 20:12 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 23134208 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-05-14 20:11 - 2014-05-14 20:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-14 20:10 - 2013-12-18 07:52 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-14 20:10 - 2013-12-18 07:52 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-14 20:05 - 2013-10-28 01:11 - 00000000 ____D () C:\Windows\System32\MRT 2014-05-14 20:03 - 2013-04-06 14:08 - 93223848 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-05-08 18:54 - 2014-05-08 18:54 - 00000000 ____D () C:\Users\root\AppData\Roaming\TeamViewer 2014-05-08 18:54 - 2013-07-25 13:05 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-04-24 04:42 - 2014-02-18 13:50 - 00000000 ____D () C:\Users\root\AppData\Local\Akamai 2014-04-21 05:01 - 2013-12-07 06:01 - 00000000 ____D () C:\Program Files (x86)\Spiceworks 2014-04-21 04:59 - 2014-04-21 04:59 - 00359516 _____ () C:\Users\root\AppData\Local\dd_vcredistMSI6251.txt 2014-04-21 04:59 - 2014-04-21 04:59 - 00011154 _____ () C:\Users\root\AppData\Local\dd_vcredistUI6251.txt 2014-04-21 04:58 - 2013-12-07 06:02 - 00000000 ____D () C:\Program Files\WinPcap ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!. C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-05-17 18:00:55 Restore point made on: 2014-05-17 19:37:02 Restore point made on: 2014-05-17 22:25:19 Restore point made on: 2014-05-17 23:05:04 ==================== BCD ================================ The boot configuration data store could not be opened. The requested system device cannot be found. ==================== Memory info =========================== Percentage of memory in use: 7% Total physical RAM: 16347.82 MB Available physical RAM: 15202.71 MB Total Pagefile: 16347.82 MB Available Pagefile: 15184.59 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.73 GB) (Free:103.73 GB) NTFS Drive d: (Data) (Fixed) (Total:1861.87 GB) (Free:1547.79 GB) NTFS Drive e: (HRM_SSS_X64FRE_EN-US_DV5) (CDROM) (Total:3.44 GB) (Free:0 GB) UDF Drive f: (TOSHIBA) (Removable) (Total:7.21 GB) (Free:7.21 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or (Size: 1862 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 3 (Size: 7 GB) (Disk ID: 66080C09) Partition 1: (Not Active) - (Size=7 GB) - (Type=0B) LastRegBack: 2014-05-11 02:42 ==================== End Of Log ============================
  3. I can't get to my desktop. That's the issue. It's been running for days. I can't boot into Windows.
  4. I am using BlitzBlank to delete files with too long of a path to delete regularly. Problem is, it's taking a long time and I need to stop it for now. Is there any way to stop it from running when I boot into Windows?