Author Topic: Need help with weird graphics and non boot-up of PC (Read 8169 times)

cyclops365 · « **on:** July 18, 2013, 09:54:26 PM »

Hi, N00b here.

Have a problem with my EMachines E4220 that I've had for several years now and as recent as a couple of days ago, I was using it fine, when all of a sudden my screen went like this...

Please note this isn't my screenshot, but someone elses off the web, it is not too dis-similar to mine

It then went to a blue screen and promptly tried to re-boot. It failed to re-boot and then loaded up System Repair, which just went around in a loop as it couldn't repair so it re-booted and the only way I can use the PC is in Safe Mode.

I ran avast in safe mode and got three virus messages. It couldn't repair the files though. So I ran MBAM and cleaned up the system that way. But it still won't reboot unless in safe mode and my screen is still the way it is in the picture above. Please help

I don't know if this is a virus or what, please help, as I said I don't know much about this as it seems all too complicated looking things up on the web.

Pondus · « **Reply #1 on:** July 18, 2013, 10:07:45 PM »

follow instructions and attach logs...not copy and paste http://forum.avast.com/index.php?topic=53253.0

run in order listed
AdwCleaner / Malwarebytes / OTL / aswMBR

if you have avast and Malwarebytes log from Your previous scan With detection.... attach those also

when done. removal experts will be notified and check Your logs...

essexboy · « **Reply #2 on:** July 18, 2013, 11:13:19 PM »

That is either the graphics card or the monitor on the way out and not malware

cyclops365 · « **Reply #3 on:** July 19, 2013, 01:04:37 PM »

Here are the OTL.txt and Extras.txt logs that I performed last night.

cyclops365 · « **Reply #4 on:** July 19, 2013, 01:05:34 PM »

Quote from: essexboy on July 18, 2013, 11:13:19 PM

That is either the graphics card or the monitor on the way out and not malware

I thought that too, but would that contribute to it not booting up?

essexboy · « **Reply #5 on:** July 19, 2013, 01:20:37 PM »

There is a lot of old infections and garbage on here, so I will clear that first and then determine where the main problem lies

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code: [Select]

:Commands
[CREATERESTOREPOINT]

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - File not found [Auto | Stopped] -- C:\Users\Ian\AppData\Local\Temp\RarSFX0\wircd.exe -- (UnrealIRCd)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Virgin Media\Security\BitDefender\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Virgin Media\Security\BitDefender\profos.sys -- (Profos)
DRV - [2013/06/26 18:46:41 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
IE - HKLM\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B0BA4DDE-F0D0-4CCD-B4BB-F5A187FD09CE}: C:\Users\Ian\AppData\Roaming\Local\{B0BA4DDE-F0D0-4CCD-B4BB-F5A187FD09CE} [2011/04/14 05:41:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\15.3.0.11
[2012/12/18 08:48:52 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi
O2 - BHO: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>;) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (YoutubeMP3ConverterBHO Class) - {6F0B6B9B-6342-4E2F-ABF5-C40B94320622} - C:\Program Files\YoutubeMP3Converter\ytflvtomp3.dll (flvto@hotger.com)
O2 - BHO: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found.
O2 - BHO: (OrbiscomROTBho2 Class) - {D81AB57B-7327-4347-B7C7-9EF7CA87CE09} - C:\Windows\System32\SlimBho2.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (no name) - s - No CLSID value found.
O2 - BHO: (no name) - SlimBho2.dll' - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2728907668-3457934910-1593783530-1001\..\Toolbar\WebBrowser: (no name) - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No CLSID value found.
O3 - HKU\S-1-5-21-2728907668-3457934910-1593783530-1001\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-2728907668-3457934910-1593783530-1001\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-2728907668-3457934910-1593783530-1001\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-21-2728907668-3457934910-1593783530-1001\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-2728907668-3457934910-1593783530-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Reg Error: Value error. (Reg Error: Key error.)
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Users\Ian\AppData\Roaming\Local\ukk.exe" -a "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Users\Ian\AppData\Roaming\Local\ukk.exe" -a "%1" %*
[2013/06/26 18:46:41 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2011/05/29 13:00:16 | 000,011,384 | -HS- | C] () -- C:\ProgramData\998673740
[2011/05/29 12:34:02 | 000,011,502 | -HS- | C] () -- C:\Users\Ian\AppData\Roaming\Local\80n70x50l01od3etil60gw51se8kpkiyh3h30b436qut
[2011/05/29 12:34:02 | 000,011,502 | -HS- | C] () -- C:\ProgramData\80n70x50l01od3etil60gw51se8kpkiyh3h30b436qut
[2011/04/14 05:41:39 | 000,000,120 | ---- | C] () -- C:\Users\Ian\AppData\Roaming\Local\Mfivodadu.dat
[2011/04/14 05:41:39 | 000,000,000 | ---- | C] () -- C:\Users\Ian\AppData\Roaming\Local\Utoruwe.bin
[2010/11/25 12:26:00 | 000,001,044 | ---- | C] () -- C:\Users\Ian\AppData\Roaming\vso_ts_preview.xml
[2010/11/25 12:24:41 | 000,087,608 | ---- | C] () -- C:\Users\Ian\AppData\Roaming\inst.exe
[2012/09/28 06:47:57 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\AVG2013
[2013/05/08 23:05:15 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\BabSolution
[2013/05/08 23:03:59 | 000,000,000 | ---D | M] -- C:\Users\Ian\AppData\Roaming\Babylon

:Reg
[-HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}]

:Files

:Commands
[resethosts]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

cyclops365 · « **Reply #6 on:** July 19, 2013, 05:24:39 PM »

Done, Thanks

Attached is the log from the Quick Scan after the re-boot (into Safe Mode)

Pondus · « **Reply #7 on:** July 19, 2013, 05:29:40 PM »

it may be an hour or two before Essexboy is online

cyclops365 · « **Reply #8 on:** July 19, 2013, 05:33:08 PM »

Whatever, I'm in no rush, just very appreciative of the help

essexboy · « **Reply #9 on:** July 19, 2013, 06:41:54 PM »

OK next we will try to determine if there is a problem with one of the drivers

Next we will check for driver conflicts

Step 1: Start MSConfig

Click Start, type msconfig in the Start Search box, and then press ENTER.
If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation.

Step 2: Configure Selective Startup options

1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.

2.Click to clear the Load Startup Items check box.
Note The Use Original Boot.ini check box is unavailable.

3.Click the Services tab.

4.Click to select the Hide All Microsoft Services check box.
5.Click Disable All, and then click OK.
6. When you are prompted, click Restart.

Once back in windows does the problem still occur ?

cyclops365 · « **Reply #10 on:** July 20, 2013, 11:02:07 AM »

Done that and restarted, screen still as it is (thinking its the graphics card) and boot sequence still not loading up windows.

essexboy · « **Reply #11 on:** July 20, 2013, 11:27:55 AM »

I would tend to agree on the graphics cards. Is it onboard graphics or a dedicated card ?

cyclops365 · « **Reply #12 on:** July 20, 2013, 11:42:00 AM »

its a dedicated card, NVidia GE 7200 I think

essexboy · « **Reply #13 on:** July 20, 2013, 11:43:36 AM »

Could you remove the card and allow the onboard graphics to handle it. If the display is still bad then it may well be a monitor problem

cyclops365 · « **Reply #14 on:** July 20, 2013, 12:39:49 PM »

Rather than going into my PC to disconnect the card, I have tried the monitor on a laptop and that's working fine

Author Topic: Need help with weird graphics and non boot-up of PC (Read 8169 times)

cyclops365

Need help with weird graphics and non boot-up of PC

Pondus

Re: Need help with weird graphics and non boot-up of PC

essexboy

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC

essexboy

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC

Pondus

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC

essexboy

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC

essexboy

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC

essexboy

Re: Need help with weird graphics and non boot-up of PC

cyclops365

Re: Need help with weird graphics and non boot-up of PC