Author Topic: Grimefighter broke my windows 8.1  (Read 2900 times)

0 Members and 1 Guest are viewing this topic.

Offline Sker67

  • Newbie
  • *
  • Posts: 5
Grimefighter broke my windows 8.1
« on: June 08, 2015, 03:52:28 PM »
I've posted to another thread but had no response. I've logged a support ticket an had no response. So here's a fresh thread about Grimefighter

I installed grimefighter on my Toshiba laptop running windows 8.1 and since then I get a grimefighter sedating pc screen followed by a "HQ abort this mission .........We can't run grimefighter on this computer . Either we can't find any active windows installations or your drives are encrypted"

There is only an option to reboot or shutdown. When the laptop restarts it again boots to grimefighter and the cycle continues.

Anybody any idea how to break this loop. The Fn keys don't provide any boot options as I think grimefighter is blocking keyboard access .

Thanks
Sker

Offline Sker67

  • Newbie
  • *
  • Posts: 5
Re: Grimefighter broke my windows 8.1
« Reply #1 on: June 09, 2015, 02:51:13 PM »
Below is the output of the FRST scan as recomended by Essexboy. Any help would be appreciated

Thanks
Sker

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by SYSTEM on MININT-3CI0M2T on 09-06-2015 12:32:27
Running from D:\
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-12-09] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2609064 2012-08-30] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [751528 2012-08-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosPU] => C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe [2374552 2012-08-27] (Copyright (C) TOSHIBA Corp. 2012)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-20] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124256 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-30] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-25] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2013-10-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\user1_000\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [17661809 2014-10-22] ()
HKU\user1_000\...\Run: [GoogleChromeAutoLaunch_D46D74ADA5E2116D8B9032D8CF8AC27A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\user1_000\...\Run: [Google Update] => C:\Users\user1_000\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-31] (Google Inc.)
HKU\user1_000\...\Policies\system: [DisableLockWorkstation] 0
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-23] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0 nxlsa
Startup: C:\Users\user1_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-11]
ShortcutTarget: Dropbox.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\user1_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SocketScan 10.lnk [2014-08-19]
ShortcutTarget: SocketScan 10.lnk -> C:\Program Files\Socket Mobile\SocketScan 10\Bin\Windows-x64\SocketScan 10-64.exe (No File)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-25] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-29] (Microsoft Corporation)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-25] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-25] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-25] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-25] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-25] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-25] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-25] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-25] ()
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3349984 2014-04-25] (Intel Corporation)
S3 OSFMount; C:\Program Files\OSFMount\OSFMount.sys [1299384 2014-02-07] (PassMark Software)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-07] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-19] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 12:12 - 2015-06-09 12:15 - 00000000 ____D C:\FRST
2015-06-05 09:03 - 2015-06-05 09:03 - 00000169 _____ C:\Users\user1_000\Documents\mylaptop-8_user1_000_2015_ 6_ 5.csv
2015-06-05 05:39 - 2015-06-05 05:40 - 00000000 __SHD C:\Jumpshot
2015-06-05 05:38 - 2015-06-05 12:55 - 00000000 ____D C:\Windows\jumpshot.com
2015-06-03 02:29 - 2015-06-03 02:46 - 971735523 _____ C:\Users\user1_000\Downloads\zcs-8.6.0_GA_1153.UBUNTU12_64.20141215195814.tgz
2015-05-25 14:24 - 2015-05-25 14:24 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\System32\aswBoot.exe
2015-05-25 14:24 - 2015-05-25 14:24 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-24 15:59 - 2015-05-24 15:59 - 00019264 _____ C:\Users\user1_000\Documents\mylaptop-8_user1_000_2015_ 5_25.csv


==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 15:08 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\sru
2015-06-05 13:01 - 2014-10-06 15:43 - 01517813 _____ C:\Windows\WindowsUpdate.log
2015-06-05 12:55 - 2014-02-18 15:56 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5622E741-5804-4A93-A8A7-F6E71C35EA17}
2015-06-05 08:51 - 2014-11-04 01:43 - 00050119 _____ C:\Windows\setupact.log
2015-06-05 08:51 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-05 08:50 - 2014-11-04 00:48 - 00156168 _____ C:\Windows\PFRO.log
2015-06-05 08:50 - 2013-02-08 16:55 - 00000000 ____D C:\Users\user1_000\Documents\Outlook Files
2015-06-05 08:12 - 2015-03-31 15:02 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-133516155-3751550144-3609126087-1002UA.job
2015-06-05 07:00 - 2014-07-07 15:17 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-05 06:00 - 2013-01-31 16:25 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-133516155-3751550144-3609126087-1002
2015-06-05 05:41 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\System32\config\BBI
2015-06-05 05:21 - 2013-11-14 04:45 - 00955428 _____ C:\Windows\System32\PerfStringBackup.INI
2015-06-05 01:46 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Web
2015-06-05 01:32 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-05 01:12 - 2015-03-31 15:02 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-133516155-3751550144-3609126087-1002Core.job
2015-06-05 00:35 - 2012-07-25 23:59 - 00000000 ____D C:\Windows\CbsTemp
2015-06-02 13:52 - 2013-01-31 16:17 - 00000000 ____D C:\Users\user1_000\AppData\Local\Packages
2015-06-02 01:13 - 2015-04-15 06:58 - 00000350 _____ C:\Windows\BRRBCOM.INI
2015-05-25 14:24 - 2014-07-07 15:17 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswSnx.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswSP.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00272248 _____ C:\Windows\System32\Drivers\aswVmm.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswStm.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswRdr2.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswMonFlt.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00065736 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2015-05-25 14:24 - 2014-07-07 15:17 - 00029168 _____ C:\Windows\System32\Drivers\aswHwid.sys
2015-05-20 05:03 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\NDF
2015-05-19 01:07 - 2015-03-31 15:02 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-133516155-3751550144-3609126087-1002UA
2015-05-19 01:07 - 2015-03-31 15:02 - 00003526 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-133516155-3751550144-3609126087-1002Core
2015-05-18 15:52 - 2014-11-10 16:06 - 00000000 ____D C:\Users\user1_000\Desktop\Tor Browser
2015-05-18 12:54 - 2013-02-01 15:06 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 12:54 - 2013-02-01 15:06 - 00003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 13:23 - 2015-03-11 08:05 - 00000000 ____D C:\Users\user1_000\Ubiquiti UniFi
2015-05-16 03:03 - 2013-11-11 14:15 - 00309248 ___SH C:\Users\user1_000\Desktop\Thumbs.db

Some files in TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
C:\Users\user1_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6k_iiw.dll
C:\Users\user1_000\AppData\Local\Temp\fewvowr5.dll
C:\Users\user1_000\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\user1_000\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\user1_000\AppData\Local\Temp\restarter4241888491589790358.exe
C:\Users\user1_000\AppData\Local\Temp\restarter676466061677469285.exe
C:\Users\user1_000\AppData\Local\Temp\VistaLauncher971380008147964824.exe
C:\Users\user1_000\AppData\Local\Temp\_isB456.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2015-04-15 06:11] - [2014-10-28 17:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437

C:\Windows\System32\wininit.exe
[2015-04-15 06:10] - [2014-10-28 17:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380

C:\Windows\explorer.exe
[2015-04-15 05:05] - [2015-01-27 15:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88

C:\Windows\SysWOW64\explorer.exe
[2015-04-15 05:05] - [2015-01-27 15:41] - 2207488 ____A (Microsoft Corporation) 91E24273FCA076EA9E65DAFA98901225

C:\Windows\System32\svchost.exe
[2015-04-15 06:10] - [2014-10-28 20:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47

C:\Windows\SysWOW64\svchost.exe
[2015-04-15 06:10] - [2014-10-28 19:17] - 0033088 ____A (Microsoft Corporation) D0ABC231C0B3E88C6B612B28ABBF734D

C:\Windows\System32\services.exe
[2015-04-15 06:12] - [2014-10-28 19:53] - 0411128 ____A (Microsoft Corporation) 5BF02EBEFEDC706318C96E2E60EDCB91

C:\Windows\System32\User32.dll
[2015-04-15 06:13] - [2014-10-28 20:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5

C:\Windows\SysWOW64\User32.dll
[2015-04-15 06:13] - [2014-10-28 17:04] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE

C:\Windows\System32\userinit.exe
[2015-04-15 06:09] - [2014-10-28 17:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F

C:\Windows\SysWOW64\userinit.exe
[2015-04-15 06:10] - [2014-10-28 17:05] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0

C:\Windows\System32\rpcss.dll
[2015-04-15 06:13] - [2014-10-28 17:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2015-05-16 03:13:59
Restore point made on: 2015-05-24 13:52:36
Restore point made on: 2015-05-25 14:23:52
Restore point made on: 2015-06-03 03:23:30

==================== Memory info ===========================

Percentage of memory in use: 9%
Total physical RAM: 12177.53 MB
Available physical RAM: 10994.41 MB
Total Pagefile: 12177.53 MB
Available Pagefile: 11018.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.88 MB

==================== Drives ================================

Drive c: (TI30995300A) (Fixed) (Total:920.4 GB) (Free:528.54 GB) NTFS
Drive d: (DVD_ROM) (Removable) (Total:7.47 GB) (Free:7.11 GB) NTFS
Drive e: (System) (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 23E94B85)
Partition 1: (Active) - (Size=7.5 GB) - (Type=07 NTFS)


LastRegBack: 2015-06-05 07:22

==================== End of log ============================

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40610
  • Dragons by Sasha
    • Malware fixes
Re: Grimefighter broke my windows 8.1
« Reply #2 on: June 09, 2015, 03:26:08 PM »
Within the BIOS what boot options are available ?

On the recovery console could you run automatic repair

Offline Sker67

  • Newbie
  • *
  • Posts: 5
Re: Grimefighter broke my windows 8.1
« Reply #3 on: June 09, 2015, 03:31:50 PM »
In the Bios there is just the standard HDD,USB,CD/DVD and network boot options.

Do you mean run the auto repair from the USB boot device I created?

Offline Sker67

  • Newbie
  • *
  • Posts: 5
Re: Grimefighter broke my windows 8.1
« Reply #4 on: June 09, 2015, 05:22:34 PM »
The automatic repair didn't work. I did a system restore to before I installed grimefighter. However the laptop still booted into grimefighter. This time it failed to run because there was no valid license and offered me the reboot.

I did the reboot and windows 8.1 is back.

Thanks to Essexboy for his help with this issue. Avast Support only just replied to my "critical" ticket a few mins ago after 3 days waiting.

My feeling is DO NOT USE this product on windows 8.1 it may kill your machine even if they say it is supported on windows 8.1

Thanks
Sker

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40610
  • Dragons by Sasha
    • Malware fixes
Re: Grimefighter broke my windows 8.1
« Reply #5 on: June 09, 2015, 07:06:35 PM »
Keep the recovery USB as it may come in handy :)