Scott Thompson
asked on
Disable Driver Signature Enforcement every Boot
Hello,
I have a computer that is infected. It is a HP DV6700. The customer brought it in, and all it would do is reboot after trying to load Windows.
We have determined it is most likely due to infection, but I keep having issues trying to even run the scans in Windows. For the most part, I keep getting a STOP C4.
Oh, and the ONLY way I can get Windows to load is to choose 'Disable Driver Signature Enforcement'.
I'm going to upload some minidumps and and rkill log. Hopefully this will give people ideas of what I can do! :)
Thanks!
Minidumps.zip
Rkill.txt
I have a computer that is infected. It is a HP DV6700. The customer brought it in, and all it would do is reboot after trying to load Windows.
We have determined it is most likely due to infection, but I keep having issues trying to even run the scans in Windows. For the most part, I keep getting a STOP C4.
Oh, and the ONLY way I can get Windows to load is to choose 'Disable Driver Signature Enforcement'.
I'm going to upload some minidumps and and rkill log. Hopefully this will give people ideas of what I can do! :)
Thanks!
Minidumps.zip
Rkill.txt
ASKER
Okay, by doing that it should allow me to boot into Windows every time, but how to I fix the current issues so I don't have to boot with Driver Signature Enforcement disabled?
Im not a pro in virus or something but when i get that in personal computers i use the avira boot usb to try to find the virus,booting from usb, and then run the Ad-Aware by Lavasoft
And check in start up (cmd->msconfig) if there's any suspicions entry....
And check in start up (cmd->msconfig) if there's any suspicions entry....
download and run sysinternals loadorder.
You may want to also get autoruns and rootkit revealer also from Microsoft Sysinternals
Malware Bytes is an excellent product and I recommend it highly http://malwarebytes.org
You may want to also get autoruns and rootkit revealer also from Microsoft Sysinternals
Malware Bytes is an excellent product and I recommend it highly http://malwarebytes.org
ASKER
I'm running a command line scan with EmsisoftEmergencyKit in Recovery Mode at the moment.
I did run a scan with Malwarebytes. I will try to post the results when I get back in.
I'll also look into your guys' suggestions.
Thanks!
I did run a scan with Malwarebytes. I will try to post the results when I get back in.
I'll also look into your guys' suggestions.
Thanks!
ASKER
Okay, here are the scan logs for Malwarebytes and Avast!. Also for Combofix.
Emsisoft found 5 infections, but I apparently did not get a scan log.
Avastlog.jpg
mbam-log-2013-06-26--15-27-07-.txt
ComboFix.txt
Emsisoft found 5 infections, but I apparently did not get a scan log.
Avastlog.jpg
mbam-log-2013-06-26--15-27-07-.txt
ComboFix.txt
after the removal how are things looking?
Run sfc /scannow in elevated command prompt.
ASKER
I have ran sfc scannow and already poated the cbs.log, but I will run again. :-)
Posted the cbs.log?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Customer decided to reload. Was not given enough time after posting to solve.