Clean boot is an action to disable all non MS services, so at boot only system services load. The idea is to find out if 3rd party services are causing the issue, as there is no difference you can reset to Normal boot. Those instructions are in the link given previously...
I`d like you to run a scan from outside of windows, see if we have missed a malicious entry.....
Do you have access to another PC to create the Widows Defender Offline Tool, I give the instructions to load to a USB flash drive. It can also be run from a CD, just change to that option in the instructions…
It can be created from the PC with issues, but a different clean PC is preferred!
Download the tool from here :- http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
and save to the Desktop.
You will have to select the correct version for your system, either 32 or 64 bit
Run the tool, Windows 7 or Vista user right click and select "Run as Administrator"
Read the instructions in the new window and select "Next"
In the new window accept the agreement:
In the new window select your USB Flash Drive, then select "Next"
In the new window ensure you Flash drive is selected, if not click on "Refresh" then select "Next"
In the new window accept the formatting alert by selecting "Next"
Files will be Downloaded:
Files will be processed and created
Flash drive will be formatted and prepared
Files will be added to the Flash Drive and the tool will be created.
The procedure is finished and the Tool created, click on "Finish" to complete.
Plug the USB into the sick PC and boot up, if it does not boot from the flash drive change the boot options as required, Use F12 as it boots, change options...
As it boots you`ll see files being loaded and the windows splash screen, eventually the tool will run a "Quick Scan" follow the prompts and deal with what it finds.
When complete do a full scan, deal with what it finds.
When finished, remove the USB stick then press the Esc key
to boot into regular windows.
Navigate to the following file:"C:\Windows\Windows Defender Offline\Support\MPLog-MM/DD/YYYY-HH/MM/SS .txt"
Open with notepad and copy and paste it into a reply.
If the offline tool log is clean run the following:
Please download VEW by Vino Rosso from HERE
and save it to your Desktop.
- Double-click VEW.exe. to start, Vista and Windows 7/8 users Right Click and select "Run as Administrator"
- Under 'Select log to query...check the boxes for both Application and System.
- Under 'Select type to list... select both Error and Critical.
- Click the radio button for 'Number of events...Type 15 in the 1 to 20 box.
- Then click the Run button.
- Notepad will open with the output log. It will take a couple of minutes to generate the log, please be patient.
Please post the Output log in your next reply.