Jump to content

Rootkit Pihar.c Laptop Will Not Boot


Recommended Posts

So you scanned with the rescue cd and it wouldn't boot after that??

See if you can do this:

You have to know whether it's 32 or 64 bit when you do this:

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

MrC

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2012

Ran by SYSTEM at 13-10-2012 16:09:52

Running from F:\

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)

HKLM\...\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()

HKLM\...\Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel® Corporation)

HKLM\...\Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10365952 2011-05-18] (Intel Corporation)

HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)

HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [75064 2011-07-07] ()

HKLM-x32\...\Run: [] [x]

HKLM-x32\...\Run: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)

HKLM-x32\...\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()

HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)

HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2825741 2011-04-29] ()

HKLM-x32\...\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [87336 2010-10-01] (CyberLink Corp.)

HKLM-x32\...\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [50472 2010-09-17] (CyberLink Corp.)

HKLM-x32\...\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-29] (cyberlink)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [887976 2011-08-23] (Ask)

HKLM-x32\...\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" [119152 2010-05-20] (Microsoft Corporation)

HKLM\...\Winlogon: [shell] [x ] ()

Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8

==================== Services (Whitelisted) ===================

2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-06-03] (Intel® Corporation)

3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()

==================== Drivers (Whitelisted) =====================

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2012-10-13 07:29 - 2012-10-13 07:29 - 00000069 ____A C:\Windows\.directory

2012-10-11 21:37 - 2012-10-11 21:37 - 00000000 ___HD C:\$AVG

2012-10-04 09:30 - 2012-10-04 09:30 - 00000000 ____D C:\Users\All Users\Hewlett-Packard

2012-10-04 07:23 - 2012-10-04 07:23 - 00501107 ____A C:\Users\Jacob\Documents\The emancipation proclamation.pptx

2012-10-03 16:37 - 2012-10-04 09:07 - 00249116 ____A C:\Users\Jacob\Documents\Rhetoric Scrapbook.pptx

2012-10-02 09:37 - 2012-10-02 09:37 - 00065146 ____A C:\Users\Jacob\Documents\Food Web.pptx

2012-09-30 12:19 - 2012-09-30 12:19 - 00690076 ____A C:\Users\Jacob\Documents\Recombinant DNA.pptx

2012-09-30 07:49 - 2012-09-30 07:49 - 00262144 ____A C:\Windows\Minidump\093012-26270-01.dmp

2012-09-27 10:07 - 2012-10-06 18:17 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-09-27 10:07 - 2012-10-06 17:33 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-09-27 10:07 - 2012-09-27 10:17 - 00002376 ____A C:\Users\Public\Desktop\Google Chrome.lnk

2012-09-27 10:07 - 2012-09-27 10:08 - 00000000 ____D C:\Users\Jacob\AppData\Local\Google

2012-09-27 10:07 - 2012-09-27 10:07 - 00000000 ____D C:\Program Files (x86)\Google

2012-09-27 10:04 - 2012-09-27 10:04 - 00000000 ____D C:\Windows\SysWOW64\Adobe

2012-09-26 10:03 - 2012-09-26 10:03 - 00299668 ____A C:\Users\Jacob\Documents\Carter and Reagan.pptx

2012-09-26 05:43 - 2012-08-21 13:01 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe

2012-09-23 12:27 - 2012-08-24 03:15 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-09-23 12:27 - 2012-08-24 02:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-09-23 12:27 - 2012-08-24 02:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-09-23 12:27 - 2012-08-24 02:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-09-23 12:27 - 2012-08-24 02:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-09-23 12:27 - 2012-08-24 02:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-09-23 12:27 - 2012-08-24 02:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-09-23 12:27 - 2012-08-24 02:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-09-23 12:27 - 2012-08-24 02:14 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-09-23 12:27 - 2012-08-24 02:14 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-09-23 12:27 - 2012-08-24 02:13 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2012-09-23 12:27 - 2012-08-24 02:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-09-23 12:27 - 2012-08-24 02:11 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2012-09-23 12:27 - 2012-08-24 02:10 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-09-23 12:27 - 2012-08-24 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-09-23 12:27 - 2012-08-24 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-09-23 12:27 - 2012-08-23 23:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-09-23 12:27 - 2012-08-23 23:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-09-23 12:27 - 2012-08-23 22:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-09-23 12:27 - 2012-08-23 22:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-09-23 12:27 - 2012-08-23 22:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-09-23 12:27 - 2012-08-23 22:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-09-23 12:27 - 2012-08-23 22:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-09-23 12:27 - 2012-08-23 22:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-09-23 12:27 - 2012-08-23 22:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-09-23 12:27 - 2012-08-23 22:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2012-09-23 12:27 - 2012-08-23 22:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-09-23 12:27 - 2012-08-23 22:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2012-09-23 12:27 - 2012-08-23 22:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-09-23 12:27 - 2012-08-23 22:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-09-23 12:27 - 2012-08-23 22:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-09-23 12:27 - 2012-08-23 22:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-09-17 07:46 - 2012-09-18 08:55 - 00094816 ____A C:\Users\Jacob\Documents\Presentation1 American Government.pptx

2012-09-14 19:28 - 2012-09-14 19:28 - 00050149 ____A C:\Users\Jacob\Documents\Carbohydrates.pptx

2012-09-14 18:27 - 2012-09-14 18:27 - 00233771 ____A C:\Users\Jacob\Documents\Jacob Joiner’s Constitution.pptx

2012-09-14 16:28 - 2012-08-22 10:12 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2012-09-14 16:28 - 2012-08-22 10:12 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys

2012-09-14 16:28 - 2012-08-22 10:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys

2012-09-14 16:28 - 2012-08-22 10:12 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS

2012-09-14 16:28 - 2012-08-02 09:58 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2012-09-14 16:28 - 2012-08-02 08:57 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2012-09-14 16:28 - 2012-07-04 12:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys

==================== 3 Months Modified Files ==================

2012-10-13 07:29 - 2012-10-13 07:29 - 00000069 ____A C:\Windows\.directory

2012-10-06 18:18 - 2011-11-03 11:35 - 01278955 ____A C:\Windows\WindowsUpdate.log

2012-10-06 18:17 - 2012-09-27 10:07 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-10-06 18:16 - 2011-11-30 14:34 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job

2012-10-06 17:41 - 2009-07-13 20:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-10-06 17:41 - 2009-07-13 20:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-10-06 17:38 - 2009-07-13 21:13 - 00782986 ____A C:\Windows\System32\PerfStringBackup.INI

2012-10-06 17:33 - 2012-09-27 10:07 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-10-06 17:33 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-10-06 17:33 - 2009-07-13 20:51 - 00062350 ____A C:\Windows\setupact.log

2012-10-04 09:07 - 2012-10-03 16:37 - 00249116 ____A C:\Users\Jacob\Documents\Rhetoric Scrapbook.pptx

2012-10-04 07:23 - 2012-10-04 07:23 - 00501107 ____A C:\Users\Jacob\Documents\The emancipation proclamation.pptx

2012-10-02 09:37 - 2012-10-02 09:37 - 00065146 ____A C:\Users\Jacob\Documents\Food Web.pptx

2012-09-30 12:19 - 2012-09-30 12:19 - 00690076 ____A C:\Users\Jacob\Documents\Recombinant DNA.pptx

2012-09-30 07:49 - 2012-09-30 07:49 - 00262144 ____A C:\Windows\Minidump\093012-26270-01.dmp

2012-09-30 07:48 - 2012-09-05 17:20 - 515162839 ____A C:\Windows\MEMORY.DMP

2012-09-27 16:16 - 2010-11-20 19:47 - 00046294 ____A C:\Windows\PFRO.log

2012-09-27 10:17 - 2012-09-27 10:07 - 00002376 ____A C:\Users\Public\Desktop\Google Chrome.lnk

2012-09-26 16:56 - 2009-07-13 21:08 - 00032590 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2012-09-26 10:03 - 2012-09-26 10:03 - 00299668 ____A C:\Users\Jacob\Documents\Carter and Reagan.pptx

2012-09-24 16:36 - 2012-01-23 17:48 - 00022869 ___AH C:\Users\Jacob\Documents\~WRL4002.tmp

2012-09-24 15:28 - 2012-08-17 06:19 - 00018935 ___AH C:\Users\Jacob\Documents\~WRL3679.tmp

2012-09-18 08:55 - 2012-09-17 07:46 - 00094816 ____A C:\Users\Jacob\Documents\Presentation1 American Government.pptx

2012-09-14 23:17 - 2011-11-30 14:34 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2012-09-14 19:28 - 2012-09-14 19:28 - 00050149 ____A C:\Users\Jacob\Documents\Carbohydrates.pptx

2012-09-14 18:27 - 2012-09-14 18:27 - 00233771 ____A C:\Users\Jacob\Documents\Jacob Joiner’s Constitution.pptx

2012-09-10 18:29 - 2012-09-10 10:09 - 00758144 ____A C:\Users\Jacob\Documents\Literary Terms Project.pptx

2012-09-06 06:11 - 2011-11-03 11:47 - 00796420 ____A C:\Windows\SysWOW64\PerfStringBackup.INI

2012-09-05 17:20 - 2012-09-05 17:20 - 00262144 ____A C:\Windows\Minidump\090512-39717-01.dmp

2012-09-05 07:24 - 2012-09-05 07:24 - 01137152 ____A C:\Users\Jacob\Documents\Facebook_sample_page_John Adams.ppt

2012-09-04 10:18 - 2012-08-17 06:19 - 00018839 ___AH C:\Users\Jacob\Documents\~WRL0004.tmp

2012-09-04 08:44 - 2012-09-04 08:44 - 00003891 ____A C:\Users\Jacob\AppData\Local\recently-used.xbel

2012-09-04 07:17 - 2012-09-04 07:17 - 00003286 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology (6)

2012-09-04 07:16 - 2012-09-04 07:16 - 00003283 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology%20~ (1)

2012-08-30 10:03 - 2012-08-30 10:03 - 03537402 ____A C:\Users\Jacob\Documents\John Hancock.pptx

2012-08-30 10:01 - 2012-08-30 10:01 - 00003288 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology~ (1)

2012-08-30 10:01 - 2012-08-30 10:01 - 00000065 ____A C:\Users\Jacob\.gtk-bookmarks

2012-08-30 09:57 - 2012-08-30 09:57 - 00003288 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology~

2012-08-30 09:47 - 2012-08-30 09:47 - 00003286 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology (5)

2012-08-30 09:44 - 2012-08-30 09:44 - 00003286 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology (4)

2012-08-30 09:43 - 2012-08-30 09:43 - 00003286 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology (3)

2012-08-30 06:00 - 2012-08-30 06:00 - 00003283 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology%20~

2012-08-30 05:58 - 2012-08-30 05:57 - 00003283 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology (2)

2012-08-30 05:58 - 2012-08-30 05:57 - 00003283 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology

2012-08-30 05:57 - 2012-08-30 05:57 - 00003283 ____A C:\Users\Jacob\Downloads\Diagram1%20Biology (1)

2012-08-29 10:22 - 2012-08-29 10:22 - 00001940 ____A C:\Users\Jacob\Desktop\Free Music Downloads.lnk

2012-08-29 10:16 - 2012-03-06 18:38 - 16647736 ____A C:\Users\Jacob\Downloads\upd-pcl6-x32-5.4.0.11744.exe

2012-08-24 03:15 - 2012-09-23 12:27 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-08-24 02:39 - 2012-09-23 12:27 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-08-24 02:31 - 2012-09-23 12:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-08-24 02:22 - 2012-09-23 12:27 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-08-24 02:21 - 2012-09-23 12:27 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-08-24 02:20 - 2012-09-23 12:27 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-08-24 02:18 - 2012-09-23 12:27 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-08-24 02:17 - 2012-09-23 12:27 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-08-24 02:14 - 2012-09-23 12:27 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-08-24 02:14 - 2012-09-23 12:27 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-08-24 02:13 - 2012-09-23 12:27 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2012-08-24 02:12 - 2012-09-23 12:27 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-08-24 02:11 - 2012-09-23 12:27 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2012-08-24 02:10 - 2012-09-23 12:27 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-08-24 02:09 - 2012-09-23 12:27 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-08-24 02:04 - 2012-09-23 12:27 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-08-23 23:27 - 2012-09-23 12:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-08-23 23:03 - 2012-09-23 12:27 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-08-23 22:59 - 2012-09-23 12:27 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-08-23 22:51 - 2012-09-23 12:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-08-23 22:51 - 2012-09-23 12:27 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-08-23 22:51 - 2012-09-23 12:27 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-08-23 22:49 - 2012-09-23 12:27 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-08-23 22:48 - 2012-09-23 12:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-08-23 22:47 - 2012-09-23 12:27 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-08-23 22:47 - 2012-09-23 12:27 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2012-08-23 22:47 - 2012-09-23 12:27 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-08-23 22:45 - 2012-09-23 12:27 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2012-08-23 22:44 - 2012-09-23 12:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-08-23 22:44 - 2012-09-23 12:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-08-23 22:43 - 2012-09-23 12:27 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-08-23 22:40 - 2012-09-23 12:27 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-08-22 10:12 - 2012-09-14 16:28 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2012-08-22 10:12 - 2012-09-14 16:28 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys

2012-08-22 10:12 - 2012-09-14 16:28 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys

2012-08-22 10:12 - 2012-09-14 16:28 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS

2012-08-21 13:01 - 2012-09-26 05:43 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe

2012-08-17 23:22 - 2009-07-13 20:45 - 00460056 ____A C:\Windows\System32\FNTCACHE.DAT

2012-08-02 09:58 - 2012-09-14 16:28 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2012-08-02 08:57 - 2012-09-14 16:28 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2012-07-18 10:15 - 2012-08-16 05:41 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

==================== Memory info ===========================

Percentage of memory in use: 11%

Total physical RAM: 6051.17 MB

Available physical RAM: 5356.76 MB

Total Pagefile: 6049.37 MB

Available Pagefile: 5350.77 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:536.11 GB) NTFS

3 Drive f: () (Removable) (Total:1.88 GB) (Free:1.6 GB) FAT

4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

5 Drive y: (Recovery) (Fixed) (Total:14.65 GB) (Free:4.95 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 1928 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 100 MB 1024 KB

Partition 2 Primary 14 GB 101 MB

Partition 3 Primary 581 GB 14 GB

==================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y Recovery NTFS Partition 14 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C OS NTFS Partition 581 GB Healthy

=========================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 1927 MB 126 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F FAT Removable 1927 MB Healthy

=========================================================

Last Boot: 2012-09-27 18:09

==================== End Of Log =============================

Link to post
Share on other sites

You didn't answer this question:

So you scanned with the Kaspersky Boot CD and it wouldn't boot after that??

or you scanned the system with Kaspersky Boot CD because it wouldn't boot??

~~~~~~~~~~~~~~~~~~~~~

Please do this:

  • Download ListParts to a USB flash drive.
  • Download ListParts64to a USB flash drive.
  • Plug the USB drive into the infected machine.

Boot your computer into Recovery Environment

  • Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
  • Select Repair your computer.
  • Select Language and click Next
  • Enter password (if necessary) and click OK, you should now see the screen below ...

W7InstallDisk2.png

  • Select the Command Prompt option.
  • A command window will open.
    • Type notepad then hit Enter.
    • Notepad will open.
      • Click File > Open then select Computer.
      • Note down the drive letter for your USB Drive.
      • Close Notepad.

    [*]Back in the command window ....

    • Type e:\listparts.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
    • Type e:\listparts64.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
    • ListParts will start to run.
      • Press the Scan button.
      • When finished scanning it will make a log Result.txt on the flash drive.

    [*]Close the command window.

    [*]Boot back into normal mode and post me the Result.txt log please.

MrC

Link to post
Share on other sites

ListParts by Farbar Version: 14-10-2012

Ran by SYSTEM (administrator) on 15-10-2012 at 12:51:32

Windows 7 (X64)

Running From: F:\

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 9%

Total physical RAM: 6051.17 MB

Available physical RAM: 5468.67 MB

Total Pagefile: 6049.37 MB

Available Pagefile: 5447.23 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (Recovery) (Fixed) (Total:14.65 GB) (Free:4.95 GB) NTFS

2 Drive d: (OS) (Fixed) (Total:581.42 GB) (Free:536.11 GB) NTFS

4 Drive f: () (Removable) (Total:1.88 GB) (Free:1.6 GB) FAT

5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 1928 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 100 MB 1024 KB

Partition 2 Primary 14 GB 101 MB

Partition 3 Primary 581 GB 14 GB

======================================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

======================================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 C Recovery NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 D OS NTFS Partition 581 GB Healthy

======================================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 1927 MB 126 KB

======================================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F FAT Removable 1927 MB Healthy

======================================================================================================

The boot configuration data store could not be opened.

The requested system device cannot be found.

****** End Of Log ******

Link to post
Share on other sites

UPDATE: Dell tech support claims it may be a system board problem. I just don't know if I can go with this being there is a boot sector virus on the laptop and everything in the diagnostics report (DELL diagnostics run at boot by pressing F12) looked good working order. NO errors on diagnostics report. I think Dell was stumped, but that does not surprise me. It may be system board, but sounds illogical.

Link to post
Share on other sites

OK, the fix is going to be in two parts > this one is using ListParts:

  • Click Start and in the Search Programs and files box type Notepad.exe then hit Enter.
  • An empty Notepad file will open.
  • Copy and paste the contents of the code box below into Notepad.


Disk=0 Partition=2 inactive
Disk=0 Partition=2 active
Disk=0 Partition=2 inactive
Disk=0 Partition=2 active
custom

  • Click Format and ensure Wordwrap is unchecked. <---------------
  • Save as Fix.txt to the flash drive where ListParts is located.

Next

Boot your computer into Recovery Environment

  • Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
  • Select Repair your computer.
  • Select Language and click Next
  • Enter password (if necessary) and click OK, you should now see the screen below ...

W7InstallDisk2.png

  • Select the Command Prompt option.
  • A command window will open.
    • Type notepad then hit Enter.
    • Notepad will open.
      • Click File > Open then select Computer.
      • Note down the drive letter for your USB Drive.
      • Close Notepad.

    [*]Back in the command window ....

    • Type e:\listparts.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
    • Type e:\listparts64.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
    • ListParts will start to run.
      • Press the Fix button.
      • ListParts will process the script in Fix.txt
      • When finished please press the Scan button.
      • A log Result.txt will be saved to the flash drive.

    [*]Close the command window.

    [*]Boot back into normal mode and post me the Result.txt log please.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This will be using FRST:

OK, here you go......Please carefully carry out this procedure!!!!!!

Please download the attached fixlist.txt and copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

~~~~~~~~~~~~~~~~~~~~~~~~

Also after doing the fixes no harm in letting the system restart and let it boot normally and see what you get. Please let the startup repair run fully in case it started to run. Sometimes the startup repair restores the missing boot component. If you get any errors please make note of them and report them.

~~~~~~~~~~~~~~~~~

After you complete those two steps.....we need to see >>>>>

* A fresh ListParts scan with "List BCD" checked, after the fix is done.

* Also the Fixlog.txt from FRST fix.

Good Luck......MrC

Link to post
Share on other sites

This is the log after running the fix.txt the first time:

ListParts by Farbar Version: 14-10-2012

Ran by SYSTEM (administrator) on 16-10-2012 at 11:36:09

Windows 7 (X64)

Running From: F:\

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 9%

Total physical RAM: 6051.17 MB

Available physical RAM: 5462.95 MB

Total Pagefile: 6049.37 MB

Available Pagefile: 5449.01 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (Recovery) (Fixed) (Total:14.65 GB) (Free:4.95 GB) NTFS

2 Drive d: (OS) (Fixed) (Total:581.42 GB) (Free:536.11 GB) NTFS

4 Drive f: () (Removable) (Total:1.88 GB) (Free:1.6 GB) FAT

5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 1928 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 100 MB 1024 KB

Partition 2 Primary 14 GB 101 MB

Partition 3 Primary 581 GB 14 GB

======================================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

======================================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 C Recovery NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 D OS NTFS Partition 581 GB Healthy

======================================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 1927 MB 126 KB

======================================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F FAT Removable 1927 MB Healthy

======================================================================================================

****** End Of Log ******

Link to post
Share on other sites

The later two result logs:

Results.txt:

ListParts by Farbar Version: 14-10-2012

Ran by SYSTEM (administrator) on 16-10-2012 at 11:44:48

Windows 7 (X64)

Running From: F:\

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 9%

Total physical RAM: 6051.17 MB

Available physical RAM: 5448.53 MB

Total Pagefile: 6049.37 MB

Available Pagefile: 5429.3 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (Recovery) (Fixed) (Total:14.65 GB) (Free:4.95 GB) NTFS

2 Drive d: (OS) (Fixed) (Total:581.42 GB) (Free:536.11 GB) NTFS

4 Drive f: () (Removable) (Total:1.88 GB) (Free:1.6 GB) FAT

5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 1928 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 100 MB 1024 KB

Partition 2 Primary 14 GB 101 MB

Partition 3 Primary 581 GB 14 GB

======================================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

======================================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 C Recovery NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 D OS NTFS Partition 581 GB Healthy

======================================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 1927 MB 126 KB

======================================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F FAT Removable 1927 MB Healthy

======================================================================================================

The boot configuration data store could not be opened.

The requested system device cannot be found.

****** End Of Log ******

The fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-10-2012

Ran by SYSTEM at 2012-10-16 11:41:20 Run:1

Running from F:\

==============================================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell Value was restored successfully .

========= dir /a y:\ =========

Volume in drive Y is Recovery

Volume Serial Number is 7037-79F2

Directory of y:\

10/11/2012 10:18 PM <DIR> $RECYCLE.BIN

04/04/2012 11:20 AM 153 ADRInfos.xml

04/30/2004 02:01 PM 53 AUTORUN.INF

10/12/2012 04:40 PM <DIR> Boot

11/20/2010 07:23 PM 383,786 bootmgr

11/30/2011 02:36 PM <DIR> dell

04/28/2009 02:49 PM 7,450 Desktop.ini

11/30/2011 02:36 PM <DIR> Imaging

07/08/2011 07:12 AM 83,264 Info.exe

10/12/2012 01:01 PM <DIR> Kaspersky Rescue Disk 10.0

10/06/2012 05:34 PM 375 MASTER.LOG

11/30/2011 02:36 PM <DIR> preload

04/04/2011 03:08 PM 34,566 protect.arabic

04/04/2011 03:08 PM 117,133 protect.chinese simplified

04/04/2011 03:08 PM 117,641 protect.chinese traditional

04/21/2011 08:51 AM 33,771 protect.croatian

04/04/2011 03:08 PM 33,797 protect.czech

04/21/2011 08:23 AM 33,743 protect.danish

04/04/2011 03:08 PM 119,790 protect.dutch

04/04/2011 03:08 PM 47,233 protect.ed

04/04/2011 03:08 PM 47,233 protect.english

04/04/2011 03:08 PM 33,750 protect.finnish

04/04/2011 03:08 PM 116,015 protect.french

04/04/2011 03:08 PM 116,305 protect.german

04/04/2011 03:08 PM 34,701 protect.greek

04/04/2011 03:08 PM 34,512 protect.hebrew

04/04/2011 03:08 PM 33,842 protect.hungarian

04/04/2011 03:08 PM 115,710 protect.italian

04/04/2011 03:08 PM 117,842 protect.japanese

04/04/2011 03:08 PM 124,495 protect.korean

04/04/2011 03:08 PM 116,195 protect.norwegian

04/04/2011 03:08 PM 33,810 protect.polish

04/04/2011 03:08 PM 33,772 protect.portuguese

04/04/2011 03:08 PM 116,564 protect.portuguese brazilian

04/21/2011 08:51 AM 33,834 protect.romanian

04/04/2011 03:08 PM 34,539 protect.russian

04/21/2011 08:51 AM 33,793 protect.slovak

04/21/2011 08:51 AM 33,774 protect.slovenian

04/04/2011 03:08 PM 116,363 protect.spanish

04/04/2011 03:08 PM 116,404 protect.swedish

04/21/2011 08:51 AM 34,511 protect.thai

04/04/2011 03:08 PM 33,847 protect.turkish

11/30/2011 02:36 PM <DIR> Recovery

11/23/2009 09:58 PM 34,080 SLEEP.EXE

11/30/2011 02:36 PM 2,485 ST_InstallBackup.ini

10/11/2012 09:02 PM <DIR> System Volume Information

10/12/2012 05:24 PM <DIR> Temp

11/03/2011 03:49 PM 494,608 WISLOGS.zip

10/12/2011 10:27 PM 10,703 WisRun.cmd

40 File(s) 3,066,442 bytes

9 Dir(s) 5,314,957,312 bytes free

========= End of CMD: =========

========= dir /a/s y:\boot =========

Volume in drive Y is Recovery

Volume Serial Number is 7037-79F2

Directory of y:\boot

10/12/2012 04:40 PM <DIR> .

10/12/2012 04:40 PM <DIR> ..

04/30/2004 02:01 PM 53 AUTORUN.INF

10/06/2012 05:34 PM 28,672 BCD.Backup.0001

10/06/2012 05:34 PM 25,600 BCD.LOG

11/30/2011 02:36 PM 0 BCD.LOG1

11/03/2011 04:28 PM 0 BCD.LOG1.16258

11/30/2011 02:36 PM 0 BCD.LOG2

11/03/2011 04:28 PM 0 BCD.LOG2.26974

11/30/2011 02:36 PM 65,536 BOOTSTAT.DAT

11/03/2011 04:28 PM 65,536 BOOTSTAT.DAT.20097

11/30/2011 02:36 PM <DIR> cs-CZ

11/30/2011 02:36 PM <DIR> da-DK

11/30/2011 02:36 PM <DIR> de-DE

04/28/2009 02:49 PM 7,450 Desktop.ini

11/30/2011 02:36 PM <DIR> el-GR

11/30/2011 02:36 PM <DIR> en-US

11/30/2011 02:36 PM <DIR> es-ES

11/30/2011 02:36 PM <DIR> fi-FI

11/30/2011 02:36 PM <DIR> Fonts

11/30/2011 02:36 PM <DIR> fr-FR

11/30/2011 02:36 PM <DIR> hu-HU

07/08/2011 07:12 AM 83,264 Info.exe

11/30/2011 02:36 PM <DIR> it-IT

11/30/2011 02:36 PM <DIR> ja-JP

11/30/2011 02:36 PM <DIR> ko-KR

11/20/2010 07:24 PM 485,760 memtest.exe

11/20/2010 07:24 PM 485,760 memtest.exe.6939

11/30/2011 02:36 PM <DIR> nb-NO

11/30/2011 02:36 PM <DIR> nl-NL

11/30/2011 02:36 PM 512 OS.DAT

11/30/2011 02:36 PM <DIR> pl-PL

04/04/2011 03:08 PM 34,566 protect.arabic

04/04/2011 03:08 PM 117,133 protect.chinese simplified

04/04/2011 03:08 PM 117,641 protect.chinese traditional

04/21/2011 08:51 AM 33,771 protect.croatian

04/04/2011 03:08 PM 33,797 protect.czech

04/21/2011 08:23 AM 33,743 protect.danish

04/04/2011 03:08 PM 119,790 protect.dutch

04/04/2011 03:08 PM 47,233 protect.ed

04/04/2011 03:08 PM 47,233 protect.english

04/04/2011 03:08 PM 33,750 protect.finnish

04/04/2011 03:08 PM 116,015 protect.french

04/04/2011 03:08 PM 116,305 protect.german

04/04/2011 03:08 PM 34,701 protect.greek

04/04/2011 03:08 PM 34,512 protect.hebrew

04/04/2011 03:08 PM 33,842 protect.hungarian

04/04/2011 03:08 PM 115,710 protect.italian

04/04/2011 03:08 PM 117,842 protect.japanese

04/04/2011 03:08 PM 124,495 protect.korean

04/04/2011 03:08 PM 116,195 protect.norwegian

04/04/2011 03:08 PM 33,810 protect.polish

04/04/2011 03:08 PM 33,772 protect.portuguese

04/04/2011 03:08 PM 116,564 protect.portuguese brazilian

04/21/2011 08:51 AM 33,834 protect.romanian

04/04/2011 03:08 PM 34,539 protect.russian

04/21/2011 08:51 AM 33,793 protect.slovak

04/21/2011 08:51 AM 33,774 protect.slovenian

04/04/2011 03:08 PM 116,363 protect.spanish

04/04/2011 03:08 PM 116,404 protect.swedish

04/21/2011 08:51 AM 34,511 protect.thai

04/04/2011 03:08 PM 33,847 protect.turkish

11/30/2011 02:36 PM <DIR> pt-BR

11/30/2011 02:36 PM <DIR> pt-PT

11/30/2011 02:36 PM <DIR> ru-RU

11/30/2011 02:36 PM <DIR> sv-SE

11/30/2011 02:36 PM <DIR> tr-TR

11/30/2011 02:36 PM <DIR> zh-CN

11/30/2011 02:36 PM <DIR> zh-HK

11/30/2011 02:36 PM <DIR> zh-TW

44 File(s) 3,297,628 bytes

Directory of y:\boot\cs-CZ

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 89,168 bootmgr.exe.mui

07/13/2009 05:17 PM 89,168 bootmgr.exe.mui.21541

2 File(s) 178,336 bytes

Directory of y:\boot\da-DK

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 87,616 bootmgr.exe.mui

07/13/2009 05:17 PM 87,616 bootmgr.exe.mui.19580

2 File(s) 175,232 bytes

Directory of y:\boot\de-DE

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 91,712 bootmgr.exe.mui

07/13/2009 05:17 PM 91,712 bootmgr.exe.mui.3682

2 File(s) 183,424 bytes

Directory of y:\boot\el-GR

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 94,800 bootmgr.exe.mui

07/13/2009 05:17 PM 94,800 bootmgr.exe.mui.13282

2 File(s) 189,600 bytes

Directory of y:\boot\en-US

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 85,056 bootmgr.exe.mui

07/13/2009 05:17 PM 85,056 bootmgr.exe.mui.32253

11/20/2010 11:06 PM 43,600 memtest.exe.mui

11/20/2010 11:06 PM 43,600 memtest.exe.mui.15176

4 File(s) 257,312 bytes

Directory of y:\boot\es-ES

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,192 bootmgr.exe.mui

07/13/2009 05:17 PM 90,192 bootmgr.exe.mui.3652

2 File(s) 180,384 bytes

Directory of y:\boot\fi-FI

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 89,152 bootmgr.exe.mui

07/13/2009 05:17 PM 89,152 bootmgr.exe.mui.7079

2 File(s) 178,304 bytes

Directory of y:\boot\Fonts

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

06/10/2009 12:31 PM 3,694,080 chs_boot.ttf

06/10/2009 12:31 PM 3,694,080 chs_boot.ttf.11172

06/10/2009 12:31 PM 3,876,772 cht_boot.ttf

06/10/2009 12:31 PM 3,876,772 cht_boot.ttf.12719

06/10/2009 12:31 PM 1,984,228 jpn_boot.ttf

06/10/2009 12:31 PM 1,984,228 jpn_boot.ttf.8762

06/10/2009 12:31 PM 2,371,360 kor_boot.ttf

06/10/2009 12:31 PM 2,371,360 kor_boot.ttf.6789

06/10/2009 12:31 PM 47,452 wgl4_boot.ttf

06/10/2009 12:31 PM 47,452 wgl4_boot.ttf.7693

10 File(s) 23,947,784 bytes

Directory of y:\boot\fr-FR

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 93,248 bootmgr.exe.mui

07/13/2009 05:17 PM 93,248 bootmgr.exe.mui.12202

2 File(s) 186,496 bytes

Directory of y:\boot\hu-HU

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,688 bootmgr.exe.mui

07/13/2009 05:17 PM 90,688 bootmgr.exe.mui.16872

2 File(s) 181,376 bytes

Directory of y:\boot\it-IT

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,704 bootmgr.exe.mui

07/13/2009 05:17 PM 90,704 bootmgr.exe.mui.8923

2 File(s) 181,408 bytes

Directory of y:\boot\ja-JP

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 76,352 bootmgr.exe.mui

07/13/2009 05:17 PM 76,352 bootmgr.exe.mui.12846

2 File(s) 152,704 bytes

Directory of y:\boot\ko-KR

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 75,344 bootmgr.exe.mui

07/13/2009 05:17 PM 75,344 bootmgr.exe.mui.16933

2 File(s) 150,688 bytes

Directory of y:\boot\nb-NO

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 88,144 bootmgr.exe.mui

07/13/2009 05:17 PM 88,144 bootmgr.exe.mui.28050

2 File(s) 176,288 bytes

Directory of y:\boot\nl-NL

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,704 bootmgr.exe.mui

07/13/2009 05:17 PM 90,704 bootmgr.exe.mui.13910

2 File(s) 181,408 bytes

Directory of y:\boot\pl-PL

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,704 bootmgr.exe.mui

07/13/2009 05:17 PM 90,704 bootmgr.exe.mui.21252

2 File(s) 181,408 bytes

Directory of y:\boot\pt-BR

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,176 bootmgr.exe.mui

07/13/2009 05:17 PM 90,176 bootmgr.exe.mui.12730

2 File(s) 180,352 bytes

Directory of y:\boot\pt-PT

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 89,664 bootmgr.exe.mui

07/13/2009 05:17 PM 89,664 bootmgr.exe.mui.27207

2 File(s) 179,328 bytes

Directory of y:\boot\ru-RU

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 90,192 bootmgr.exe.mui

07/13/2009 05:17 PM 90,192 bootmgr.exe.mui.10689

2 File(s) 180,384 bytes

Directory of y:\boot\sv-SE

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 87,616 bootmgr.exe.mui

07/13/2009 05:17 PM 87,616 bootmgr.exe.mui.14948

2 File(s) 175,232 bytes

Directory of y:\boot\tr-TR

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 87,104 bootmgr.exe.mui

07/13/2009 05:17 PM 87,104 bootmgr.exe.mui.15354

2 File(s) 174,208 bytes

Directory of y:\boot\zh-CN

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 70,720 bootmgr.exe.mui

07/13/2009 05:17 PM 70,720 bootmgr.exe.mui.31404

2 File(s) 141,440 bytes

Directory of y:\boot\zh-HK

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 70,224 bootmgr.exe.mui

07/13/2009 05:17 PM 70,224 bootmgr.exe.mui.6762

2 File(s) 140,448 bytes

Directory of y:\boot\zh-TW

11/30/2011 02:36 PM <DIR> .

11/30/2011 02:36 PM <DIR> ..

07/13/2009 05:17 PM 70,208 bootmgr.exe.mui

07/13/2009 05:17 PM 70,208 bootmgr.exe.mui.29987

2 File(s) 140,416 bytes

Total Files Listed:

102 File(s) 31,291,588 bytes

74 Dir(s) 5,314,957,312 bytes free

========= End of CMD: =========

==== End of Fixlog ====

Link to post
Share on other sites

Now I get a different error message when booting:

Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:

1. Insert windows cd....

2. choose your language settings

3. click "repair your computer"

File: \boot\BCD

Status: 0xc000000f

Info: An error occurred while attempting to read the boot configuration data

When I try to do what it said, the startup repair still does not work.

Link to post
Share on other sites

I found the fix!!!!

http://think-like-a-computer.com/2012/04/17/boot-bcd-0xc000000f-windows-7/

Also, you have to include a cute little fix when bcdboot c:\windows does not work. VERY IMPORTANT!!!

http://www.techrecyclebin.com/2011/09/bcdboot-failure-when-attempting-to-copy.html

Thanks so much for all the help!!!! Now, to destroying the pesty pihar.c!

I've booted into Windows now for the first time since over a week ago!!!

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.