Jump to content

MoneyPak FBI Spyware - FRST log attached


Recommended Posts

Hi can anyone help me with what I need to enter into the removal file?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-01-2013 02 (ATTENTION: FRST version is 7 days old)

Ran by SYSTEM at 28-01-2013 13:50:24

Running from F:\

Windows 7 Professional (X86) OS Language: English(US)

The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [7739936 2009-09-11] (Realtek Semiconductor)

HKLM\...\Run: [OfficeScanNT Monitor] "c:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow [x]

HKLM\...\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [206336 2010-05-20] (Microsoft)

HKLM\...\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [63048 2010-09-17] (LogMeIn, Inc.)

HKLM\...\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [210472 2006-10-25] (Nuance Communications, Inc.)

HKLM\...\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [29984 2008-07-09] (Nuance Communications, Inc.)

HKLM\...\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [46368 2008-07-09] (Nuance Communications, Inc.)

HKLM\...\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" [346 2013-01-28] ()

HKLM\...\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM\...\Run: [brStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN [2621440 2010-02-09] (Brother Industries, Ltd.)

HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)

HKLM\...\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)

HKLM\...\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-06-15] (Apple Inc.)

HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [1821576 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)

HKLM\...\Run: [] [x]

HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1557160 2012-04-09] (Ask)

HKLM\...\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" [771360 2009-11-11] (Apple Inc.)

HKU\Andrea_2\...\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US [4331392 2012-05-30] (AOL Inc.)

HKU\Andrea_2\...\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R [95744 2010-07-02] (j2 Global Communications, Inc.)

HKU\Andrea_2\...\Run: [Google Update] "C:\Users\Andrea_2\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-05-13] (Google Inc.)

HKU\Andrea_2\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-05-19] (Google Inc.)

HKU\Andrea_2\...\Run: [googletalk] C:\Users\Andrea_2\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)

HKU\Andrea_2\...\Run: [YouSendIt.exe] C:\Program Files\YouSendIt\Express\YouSendIt.exe -ui none [198144 2012-04-10] (YouSendIt)

HKU\Andrea_2\...\Run: [{A8B7C6C0-1FFD-AD40-E983-4FDFD0246CC2}] C:\Users\Andrea_2\AppData\Roaming\Dipab\goza.exe [x]

HKU\Andrea_2\...\Winlogon: [shell] C:\Users\Andrea_2\AppData\Roaming\ldr.mcb,explorer.exe [x]

HKLM\...\RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-04] (Microsoft)

Tcpip\Parameters: [DhcpNameServer] 167.206.245.129 167.206.245.130

Tcpip\..\Interfaces\{CC91623A-69EB-4DB9-B18E-DC2CB196EFAE}: [NameServer]8.8.8.8

IMEO\ehshell.exe: [Debugger] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" -MceShellRedirect

Startup: C:\Users\Andrea_2\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> (No File)

Startup: C:\Users\Andrea_2\Start Menu\Programs\Startup\eFax 4.4.lnk

ShortcutTarget: eFax 4.4.lnk -> C:\Program Files\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)

==================== Services (Whitelisted) ===================

2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)

2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [428640 2011-04-01] (Logitech Inc.)

2 ntrtscan; "c:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe" [x]

2 svcGenericHost; "c:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe" [x]

3 TMBMServer; "c:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service [x]

2 tmlisten; "c:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe" [x]

3 TmPfw; "c:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe" [x]

3 TmProxy; "c:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe" [x]

==================== Drivers (Whitelisted) ====================

3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)

3 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [59472 2010-07-19] (Trend Micro Inc.)

2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [163408 2010-07-19] (Trend Micro Inc.)

3 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [51792 2010-07-19] (Trend Micro Inc.)

1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [146448 2009-07-15] (Trend Micro Inc.)

1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [89872 2009-07-15] (Trend Micro Inc.)

2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [283152 2009-07-15] (Trend Micro Inc.)

4 LMIRfsClientNP; [x]

2 TmFilter; \??\c:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys [x]

2 TmPreFilter; \??\c:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys [x]

2 VSApiNt; \??\c:\Program Files\Trend Micro\Client Server Security Agent\VSApiNt.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-01-28 13:48 - 2013-01-28 13:48 - 00000000 ____D C:\FRST

2013-01-18 20:59 - 2013-01-18 20:59 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-01-14 20:51 - 2013-01-04 07:32 - 06029824 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-01-08 20:53 - 2012-12-07 04:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll

2013-01-08 20:53 - 2012-12-07 04:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll

2013-01-08 20:53 - 2012-12-07 02:46 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs

2013-01-08 20:53 - 2012-12-07 02:46 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs

2013-01-08 20:53 - 2012-11-29 20:53 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll

2013-01-08 20:53 - 2012-11-29 20:47 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll

2013-01-08 20:53 - 2012-11-29 20:47 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 18:55 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe

2013-01-08 20:53 - 2012-11-29 18:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 18:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 18:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 18:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

2013-01-08 20:53 - 2012-11-29 15:17 - 00420064 ____A C:\Windows\System32\locale.nls

2013-01-08 20:53 - 2012-11-22 18:56 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-01-08 20:53 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll

2013-01-08 20:53 - 2012-11-08 20:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll

2013-01-08 20:53 - 2012-10-31 20:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2013-01-08 20:52 - 2012-11-22 18:48 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe

2013-01-08 20:52 - 2012-11-19 20:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

==================== One Month Modified Files and Folders ========

2013-01-28 13:48 - 2013-01-28 13:48 - 00000000 ____D C:\FRST

2013-01-28 10:32 - 2009-07-13 20:55 - 01758866 ____A C:\Windows\WindowsUpdate.log

2013-01-28 10:30 - 2011-05-13 06:38 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2644776442-2140703191-2769367311-1003UA.job

2013-01-28 10:30 - 2011-04-07 11:22 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job

2013-01-28 10:21 - 2011-05-19 11:20 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-01-28 10:21 - 2011-05-16 06:49 - 00000000 ___RD C:\Users\Andrea_2\Dropbox

2013-01-28 10:21 - 2011-05-16 06:43 - 00000000 ____D C:\Users\Andrea_2\AppData\Roaming\Dropbox

2013-01-28 10:12 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-01-28 10:12 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-01-28 10:09 - 2011-05-19 11:20 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-01-28 10:03 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-01-28 10:03 - 2009-07-13 20:39 - 00030716 ____A C:\Windows\setupact.log

2013-01-28 09:53 - 2011-05-11 08:07 - 00000000 ___HD C:\users\Andrea_2

2013-01-28 06:06 - 2011-04-11 07:28 - 00000000 ____D C:\Users\All Users\LogMeIn

2013-01-27 20:30 - 2011-05-13 06:38 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2644776442-2140703191-2769367311-1003Core.job

2013-01-25 06:04 - 2011-05-16 06:49 - 00001031 ____A C:\Users\Andrea_2\Desktop\Dropbox.lnk

2013-01-21 06:06 - 2012-04-25 12:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2013-01-18 20:59 - 2013-01-18 20:59 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-01-18 16:59 - 2011-04-07 11:22 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2013-01-18 08:50 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\System32\FxsTmp

2013-01-09 01:01 - 2012-11-29 00:53 - 00000000 ____D C:\Windows\rescache

2013-01-09 00:31 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET

2013-01-09 00:24 - 2009-07-13 20:33 - 00419592 ____A C:\Windows\System32\FNTCACHE.DAT

2013-01-09 00:06 - 2011-04-08 12:14 - 00000000 ____D C:\Users\All Users\Microsoft Help

2013-01-09 00:04 - 2011-03-09 11:15 - 00769794 ____A C:\Windows\System32\PerfStringBackup.INI

2013-01-09 00:00 - 2011-08-24 10:58 - 65273848 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-01-04 07:32 - 2013-01-14 20:51 - 06029824 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-12-31 09:53 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF

2012-12-31 09:51 - 2012-08-27 12:06 - 00000375 ____A C:\Windows\System32\Drivers\etc\hosts.ics

ZeroAccess:

C:\$Recycle.Bin\S-1-5-21-2644776442-2140703191-2769367311-1003\$e172a84454289e79b697351312f8068d

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-01-16 14:08:59

Restore point made on: 2013-01-18 04:04:14

Restore point made on: 2013-01-22 00:53:54

==================== Memory info ===========================

Percentage of memory in use: 12%

Total physical RAM: 4060.8 MB

Available physical RAM: 3556.93 MB

Total Pagefile: 4059.08 MB

Available Pagefile: 3563.84 MB

Total Virtual: 2047.88 MB

Available Virtual: 1960.68 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:221.64 GB) (Free:61.82 GB) NTFS

2 Drive e: (LONGITUDE 2013) (CDROM) (Total:0.71 GB) (Free:0 GB) UDF

3 Drive f: (Cruzer) (Removable) (Total:7.47 GB) (Free:7.37 GB) FAT32

4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

5 Drive y: (RECOVERY) (Fixed) (Total:11.15 GB) (Free:6.51 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 0 B

Disk 1 Online 7663 MB 0 B

Partitions of Disk 0:

===============

Disk ID: C648A420

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 39 MB 31 KB

Partition 2 Primary 11 GB 40 MB

Partition 3 Primary 221 GB 11 GB

=========================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 FAT Partition 39 MB Healthy Hidden

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y RECOVERY NTFS Partition 11 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C OS NTFS Partition 221 GB Healthy

=========================================================

Partitions of Disk 1:

===============

Disk ID: 00000000

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 7655 MB 22 KB

=========================================================

Disk: 1

Partition 1

Type : 0B

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F Cruzer FAT32 Removable 7655 MB Healthy

=========================================================

Last Boot: 2013-01-23 21:59

==================== End Of Log ============================

Link to post
Share on other sites

OK, here you go......Please carefully carry out this procedure!!!!!!

Please download the attached fixlist.txt and copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if the computer boots normally now.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.