Jump to content

Computer won't even boot.


JustJen

Recommended Posts

Hello I think I a virus got to my MBR and now it won't boot. I can not run any of your scans because my computer won't boot. System refresh won't work neither will restore. I have went into the command prompt and tried to have it repair the MBR with no success. Just wondering if they is any thing else if can try. It is Windows 8.1 on a dell inspiron tower.

Thanks.

Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.

  • Plug the flashdrive into the infected PC.
  • Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computer
  • Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.
  • In the Choose Recovery Tool menu select Command Prompt.
  • You will see a big black window with a blinking cursor (command prompt).

    notepad.png Access the notepad and identify your USB drive

    In the Command Prompt please type in:

    notepad
    and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.

    FRST.gif Scan with Farbar Recovery Scan Tool

    Once back in the command prompt window, please do the following:

  • Type in e:\frst64.exe and press Enter.

    You need to replace e with the letter of your USB drive taken from notepad!

  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

    Transfer it to your clean machine and include it in your next reply.

Link to post
Share on other sites

Thank you so much for helping.  I have  the log you requested.

 

Jen

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
Ran by SYSTEM on MININT-9DHE3BI (30-11-2015 20:23:48)
Running from D:\
Platform: WIN_81 (X64) Language: English (United States)
Boot Mode: Recovery
ATTENTION: Could not load system hive.
The operation completed successfully.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Winlogon: [userinit]
HKLM-x32\...\Winlogon: [userinit]  [X]
HKLM\...\Winlogon: [shell]  [0 ] () <=== ATTENTION
HKLM-x32\...\Winlogon: [shell]  [0 ] () <=== ATTENTION
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI]  <==== ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-30 20:23 - 2015-11-30 20:23 - 00000000 ____D C:\FRST
2015-11-22 13:12 - 2015-11-29 22:23 - 00000000 _____ C:\Recovery.txt
2015-11-20 07:21 - 2015-11-20 07:21 - 00000000 ____D C:\Windows\SMINST
2015-11-20 07:19 - 2015-11-20 07:19 - 00000000 ____D C:\System Recovery

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-20 07:25 - 2015-05-05 09:08 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ___RD C:\Windows\DesktopTileResources
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\FileManager
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Cursors
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Camera
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\addins
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-11-20 07:25 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS
2015-11-20 07:23 - 2014-11-20 20:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\Services
2015-11-20 07:21 - 2015-05-05 11:14 - 00000000 ____D C:\DELL
2015-11-20 07:21 - 2015-05-05 08:50 - 00000000 ____D C:\Intel

==================== Known DLLs (Whitelisted) =========================

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION
C:\Windows\explorer.exe
[2014-11-20 21:14] - [2014-11-20 21:14] - 2501368 ____A (Microsoft Corporation) 85D47EB257B06094F052E0C8AEFA3BEE

C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION
C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION
C:\Windows\System32\dnsapi.dll IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\dnsapi.dll IS MISSING <==== ATTENTION
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION
C:\Windows\System32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION

==================== EXE Association (Whitelisted) =============

HKLM\...\.exe:  =>  <===== ATTENTION
HKLM\...\exefile\DefaultIcon:  <===== ATTENTION
HKLM\...\exefile\open\command:  <===== ATTENTION

==================== Restore Points =========================

==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 8108.93 MB
Available physical RAM: 7491.77 MB
Total Virtual: 8108.93 MB
Available Virtual: 7517.03 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.71 GB) (Free:908.03 GB) NTFS
Drive d: (Lexar) (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0A73DD9C)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

==================== End of FRST.txt ============================

Link to post
Share on other sites

Hi.  Here is the second scan.  Thanks again.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
Ran by SYSTEM on MININT-0OVKUAQ (02-12-2015 19:05:50)
Running from d:\
Platform: WIN_81 (X64) Language: English (United States)
Boot Mode: Recovery
ATTENTION: Could not load system hive.
The operation completed successfully.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Winlogon: [userinit]
HKLM-x32\...\Winlogon: [userinit]  [X]
HKLM\...\Winlogon: [shell]  [0 ] () <=== ATTENTION
HKLM-x32\...\Winlogon: [shell]  [0 ] () <=== ATTENTION
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI]  <==== ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-30 20:23 - 2015-12-02 19:05 - 00000000 ____D C:\FRST
2015-11-22 13:12 - 2015-12-02 19:04 - 00000000 _____ C:\Recovery.txt
2015-11-20 07:21 - 2015-11-20 07:21 - 00000000 ____D C:\Windows\SMINST
2015-11-20 07:19 - 2015-11-20 07:19 - 00000000 ____D C:\System Recovery

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-20 07:25 - 2015-05-05 09:08 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ___RD C:\Windows\DesktopTileResources
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\FileManager
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Cursors
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Camera
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\addins
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-11-20 07:25 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-11-20 07:25 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS
2015-11-20 07:23 - 2014-11-20 20:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-20 07:23 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\Services
2015-11-20 07:21 - 2015-05-05 11:14 - 00000000 ____D C:\Windows\Panther
2015-11-20 07:21 - 2015-05-05 11:14 - 00000000 ____D C:\DELL
2015-11-20 07:21 - 2015-05-05 09:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-11-20 07:21 - 2015-05-05 09:10 - 00000000 ____D C:\ProgramData\Aviata
2015-11-20 07:21 - 2015-05-05 09:05 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-11-20 07:21 - 2015-05-05 09:05 - 00000000 ____D C:\Program Files\mcafee.com
2015-11-20 07:21 - 2015-05-05 09:05 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2015-11-20 07:21 - 2015-05-05 09:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-11-20 07:21 - 2015-05-05 09:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PCDr
2015-11-20 07:21 - 2015-05-05 09:04 - 00000000 ____D C:\ProgramData\PCDr
2015-11-20 07:21 - 2015-05-05 09:04 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-11-20 07:21 - 2015-05-05 09:04 - 00000000 ____D C:\Program Files\Dell Support Center
2015-11-20 07:21 - 2015-05-05 09:01 - 00000000 ____D C:\Windows\Options
2015-11-20 07:21 - 2015-05-05 09:00 - 00000000 ____D C:\Windows\System32\SRSLabs
2015-11-20 07:21 - 2015-05-05 09:00 - 00000000 ____D C:\Windows\LastGood
2015-11-20 07:21 - 2015-05-05 09:00 - 00000000 ____D C:\Program Files\Realtek
2015-11-20 07:21 - 2015-05-05 08:59 - 00000000 ____D C:\Users\Administrator\Intel
2015-11-20 07:21 - 2015-05-05 08:59 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2015-11-20 07:21 - 2015-05-05 08:59 - 00000000 ____D C:\ProgramData\Intel
2015-11-20 07:21 - 2015-05-05 08:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-11-20 07:21 - 2015-05-05 08:58 - 00000000 ____D C:\Users\Public\CyberLink
2015-11-20 07:21 - 2015-05-05 08:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\CyberLink
2015-11-20 07:21 - 2015-05-05 08:56 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-20 07:21 - 2015-05-05 08:53 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-11-20 07:21 - 2015-05-05 08:50 - 00000000 ____D C:\Intel
2015-11-20 07:21 - 2014-12-19 00:53 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-20 07:21 - 2014-12-19 00:53 - 00000000 ____D C:\Program Files\MSBuild
2015-11-20 07:21 - 2014-12-19 00:53 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-20 07:21 - 2014-12-19 00:53 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-20 07:21 - 2014-11-21 04:38 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-11-20 07:21 - 2014-11-20 20:20 - 00000000 ____D C:\Windows\SKB
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\System32\winrm
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\System32\WCN
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\System32\slmgr
2015-11-20 07:21 - 2014-11-20 19:50 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2015-11-20 07:21 - 2013-08-22 07:43 - 00000000 ____D C:\Windows\DigitalLocker
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ___SD C:\Windows\System32\dsc
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ___SD C:\Windows\System32\Configuration
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\WinStore
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Web
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Vss
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\MsDtc
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\Licenses
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\InputMethod
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\IME
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\winevt
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\WindowsInternal.Inbox.Shared
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\WindowsInternal.Inbox.Media.Shared
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\SystemResetPlatform
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\spool
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\setup
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\MUI
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\MsDtc
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\Macromed
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\lv-LV
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\lt-LT
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\Licenses
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\InputMethod
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\IME
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\et-EE
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\en-GB
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\Com
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\security
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Resources
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Registration
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\PLA
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Performance
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\InputMethod
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\IME
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Help
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Globalization
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Branding
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppCompat
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows NT
2015-11-20 07:21 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-11-20 07:21 - 2013-08-22 06:45 - 00000000 ____D C:\Windows\Setup
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\SysWOW64\SMI
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\Sysprep
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\SMI
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\oobe
2015-11-20 07:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\Dism

==================== Known DLLs (Whitelisted) =========================

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION
C:\Windows\explorer.exe
[2014-11-20 21:14] - [2014-11-20 21:14] - 2501368 ____A (Microsoft Corporation) 85D47EB257B06094F052E0C8AEFA3BEE

C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION
C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION
C:\Windows\System32\dnsapi.dll IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\dnsapi.dll IS MISSING <==== ATTENTION
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION
C:\Windows\System32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION

==================== EXE Association (Whitelisted) =============

HKLM\...\.exe:  =>  <===== ATTENTION
HKLM\...\exefile\DefaultIcon:  <===== ATTENTION
HKLM\...\exefile\open\command:  <===== ATTENTION

==================== Restore Points =========================

==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 8108.93 MB
Available physical RAM: 7486.98 MB
Total Virtual: 8108.93 MB
Available Virtual: 7514.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.71 GB) (Free:908.06 GB) NTFS
Drive d: (Lexar) (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0A73DD9C)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

==================== End of FRST.txt ============================

Link to post
Share on other sites

Thanks for trying. Do you have any idea as to what would cause this? My computer is new and did not come with any recovery disks, do I need to buy a new copy of Windows? Most everything on my computer was backed up but I did have a couple of photos that were not yet backed up, are they gone forever?

Jen

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.