[GeoffB]

About a week ago I noticed that every time I tried to do a Google search I would be redirected to another website. After a little research I realized my computer had been infected with a redirect virus/malware. Looking into it a little further (apparently not far enough however) I read a few related incidents where Hitman Pro would eliminate the issue. Unfortunately for me, and as it appears many more out there it also eliminated the ability for my OS to properly boot. Upon booting up my computer I'm instructed to run Windows Start up Repair. I've ran the Start up Repair application numerous times with the outcome always being the same "Start up Repair cannot repair this computer automatically". This is what I get after the Start up Repair fails to correct the problem under "Problem Details":

Problem signature:
Problem Event Name: StartupRepairOffline
Problem Signature 01: 6.1.7600.16385
Problem Signature 02: 6.1.7600.16385
Problem Signature 03: unknown
Problem Signature 04: 21201032
Problem Signature 05: AutoFailOver
Problem Signature 06: 20
Problem Signature 07: NoRootCause
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

I've also tried the Advanced System Recovery Options (i.e. system restore etc), whenever I try System Restore it tells me that no Restore Points have been created. I do not have the installation CD since the OS came loaded on the computer when I purchased it. I would really like to stay away from using the Recovery CD if I can since I have numerous important work files I would like to retrieve first before completely wiping out a partition.

My computer is an ASUS UL50AG-A2 using Windows 7 Home Premium (64-bit). The two discs that came with my computer are the ASUS Driver & Utility Ver 1.0 and the ASUS Windows 7 Recovery Media for Windows 7 Products. Any help would be greatly appreciated as I've come to the end of the road with no other viable options. FYI, I'm not the most computer savvy person so screen shots are always a plus if you think there might be something that could be confusing.

[Advertisements]

You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save to your USB drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save to your USB drive.

Plug the flashdrive into the infected PC.

Booting your PC to Command Promp

• Restart your PC, press and hold the F8 key as it restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.
• On the Advanced Boot Options screen, use the arrow keys to highlight Repair your computer, and then press Enter.
• Select a keyboard layout, and then click Next.
• On the System Recovery Options menu, click on Command Prompt

Running FRST

• In the command window type in "notepad" and press theEnter key.The notepad should open.
• Under File menu select "Open".
• Select "Computer" and locate your flash drive. Make a note of the drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64.exe) and press Enter
• Note: Replace letter e with the drive letter of your flash drive (from step 3 above).
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.

It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

[azarl]

You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save to your USB drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save to your USB drive.

Plug the flashdrive into the infected PC.

Booting your PC to Command Promp

• Restart your PC, press and hold the F8 key as it restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.
• On the Advanced Boot Options screen, use the arrow keys to highlight Repair your computer, and then press Enter.
• Select a keyboard layout, and then click Next.
• On the System Recovery Options menu, click on Command Prompt

Running FRST

• In the command window type in "notepad" and press theEnter key.The notepad should open.
• Under File menu select "Open".
• Select "Computer" and locate your flash drive. Make a note of the drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64.exe) and press Enter
• Note: Replace letter e with the drive letter of your flash drive (from step 3 above).
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.

It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

[GeoffB]

First off, thank you for getting back to me so quickly I know you probably have better things to be doing during the holiday season. As requested here are the results from the Farbar Recovery Scan:

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-25 13:21:12
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL [59248 2011-05-26] (Microsoft Corporation)
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [162328 2011-02-11] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2011-02-11] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [417304 2011-02-11] (Intel Corporation)
HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [196648 2009-12-04] (ActivIdentity)
HKLM\...\Run: [] [x]
HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [489512 2010-10-27] (ActivIdentity)
HKLM-x32\...\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL [32112 2011-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1486392 2011-06-28] (McAfee, Inc.)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [5607080 2011-05-10] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-07] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-10-09] (Apple Inc.)
HKU\Geoff\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11

==================== Services (Whitelisted) ======

2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-02] (ActivIdentity)
2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 FastBootAgent; "C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe" [306232 2009-07-23] (ASUSTeK Computer Inc.)
2 HitmanPro35CrusaderBoot; "C:\Users\Geoff\Desktop\HitmanPro35_x64.exe" /crusader:boot [7514432 2011-11-21] (SurfRight B.V.)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
2 McAfee SiteAdvisor Service; "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe" [102608 2011-08-10] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [509416 2010-10-07] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [200056 2011-04-13] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [245352 2011-04-13] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [149032 2011-04-13] (McAfee, Inc.)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [64856 2009-02-26] (Microsoft Corporation)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG)
2 SDFirewallService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe [3585696 2011-05-10] (Safer-Networking Ltd.)
2 SDMonitorService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe [3834456 2011-05-10] (Safer-Networking Ltd.)
2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3515656 2011-05-10] (Safer-Networking Ltd.)
2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3769048 2011-05-10] (Safer-Networking Ltd.)
2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [167040 2011-05-10] (Safer-Networking Ltd.)

========================== Drivers (Whitelisted) =============

2 ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
3 cfwids; C:\Windows\System32\drivers\cfwids.sys [63056 2011-04-13] (McAfee, Inc.)
4 hitmanpro35; \??\C:\Windows\system32\drivers\hitmanpro35.sys [25160 2011-11-21] ()
3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-05-21] ()
3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121376 2011-04-13] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190520 2011-04-13] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441840 2011-04-13] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [530304 2011-04-13] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75160 2011-04-13] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94992 2011-04-13] (McAfee, Inc.)
3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-11-03] (McAfee, Inc.)
3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-11-03] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283744 2011-04-13] (McAfee, Inc.)
3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] ()
1 ASPI32; [x]
3 mfeavfk01; [x]
3 tmlwf; [x]
3 tmwfp; [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-25 13:21 - 2011-11-25 13:21 - 0000000 ____D C:\FRST
2011-11-21 11:44 - 2011-11-21 11:44 - 0002268 ____A C:\Windows\System32\.crusader
2011-11-21 11:38 - 2011-11-21 11:44 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-21 11:38 - 2011-11-21 11:44 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-21 11:38 - 2011-11-21 11:38 - 0025160 ____A C:\Windows\System32\Drivers\hitmanpro35.sys
2011-11-21 11:38 - 2011-11-21 11:38 - 0001976 ____A C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
2011-11-21 11:38 - 2011-11-21 11:38 - 0000000 ____D C:\Program Files\Hitman Pro 3.5
2011-11-21 11:36 - 2011-11-21 11:37 - 7514432 ____A (SurfRight B.V.) C:\Users\Geoff\Desktop\HitmanPro35_x64.exe
2011-11-21 11:25 - 2011-11-21 11:25 - 0000797 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2011-11-21 11:18 - 2011-11-21 11:18 - 0000146 ____A C:\Users\Administrator\AppData\Roaming\WebThread.log
2011-11-21 11:18 - 2011-11-21 11:18 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2011-11-21 11:18 - 2011-11-21 11:18 - 0000000 ____D C:\Users\Administrator\AppData\Local\SRS Labs
2011-11-21 11:17 - 2011-11-21 11:17 - 0129984 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2011-11-21 11:17 - 2011-11-21 11:17 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2011-11-21 11:16 - 2011-11-21 11:17 - 0000174 ___SH C:\Users\Administrator\Start Menu\Programs\Startup\desktop.ini
2011-11-21 11:16 - 2011-11-21 11:17 - 0000174 ___SH C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-11-21 11:16 - 2011-11-21 11:16 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Yahoo!
2011-11-21 11:16 - 2011-11-21 11:16 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2011-11-21 11:15 - 2011-11-21 11:23 - 0000000 ____D C:\Users\Administrator\AppData\LocalLow
2011-11-21 11:15 - 2011-11-21 11:16 - 0000000 ____D C:\users\Administrator
2011-11-21 11:15 - 2011-11-21 11:15 - 0000020 __ASH C:\Users\Administrator\ntuser.ini
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Templates
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Start Menu
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\PrintHood
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\NetHood
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\My Documents
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Documents\My Videos
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Documents\My Pictures
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Documents\My Music
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\AppData\Local\Temporary Internet Files
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\AppData\Local\History
2011-11-21 11:15 - 2009-12-14 16:21 - 0000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2011-11-21 11:15 - 2009-07-13 23:44 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2011-11-16 22:56 - 2011-08-29 21:25 - 14173184 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2011-11-16 22:55 - 2011-08-29 20:21 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2011-11-16 11:59 - 2011-11-16 11:59 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-16 09:18 - 2011-11-16 09:18 - 0000000 __SHD C:\Users\Geoff\AppData\Local\a4633784
2011-11-14 16:44 - 2011-11-14 08:15 - 0016432 ____A C:\Windows\System32\lsdelete.exe
2011-11-14 12:13 - 2011-11-03 11:06 - 0069376 ____A (Lavasoft AB) C:\Windows\System32\Drivers\Lbd.sys
2011-11-09 13:14 - 2011-09-29 08:29 - 1923952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-09 13:14 - 2011-09-28 20:03 - 3144704 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-01 23:09 - 2011-11-01 23:09 - 0044436 ____A C:\Users\Geoff\Desktop\312162_10150377356129872_367822059871_7967561_2086145894_n.jpg

============ 3 Months Modified Files and Folders =============

2011-11-25 13:21 - 2011-11-25 13:21 - 0000000 ____D C:\FRST
2011-11-21 11:46 - 2010-08-15 23:18 - 0000880 ____A C:\Windows\Tasks\Google Software Updater.job
2011-11-21 11:45 - 2009-09-27 23:00 - 1757324 ____A C:\Windows\WindowsUpdate.log
2011-11-21 11:44 - 2011-11-21 11:44 - 0002268 ____A C:\Windows\System32\.crusader
2011-11-21 11:44 - 2011-11-21 11:38 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-21 11:44 - 2011-11-21 11:38 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-21 11:38 - 2011-11-21 11:38 - 0025160 ____A C:\Windows\System32\Drivers\hitmanpro35.sys
2011-11-21 11:38 - 2011-11-21 11:38 - 0001976 ____A C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
2011-11-21 11:38 - 2011-11-21 11:38 - 0000000 ____D C:\Program Files\Hitman Pro 3.5
2011-11-21 11:37 - 2011-11-21 11:36 - 7514432 ____A (SurfRight B.V.) C:\Users\Geoff\Desktop\HitmanPro35_x64.exe
2011-11-21 11:25 - 2011-11-21 11:25 - 0000797 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2011-11-21 11:25 - 2009-07-13 18:34 - 0000797 ____A C:\Windows\System32\Drivers\etc\hosts
2011-11-21 11:23 - 2011-11-21 11:15 - 0000000 ____D C:\Users\Administrator\AppData\LocalLow
2011-11-21 11:21 - 2010-03-29 08:55 - 0000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-11-21 11:18 - 2011-11-21 11:18 - 0000146 ____A C:\Users\Administrator\AppData\Roaming\WebThread.log
2011-11-21 11:18 - 2011-11-21 11:18 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2011-11-21 11:18 - 2011-11-21 11:18 - 0000000 ____D C:\Users\Administrator\AppData\Local\SRS Labs
2011-11-21 11:17 - 2011-11-21 11:17 - 0129984 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2011-11-21 11:17 - 2011-11-21 11:17 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2011-11-21 11:17 - 2011-11-21 11:16 - 0000174 ___SH C:\Users\Administrator\Start Menu\Programs\Startup\desktop.ini
2011-11-21 11:17 - 2011-11-21 11:16 - 0000174 ___SH C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-11-21 11:16 - 2011-11-21 11:16 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Yahoo!
2011-11-21 11:16 - 2011-11-21 11:16 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2011-11-21 11:16 - 2011-11-21 11:15 - 0000000 ____D C:\users\Administrator
2011-11-21 11:16 - 2009-12-14 03:30 - 0000000 ____D C:\Users\All Users\Yahoo! Companion
2011-11-21 11:16 - 2009-12-14 03:30 - 0000000 ____D C:\ProgramData\Yahoo! Companion
2011-11-21 11:16 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2011-11-21 11:15 - 2011-11-21 11:15 - 0000020 __ASH C:\Users\Administrator\ntuser.ini
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Templates
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Start Menu
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\PrintHood
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\NetHood
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\My Documents
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Documents\My Videos
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Documents\My Pictures
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\Documents\My Music
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\AppData\Local\Temporary Internet Files
2011-11-21 11:15 - 2011-11-21 11:15 - 0000000 __SHD C:\Users\Administrator\AppData\Local\History
2011-11-21 11:15 - 2010-03-29 08:55 - 0000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-11-21 07:34 - 2009-07-13 20:45 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-21 07:34 - 2009-07-13 20:45 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-21 07:26 - 2011-05-22 03:38 - 0006503 ____A C:\Users\Geoff\AppData\Roaming\WebThread.log
2011-11-21 07:25 - 2011-10-14 21:01 - 0004580 ____A C:\aaw7boot.log
2011-11-21 07:25 - 2009-12-14 14:04 - 3193716736 __ASH C:\hiberfil.sys
2011-11-21 07:25 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-20 11:50 - 2011-05-25 12:23 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2011-11-20 11:50 - 2011-05-25 12:23 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2011-11-19 09:24 - 2009-07-13 21:13 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-17 23:25 - 2009-12-13 21:10 - 0000174 ___SH C:\Users\Geoff\Start Menu\Programs\Startup\desktop.ini
2011-11-17 23:25 - 2009-12-13 21:10 - 0000174 ___SH C:\Users\Geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-11-17 09:06 - 2009-09-27 23:10 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-11-17 09:06 - 2009-09-27 23:10 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-11-17 08:49 - 2009-07-13 18:34 - 0000478 ____A C:\Windows\win.ini
2011-11-16 11:59 - 2011-11-16 11:59 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-16 09:18 - 2011-11-16 09:18 - 0000000 __SHD C:\Users\Geoff\AppData\Local\a4633784
2011-11-16 09:18 - 2011-06-21 18:18 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-11-14 12:14 - 2011-05-21 19:46 - 0001022 ____A C:\Users\Public\Desktop\Ad-Aware.lnk
2011-11-14 08:15 - 2011-11-14 16:44 - 0016432 ____A C:\Windows\System32\lsdelete.exe
2011-11-13 21:27 - 2009-12-13 23:35 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-11-13 21:25 - 2011-05-27 03:49 - 0000824 ____A C:\Users\Public\Desktop\CCleaner.lnk
2011-11-13 21:25 - 2011-05-27 03:49 - 0000000 ____D C:\Program Files\CCleaner
2011-11-11 17:51 - 2010-03-27 00:51 - 0000000 ____D C:\Users\All Users\boost_interprocess
2011-11-11 17:51 - 2010-03-27 00:51 - 0000000 ____D C:\ProgramData\boost_interprocess
2011-11-10 03:06 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-11-10 02:25 - 2009-07-13 20:45 - 0486144 ____A C:\Windows\System32\FNTCACHE.DAT
2011-11-10 02:24 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2011-11-10 02:02 - 2009-12-16 23:27 - 52174280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-11-09 11:51 - 2009-09-27 23:53 - 0002225 ____A C:\Windows\System32\ServiceFilter.ini
2011-11-09 11:36 - 2009-07-28 22:03 - 0000000 ____D C:\Windows\Panther
2011-11-09 11:14 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-11-09 11:13 - 2011-10-13 22:33 - 0000000 ____D C:\Users\Geoff\AppData\Local\Macroplant
2011-11-09 11:13 - 2011-05-21 15:04 - 0000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2011-11-09 11:13 - 2010-07-21 23:32 - 0000000 ____D C:\Users\All Users\McAfee Security Scan
2011-11-09 11:13 - 2010-07-21 23:32 - 0000000 ____D C:\ProgramData\McAfee Security Scan
2011-11-09 11:13 - 2009-12-13 21:09 - 0000000 ____D C:\users\Geoff
2011-11-09 11:13 - 2009-09-27 23:51 - 0000000 ____D C:\Windows\SysWOW64\Fast Boot
2011-11-09 11:13 - 2009-09-27 23:50 - 0000000 ____D C:\Users\All Users\P4G
2011-11-09 11:13 - 2009-09-27 23:50 - 0000000 ____D C:\ProgramData\P4G
2011-11-09 11:13 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-11-03 11:06 - 2011-11-14 12:13 - 0069376 ____A (Lavasoft AB) C:\Windows\System32\Drivers\Lbd.sys
2011-11-01 23:09 - 2011-11-01 23:09 - 0044436 ____A C:\Users\Geoff\Desktop\312162_10150377356129872_367822059871_7967561_2086145894_n.jpg
2011-10-14 13:08 - 2011-07-02 22:08 - 0000000 ____D C:\Users\Geoff\Documents\Nero 7 Ultra Edition Enhanced XP & Vista + Keygen [ScottayB]
2011-10-13 23:56 - 2011-10-13 23:56 - 0000993 ____A C:\Users\Geoff\Documents\WinDirStat.lnk
2011-10-13 23:56 - 2011-10-13 23:56 - 0000000 ____D C:\Program Files (x86)\WinDirStat
2011-10-13 23:55 - 2011-10-13 23:55 - 0641881 ____A (WDS Team) C:\Users\Geoff\Downloads\windirstat1_1_2_setup.exe
2011-10-13 23:54 - 2011-10-13 23:54 - 0454120 ____A (CBS Interactive) C:\Users\Geoff\Documents\cnet_windirstat1_1_2_setup_exe.exe
2011-10-13 23:51 - 2010-03-29 08:55 - 0000000 ____D C:\Users\Geoff\AppData\Local\Google
2011-10-13 23:51 - 2010-03-29 08:53 - 0000000 ____D C:\Program Files (x86)\Google
2011-10-13 23:40 - 2011-10-13 23:40 - 0000000 ____D C:\Program Files (x86)\iExplorer
2011-10-13 22:08 - 2009-12-13 23:28 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-10-13 13:00 - 2009-09-27 23:53 - 0001854 ____A C:\Windows\System32\AutoRunFilter.ini
2011-10-13 11:40 - 2011-10-13 11:38 - 0000000 ____D C:\Program Files\iTunes
2011-10-13 11:40 - 2011-10-13 11:38 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-10-13 11:38 - 2011-10-13 11:38 - 0000000 ____D C:\Program Files\iPod
2011-10-13 11:32 - 2011-10-13 11:32 - 0000000 ____D C:\Program Files\Bonjour
2011-10-13 11:32 - 2011-10-13 11:32 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-10-13 11:22 - 2009-12-15 00:40 - 0000000 ____D C:\Users\Geoff\AppData\Roaming\Apple Computer
2011-10-13 11:20 - 2011-10-13 11:20 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-10-13 11:20 - 2009-12-14 23:06 - 0000000 ____D C:\Users\All Users\Apple
2011-10-13 11:20 - 2009-12-14 23:06 - 0000000 ____D C:\ProgramData\Apple
2011-09-29 08:29 - 2011-11-09 13:14 - 1923952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-09-28 20:03 - 2011-11-09 13:14 - 3144704 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-09-12 18:09 - 2011-09-12 18:09 - 0045376 ____A C:\Users\Geoff\Documents\cc_20110912_190932.reg
2011-09-10 12:05 - 2010-03-29 08:53 - 0000000 ____D C:\Users\All Users\Google Updater
2011-09-10 12:05 - 2010-03-29 08:53 - 0000000 ____D C:\ProgramData\Google Updater
2011-09-09 07:47 - 2011-09-09 07:47 - 0000000 ____D C:\Program Files (x86)\MSXML 4.0
2011-09-05 14:48 - 2011-09-05 14:38 - 0135274 ____A C:\Windows\hpoins36.dat
2011-09-05 14:48 - 2010-06-09 12:13 - 0001721 ____A C:\Users\All Users\hpzinstall.log
2011-09-05 14:48 - 2010-06-09 12:13 - 0001721 ____A C:\ProgramData\hpzinstall.log
2011-09-05 14:40 - 2011-09-05 14:39 - 0000000 ____D C:\Program Files (x86)\HP
2011-09-05 14:37 - 2011-09-05 14:30 - 39965792 ____A C:\Users\Geoff\Documents\PS_AIO_05_C4600_NonNet_Basic_Win_enu_140_047.exe
2011-09-03 20:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2011-09-03 16:38 - 2011-09-03 16:37 - 0000000 ____D C:\Program Files (x86)\Veetle
2011-08-31 21:34 - 2011-10-13 13:11 - 17781760 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-08-31 21:24 - 2011-10-13 13:11 - 2309120 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-08-31 21:24 - 2011-10-13 13:11 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-31 21:18 - 2011-10-13 13:11 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-31 21:17 - 2011-10-13 13:11 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-31 21:16 - 2011-10-13 13:11 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-31 21:15 - 2011-10-13 13:11 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-31 21:14 - 2011-10-13 13:11 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-08-31 21:12 - 2011-10-13 13:11 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-08-31 21:12 - 2011-10-13 13:11 - 2143744 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-31 21:12 - 2011-10-13 13:11 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-31 21:08 - 2011-10-13 13:11 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-31 18:36 - 2011-10-13 13:11 - 12275200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-08-31 18:35 - 2011-10-13 13:11 - 1798144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-08-31 18:33 - 2011-10-13 13:11 - 9704960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-31 18:28 - 2011-10-13 13:11 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-31 18:28 - 2011-10-13 13:11 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-31 18:27 - 2011-10-13 13:11 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-31 18:26 - 2011-10-13 13:11 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-31 18:24 - 2011-10-13 13:11 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-08-31 18:23 - 2011-10-13 13:11 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-31 18:23 - 2011-10-13 13:11 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-31 18:22 - 2011-10-13 13:11 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-08-31 18:21 - 2011-10-13 13:11 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-30 22:05 - 2011-08-30 22:05 - 0096104 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-08-30 22:05 - 2011-08-30 22:05 - 0085864 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-08-30 22:05 - 2011-08-30 22:05 - 0083816 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-08-30 22:05 - 2011-08-30 22:05 - 0073064 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-08-29 21:25 - 2011-11-16 22:56 - 14173184 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2011-08-29 20:21 - 2011-11-16 22:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 4061.02 MB
Available physical RAM: 3487.06 MB
Total Pagefile: 4059.17 MB
Available Pagefile: 3473.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:149.05 GB) (Free:25.03 GB) NTFS ==>[System with boot components]
2 Drive d: (DATA) (Fixed) (Total:134.39 GB) (Free:23.39 GB) NTFS
4 Drive f: (GEOFF) (Removable) (Total:3.73 GB) (Free:0.26 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 Online 3823 MB 0 B

Partitions of Disk 0:

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 14 GB 1024 KB
Partition 2 Primary 149 GB 14 GB
Partition 0 Extended 134 GB 163 GB
Partition 3 Logical 134 GB 163 GB

Disk: 0
Partition 2
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OS NTFS Partition 149 GB Healthy

==========================================================

Last Boot: 2011-11-10 02:55

======================= End Of Log ==========================

[azarl]

First off, thank you for getting back to me so quickly I know you probably have better things to be doing during the holiday season. As requested here are the results from the Farbar Recovery Scan:

I'm in England, so it's not a holiday week here

Download MBRFix from here.

Save and extract its contents to the working computer's desktop. There are three files in the MBRFix folder. From these, only copy the MBRFix64.exe to the USB drive.

Also download the attached file and save it in the USB drive.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). It will also create a file labeled MBRDUMP.txt. Copy and Paste the contents of the Fixlog.txt in your next reply, but attach the MBRDUMP.txt as it is a hex file.

Check and see if the system now boots please

[GeoffB]

As requested FixLog:

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.0)
Ran by SYSTEM at 2011-11-26 11:16:14 R:3
Running from F:\

==============================================

HitmanPro35CrusaderBoot service not found.
hitmanpro35 service not found.

========= F:\MbrFix64.exe /drive 0 =========

MbrFix.exe Copyright © 2004-2009 Systemintegrasjon AS
http://www.sysint.no
Usage:
MbrFix /drive <num> { command } { /yes } { /verbose }

Commands:
MbrFix /? Display help page and license
MbrFix /drive <num> driveinfo Display drive information
MbrFix /drive <num> drivesize Returns size in MB as return value
MbrFix /drive <num> listpartitions Display partition information
MbrFix /drive <num> savembr <file> Save MBR and partitions to file
MbrFix /drive <num> restorembr <file> Restore MBR and partitions from file
MbrFix /drive <num> fixmbr {/vista|/win7} Update MBR to W2K/XP/2003 (default),
Vista or Windows 7
MbrFix /drive <num> clean Delete all partitions on drive
MbrFix /drive <num> readsignature {/byte} Read disk signature from MBR
MbrFix /drive <num> generatesignature Generate disk signature in MBR
MbrFix /drive <num> writesignature <bytes> Write disk signature in MBR
MbrFix /drive <num> readstate Read state from byte 0x1b2 in MBR
MbrFix /drive <num> writestate <state> Write state to byte 0x1b2 in MBR
MbrFix /drive <num> readdrive <startsector> <sectorcount> <file>
Save sectors from drive to file
MbrFix /drive <num> /partition <part> fixbootsector <os>
Update Boot code in boot sector
MbrFix /drive <num> /partition <part> getpartitiontype
Get partition type
MbrFix /drive <num> /partition <part> setpartitiontype <typenum>
Set partition type
MbrFix /drive <num> /partition <part> setactivepartition
Set active partition
MbrFix /drive <num> getactivepartition Get active partition
MbrFix volumeinformation driveletter Get volume information for partition
MbrFix flush {driveletter(s)} Flush files to disk for partition
MbrFix listpartitiontypes List partition types

========= End of CMD: =========


==== End of Fixlog ====

I didn't find a file labeled MBRDUMP.txt when I ran the program however I did get a MbrFix Firefox document. I tried to attach the file just in case but I get an error message saying "you aren't permitted to upload this kind of file". Please let me know where I should go from here.

Thanks

[GeoffB]

I restarted my computer as you had previously asked, and I'm still get the same problem with the Start up Repair.

[azarl]

Could you repeat the last instructions please but use this new file:

[GeoffB]

Azarl,

I ran the fixlist.txt program as required and this is all I got in the FixLog:

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.0)
Ran by SYSTEM at 2011-11-27 19:59:40 R:6
Running from F:\

==============================================


==== End of Fixlog ====

Once again I didn't get a file labeled MBRDUMP, not sure if I'm doing anything wrong so I'll explain exactly what I did. I re-downloaded all the files you had asked me to download, I ran FRST64.exe as requested, after the scan completed I hit fix only once. I again attempted to restart my computer to no avail. I'm still getting the start up repair message.

-Geoff

[azarl]

OK, let's try this.

• Restart your PC, press and hold the F8 key as it restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.
• On the Advanced Boot Options screen, use the arrow keys to highlight Repair your computer, and then press Enter.
• Select a keyboard layout, and then click Next.
• On the System Recovery Options menu, click on Command Prompt
  
  
• In the command window type bootrec.exe /fixmbr and press enter
• Reboot

[GeoffB]

Ran the command bootrec.exe /fixmbr says "The operation completed successfully." I attempted to reboot my computer but I'm still getting the same start up repair issue as I was before.

[azarl]

OK, do what we discussed in the last post but this time type:
bootrec /RebuildBcd

[GeoffB]

Came back saying "Successfully scanned Windows installations. Total identified Windows installations: 0 The operation completed successfully. I'm getting the feeling that the only way I'll get my computer back and functional is if I use the Recovery disc and wipe everything clean. Am I being paranoid and over analyzing this?

[azarl]

Came back saying "Successfully scanned Windows installations. Total identified Windows installations: 0 The operation completed successfully. I'm getting the feeling that the only way I'll get my computer back and functional is if I use the Recovery disc and wipe everything clean. Am I being paranoid and over analyzing this?

No, you're not. There is a possibility that it will come to that, i which case we'll look at getting any data off you need, but we've things to try first

Please download the attached file and save it in the USB drive.


Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). It will also create a file labeled BCD.txt. Copy and Paste the contents of both Fixlog.txt and bcd.txt in your next reply

[GeoffB]

Good to know that we have more things to try. I ran FRST64.exe and pressed "fix" only once (this time without hitting scan first). It again came up with an empty FixLog:

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.0)
Ran by SYSTEM at 2011-11-28 10:29:27 R:7
Running from F:\

==============================================


==== End of Fixlog ====

And once again I didn't get another file (this time there was no BCD.txt file). Not sure if I'm doing anything wrong or if it's my system.

Restarted my system no change to the start up.

[azarl]

Good to know that we have more things to try. I ran FRST64.exe and pressed "fix" only once (this time without hitting scan first). It again came up with an empty FixLog:

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.0)
Ran by SYSTEM at 2011-11-28 10:29:27 R:7
Running from F:\

==============================================


==== End of Fixlog ====

And once again I didn't get another file (this time there was no BCD.txt file). Not sure if I'm doing anything wrong or if it's my system.

Restarted my system no change to the start up.

Definitely no file BCD.txt on the USB?