Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojans and Catalyst Control Centre issues (Reopened) [Closed]


  • This topic is locked This topic is locked

#46
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Here's the copy of the scan. Thanks!


Scan result of Farbar Recovery Scan Tool Version: 19-05-2012
Ran by SYSTEM at 18-05-2012 06:42:52
Running from F:\
(X64) OS Language: English(US)
Attention: Could not load system hive.The operation completed successfully.

========================== Registry (Whitelisted) =============

HKLM\...\Winlogon: [Userinit]
HKLM-x32\...\Winlogon: [Userinit] [x]
HKLM\...\Winlogon: [Shell]
HKLM-x32\...\Winlogon: [Shell] [x ] ()

==================== Services (Whitelisted) ======


========================== Drivers (Whitelisted) =============


========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-05-18 06:42 - 2012-05-18 06:42 - 0000000 ____D C:\FRST
2012-05-17 03:43 - 2009-07-13 17:38 - 0383562 _RASH C:\bootmgr

============ 3 Months Modified Files and Folders =============

2012-05-18 06:42 - 2012-05-18 06:42 - 0000000 ____D C:\FRST
2012-02-24 03:24 - 2012-02-24 03:24 - 0000000 ____D C:\Emergency
2012-02-24 03:24 - 2012-02-24 03:06 - 0000000 ____D C:\Windows\SMINST

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: <===== ATTENTION!
HKLM\...\exefile\DefaultIcon: <===== ATTENTION!
HKLM\...\exefile\open\command: <===== ATTENTION!

========================= Memory info ======================

Percentage of memory in use: 9%
Total physical RAM: 6132.5 MB
Available physical RAM: 5530.37 MB
Total Pagefile: 6130.65 MB
Available Pagefile: 5511.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:393.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
4 Drive f: () (Removable) (Total:14.89 GB) (Free:14.89 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 14 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 14 GB 39 MB
Partition 3 Primary 451 GB 14 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 FAT Partition 39 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D RECOVERY NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 14 GB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 14 GB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-05-17 00:50

======================= End Of Log ==========================
  • 0

Advertisements


#47
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Attention: Could not load system hive.The operation completed successfully.

This is the problem you have a corrupt registry

I will try a last boot option and we will see if that works

Download the attached Fixlist.txt to the USB drive that contains FRST

Run FRST
Then select the Fix button

Now try a reboot please and let me know the result
  • 0

#48
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I tried running the fix and after rebooting nothing has changed. I still get to the System Repair window.
  • 0

#49
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It look as though you may have to do a re-install from the recovery partition
  • 0

#50
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
OK. How do I go about that?
  • 0

#51
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Dell Factory Image Restore
Turn on the computer. When the Dell logo appears, press <F8> several times to access the Vista Advanced Boot Options Window.
Select Repair Your Computer.
The System Recovery Options window appears.
Select a keyboard layout and click Next.
To access the recovery options, log on as a local user.
Click Dell Factory Image Restore. The Dell Factory Image Restore welcome screen appears.
NOTE: Depending upon your configuration, you may need to select Dell Factory Tools, then Dell Factory Image Restore.
Click Next. The Confirm Data Deletion screen appears.
NOTICE: If you do not want to proceed with Factory Image Restore, click Cancel.
Select the checkbox to confirm that you want to continue reformatting the hard drive and restoring the system software to the factory condition, then click Next.
The restore process begins and may take five or more minutes to complete. A message appears when the operating system and factory-installed applications have been restored to factory condition.
Click Finish to reboot the system.

If that should fail then

1. Hit F8 on startup, select 'Repair'
2. Start a command prompt.
3. Change to the D: drive.
4. Set the path to 'Path=d:\windows\system32
5. Go to the d:\tools directory
6. Run PCRestore
7. Follow the prompts to restore the image.
  • 0

#52
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I'm having a difficult time getting this step to work. For the first option, after I select a keyboard layout I only have two options, startup repair and the Dell Datasafe Restore.

For the second option you presented, when I selected repair I wasn't able to get into Command Prompt. I entered command prompt as I did before by running the CD I created. Once there, at step 4 I typed in "Path=d:\windows\system32" and hit enter. On the next line I wrote "d:\tools directory" and a few variations thereof, such as just "tools directory" and it just says that it's not recognized as a command.

I've tried a few things these last few days but just can't seem to restore the factory image.

Thanks.
  • 0

#53
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Dell Datasafe Restore. Should restore your computer to factory settings if you run that
  • 0

#54
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I did the factory image restore and am back to square 1, the BootMgr is missing again. I'll try fixing it the same way I did before with the recovery CD.
  • 0

#55
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK it may require a check disc run - do you know how to do that from the recovery disc ?
  • 0

Advertisements


#56
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I ran a check disk by typing "chkdsk C:/F" in command prompt. It didn't fix the problem; I still get BOOTMGR is missing at startup. Hope the holiday is going well.
  • 0

#57
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
'OK first off can you confirm thaqt there is not a CD or USB inserted whilst booting .. If there isn't then follow the steps on this page (method 2)
  • 0

#58
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I followed the steps in the link you provided. Now when I try to boot I get the menu: "choose an option: test memory / test system / exit"

When I try to exit it just keeps cycling me back to that menu. When I run the tests they come up with no errors but put me back at the same menu once my computer reboots.

Thanks.
  • 0

#59
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you set the 100Mb system partition as active ?

Could you list the partitions available under disc part
  • 0

#60
Hubbard521

Hubbard521

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Partition 1 / Primary / 39 MB 31KB
Partition 2 / Primary / 14 GB 39 MB
Partition 3 / Primary / 451 GB 14 GB

I selected partition 1 to get to the aforementioned situation.

Thanks again.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP