Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP Windows 7 won't boot [Solved]


  • This topic is locked This topic is locked

#1
JulySFX

JulySFX

    Member

  • Member
  • PipPip
  • 39 posts
Hi,

My HP desktop with Windows 7 won't boot up properly since a week ago. I searched for a solution and followed emeraldnzl's instruction here: http://www.geekstogo...ix-the-problem/
where he suggested to get a FRST.txt file. I did the exactly same things as he wrote there and got the FRST file. The content of the file is like below:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by SYSTEM on 17-07-2013 01:14:26
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
Attention: Could not load system hive.
==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-04-30] (Apple Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] - "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart [1515328 2013-06-13] (IObit)
HKU\July\...\Run: [AdobeBridge] - [x]
HKU\July\...\Run: [Google Update] - "C:\Users\July\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-13] (Google Inc.)
HKU\July\...\Run: [HydraVisionDesktopManager] - "C:\Program Files (x86)\ATI Technologies\HydraVision\hydradm.exe" [393216 2012-02-10] (AMD)
HKU\July\...\Run: [Advanced SystemCare 6] - "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [491840 2013-01-15] (IObit)
HKU\July\...\Run: [KakaoTalk] - C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [2694672 2013-06-25] (Kakao Inc.)
HKU\July\...\Run: [MusicManager] - "C:\Users\July\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [7345664 2013-06-20] (Google Inc.)
Startup: C:\Users\July\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================


==================== NetSvcs (Whitelisted) ===================

NETSVCx32: mrrcjogu -> No ServiceDLL Path.

==================== One Month Created Files and Folders ========

2013-07-17 00:24 - 2013-07-17 01:14 - 00000000 ____D C:\FRST
2013-07-10 09:52 - 2013-07-10 09:52 - 00000000 _____ C:\asc_rdflag
2013-07-09 06:57 - 2013-07-09 06:57 - 00000000 ____D C:\HijackThis
2013-07-06 00:17 - 2013-05-22 00:49 - 00017720 _____ C:\Windows\System32\Drivers\SmartDefragDriver.sys
2013-07-05 05:53 - 2013-07-05 05:58 - 00000000 ____D C:\Users\July\AppData\Local\windowviewcon
2013-07-05 05:53 - 2013-07-05 05:54 - 00000000 ____D C:\Users\July\AppData\Local\windowviewcone
2013-07-05 05:53 - 2013-07-05 05:53 - 00000000 ____D C:\Program Files (x86)\mrrcjogu
2013-07-05 01:18 - 2013-07-05 01:18 - 00003122 _____ C:\Windows\System32\Tasks\{E0D78E87-C413-4DC1-B6E8-6E4FA859F49A}
2013-07-04 16:55 - 2013-07-04 16:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-30 16:03 - 2013-06-30 16:03 - 00000862 _____ C:\Windows\System32\termcap
2013-06-27 14:48 - 2013-06-27 14:48 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2013-06-27 14:48 - 2013-06-27 14:48 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2013-06-27 11:30 - 2013-06-27 11:30 - 00000000 ____D C:\Users\July\AppData\Local\Kakao
2013-06-27 11:30 - 2013-06-27 11:30 - 00000000 ____D C:\Program Files (x86)\Kakao
2013-06-27 03:39 - 2013-06-27 03:39 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 03:39 - 2013-06-27 03:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 03:39 - 2013-06-27 03:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 03:39 - 2013-06-27 03:39 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 02:52 - 2013-07-09 09:52 - 00003244 _____ C:\Windows\System32\Tasks\IORRT
2013-06-22 10:11 - 2013-06-26 19:29 - 00000000 ____D C:\ProgramData\NexonUS
2013-06-22 05:15 - 2013-06-22 05:15 - 00000000 ____D C:\Users\July\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

==================== One Month Modified Files and Folders =======

2013-07-17 01:14 - 2013-07-17 00:24 - 00000000 ____D C:\FRST
2013-07-17 00:42 - 2013-01-28 04:27 - 00000000 ___RD C:\Users\July\Desktop\Utilities
2013-07-16 22:43 - 2013-01-28 20:31 - 00000000 ____D C:\ProgramData\Recovery
2013-07-10 09:55 - 2009-07-13 18:34 - 110100480 _____ C:\Windows\System32\config\SOFTWARE.iobit.bak
2013-07-10 09:55 - 2009-07-13 18:34 - 00028672 _____ C:\Windows\System32\config\SECURITY.iobit.bak
2013-07-10 09:54 - 2013-01-28 02:41 - 00000000 ____D C:\users\July
2013-07-10 09:52 - 2013-07-10 09:52 - 00000000 _____ C:\asc_rdflag
2013-07-09 19:01 - 2013-01-28 02:40 - 01095070 _____ C:\Windows\WindowsUpdate.log
2013-07-09 19:01 - 2009-07-13 18:34 - 04653056 _____ C:\Windows\System32\config\DEFAULT.iobit.bak
2013-07-09 19:01 - 2009-07-13 18:34 - 00024576 _____ C:\Windows\System32\config\SAM.iobit.bak
2013-07-09 19:00 - 2013-01-28 06:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 18:50 - 2013-02-22 20:33 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1141071901-3882197347-125836576-1000UA.job
2013-07-09 18:37 - 2013-01-28 03:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-09 18:10 - 2013-01-30 02:59 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1141071901-3882197347-125836576-1000UA.job
2013-07-09 12:10 - 2013-01-30 02:59 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1141071901-3882197347-125836576-1000Core.job
2013-07-09 09:52 - 2013-06-27 02:52 - 00003244 _____ C:\Windows\System32\Tasks\IORRT
2013-07-09 09:35 - 2013-01-28 22:29 - 00000000 ____D C:\Users\July\AppData\Roaming\uTorrent
2013-07-09 07:05 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 07:05 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 07:03 - 2013-01-28 07:02 - 00000000 ____D C:\Users\July\AppData\Roaming\Skype
2013-07-09 06:57 - 2013-07-09 06:57 - 00000000 ____D C:\HijackThis
2013-07-09 06:29 - 2013-01-29 08:58 - 00000000 ____D C:\Users\July\Desktop\Wallpapers
2013-07-09 06:21 - 2013-01-28 03:16 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-09 06:14 - 2013-02-11 22:10 - 00000000 _____ C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-09 06:14 - 2013-01-28 22:30 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-09 06:11 - 2013-01-28 22:26 - 00000000 ____D C:\Users\July\AppData\Roaming\HpUpdate
2013-07-09 06:11 - 2013-01-28 22:26 - 00000000 ____D C:\Users\July\AppData\Roaming\HP Support Assistant
2013-07-09 06:11 - 2013-01-28 02:46 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2F403AE7-6E28-4163-A8E6-C1695B834A8E}
2013-07-09 06:10 - 2013-02-22 20:33 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1141071901-3882197347-125836576-1000Core.job
2013-07-08 08:24 - 2013-05-23 07:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 02:45 - 2013-02-22 20:33 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1141071901-3882197347-125836576-1000UA
2013-07-07 02:45 - 2013-02-22 20:33 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1141071901-3882197347-125836576-1000Core
2013-07-06 01:38 - 2009-07-13 21:13 - 00782470 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-05 16:55 - 2013-01-29 09:54 - 00000000 ____D C:\Users\July\AppData\Roaming\Dropbox
2013-07-05 16:42 - 2013-01-29 09:55 - 00000000 ___RD C:\Users\July\Dropbox
2013-07-05 16:26 - 2013-01-28 21:46 - 00000000 ____D C:\Users\July\Desktop\Game
2013-07-05 08:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-07-05 07:22 - 2013-01-28 02:46 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForJuly.job
2013-07-05 07:22 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-05 05:58 - 2013-07-05 05:53 - 00000000 ____D C:\Users\July\AppData\Local\windowviewcon
2013-07-05 05:54 - 2013-07-05 05:53 - 00000000 ____D C:\Users\July\AppData\Local\windowviewcone
2013-07-05 05:53 - 2013-07-05 05:53 - 00000000 ____D C:\Program Files (x86)\mrrcjogu
2013-07-05 01:18 - 2013-07-05 01:18 - 00003122 _____ C:\Windows\System32\Tasks\{E0D78E87-C413-4DC1-B6E8-6E4FA859F49A}
2013-07-04 16:55 - 2013-07-04 16:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-04 16:55 - 2013-04-07 05:42 - 00000000 ____D C:\Users\July\AppData\Roaming\OpenCandy
2013-07-04 16:55 - 2013-01-29 00:52 - 00000000 ____D C:\Users\July\AppData\Roaming\DVDVideoSoft
2013-07-04 16:51 - 2013-03-27 08:24 - 00000000 ____D C:\Program Files (x86)\puush
2013-07-03 22:32 - 2013-01-28 03:16 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-03 22:32 - 2013-01-28 03:16 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-02 09:20 - 2013-01-28 02:46 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJuly
2013-06-30 20:09 - 2013-02-04 21:24 - 00000132 _____ C:\Users\July\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-06-30 19:37 - 2013-01-28 03:41 - 00000000 ____D C:\Users\July\AppData\Local\CrashDumps
2013-06-30 16:03 - 2013-06-30 16:03 - 00000862 _____ C:\Windows\System32\termcap
2013-06-28 12:57 - 2013-01-28 04:15 - 00000000 ____D C:\Users\July\Desktop\Text Files
2013-06-28 11:10 - 2013-05-31 06:52 - 00000000 ____D C:\Program Files (x86)\wLauncher
2013-06-28 09:35 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-28 08:45 - 2013-04-03 04:56 - 00000000 ____D C:\Users\July\AppData\Roaming\Mozilla
2013-06-28 08:45 - 2013-01-28 03:16 - 00000000 ____D C:\Users\July\AppData\Local\Google
2013-06-27 14:48 - 2013-06-27 14:48 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2013-06-27 14:48 - 2013-06-27 14:48 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2013-06-27 11:30 - 2013-06-27 11:30 - 00000000 ____D C:\Users\July\AppData\Local\Kakao
2013-06-27 11:30 - 2013-06-27 11:30 - 00000000 ____D C:\Program Files (x86)\Kakao
2013-06-27 03:39 - 2013-06-27 03:39 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 03:39 - 2013-06-27 03:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 03:39 - 2013-06-27 03:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 03:39 - 2013-06-27 03:39 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 03:39 - 2013-02-02 06:44 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 03:39 - 2013-02-02 06:44 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-26 19:29 - 2013-06-22 10:11 - 00000000 ____D C:\ProgramData\NexonUS
2013-06-26 06:36 - 2013-02-02 09:06 - 00000000 ____D C:\Program Files (x86)\GNU
2013-06-24 16:42 - 2013-05-27 22:05 - 00000000 ____D C:\Nexon
2013-06-22 05:15 - 2013-06-22 05:15 - 00000000 ____D C:\Users\July\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2013-06-17 19:24 - 2013-02-22 20:12 - 00003584 _____ C:\Users\July\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-17 05:14 - 2013-01-29 03:54 - 00000000 ____D C:\Users\July\AppData\Local\Adobe
2013-06-17 05:14 - 2013-01-28 06:53 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-17 05:14 - 2013-01-28 06:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-06-17 05:14 - 2012-05-21 19:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 6100 MB
Available physical RAM: 5033.52 MB
Total Pagefile: 6098.2 MB
Available Pagefile: 5038.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.66 GB) (Free:840.18 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.75 GB) (Free:1.98 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive h: (DRIVE) (Removable) (Total:3.73 GB) (Free:2.67 GB) FAT32 (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.12 GB) (Free:0.12 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 98860AB3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=915 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 6A53CFD0)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)


LastRegBack: 2013-07-02 15:09

==================== End Of Log ============================


can anyone help me with this please? thanks in advance!
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
Hi and welcome.

The System Hive of the registry seems missing or corrupted.

Boot to the Recovery Command prompt. At the prompt type the following and press Enter:

CHKDSK C: /F

It should take a while.

Let me know the outcome.
  • 0

#3
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
This could also be an issue created by Iobit.

If the issue is not resolved by running CHKDSK, then download the enclosed file. Attached File  fixlist.txt   41bytes   121 downloads

Save it next to FRST.

Run FRST as you did before, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

Attempt to boot in Normal Mode and let me know the outcome.
  • 0

#4
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Sorry for late reply and thank you for your help.

I've just tried running CHKDSK C: /F on prompt and got this message.

The type of the file system is NTFS.
Volume label is SYSTEM.

CHKDSK is verifying files <stage 1 of 3>...
256 file records processed.
File verification completed.
0 large file records processed.
0 bad file records processed.
0 EA records processed.
0 reparse records processed.
CHKDSK is verifying indexes <stage 2 of 3>...
334 index entries processed.
Index verification completed.
0 unindexed files scanned.
0 unindexed files recovered.
CHKDSK is verifying security descriptors <stage 3 of 3>...
256 file SDs/SIDs processed.
Security descriptor verification completed.
40 data files processed.
CHKDSK is verifying Usn Journal...
126696 USN bytes processed.
Usn Journal verification completed.
Windows has checked the file system and found no problems.

102399 KB total disk space.
22048 KB in 47 files.
28 KB in 41 indexes.
0 KB in bad sectors.
3299 KB in use by the system.
2048 KB occupied by the log file.
77024 KB available on disk.

4096 bytes in each allocation unit.
25599 total allocation units on disk.
19256 allocation units available on disk.
Failed to transfer logged messages to the event log with status 50.

I'll now try to reboot and let you know how it goes.

Edited by JulySFX, 17 July 2013 - 09:09 PM.

  • 0

#5
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

This could also be an issue created by Iobit.

If the issue is not resolved by running CHKDSK, then download the enclosed file. Attached File  fixlist.txt   41bytes   121 downloads

Save it next to FRST.

Run FRST as you did before, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

Attempt to boot in Normal Mode and let me know the outcome.


So like, just run FRST like I did last time and skip clicking on the Fix button and waiting?

I just ran FRST and it made a log in the flashdrive (FRST.txt), just the same as the last time.

So I opened the fixlist.txt to see if there was any change to it while the saved FRST.txt was open and I saw nothing was changed, so I closed the notepad without saving, and the Farbar Recovery Scan Tool is scanning again.

What do I do if it saves a log in the FRST.txt file again?
  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
The Fixlist.txt should look as this:

Start
LastRegBack: 2013-07-02 15:09
End


It should be save next to FRST. Run FRST (the application not the scan). Once FRST is engaged, click on the Fix button.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.
  • 0

#7
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Okay,I clicked on the Fix button and it keeps fixing forever (it says "Fixing is in progress. Please wait..." and the Fix button has changed to 'Fixing ...').

Rebooted and did the exact same steps, still fixing forever.

What should I do now?
  • 0

#8
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
Still running? Is FRST in a USB flash drive? Are you running the Fix in the Repair Console?
  • 0

#9
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

Still running? Is FRST in a USB flash drive? Are you running the Fix in the Repair Console?


Yes, it is still running.. FRST is in my USB drive. I don't quite get what you mean by the 'Repair Console' but I'm running the Fix on Farbar Recovery Scan Tool that's opened by typing h:\FRST64(my drive has a letter, h and my computer is 64bit OS) on CMD.

I have no idea why the Fix keeps running.

Edited by JulySFX, 19 July 2013 - 11:27 PM.

  • 0

#10
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
Stop. Lets run this script:

Download the enclosed file. Attached File  fixlist.txt   90bytes   77 downloads

Save it next to FRST replacin the existing one.

Run FRST as you did before, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.
  • 0

Advertisements


#11
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts

Stop. Lets run this script:

Download the enclosed file. Attached File  fixlist.txt   90bytes   77 downloads

Save it next to FRST replacin the existing one.

Run FRST as you did before, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

Okay. by the way, I still don't understand how this fixlist.txt should be run.

I mean.. does the FRST application have commands in it that runs fixlist.txt which will then make a log file (Fixlog.txt) in the flashdrive or something?

and you know how you told me to save the fixlist.txt file next to FRST? did you mean like just placing the txt file in the same directory of the flashdrive like in this screenshot?: http://puu.sh/3He3a.png

Edited by JulySFX, 20 July 2013 - 01:32 AM.

  • 0

#12
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Good news!

A pop-up message came up with saying "Fix completed. The "Fixlog.txt" is saved in the same directory FRST is located.

Following is the content of Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-07-2013 02
Ran by SYSTEM at 2013-07-20 20:03:01 Run:1
Running from H:\
Boot Mode: Recovery
==============================================


========================= Folder: C:\WINDOWS\System32\config ========================

2009-07-13 21:32 - 2013-01-28 20:31 - 0028672 ____A () C:\WINDOWS\System32\config\BCD-Template
2009-07-13 21:38 - 2013-01-28 20:31 - 0025600 __ASH () C:\WINDOWS\System32\config\BCD-Template.LOG
2009-07-13 18:34 - 2013-07-09 06:31 - 44040192 ____A () C:\WINDOWS\System32\config\COMPONENTS
2009-07-13 23:07 - 2010-11-20 23:20 - 0001024 ___AH () C:\WINDOWS\System32\config\COMPONENTS.LOG
2009-07-13 18:34 - 2013-07-09 06:31 - 0262144 ___AH () C:\WINDOWS\System32\config\COMPONENTS.LOG1
2009-07-13 18:34 - 2009-07-13 18:34 - 0000000 ___AH () C:\WINDOWS\System32\config\COMPONENTS.LOG2
2009-07-13 20:54 - 2013-07-09 06:31 - 0065536 __ASH () C:\WINDOWS\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2009-07-13 20:54 - 2013-07-09 06:31 - 0524288 __ASH () C:\WINDOWS\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2009-07-13 20:54 - 2013-06-12 02:53 - 0524288 __ASH () C:\WINDOWS\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2009-07-13 18:34 - 2013-07-10 09:55 - 4653056 ____A () C:\WINDOWS\System32\config\DEFAULT
2009-07-13 18:34 - 2013-07-09 19:01 - 4653056 ____A () C:\WINDOWS\System32\config\DEFAULT.iobit.bak
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\DEFAULT.iobit.LOG1
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\DEFAULT.iobit.LOG2
2009-07-13 23:07 - 2010-11-20 23:20 - 0001024 ___AH () C:\WINDOWS\System32\config\DEFAULT.LOG
2009-07-13 18:34 - 2013-07-10 09:55 - 0262144 ___AH () C:\WINDOWS\System32\config\DEFAULT.LOG1
2009-07-13 18:34 - 2009-07-13 18:34 - 0000000 ___AH () C:\WINDOWS\System32\config\DEFAULT.LOG2
2009-07-13 19:20 - 2009-07-13 18:34 - 0000000 ____D () C:\WINDOWS\System32\config\Journal
2009-07-13 19:20 - 2013-07-02 15:11 - 0000000 ____D () C:\WINDOWS\System32\config\RegBack
2009-07-13 18:34 - 2013-07-10 09:55 - 0024576 ____A () C:\WINDOWS\System32\config\SAM
2009-07-13 18:34 - 2013-07-09 19:01 - 0024576 ____A () C:\WINDOWS\System32\config\SAM.iobit.bak
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\SAM.iobit.LOG1
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\SAM.iobit.LOG2
2009-07-13 23:07 - 2010-11-20 23:20 - 0001024 ___AH () C:\WINDOWS\System32\config\SAM.LOG
2009-07-13 18:34 - 2013-07-09 06:34 - 0021504 ___AH () C:\WINDOWS\System32\config\SAM.LOG1
2009-07-13 18:34 - 2009-07-13 18:34 - 0000000 ___AH () C:\WINDOWS\System32\config\SAM.LOG2
2009-07-13 18:34 - 2013-07-10 09:55 - 0028672 ____A () C:\WINDOWS\System32\config\SECURITY
2009-07-13 18:34 - 2013-07-10 09:55 - 0028672 ____A () C:\WINDOWS\System32\config\SECURITY.iobit.bak
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\SECURITY.iobit.LOG1
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\SECURITY.iobit.LOG2
2009-07-13 23:07 - 2010-11-20 23:20 - 0001024 ___AH () C:\WINDOWS\System32\config\SECURITY.LOG
2009-07-13 18:34 - 2013-07-10 09:55 - 0021504 ___AH () C:\WINDOWS\System32\config\SECURITY.LOG1
2009-07-13 18:34 - 2009-07-13 18:34 - 0000000 ___AH () C:\WINDOWS\System32\config\SECURITY.LOG2
2009-07-13 18:34 - 2013-07-20 20:03 - 108658688 ____A () C:\WINDOWS\System32\config\SOFTWARE
2009-07-13 18:34 - 2013-07-10 09:55 - 110100480 ____A () C:\WINDOWS\System32\config\SOFTWARE.iobit.bak
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\SOFTWARE.iobit.LOG1
2013-07-10 09:55 - 2013-07-10 09:55 - 0000000 __ASH () C:\WINDOWS\System32\config\SOFTWARE.iobit.LOG2
2009-07-13 23:07 - 2010-11-20 23:20 - 0001024 ___AH () C:\WINDOWS\System32\config\SOFTWARE.LOG
2009-07-13 18:34 - 2013-07-20 20:03 - 0262144 ___AH () C:\WINDOWS\System32\config\SOFTWARE.LOG1
2009-07-13 18:34 - 2013-07-18 14:00 - 0262144 ___AH () C:\WINDOWS\System32\config\SOFTWARE.LOG2
2009-07-13 18:34 - 2013-07-10 09:55 - 16252928 ____A () C:\WINDOWS\System32\config\SYSTEM
2013-05-04 19:19 - 2013-05-04 19:19 - 15826944 ____A () C:\WINDOWS\System32\config\SYSTEM.iobit
2009-07-13 23:07 - 2010-11-20 23:20 - 0001024 ___AH () C:\WINDOWS\System32\config\SYSTEM.LOG
2009-07-13 18:34 - 2013-07-10 09:55 - 0262144 ___AH () C:\WINDOWS\System32\config\SYSTEM.LOG1
2009-07-13 18:34 - 2013-06-27 04:48 - 0262144 ___AH () C:\WINDOWS\System32\config\SYSTEM.LOG2
2009-07-13 19:20 - 2010-11-20 18:41 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile
2009-07-13 19:20 - 2011-02-11 09:05 - 0000000 ____D () C:\WINDOWS\System32\config\TxR
2011-02-11 09:01 - 2013-07-02 15:11 - 4653056 ____A () C:\WINDOWS\System32\config\RegBack\DEFAULT
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\DEFAULT.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\DEFAULT.LOG2
2011-02-11 09:01 - 2013-07-02 15:11 - 0024576 ____A () C:\WINDOWS\System32\config\RegBack\SAM
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SAM.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SAM.LOG2
2011-02-11 09:01 - 2013-07-02 15:04 - 0028672 ____A () C:\WINDOWS\System32\config\RegBack\SECURITY
2011-02-11 11:20 - 2011-02-11 11:20 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SECURITY.LOG1
2011-02-11 11:20 - 2011-02-11 11:20 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SECURITY.LOG2
2011-02-11 09:01 - 2013-07-02 15:09 - 108658688 ____A () C:\WINDOWS\System32\config\RegBack\SOFTWARE
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SOFTWARE.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SOFTWARE.LOG2
2011-02-11 09:01 - 2013-07-02 15:10 - 15990784 ____A () C:\WINDOWS\System32\config\RegBack\SYSTEM
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SYSTEM.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SYSTEM.LOG2
2009-07-13 19:20 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData
2009-07-13 21:38 - 2012-05-21 19:19 - 0262144 ____A () C:\WINDOWS\System32\config\systemprofile\ntuser.dat
2009-07-13 23:07 - 2010-11-20 23:07 - 0001024 ___AH () C:\WINDOWS\System32\config\systemprofile\ntuser.dat.LOG
2009-07-13 21:38 - 2013-01-28 19:32 - 0009216 __ASH () C:\WINDOWS\System32\config\systemprofile\ntuser.dat.LOG1
2009-07-13 21:38 - 2009-07-13 21:38 - 0000000 __ASH () C:\WINDOWS\System32\config\systemprofile\ntuser.dat.LOG2
2010-11-20 18:41 - 2010-11-20 18:41 - 0065536 __ASH () C:\WINDOWS\System32\config\systemprofile\ntuser.dat{d5e30002-f518-11df-a5c1-806e6f6e6963}.TM.blf
2010-11-20 18:41 - 2010-11-20 18:41 - 0524288 __ASH () C:\WINDOWS\System32\config\systemprofile\ntuser.dat{d5e30002-f518-11df-a5c1-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
2010-11-20 18:41 - 2010-11-20 18:41 - 0524288 __ASH () C:\WINDOWS\System32\config\systemprofile\ntuser.dat{d5e30002-f518-11df-a5c1-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
2009-07-13 19:20 - 2013-03-29 11:55 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local
2009-07-13 20:48 - 2009-07-13 20:55 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow
2009-07-13 20:48 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming
2013-03-29 11:55 - 2013-06-24 08:05 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps
2009-07-13 20:49 - 2012-05-21 19:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft
2013-05-28 08:49 - 2013-05-28 08:49 - 4725670 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\SearchIndexer.exe.2032.dmp
2013-06-24 08:05 - 2013-06-24 08:05 - 0798100 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\svchost.exe.344.dmp
2013-03-29 11:55 - 2013-03-29 11:55 - 1092138 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\CrashDumps\svchost.exe.352.dmp
2012-05-21 19:50 - 2012-05-21 19:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\IdentityCRL
2012-05-21 19:30 - 2013-01-29 09:32 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices
2009-07-13 20:49 - 2013-05-28 08:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows
2012-05-21 19:50 - 2012-05-21 19:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\IdentityCRL\production
2012-05-21 19:50 - 2012-05-21 19:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\IdentityCRL\production\temp
2012-05-21 19:30 - 2013-05-10 13:32 - 0000284 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices\wpdlog00.sqm
2013-01-28 19:33 - 2013-06-01 04:30 - 0000344 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices\wpdlog01.sqm
2013-01-29 09:32 - 2013-05-10 13:32 - 0000284 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Portable Devices\wpdlog02.sqm
2009-07-13 20:49 - 2009-07-13 20:49 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Caches
2009-07-13 20:54 - 2009-07-13 20:54 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History
2009-07-13 20:54 - 2013-03-13 12:49 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files
2013-05-28 08:50 - 2013-05-28 08:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER
2009-07-13 20:54 - 2009-07-13 20:54 - 0000145 __ASH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\desktop.ini
2009-07-13 20:54 - 2009-07-13 20:54 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5
2009-07-13 20:54 - 2009-07-13 20:54 - 0000145 __ASH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini
2009-07-13 20:54 - 2013-03-13 08:01 - 0016384 __ASH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2013-01-28 19:35 - 2013-07-08 14:33 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
2013-03-13 12:49 - 2013-03-13 12:49 - 0000128 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
2013-01-28 19:35 - 2013-01-28 19:35 - 0000067 ___SH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
2013-01-28 19:35 - 2013-03-04 14:11 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MZ08NKK
2013-01-28 19:35 - 2013-01-28 19:35 - 0000067 ___SH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini
2013-01-28 19:35 - 2013-03-13 08:01 - 0032768 __ASH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2013-01-28 19:35 - 2013-03-13 08:01 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZBEMGM8
2013-01-28 19:35 - 2013-01-28 19:35 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y35JOZ0B
2013-01-28 19:35 - 2013-03-13 08:01 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAOHI923
2013-01-28 19:35 - 2013-01-28 19:35 - 0000067 ___SH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MZ08NKK\desktop.ini
2013-03-04 14:11 - 2013-03-04 14:11 - 0017163 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MZ08NKK\IDR_XML_DEFAULT_TRANSFORM[1]
2013-01-28 19:35 - 2013-01-28 19:35 - 0000067 ___SH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZBEMGM8\desktop.ini
2013-03-13 08:01 - 2013-03-13 08:01 - 0000214 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZBEMGM8\fwlink[1].htm
2013-01-28 19:35 - 2013-01-28 19:35 - 0000067 ___SH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y35JOZ0B\desktop.ini
2013-01-28 19:35 - 2013-01-28 19:35 - 0000067 ___SH () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAOHI923\desktop.ini
2013-03-13 08:01 - 2013-03-13 08:01 - 0027364 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAOHI923\SetupPolicy[1].cab
2013-05-28 08:50 - 2013-05-28 08:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER\ERC
2013-05-28 08:50 - 2013-05-28 08:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER\ERC\ResponseCache
2013-05-28 08:50 - 2013-05-28 08:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER\ERC\TemplateCache
2013-05-28 08:50 - 2013-05-28 08:50 - 0000000 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER\ERC\viewedids.resp
2013-05-28 08:50 - 2013-05-28 08:50 - 0002064 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER\ERC\ResponseCache\1163.xml
2013-05-28 08:50 - 2013-05-28 08:50 - 0008590 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\WER\ERC\TemplateCache\Template_235_9.xslt
2009-07-13 20:55 - 2013-03-13 07:59 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft
2009-07-13 20:55 - 2009-07-13 20:57 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache
2013-03-13 07:59 - 2013-03-13 07:59 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\Silverlight
2009-07-13 20:57 - 2013-05-28 01:28 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
2009-07-13 20:55 - 2013-05-28 01:28 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
2013-01-28 02:41 - 2013-07-09 06:11 - 0001953 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1
2013-01-28 05:32 - 2013-04-15 22:09 - 0006342 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
2013-01-28 02:41 - 2013-07-02 09:17 - 0000898 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
2013-01-28 02:42 - 2013-05-29 19:51 - 0000813 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD
2013-01-28 02:42 - 2013-06-17 22:04 - 0000554 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7396C420A8E1BC1DA97F1AF0D10BAD21
2013-01-28 05:32 - 2013-05-22 18:34 - 0050139 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
2009-07-13 20:57 - 2013-01-28 02:56 - 0000506 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
2013-02-11 22:17 - 2013-07-09 06:11 - 0001847 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_355DF12EAABE3F04A4C1AF592920E175
2013-01-28 22:28 - 2013-05-14 05:23 - 0001871 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50
2013-03-31 13:45 - 2013-07-09 06:10 - 0001891 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
2013-05-28 01:28 - 2013-05-28 01:28 - 0000533 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
2009-07-13 20:57 - 2013-01-28 02:55 - 0049082 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
2013-01-28 02:41 - 2013-07-09 06:11 - 0000420 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1
2013-01-28 05:32 - 2013-07-09 06:11 - 0000340 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
2013-01-28 02:41 - 2013-07-02 09:18 - 0000274 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
2013-01-28 02:42 - 2013-07-09 06:11 - 0000282 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD
2013-01-28 02:42 - 2013-06-17 22:04 - 0000296 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21
2013-01-28 05:32 - 2013-07-06 00:17 - 0000328 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
2009-07-13 20:57 - 2013-01-28 02:56 - 0000258 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
2013-02-11 22:17 - 2013-07-09 06:12 - 0000408 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_355DF12EAABE3F04A4C1AF592920E175
2013-01-28 22:28 - 2013-06-28 08:34 - 0000408 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50
2013-03-31 13:45 - 2013-07-09 06:11 - 0000404 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
2013-05-28 01:28 - 2013-06-05 13:51 - 0000242 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
2009-07-13 20:57 - 2013-02-04 22:11 - 0000344 ___AS () C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
2009-07-13 20:48 - 2013-01-28 02:41 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft
2013-01-28 02:41 - 2013-01-28 02:41 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\CLR Security Config
2012-05-21 19:50 - 2012-05-21 19:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL
2009-07-13 20:48 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates
2009-07-13 20:54 - 2009-07-13 21:12 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows
2013-01-28 02:41 - 2013-01-28 02:41 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312
2013-01-28 02:41 - 2013-02-12 18:45 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit
2013-01-29 06:07 - 2013-02-12 18:45 - 0006844 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch
2012-05-21 19:50 - 2012-05-21 19:50 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production
2012-05-21 19:50 - 2013-07-08 15:57 - 0000000 ____D () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp
2013-07-07 23:57 - 2013-07-09 09:35 - 0000812 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp\sqmdata00.sqm
2013-07-08 03:57 - 2013-07-09 13:35 - 0000120 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp\sqmdata01.sqm
2013-07-08 07:57 - 2013-07-09 17:35 - 0000120 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp\sqmdata02.sqm
2013-07-08 11:57 - 2013-07-08 11:57 - 0000120 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp\sqmdata03.sqm
2013-07-08 15:57 - 2013-07-08 15:57 - 0000120 ____A () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\temp\sqmdata04.sqm
2009-07-13 20:48 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My
2009-07-13 20:48 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
2009-07-13 20:48 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
2009-07-13 20:48 - 2009-07-13 20:48 - 0000000 ___SD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
2009-07-13 20:54 - 2013-01-28 19:35 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies
2009-07-13 21:12 - 2009-07-13 21:12 - 0000000 __SHD () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache
2013-01-28 19:35 - 2013-03-13 08:01 - 0016384 __ASH () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2009-07-13 21:12 - 2009-07-13 21:12 - 0245760 __ASH () C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
2011-02-11 09:05 - 2013-07-05 07:12 - 5242880 __ASH () C:\WINDOWS\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.0.regtrans-ms
2011-02-11 09:05 - 2013-07-09 19:01 - 5242880 __ASH () C:\WINDOWS\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.1.regtrans-ms
2011-02-11 09:05 - 2013-03-29 11:38 - 5242880 __ASH () C:\WINDOWS\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.2.regtrans-ms
2011-02-11 09:05 - 2013-07-09 19:01 - 0065536 __ASH () C:\WINDOWS\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.blf
2011-02-11 09:01 - 2013-07-09 19:01 - 0065536 __ASH () C:\WINDOWS\System32\config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2011-02-11 09:01 - 2013-07-09 19:01 - 0524288 __ASH () C:\WINDOWS\System32\config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2011-02-11 09:01 - 2013-06-12 02:53 - 0524288 __ASH () C:\WINDOWS\System32\config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

====== End of Folder: ======

========================= Folder: C:\WINDOWS\System32\config\RegBack ========================

2011-02-11 09:01 - 2013-07-02 15:11 - 4653056 ____A () C:\WINDOWS\System32\config\RegBack\DEFAULT
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\DEFAULT.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\DEFAULT.LOG2
2011-02-11 09:01 - 2013-07-02 15:11 - 0024576 ____A () C:\WINDOWS\System32\config\RegBack\SAM
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SAM.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SAM.LOG2
2011-02-11 09:01 - 2013-07-02 15:04 - 0028672 ____A () C:\WINDOWS\System32\config\RegBack\SECURITY
2011-02-11 11:20 - 2011-02-11 11:20 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SECURITY.LOG1
2011-02-11 11:20 - 2011-02-11 11:20 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SECURITY.LOG2
2011-02-11 09:01 - 2013-07-02 15:09 - 108658688 ____A () C:\WINDOWS\System32\config\RegBack\SOFTWARE
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SOFTWARE.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SOFTWARE.LOG2
2011-02-11 09:01 - 2013-07-02 15:10 - 15990784 ____A () C:\WINDOWS\System32\config\RegBack\SYSTEM
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SYSTEM.LOG1
2011-02-11 11:22 - 2011-02-11 11:22 - 0000000 __ASH () C:\WINDOWS\System32\config\RegBack\SYSTEM.LOG2

====== End of Folder: ======

==== End of Fixlog ====


  • 0

#13
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

I mean.. does the FRST application have commands in it that runs fixlist.txt which will then make a log file (Fixlog.txt) in the flashdrive or something?


Yes. It processes the script in the fixlist.txt and produces a fixlog.txt as a report.

Lets run this script:

Download the enclosed file. Attached File  fixlist.txt   152bytes   111 downloads

Save it next to FRST replacing the existing one.

Run FRST as you did before, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

Once this process is completed, click on Scan and post the new FRST.txt that will also be produced.
  • 0

#14
JulySFX

JulySFX

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Umm, the last time, Fixlist.txt has been changed to Fixlog.txt as FRST app ran successfully I think.

So, the Fixlist.txt file no longer exists in the flashdrive that I can replace the new Fixlist.txt file. Fixlog is in the flashdrive instead of Fixlist.txt file.

Do I just move the new Fixlist you've attached for me into the flashdrive next to Fixlog and run FRST as you said?
  • 0

#15
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

Umm, the last time, Fixlist.txt has been changed to Fixlog.txt as FRST app ran successfully I think.

So, the Fixlist.txt file no longer exists in the flashdrive that I can replace the new Fixlist.txt file. Fixlog is in the flashdrive instead of Fixlist.txt file.

Do I just move the new Fixlist you've attached for me into the flashdrive next to Fixlog and run FRST as you said?

Yes. FRST should also be in that location.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP