Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Antivirus programs, Malwarebytes, SpyBot, AVG, RKill, etc. will not st


  • This topic is locked This topic is locked

#91
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Brian,

 

D:\Windows\erdnt\Hiv-backup>attrib -s-h C:\Boot\BCD

 

Output:

Invalid switch - -s-h

 

D:\Windows\erdnt\Hiv-backup>attrib c:\boot\bcd

 

Output:

A   SH              C:\boot\BCD


Edited by carolinachris, 08 September 2015 - 01:00 PM.

  • 0

Advertisements


#92
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

attrib -s -h C:\Boot\BCD

 

When you type it, it's attrib followed by a space and then a dash and then the letter s followed by another space and then a dash followed by the letter h and then a space and then the rest of it.


  • 0

#93
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Brian,

 

I made a mistake in the syntax. I had NO space between the "s" and the "-".

 

D:\Windows\erdnt\Hiv-backup>attrib -s -h C:\Boot\BCD

D:\Windows\erdnt\Hiv-backup>attrib c:\boot\bcd

A              C:\boot\BCD


  • 0

#94
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

OK good. Let's validate one more thing before we do another fix.

 

Generate Needed Log
1. Please type the word notepad in the black command prompt window and hit Enter on the keyboard.
2. Under the File menu of notepad, please select Open.
3. Double-click on Computer and then identify which driver letter represents your USB drive. It should be the one labeled Repair disc Windows 7 64-bit.
4. Click Cancel on the Open Dialog from notepad and close notepad.
5. In the Command Prompt window, please type F:\FRST64.exe and press enter on the keyboard. Note: Replace F with the Drive Letter you identified in bullet#3.
6. The tool will start to run.
7. If a disclaimer comes up, Please answer Yes.
8. Under the Optional Scan section, please check List BCD.
9. Click the Scan button. It will create a log file named FRST.txt on the USB Drive. It will also open in Notepad when finished. You can simply close Notepad.
10. Please plug the USB Drive into your Good computer and post the contents of this log file.

11. You may keep the sick computer at the command-prompt as there are a few other things we will do.


  • 0

#95
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
Brian,
 
For future reference:
 
System (C:)
61.8 MB free of 99.9 MB
 
Local Disk (D:)
22.6 GB free of 99.9 GB
 
Local Disk (E:)
350 GB free of 350 GB
 
Recovery (F:)
1.75 GB free of 14.9 GB
 
Boot (X:)
29.0 MB free of 31.5 MB
 
(H:)
Repair disc Windows 7 64-bit
 
Okay, ran FRST and attached the text file...

Attached Files

  • Attached File  FRST.txt   155.68KB   47 downloads

  • 0

#96
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Hmmm, that's interesting. FRST shows the following.

 

Drive c: () (Fixed) (Total:100 GB) (Free:22.65 GB) NTFS
Drive e: () (Fixed) (Total:350.66 GB) (Free:350.55 GB) NTFS
Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:1.75 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive h: (Repair disc Windows 7 64-bit) (Removable) (Total:3.73 GB) (Free:3.55 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

Continue with bullet#6 from my previous post. See if it goes through this time.


  • 0

#97
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Brian,

 

D:\Windows\erdnt\Hiv-backup>copy BCD c:\boot\bcd

 

Output:

The system cannot find the path specified.

 

(I tried this twice and double checked the syntax)...


  • 0

#98
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

I think your drive letters may have changed. It looks like you are at the following prompt.

 

D:\Windows\erdnt\Hiv-backup>

 

What happens when you type dir and hit enter?


  • 0

#99
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Brian

 

I think your drive letters may have changed. It looks like you are at the following prompt.

 

D:\Windows\erdnt\Hiv-backup>

 

What happens when you type dir and hit enter?

Brian,

 

D:\Windows\erdnt\Hiv-backup>dir

 

Output:

The system cannot find the path specified.


  • 0

#100
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

That's what I suspected. It looks like on this boot it's actually the C: drive.

 

Type c: and hit enter. That's a c and a colon.

Then type cd windows\erdnt\hiv-backup and hit enter.

 

Let me know if this brings you to...

 

C:\Windows\erdnt\Hiv-backup>


  • 0

Advertisements


#101
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

That's what I suspected. It looks like on this boot it's actually the C: drive.

 

Type c: and hit enter. That's a c and a colon.

Then type cd windows\erdnt\hiv-backup and hit enter.

 

Let me know if this brings you to...

 

C:\Windows\erdnt\Hiv-backup>

Brian,

 

After entering:

C:\>cd windows\erdnt\hiv-backup

 

I received output:

C:\Windows\erdnt\Hiv-backup>


  • 0

#102
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Good. The drive letters did change. So now type copy BCD y:\boot\bcd and hit enter. If asked to overwrite go ahead.

 

Let me know if this is successful.


  • 0

#103
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Good. The drive letters did change. So now type copy BCD y:\boot\bcd and hit enter. If asked to overwrite go ahead.

 

Let me know if this is successful.

Brian,

 

Yes, it was successful.

 

The overwrite completed:

                    1 file(s) copied.


  • 0

#104
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,590 posts

Let's finish the rest of the steps.

 

7. Type copy security c:\windows\system32\config\security and hit enter on the keyboard. Answer Yes to the overwrite message and hit enter. It should say 1 file copied.

8. Type copy default c:\windows\system32\config\default and hit enter on the keyboard. Answer Yes to the overwrite message and hit enter. It should say 1 file copied.

9. Type copy SAM c:\windows\system32\config\SAM and hit enter on the keyboard. Answer Yes to the overwrite message and hit enter. It should say 1 file copied.

10. Type exit and hit enter on the keyboard. Remove the USB drive and click the Restart button.

 

Let me know if your computer boots up.


  • 0

#105
carolinachris

carolinachris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Let's finish the rest of the steps.

 

7. Type copy security c:\windows\system32\config\security and hit enter on the keyboard. Answer Yes to the overwrite message and hit enter. It should say 1 file copied.

8. Type copy default c:\windows\system32\config\default and hit enter on the keyboard. Answer Yes to the overwrite message and hit enter. It should say 1 file copied.

9. Type copy SAM c:\windows\system32\config\SAM and hit enter on the keyboard. Answer Yes to the overwrite message and hit enter. It should say 1 file copied.

10. Type exit and hit enter on the keyboard. Remove the USB drive and click the Restart button.

 

Let me know if your computer boots up.

Brian,

 

Success!!!

 

We have a booted computer...


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP