Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop won't boot Toshiba Satellite Win 7-64 [Solved]

Started by shayspace , Feb 17 2013 10:02 PM

  • This topic is locked This topic is locked

#1
shayspace
Posted 17 February 2013 - 10:02 PM

shayspace

    Member

  • Member
  • PipPip
  • 13 posts
Hello,

I have a laptop that I have been unable to boot or recover. Not sure how it became infected, however I am able to boot from CD/DVD or USB but not from hd. Most scanners I can manipulate into working from boot/recovery cd's either can't find anything or can't repair the problem. Kaspersky found the rootkit Pihar.b but was unable to clean. It is running Windows 7 x 64.

Here's my Farbar log:

Attached File  FRST.txt   16.71KB   277 downloads

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2013 01
Ran by SYSTEM at 17-02-2013 16:01:12
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2009-11-19] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [{9ABA99F9-A8FE-7E89-8E99-AE8b85E9AE9B}] "C:\Program Files (x86)\Cricket Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\Cricket Broadband Connect\mphonetools.exe" /OnPlug=%s [x]
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s [395528 2011-07-05] (StrikeForce Technologies Inc.)
HKU\narium\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-07-19] (Google Inc.)
HKU\narium\...\Run: [HW_OPENEYE_OUC_] "C:\Program Files (x86)\Cricket Broadband EC1705\UpdateDog\ouc.exe" [x]
HKU\narium\...\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode [5915480 2010-10-29] (Logitech Inc.)
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.0.1
Startup: C:\ProgramData\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) ===================

2 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [66160 2012-07-18] (White Sky, Inc.)
2 N360; "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
3 ATTRcAppSvc; "C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe" /n "ATTRcAppSvc" [x]
3 CAATT; "C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe" /n "CAATT" [x]

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001_f96\BHDrvx64.sys [1160824 2012-05-07] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-04-02] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-05-05] (Symantec Corporation)
1 GIDv2; C:\Windows\System32\Drivers\GIDv2.sys [29288 2011-07-05] (StrikeForce Technologies, Inc.)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120512.001_2af\IDSvia64.sys [488568 2012-05-04] (Symantec Corporation)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120515.004\ENG64.SYS [117880 2012-05-15] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120515.004\EX64.SYS [2048632 2012-05-15] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
3 sscdserd; C:\Windows\System32\Drivers\sscdserd.sys [114856 2007-08-23] (MCCI Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0502010.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0502010.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-04-04] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [x]
3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [x]
3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [x]
3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [x]
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [x]
3 PCTINDIS5X64; \??\C:\windows\system32\PCTINDIS5X64.SYS [x]
3 PTUMWBus; C:\Windows\System32\DRIVERS\PTUMWBus.sys [x]
3 PTUMWCDF; C:\Windows\System32\DRIVERS\PTUMWCDF.sys [x]
3 PTUMWFLT; C:\Windows\System32\DRIVERS\PTUMWFLT.sys [x]
3 PTUMWMdm; C:\Windows\System32\DRIVERS\PTUMWMdm.sys [x]
3 PTUMWNET; C:\Windows\System32\DRIVERS\PTUMWNET.sys [x]
3 PTUMWVsp; C:\Windows\System32\DRIVERS\PTUMWVsp.sys [x]
1 tcpipBM; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-02-15 11:02 - 2013-02-15 11:02 - 00000048 ____A C:\Program Files (x86)\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000050 ____A C:\Users\narium\AppData\Local\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000049 ____A C:\Users\narium\.directory
2013-02-15 10:41 - 2013-02-15 10:41 - 00000050 ____A C:\Windows\SysWOW64\.directory
2013-02-15 10:38 - 2013-02-15 10:38 - 00000050 ____A C:\Windows\.directory
2013-02-15 10:30 - 2013-02-15 10:30 - 00000049 ____A C:\Windows\System32\Drivers\etc\.directory
2013-02-15 10:28 - 2013-02-15 10:28 - 00000050 ____A C:\Windows\System32\Drivers\.directory
2013-02-15 10:25 - 2013-02-15 10:25 - 00000050 ____A C:\Windows\System32\.directory
2013-02-13 15:48 - 2013-02-13 15:48 - 00000072 ____A C:\.directory


==================== One Month Modified Files and Folders =======

2013-02-17 16:01 - 2013-02-17 16:01 - 00000000 ____D C:\FRST
2013-02-15 11:02 - 2013-02-15 11:02 - 00000048 ____A C:\Program Files (x86)\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000050 ____A C:\Users\narium\AppData\Local\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000049 ____A C:\Users\narium\.directory
2013-02-15 10:53 - 2011-02-05 10:05 - 00000000 ____D C:\users\narium
2013-02-15 10:41 - 2013-02-15 10:41 - 00000050 ____A C:\Windows\SysWOW64\.directory
2013-02-15 10:38 - 2013-02-15 10:38 - 00000050 ____A C:\Windows\.directory
2013-02-15 10:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\uk-UA
2013-02-15 10:30 - 2013-02-15 10:30 - 00000049 ____A C:\Windows\System32\Drivers\etc\.directory
2013-02-15 10:28 - 2013-02-15 10:28 - 00000050 ____A C:\Windows\System32\Drivers\.directory
2013-02-15 10:25 - 2013-02-15 10:25 - 00000050 ____A C:\Windows\System32\.directory
2013-02-13 15:48 - 2013-02-13 15:48 - 00000072 ____A C:\.directory
2013-02-13 00:47 - 2012-07-12 08:29 - 00000000 ____D C:\Program Files (x86)\GUM5705.tmp
2013-02-13 00:47 - 2011-09-22 05:25 - 00000000 ____D C:\Windows\SysWOW64\logishrd
2013-02-13 00:47 - 2011-09-22 05:25 - 00000000 ____D C:\Windows\System32\logishrd
2013-02-13 00:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-02-13 00:46 - 2012-06-29 19:52 - 00000000 ____D C:\7c38b27c8ed798313565bca689
2013-02-13 00:46 - 2012-06-25 09:21 - 00000000 ____D C:\75c5cdd7a8202687e308e1758256
2013-02-13 00:46 - 2012-04-04 08:20 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2013-02-13 00:46 - 2011-07-01 02:14 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-02-13 00:46 - 2011-07-01 02:14 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-02-13 00:46 - 2011-05-21 16:11 - 00000000 ____D C:\Windows\Minidump
2013-02-13 00:46 - 2010-11-08 15:24 - 00000000 ____D C:\ProgramData\Norton
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-02-13 00:43 - 2012-04-15 06:13 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-02-13 00:39 - 2010-11-08 15:13 - 00000000 ____D C:\Intel
2013-02-13 00:34 - 2012-06-25 09:23 - 00000000 ____D C:\Windows\System32\MpEngineStore

ZeroAccess:
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{922e7cb7-c242-a089-9196-452b299ab716}
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{922e7cb7-c242-a089-9196-452b299ab716}\@
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{922e7cb7-c242-a089-9196-452b299ab716}\L
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{922e7cb7-c242-a089-9196-452b299ab716}\U

ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-06-25 09:14:47
Restore point made on: 2012-06-26 19:39:20
Restore point made on: 2012-06-28 14:14:11
Restore point made on: 2012-06-29 19:44:11
Restore point made on: 2012-07-08 16:20:49
Restore point made on: 2012-07-08 17:36:26
Restore point made on: 2012-07-11 20:30:45
Restore point made on: 2012-07-12 08:22:01
Restore point made on: 2012-07-13 18:55:01
Restore point made on: 2012-07-15 22:05:23
Restore point made on: 2012-07-17 09:20:33
Restore point made on: 2012-07-19 20:07:22
Restore point made on: 2012-07-19 20:50:03
Restore point made on: 2012-07-19 20:50:06
Restore point made on: 2012-07-19 20:50:07
Restore point made on: 2012-07-19 20:50:08
Restore point made on: 2012-07-19 20:50:11
Restore point made on: 2012-07-19 20:50:13
Restore point made on: 2012-07-19 20:50:14
Restore point made on: 2012-07-31 12:29:36
Restore point made on: 2012-08-14 20:05:43
Restore point made on: 2012-08-15 08:30:47
Restore point made on: 2012-08-18 16:38:08
Restore point made on: 2012-08-18 19:00:03

==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 1915.98 MB
Available physical RAM: 1350.86 MB
Total Pagefile: 1915.98 MB
Available Pagefile: 1334.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (TI105952W0C) (Fixed) (Total:222.34 GB) (Free:178.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (System) (Fixed) (Total:1.46 GB) (Free:0.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected. Check for MBR/Partition infection.
3 Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.24 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:3.82 GB) (Free:3.08 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (HDDRECOVERY) (Fixed) (Total:9.08 GB) (Free:0.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3915 MB 0 B

Partitions of Disk 0:
===============

Disk ID: 6223D002

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 222 GB 1501 MB
Partition 3 Primary 9 GB 223 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E System NTFS Partition 1500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI105952W0C NTFS Partition 222 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y HDDRECOVERY NTFS Partition 9 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Disk ID: 04030201

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3914 MB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 3914 MB Healthy

=========================================================

Last Boot: 2012-07-19 20:40

==================== End Of Log =============================

Thanks for your help.

Shay

Edited by shayspace, 17 February 2013 - 11:19 PM.

  • 0

Advertisements

#2
Essexboy
Posted 18 February 2013 - 08:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there download the attached fix list.txt to the same USB as FRST
Run FRST as previously
Press FIX



On completion attempt to reboot normally
If it fails then download to the same USB
ListParts
Access listparts64 :

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\Listparts64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
Posted Image
Press Scan button.
It will make a log (results.txt) on the flash drive. Please copy and paste it to your reply.
  • 0

#3
shayspace
Posted 18 February 2013 - 07:16 PM

shayspace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Here's the ListParts results:


ListParts by Farbar Version: 16-01-2013
Ran by SYSTEM (administrator) on 18-02-2013 at 20:14:04
Windows 7 (X64)
Running From: H:\
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 24%
Total physical RAM: 1915.98 MB
Available physical RAM: 1453.53 MB
Total Pagefile: 1915.98 MB
Available Pagefile: 1436.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (HDDRECOVERY) (Fixed) (Total:9.08 GB) (Free:0.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (TI105952W0C) (Fixed) (Total:222.34 GB) (Free:178.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (System) (Fixed) (Total:1.46 GB) (Free:0.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected. Check for MBR/Partition infection.
4 Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.24 GB) (Free:0 GB) UDF
6 Drive h: () (Removable) (Total:3.82 GB) (Free:3.08 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3915 MB 0 B

Partitions of Disk 0:
===============

Disk ID: 6223D002

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 222 GB 1501 MB
Partition 3 Primary 9 GB 223 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E System NTFS Partition 1500 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D TI105952W0C NTFS Partition 222 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C HDDRECOVERY NTFS Partition 9 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Disk ID: 04030201

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3914 MB 31 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 3914 MB Healthy

======================================================================================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
path \bootmgr
description Windows Boot Manager
locale en-US
default {default}
displayorder {default}
bootsequence {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {default}
device partition=D:
path \Windows\system32\winload.exe
description Windows 7 Home Premium (recovered)
locale en-US
recoverysequence {189f143f-75af-11e2-84bc-c9c1a205e6cd}
recoveryenabled Yes
osdevice partition=D:
systemroot \Windows

Windows Boot Loader
-------------------
identifier {189f143f-75af-11e2-84bc-c9c1a205e6cd}
device ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{189f1440-75af-11e2-84bc-c9c1a205e6cd}
path \windows\system32\winload.exe
description Windows Recovery Environment (recovered)
locale
osdevice ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{189f1440-75af-11e2-84bc-c9c1a205e6cd}
systemroot \windows
winpe Yes

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US

Device options
--------------
identifier {189f1440-75af-11e2-84bc-c9c1a205e6cd}
ramdisksdidevice partition=E:
ramdisksdipath \Recovery\WindowsRE\boot.sdi


****** End Of Log ******

Thanks for your help EssexBoy
  • 0

#4
Essexboy
Posted 19 February 2013 - 09:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you restart from the recovery console again
Select Command Prompt and type in the following commands pressing enter after each line

bootrec /FixMbr
bootrec /FixBoot

Then try normal windows again
  • 0

#5
shayspace
Posted 19 February 2013 - 09:53 PM

shayspace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Essexboy,<br /><br />Still won't boot. Still going to the blackscreen with the blinking cursor.<br /><br />You didn't ask, but here's an updated FRST log.<br /><br /><br /><br />Thanks,<br /><br />Shay

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2013 01
Ran by SYSTEM at 19-02-2013 22:50:43
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2009-11-19] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [{9ABA99F9-A8FE-7E89-8E99-AE8b85E9AE9B}] "C:\Program Files (x86)\Cricket Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\Cricket Broadband Connect\mphonetools.exe" /OnPlug=%s [x]
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s [395528 2011-07-05] (StrikeForce Technologies Inc.)
HKU\narium\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-07-19] (Google Inc.)
HKU\narium\...\Run: [HW_OPENEYE_OUC_] "C:\Program Files (x86)\Cricket Broadband EC1705\UpdateDog\ouc.exe" [x]
HKU\narium\...\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode [5915480 2010-10-29] (Logitech Inc.)
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.0.1
Startup: C:\ProgramData\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) ===================

2 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [66160 2012-07-18] (White Sky, Inc.)
2 N360; "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
3 ATTRcAppSvc; "C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe" /n "ATTRcAppSvc" [x]
3 CAATT; "C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe" /n "CAATT" [x]

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001_f96\BHDrvx64.sys [1160824 2012-05-07] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-04-02] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-05-05] (Symantec Corporation)
1 GIDv2; C:\Windows\System32\Drivers\GIDv2.sys [29288 2011-07-05] (StrikeForce Technologies, Inc.)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120512.001_2af\IDSvia64.sys [488568 2012-05-04] (Symantec Corporation)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120515.004\ENG64.SYS [117880 2012-05-15] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120515.004\EX64.SYS [2048632 2012-05-15] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
3 sscdserd; C:\Windows\System32\Drivers\sscdserd.sys [114856 2007-08-23] (MCCI Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0502010.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0502010.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-04-04] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [x]
3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [x]
3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [x]
3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [x]
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [x]
3 PCTINDIS5X64; \??\C:\windows\system32\PCTINDIS5X64.SYS [x]
3 PTUMWBus; C:\Windows\System32\DRIVERS\PTUMWBus.sys [x]
3 PTUMWCDF; C:\Windows\System32\DRIVERS\PTUMWCDF.sys [x]
3 PTUMWFLT; C:\Windows\System32\DRIVERS\PTUMWFLT.sys [x]
3 PTUMWMdm; C:\Windows\System32\DRIVERS\PTUMWMdm.sys [x]
3 PTUMWNET; C:\Windows\System32\DRIVERS\PTUMWNET.sys [x]
3 PTUMWVsp; C:\Windows\System32\DRIVERS\PTUMWVsp.sys [x]
1 tcpipBM; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-02-15 11:02 - 2013-02-15 11:02 - 00000048 ____A C:\Program Files (x86)\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000050 ____A C:\Users\narium\AppData\Local\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000049 ____A C:\Users\narium\.directory
2013-02-15 10:41 - 2013-02-15 10:41 - 00000050 ____A C:\Windows\SysWOW64\.directory
2013-02-15 10:38 - 2013-02-15 10:38 - 00000050 ____A C:\Windows\.directory
2013-02-15 10:30 - 2013-02-15 10:30 - 00000049 ____A C:\Windows\System32\Drivers\etc\.directory
2013-02-15 10:28 - 2013-02-15 10:28 - 00000050 ____A C:\Windows\System32\Drivers\.directory
2013-02-15 10:25 - 2013-02-15 10:25 - 00000050 ____A C:\Windows\System32\.directory
2013-02-13 15:48 - 2013-02-13 15:48 - 00000072 ____A C:\.directory


==================== One Month Modified Files and Folders =======

2013-02-17 16:01 - 2013-02-17 16:01 - 00000000 ____D C:\FRST
2013-02-15 11:02 - 2013-02-15 11:02 - 00000048 ____A C:\Program Files (x86)\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000050 ____A C:\Users\narium\AppData\Local\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000049 ____A C:\Users\narium\.directory
2013-02-15 10:53 - 2011-02-05 10:05 - 00000000 ____D C:\users\narium
2013-02-15 10:41 - 2013-02-15 10:41 - 00000050 ____A C:\Windows\SysWOW64\.directory
2013-02-15 10:38 - 2013-02-15 10:38 - 00000050 ____A C:\Windows\.directory
2013-02-15 10:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\uk-UA
2013-02-15 10:30 - 2013-02-15 10:30 - 00000049 ____A C:\Windows\System32\Drivers\etc\.directory
2013-02-15 10:28 - 2013-02-15 10:28 - 00000050 ____A C:\Windows\System32\Drivers\.directory
2013-02-15 10:25 - 2013-02-15 10:25 - 00000050 ____A C:\Windows\System32\.directory
2013-02-13 15:48 - 2013-02-13 15:48 - 00000072 ____A C:\.directory
2013-02-13 00:47 - 2012-07-12 08:29 - 00000000 ____D C:\Program Files (x86)\GUM5705.tmp
2013-02-13 00:47 - 2011-09-22 05:25 - 00000000 ____D C:\Windows\SysWOW64\logishrd
2013-02-13 00:47 - 2011-09-22 05:25 - 00000000 ____D C:\Windows\System32\logishrd
2013-02-13 00:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-02-13 00:46 - 2012-06-29 19:52 - 00000000 ____D C:\7c38b27c8ed798313565bca689
2013-02-13 00:46 - 2012-06-25 09:21 - 00000000 ____D C:\75c5cdd7a8202687e308e1758256
2013-02-13 00:46 - 2012-04-04 08:20 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2013-02-13 00:46 - 2011-07-01 02:14 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-02-13 00:46 - 2011-07-01 02:14 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-02-13 00:46 - 2011-05-21 16:11 - 00000000 ____D C:\Windows\Minidump
2013-02-13 00:46 - 2010-11-08 15:24 - 00000000 ____D C:\ProgramData\Norton
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-02-13 00:43 - 2012-04-15 06:13 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-02-13 00:39 - 2010-11-08 15:13 - 00000000 ____D C:\Intel
2013-02-13 00:34 - 2012-06-25 09:23 - 00000000 ____D C:\Windows\System32\MpEngineStore

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-06-25 09:14:47
Restore point made on: 2012-06-26 19:39:20
Restore point made on: 2012-06-28 14:14:11
Restore point made on: 2012-06-29 19:44:11
Restore point made on: 2012-07-08 16:20:49
Restore point made on: 2012-07-08 17:36:26
Restore point made on: 2012-07-11 20:30:45
Restore point made on: 2012-07-12 08:22:01
Restore point made on: 2012-07-13 18:55:01
Restore point made on: 2012-07-15 22:05:23
Restore point made on: 2012-07-17 09:20:33
Restore point made on: 2012-07-19 20:07:22
Restore point made on: 2012-07-19 20:50:03
Restore point made on: 2012-07-19 20:50:06
Restore point made on: 2012-07-19 20:50:07
Restore point made on: 2012-07-19 20:50:08
Restore point made on: 2012-07-19 20:50:11
Restore point made on: 2012-07-19 20:50:13
Restore point made on: 2012-07-19 20:50:14
Restore point made on: 2012-07-31 12:29:36
Restore point made on: 2012-08-14 20:05:43
Restore point made on: 2012-08-15 08:30:47
Restore point made on: 2012-08-18 16:38:08
Restore point made on: 2012-08-18 19:00:03

==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 1915.98 MB
Available physical RAM: 1343.93 MB
Total Pagefile: 1915.98 MB
Available Pagefile: 1328.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (TI105952W0C) (Fixed) (Total:222.34 GB) (Free:178.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (System) (Fixed) (Total:1.46 GB) (Free:0.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected. Check for MBR/Partition infection.
3 Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.24 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:3.82 GB) (Free:3.08 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (HDDRECOVERY) (Fixed) (Total:9.08 GB) (Free:0.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3915 MB 0 B

Partitions of Disk 0:
===============

Disk ID: 6223D002

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 222 GB 1501 MB
Partition 3 Primary 9 GB 223 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E System NTFS Partition 1500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI105952W0C NTFS Partition 222 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y HDDRECOVERY NTFS Partition 9 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Disk ID: 04030201

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3914 MB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 3914 MB Healthy

=========================================================

Last Boot: 2012-07-19 20:40

==================== End Of Log =============================

Attached Files

  • Attached File  FRST.txt   16.23KB   309 downloads

Edited by shayspace, 19 February 2013 - 09:55 PM.

  • 0

#6
Essexboy
Posted 20 February 2013 - 07:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now use a different bootrec command
This one will remove the recovery console on the computer but as you now have a CD/USB with it on it is not a major problem

From the recovery console command prompt type the following command and press enter. Then try to reboot again

Bootrec.exe /rebuildBCD
  • 0

#7
shayspace
Posted 20 February 2013 - 06:38 PM

shayspace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Essexboy,

Comman completed successully, still but cannot boot normally.

Thanks,

Shay
  • 0

#8
Essexboy
Posted 21 February 2013 - 07:02 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you run a fresh FRST please as that should have cleared the error

But prior to that could you run the recovery console and select start up repair
Posted Image
  • 0

#9
shayspace
Posted 21 February 2013 - 05:57 PM

shayspace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
EssexBoy,

"Startup Repair" says couldn't find anything wrong.

Here's the FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-02-2013 01
Ran by SYSTEM at 21-02-2013 18:57:14
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2009-11-19] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [{9ABA99F9-A8FE-7E89-8E99-AE8b85E9AE9B}] "C:\Program Files (x86)\Cricket Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\Cricket Broadband Connect\mphonetools.exe" /OnPlug=%s [x]
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s [395528 2011-07-05] (StrikeForce Technologies Inc.)
HKU\narium\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-07-19] (Google Inc.)
HKU\narium\...\Run: [HW_OPENEYE_OUC_] "C:\Program Files (x86)\Cricket Broadband EC1705\UpdateDog\ouc.exe" [x]
HKU\narium\...\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode [5915480 2010-10-29] (Logitech Inc.)
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.0.1
Startup: C:\ProgramData\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) ===================

2 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [66160 2012-07-18] (White Sky, Inc.)
2 N360; "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
3 ATTRcAppSvc; "C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe" /n "ATTRcAppSvc" [x]
3 CAATT; "C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe" /n "CAATT" [x]

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001_f96\BHDrvx64.sys [1160824 2012-05-07] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-04-02] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-05-05] (Symantec Corporation)
1 GIDv2; C:\Windows\System32\Drivers\GIDv2.sys [29288 2011-07-05] (StrikeForce Technologies, Inc.)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120512.001_2af\IDSvia64.sys [488568 2012-05-04] (Symantec Corporation)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120515.004\ENG64.SYS [117880 2012-05-15] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120515.004\EX64.SYS [2048632 2012-05-15] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
3 sscdserd; C:\Windows\System32\Drivers\sscdserd.sys [114856 2007-08-23] (MCCI Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0502010.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0502010.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-04-04] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [x]
3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [x]
3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [x]
3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [x]
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [x]
3 PCTINDIS5X64; \??\C:\windows\system32\PCTINDIS5X64.SYS [x]
3 PTUMWBus; C:\Windows\System32\DRIVERS\PTUMWBus.sys [x]
3 PTUMWCDF; C:\Windows\System32\DRIVERS\PTUMWCDF.sys [x]
3 PTUMWFLT; C:\Windows\System32\DRIVERS\PTUMWFLT.sys [x]
3 PTUMWMdm; C:\Windows\System32\DRIVERS\PTUMWMdm.sys [x]
3 PTUMWNET; C:\Windows\System32\DRIVERS\PTUMWNET.sys [x]
3 PTUMWVsp; C:\Windows\System32\DRIVERS\PTUMWVsp.sys [x]
1 tcpipBM; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-02-15 11:02 - 2013-02-15 11:02 - 00000048 ____A C:\Program Files (x86)\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000050 ____A C:\Users\narium\AppData\Local\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000049 ____A C:\Users\narium\.directory
2013-02-15 10:41 - 2013-02-15 10:41 - 00000050 ____A C:\Windows\SysWOW64\.directory
2013-02-15 10:38 - 2013-02-15 10:38 - 00000050 ____A C:\Windows\.directory
2013-02-15 10:30 - 2013-02-15 10:30 - 00000049 ____A C:\Windows\System32\Drivers\etc\.directory
2013-02-15 10:28 - 2013-02-15 10:28 - 00000050 ____A C:\Windows\System32\Drivers\.directory
2013-02-15 10:25 - 2013-02-15 10:25 - 00000050 ____A C:\Windows\System32\.directory
2013-02-13 15:48 - 2013-02-13 15:48 - 00000072 ____A C:\.directory


==================== One Month Modified Files and Folders =======

2013-02-17 16:01 - 2013-02-17 16:01 - 00000000 ____D C:\FRST
2013-02-15 11:02 - 2013-02-15 11:02 - 00000048 ____A C:\Program Files (x86)\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000050 ____A C:\Users\narium\AppData\Local\.directory
2013-02-15 10:53 - 2013-02-15 10:53 - 00000049 ____A C:\Users\narium\.directory
2013-02-15 10:53 - 2011-02-05 10:05 - 00000000 ____D C:\users\narium
2013-02-15 10:41 - 2013-02-15 10:41 - 00000050 ____A C:\Windows\SysWOW64\.directory
2013-02-15 10:38 - 2013-02-15 10:38 - 00000050 ____A C:\Windows\.directory
2013-02-15 10:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\uk-UA
2013-02-15 10:30 - 2013-02-15 10:30 - 00000049 ____A C:\Windows\System32\Drivers\etc\.directory
2013-02-15 10:28 - 2013-02-15 10:28 - 00000050 ____A C:\Windows\System32\Drivers\.directory
2013-02-15 10:25 - 2013-02-15 10:25 - 00000050 ____A C:\Windows\System32\.directory
2013-02-13 15:48 - 2013-02-13 15:48 - 00000072 ____A C:\.directory
2013-02-13 00:47 - 2012-07-12 08:29 - 00000000 ____D C:\Program Files (x86)\GUM5705.tmp
2013-02-13 00:47 - 2011-09-22 05:25 - 00000000 ____D C:\Windows\SysWOW64\logishrd
2013-02-13 00:47 - 2011-09-22 05:25 - 00000000 ____D C:\Windows\System32\logishrd
2013-02-13 00:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-02-13 00:46 - 2012-06-29 19:52 - 00000000 ____D C:\7c38b27c8ed798313565bca689
2013-02-13 00:46 - 2012-06-25 09:21 - 00000000 ____D C:\75c5cdd7a8202687e308e1758256
2013-02-13 00:46 - 2012-04-04 08:20 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2013-02-13 00:46 - 2011-07-01 02:14 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-02-13 00:46 - 2011-07-01 02:14 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-02-13 00:46 - 2011-05-21 16:11 - 00000000 ____D C:\Windows\Minidump
2013-02-13 00:46 - 2010-11-08 15:24 - 00000000 ____D C:\ProgramData\Norton
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-02-13 00:46 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-02-13 00:43 - 2012-04-15 06:13 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-02-13 00:39 - 2010-11-08 15:13 - 00000000 ____D C:\Intel
2013-02-13 00:34 - 2012-06-25 09:23 - 00000000 ____D C:\Windows\System32\MpEngineStore

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-06-25 09:14:47
Restore point made on: 2012-06-26 19:39:20
Restore point made on: 2012-06-28 14:14:11
Restore point made on: 2012-06-29 19:44:11
Restore point made on: 2012-07-08 16:20:49
Restore point made on: 2012-07-08 17:36:26
Restore point made on: 2012-07-11 20:30:45
Restore point made on: 2012-07-12 08:22:01
Restore point made on: 2012-07-13 18:55:01
Restore point made on: 2012-07-15 22:05:23
Restore point made on: 2012-07-17 09:20:33
Restore point made on: 2012-07-19 20:07:22
Restore point made on: 2012-07-19 20:50:03
Restore point made on: 2012-07-19 20:50:06
Restore point made on: 2012-07-19 20:50:07
Restore point made on: 2012-07-19 20:50:08
Restore point made on: 2012-07-19 20:50:11
Restore point made on: 2012-07-19 20:50:13
Restore point made on: 2012-07-19 20:50:14
Restore point made on: 2012-07-31 12:29:36
Restore point made on: 2012-08-14 20:05:43
Restore point made on: 2012-08-15 08:30:47
Restore point made on: 2012-08-18 16:38:08
Restore point made on: 2012-08-18 19:00:03

==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 1915.98 MB
Available physical RAM: 1350.21 MB
Total Pagefile: 1915.98 MB
Available Pagefile: 1341.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (TI105952W0C) (Fixed) (Total:222.34 GB) (Free:178.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (System) (Fixed) (Total:1.46 GB) (Free:0.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected. Check for MBR/Partition infection.
3 Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.24 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:3.82 GB) (Free:3.08 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (HDDRECOVERY) (Fixed) (Total:9.08 GB) (Free:0.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3915 MB 0 B

Partitions of Disk 0:
===============

Disk ID: 6223D002

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 222 GB 1501 MB
Partition 3 Primary 9 GB 223 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E System NTFS Partition 1500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI105952W0C NTFS Partition 222 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y HDDRECOVERY NTFS Partition 9 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Disk ID: 04030201

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3914 MB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 3914 MB Healthy

=========================================================

Last Boot: 2012-07-19 20:40

==================== End Of Log =============================
  • 0

#10
Essexboy
Posted 22 February 2013 - 07:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets try a system restore next

Again from the recovery console select system restore
Select one from at least two days prior to the booting error
Posted Image
  • 0

Advertisements

#11
shayspace
Posted 22 February 2013 - 06:43 PM

shayspace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Well Essexboy,

It said System Restore Complete then immediately went to an error

System Restore did not complete successfully. Your xomputer's system files and settings were not changed.

Details:

"An unspecified error occured during System Restore. (0x8000ffff)


Thanks,

Shay
  • 0

#12
Essexboy
Posted 23 February 2013 - 05:59 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you bear with me please I am discussing a plan with my colleagues
  • 0

#13
Essexboy
Posted 23 February 2013 - 07:51 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi download the attached fix.txt to the same USB as list parts

Then run Listparts as before and press fix

Now try a reboot, there will be a report on the USB
  • 0

#14
shayspace
Posted 28 February 2013 - 05:41 PM

shayspace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Essexboy,

Sorry it took me a while to get back to you. My sister was in "desperate" need of her laptop for some online classes, so I ended up reformatting the hard drive and reinstalling windows.

Thanks for your help.

Shay
  • 0

#15
Essexboy
Posted 01 March 2013 - 06:49 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem, thank you for letting me know
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP