windows repai disk not working to boot my computer

Hi,
I have an acer aspire z5600,All in one.2 weeks ago I began getting virus'. They wiped out my desktop,slowed my computer and now it won't boot.Did I create a system image? no, of course not.Using a windows boot repair disk I tried booting the computer. If the cd is in I can 'press any key to boot from cd' and it will load some files and end up on 'system recovery options'. Anything I choose here results in the restarting of the computer and back at a blinking cursor.It will scan to try and repair but after a long while it says it can't repair it. The only backup to restore from is April 17 2011. When I pick that it says it restores but does not.No memory hardware scan either. Pressing F8 at startup does not bring up the advanced windows boot options menu. So all that being said my question is does this sound like a harddrive issue?Any ideas would be greatly appreciated.

Do you know the manufacture of the hdd installed in the unit? You can look up your factory specs http://secure3.tx.acer.com/FindSystem/FindSystem.aspx?title=Information%20About%20Your%20System'>HERE

If the cd is in I can 'press any key to boot from cd' and it will load some files and end up on 'system recovery options'. Anything I choose here results in the restarting of the computer and back at a blinking cursor.It will scan to try and repair but after a long while it says it can't repair it.

Are you able to reach the Command Prompt option?

yes I can get to the command prompt only with the repair disk.

The hdd is a seagate ST3320418AS

I will leave our in the hands of our Malware experts untill they have cleared your system. If you continue to have trouble after the system is verified virus free. Post another thread in the hardware forums.

Hi,

If you haven't tried the System File Checker(SFC) yet, please consider doing that through the command prompt:

How to: http://pcsupport.about.com/od/toolsofthetrade/ht/sfc-scannow.htm

You will need your Windows CD for this.

Thanks so much Sneaky C.

Lets give it a try. You will need a USB Flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Click on Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

Hello... sfc /scannow starts and then stops and says there is a system repair pending and I need to restart my computer.If I restart we are back to the blinking cursor without a repair disk in or press any key to boot from disc with a disk in.

Follow the instructions on Post 9. From now on I will be your helper.

hi master, I will get started on the recovery tool.Thanks for helping. I will get back to you soon.

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.

Scan result of Farbar Recovery Scan Tool Version: 22-04-2012
Ran by SYSTEM at 25-04-2012 00:14:07
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [TouchPortal] C:\Program Files (x86)\Acer\Acer Touch Suite\TouchPortal.exe [x]
HKLM\...\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [x]
HKLM\...\Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe [151368 2009-10-22] (Acer Corp.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981600 2009-07-23] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [161304 2010-08-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2010-08-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [415256 2010-08-25] (Intel Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436224 2010-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey [x]
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart [1280344 2010-06-11] (IObit)
HKU\RAC\...\Run: [PhotoGadgetFirstRun] 0 [x]
HKU\RAC\...\Run: [PhotoGadgetFirstRun_Portal] 0 [x]
HKU\RAC\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation)
HKU\RAC\...\Run: [32613bb0e8f17fa208400c7cad45cc94] C:\Users\Public\DOWNLO~1\WORDSL~1.EXE /r [125744 2010-07-14] (RealNetworks, Inc.)
HKU\RAC\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-03-15] (Google Inc.)
HKU\RAC\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [16949128 2011-03-01] (Skype Technologies S.A.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

==================== Services (Whitelisted) ======

2 CISVC; C:\Windows\System32\CISVC.EXE [19456 2009-07-13] (Microsoft Corporation)
2 IS360service; C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe [312152 2010-06-11] (IObit)
3 McODS; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [696848 2010-02-24] (McAfee, Inc.)
2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [155456 2010-02-17] (McAfee, Inc.)
2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [62208 2009-08-12] (NewTech Infosystems, Inc.)
3 GameConsoleService; "C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe" [x]
2 Greg_Service; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [x]
2 McAfee SiteAdvisor Service; "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe" [x]
2 mcmscsvc; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [x]
2 McNASvc; "c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe" [x]
2 McProxy; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [x]
3 McSysmon; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [x]
2 MpfService; "C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe" [x]
2 MSK80Service; "C:\Program Files (x86)\McAfee\MSK\MskSrver.exe" [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
2 mstbsvc; "C:\Program Files (x86)\MSN\Toolbar\4.0.0412.0\mstbsvc.exe" [x]
3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

3 itecir; C:\Windows\System32\Drivers\itecir.sys [60416 2009-06-11] (ITE Tech. Inc. )
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [102472 2010-02-17] (McAfee, Inc.)
1 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [308296 2010-02-17] (McAfee, Inc.)
3 mferkdk; C:\Windows\System32\Drivers\mferkdk.sys [40904 2010-02-17] (McAfee, Inc.)
3 mfesmfk; C:\Windows\System32\Drivers\mfesmfk.sys [49480 2010-02-17] (McAfee, Inc.)
1 MPFP; C:\Windows\System32\Drivers\MPFP.sys [176144 2009-04-09] (McAfee, Inc.)
3 NTIDrvr; C:\Windows\System32\Drivers\NTIDrvr.sys [18432 2009-05-05] (NewTech Infosystems, Inc.)
0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
3 UBHelper; C:\Windows\System32\Drivers\UBHelper.sys [16896 2009-05-05] (NewTech Infosystems Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============



============ 3 Months Modified Files and Folders =============

2012-04-18 20:38 - 2010-07-01 13:54 - 0000000 ____D C:\users\RAC
2012-04-18 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Msdtc
2012-04-18 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 17%
Total physical RAM: 3035.42 MB
Available physical RAM: 2517.18 MB
Total Pagefile: 3033.57 MB
Available Pagefile: 2499.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (Acer) (Fixed) (Total:142 GB) (Free:110.25 GB) NTFS
2 Drive e: (DATA) (Fixed) (Total:141.99 GB) (Free:90.31 GB) NTFS
3 Drive f: (PQSERVICE) (Fixed) (Total:14 GB) (Free:3.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:1.86 GB) (Free:1.82 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 1908 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 14 GB 1024 KB
Partition 2 Primary 100 MB 14 GB
Partition 3 Primary 141 GB 14 GB
Partition 4 Primary 141 GB 156 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F PQSERVICE NTFS Partition 14 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Acer NTFS Partition 141 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E DATA NTFS Partition 141 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1908 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 1908 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2011-04-14 23:51

======================= End Of Log ==========================

I don't see a malware issue in that log. I see a problem with the date. It indicates that was last booted 2011-04-14. That is almost a year ago.

Enter the BIOS setup and check the date. Don't fix it, just let me know if wrong.

How far into the boot process does it go?