Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows repai disk not working to boot my computer


  • This topic is locked This topic is locked
63 replies to this topic

#1 maeday6969

maeday6969

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 18 April 2012 - 03:59 PM

Hi,
I have an acer aspire z5600,All in one.2 weeks ago I began getting virus'. They wiped out my desktop,slowed my computer and now it won't boot.Did I create a system image? no, of course not.Using a windows boot repair disk I tried booting the computer. If the cd is in I can 'press any key to boot from cd' and it will load some files and end up on 'system recovery options'. Anything I choose here results in the restarting of the computer and back at a blinking cursor.It will scan to try and repair but after a long while it says it can't repair it. The only backup to restore from is April 17 2011. When I pick that it says it restores but does not.No memory hardware scan either. Pressing F8 at startup does not bring up the advanced windows boot options menu. So all that being said my question is does this sound like a harddrive issue?Any ideas would be greatly appreciated.

BC AdBot (Login to Remove)

 


#2 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:02:23 PM

Posted 22 April 2012 - 02:43 AM

Do you know the manufacture of the hdd installed in the unit? You can look up your factory specs http://secure3.tx.acer.com/FindSystem/FindSystem.aspx?title=Information%20About%20Your%20System'>HERE
Chad Mockensturm 
Network Engineer
Certified CompTia Network +, A +

#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:23 PM

Posted 23 April 2012 - 11:50 PM

If the cd is in I can 'press any key to boot from cd' and it will load some files and end up on 'system recovery options'. Anything I choose here results in the restarting of the computer and back at a blinking cursor.It will scan to try and repair but after a long while it says it can't repair it.


Are you able to reach the Command Prompt option?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 maeday6969

maeday6969
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 24 April 2012 - 04:18 AM

yes I can get to the command prompt only with the repair disk.

#5 maeday6969

maeday6969
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 24 April 2012 - 04:20 AM

The hdd is a seagate ST3320418AS

#6 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:02:23 PM

Posted 24 April 2012 - 04:25 AM

I will leave our in the hands of our Malware experts untill they have cleared your system. If you continue to have trouble after the system is verified virus free. Post another thread in the hardware forums.
Chad Mockensturm 
Network Engineer
Certified CompTia Network +, A +

#7 ReviverSoft

ReviverSoft

    Happy to help!


  • Members
  • 1,552 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on this planet...
  • Local time:11:23 AM

Posted 24 April 2012 - 06:10 AM

Hi,

If you haven't tried the System File Checker(SFC) yet, please consider doing that through the command prompt:

How to: http://pcsupport.about.com/od/toolsofthetrade/ht/sfc-scannow.htm

You will need your Windows CD for this.
ReviverSoft - Happy to help!

#8 maeday6969

maeday6969
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 24 April 2012 - 11:23 AM

Thanks so much Sneaky C.

Edited by maeday6969, 24 April 2012 - 11:24 AM.


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:23 PM

Posted 24 April 2012 - 03:42 PM

Lets give it a try. You will need a USB Flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 maeday6969

maeday6969
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 24 April 2012 - 03:42 PM

Hello... sfc /scannow starts and then stops and says there is a system repair pending and I need to restart my computer.If I restart we are back to the blinking cursor without a repair disk in or press any key to boot from disc with a disk in.

#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:23 PM

Posted 24 April 2012 - 03:43 PM

Follow the instructions on Post 9. From now on I will be your helper.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 maeday6969

maeday6969
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 24 April 2012 - 03:48 PM

hi master, I will get started on the recovery tool.Thanks for helping. I will get back to you soon.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:23 PM

Posted 24 April 2012 - 07:34 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 maeday6969

maeday6969
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:23 AM

Posted 25 April 2012 - 02:36 AM

Scan result of Farbar Recovery Scan Tool Version: 22-04-2012
Ran by SYSTEM at 25-04-2012 00:14:07
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [TouchPortal] C:\Program Files (x86)\Acer\Acer Touch Suite\TouchPortal.exe [x]
HKLM\...\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [x]
HKLM\...\Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe [151368 2009-10-22] (Acer Corp.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981600 2009-07-23] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [161304 2010-08-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2010-08-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [415256 2010-08-25] (Intel Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436224 2010-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey [x]
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart [1280344 2010-06-11] (IObit)
HKU\RAC\...\Run: [PhotoGadgetFirstRun] 0 [x]
HKU\RAC\...\Run: [PhotoGadgetFirstRun_Portal] 0 [x]
HKU\RAC\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation)
HKU\RAC\...\Run: [32613bb0e8f17fa208400c7cad45cc94] C:\Users\Public\DOWNLO~1\WORDSL~1.EXE /r [125744 2010-07-14] (RealNetworks, Inc.)
HKU\RAC\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-03-15] (Google Inc.)
HKU\RAC\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [16949128 2011-03-01] (Skype Technologies S.A.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

==================== Services (Whitelisted) ======

2 CISVC; C:\Windows\System32\CISVC.EXE [19456 2009-07-13] (Microsoft Corporation)
2 IS360service; C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe [312152 2010-06-11] (IObit)
3 McODS; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [696848 2010-02-24] (McAfee, Inc.)
2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [155456 2010-02-17] (McAfee, Inc.)
2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [62208 2009-08-12] (NewTech Infosystems, Inc.)
3 GameConsoleService; "C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe" [x]
2 Greg_Service; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [x]
2 McAfee SiteAdvisor Service; "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe" [x]
2 mcmscsvc; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [x]
2 McNASvc; "c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe" [x]
2 McProxy; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [x]
3 McSysmon; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [x]
2 MpfService; "C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe" [x]
2 MSK80Service; "C:\Program Files (x86)\McAfee\MSK\MskSrver.exe" [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
2 mstbsvc; "C:\Program Files (x86)\MSN\Toolbar\4.0.0412.0\mstbsvc.exe" [x]
3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

3 itecir; C:\Windows\System32\Drivers\itecir.sys [60416 2009-06-11] (ITE Tech. Inc. )
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [102472 2010-02-17] (McAfee, Inc.)
1 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [308296 2010-02-17] (McAfee, Inc.)
3 mferkdk; C:\Windows\System32\Drivers\mferkdk.sys [40904 2010-02-17] (McAfee, Inc.)
3 mfesmfk; C:\Windows\System32\Drivers\mfesmfk.sys [49480 2010-02-17] (McAfee, Inc.)
1 MPFP; C:\Windows\System32\Drivers\MPFP.sys [176144 2009-04-09] (McAfee, Inc.)
3 NTIDrvr; C:\Windows\System32\Drivers\NTIDrvr.sys [18432 2009-05-05] (NewTech Infosystems, Inc.)
0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
3 UBHelper; C:\Windows\System32\Drivers\UBHelper.sys [16896 2009-05-05] (NewTech Infosystems Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============



============ 3 Months Modified Files and Folders =============

2012-04-18 20:38 - 2010-07-01 13:54 - 0000000 ____D C:\users\RAC
2012-04-18 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Msdtc
2012-04-18 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 17%
Total physical RAM: 3035.42 MB
Available physical RAM: 2517.18 MB
Total Pagefile: 3033.57 MB
Available Pagefile: 2499.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (Acer) (Fixed) (Total:142 GB) (Free:110.25 GB) NTFS
2 Drive e: (DATA) (Fixed) (Total:141.99 GB) (Free:90.31 GB) NTFS
3 Drive f: (PQSERVICE) (Fixed) (Total:14 GB) (Free:3.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:1.86 GB) (Free:1.82 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 1908 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 14 GB 1024 KB
Partition 2 Primary 100 MB 14 GB
Partition 3 Primary 141 GB 14 GB
Partition 4 Primary 141 GB 156 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F PQSERVICE NTFS Partition 14 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Acer NTFS Partition 141 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E DATA NTFS Partition 141 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1908 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 1908 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2011-04-14 23:51

======================= End Of Log ==========================

#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:23 PM

Posted 25 April 2012 - 12:29 PM

I don't see a malware issue in that log. I see a problem with the date. It indicates that was last booted 2011-04-14. That is almost a year ago.

Enter the BIOS setup and check the date. Don't fix it, just let me know if wrong.

How far into the boot process does it go?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users