Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 goes into start up repair which fails


  • This topic is locked This topic is locked
5 replies to this topic

#1 kanchu22

kanchu22

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 13 January 2013 - 04:07 AM

Having trouble starting my laptop.I downloaded farbar and run it. The scan lo came as follows.Please help




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-01-2013
Ran by SYSTEM at 13-01-2013 13:49:27
Running from H:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)
HKLM\...\Run: [EnergyUtility] C:\Program Files\Lenovo\EnergyCut\utilty.exe [1937408 2007-08-02] (Lenovo(Beijing)Limited)
HKLM\...\Run: [EnergyCut] C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe [1191936 2007-04-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [PCMService] "C:\Program Files\Lenovo\ShuttleCenter\PCMService.exe" [417792 2007-04-19] (CyberLink Corp.)
HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [AlcWzrd] ALCWZRD.EXE [x]
HKLM\...\Run: [Alcmtr] ALCMTR.EXE [x]
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [WinampAgent] D:\SOFTWARE\Winamp\winampa.exe [x]
HKLM\...\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-01-10] ()
HKLM\...\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start [63360 2010-12-08] (DivX, LLC)
HKLM\...\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe [x]
HKLM\...\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252136 2011-05-04] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x]
HKU\Kanchan\...\Run: [Power2GoExpress] "C:\Program Files\Lenovo\Power2Go\Power2GoExpress.exe" /Startup [2483760 2007-05-04] (Cyberlink)
HKU\Kanchan\...\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 [x]
HKU\Kanchan\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [143360 2006-12-23] (Nero AG)
HKU\Kanchan\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [964024 2012-08-31] (Samsung)
HKU\Kanchan\...\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKU\Kanchan\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKU\Kanchan\...\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe [81912 2012-01-02] (PC Utilities Pro)
HKU\Kanchan\...\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP [2807296 2012-10-04] (SpeedBit Ltd.)
HKU\Kanchan\...\Run: [RockMelt Update] "C:\Users\Kanchan\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c [136336 2012-10-06] (RockMelt Inc.)
HKU\Kanchan\...\Run: [Intel Management Service] C:\Users\Kanchan\AppData\Local\Temp\cmd32.exe [x]
HKU\Kanchan\...\CurrentVersion\Windows: [Load] C:\TCWIN45\PIPELINE\remind.exe
AppInit_DLLs: avgrsstx.dll
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\lnk_disabled ()
Startup: C:\Users\Kanchan\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ===================

2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [562688 2012-07-17] ()
2 DefaultTabUpdate; "C:\Users\Kanchan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [107520 2012-11-08] ()
3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [115168 2012-11-11] (Mozilla Foundation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [20472 2012-09-12] (Microsoft Corporation)
2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [29178224 2007-02-10] (Microsoft Corporation)
2 MSSQLSERVER; "C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER [28933976 2006-04-14] (Microsoft Corporation)
4 msvsmon90; "C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon90 [3004416 2007-11-07] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [287824 2012-09-12] (Microsoft Corporation)
2 RichVideo; "C:\Program Files\Cyberlink\Shared files\RichVideo.exe" [262247 2007-04-18] ()
2 UDisk Monitor; C:\Program Files\ZTE Dialer\bin\MonServiceUDisk.exe [262144 2008-12-24] ()
2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]
3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [x]

==================== Drivers (Whitelisted) ====================

3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [8832 2007-07-27] (Lenovo Corporation)
3 btaudio; C:\Windows\System32\drivers\btaudio.sys [539640 2007-12-09] (Broadcom Corporation.)
3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37424 2007-03-22] (Broadcom Corporation.)
3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [879624 2007-11-20] (Broadcom Corporation.)
3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156392 2007-06-28] (Broadcom Corporation.)
3 btwhid; C:\Windows\System32\DRIVERS\btwhid.sys [55352 2007-03-30] (Broadcom Corporation.)
3 btwmodem; C:\Windows\System32\DRIVERS\btwmodem.sys [37280 2007-03-22] (Broadcom Corporation.)
3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [74688 2007-11-27] (Broadcom Corporation.)
3 CapFilt; C:\Windows\System32\Drivers\CapFilt.sys [17536 2010-10-02] (ensurebit)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation)
3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [104576 2008-12-23] (ZTEMT Incorporated)
3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========



==================== One Month Modified Files and Folders ========

2013-01-13 13:44 - 2013-01-13 13:44 - 00000000 ____D C:\FRST
2013-01-04 15:51 - 2010-11-21 19:39 - 00000000 ____D C:\Users\Kanchan\Downloads\Docs


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 1014.43 MB
Available physical RAM: 632.54 MB
Total Pagefile: 1014.43 MB
Available Pagefile: 629.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1961.38 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:39.06 GB) (Free:2.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (Local Disk ) (Fixed) (Total:39.06 GB) (Free:11.87 GB) NTFS
3 Drive e: (Local Disk ) (Fixed) (Total:39.06 GB) (Free:15.31 GB) NTFS
4 Drive f: () (Fixed) (Total:31.86 GB) (Free:31.4 GB) NTFS
6 Drive h: (New Volume) (Removable) (Total:7.53 GB) (Free:7.53 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 8 MB
Disk 1 Online 7728 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 39 GB 31 KB
Partition 0 Extended 109 GB 39 GB
Partition 2 Logical 39 GB 39 GB
Partition 3 Logical 39 GB 78 GB
Partition 4 Logical 31 GB 117 GB

=========================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 39 GB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Local Disk NTFS Partition 39 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E Local Disk NTFS Partition 39 GB Healthy

=========================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F NTFS Partition 31 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7727 MB 16 KB

=========================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H New Volume FAT32 Removable 7727 MB Healthy

=========================================================

Last Boot: 2012-11-09 08:26

==================== End Of Log ============================

BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:42 AM

Posted 24 January 2013 - 05:00 AM

Hi kanchu22,

Welcome to the forum and apologies for the delay.

  • Please download the latest version of Farbar Recovery Scan Tool and save it to a flash drive.

    Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    start
    HKU\Kanchan\...\Run: [Intel Management Service] C:\Users\Kanchan\AppData\Local\Temp\cmd32.exe [x]
    C:\Users\All Users\Start Menu\Programs\Startup\lnk_disabled
    2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [562688 2012-07-17] ()
    C:\Program Files\DefaultTab\DefaultTabSearch.exe
    2 DefaultTabUpdate; "C:\Users\Kanchan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [107520 2012-11-08] ()
    C:\Users\Kanchan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    TDL4: custom:26000022 <===== ATTENTION!
    HKU\Kanchan\...\CurrentVersion\Windows: [Load] C:\TCWIN45\PIPELINE\remind.exe
    end
    

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options and select Command Prompt.

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • Restart the computer, let it boot normally and tell me how it went.


#3 kanchu22

kanchu22
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 24 January 2013 - 10:47 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-01-2013 02
Ran by SYSTEM at 2013-01-24 20:55:17 Run:1
Running from H:\

==============================================

HKEY_USERS\Kanchan\Software\Microsoft\Windows\CurrentVersion\Run\\Intel Management Service Value deleted successfully.
C:\Users\All Users\Start Menu\Programs\Startup\lnk_disabled moved successfully.
DefaultTabSearch service deleted successfully.
C:\Program Files\DefaultTab\DefaultTabSearch.exe moved successfully.
DefaultTabUpdate service deleted successfully.
C:\Users\Kanchan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe moved successfully.

The operation completed successfully.
The operation completed successfully.
HKEY_USERS\Kanchan\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load Value restored successfully.

==== End of Fixlog ====

#4 kanchu22

kanchu22
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 24 January 2013 - 10:49 AM

Thanks a lot..
thank you sooooooooooooooooooooooo much..

#5 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:42 AM

Posted 24 January 2013 - 05:43 PM

You are most welcome. :thumbup2:

Do want to do the rest or need assistance to finish it up?

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:42 AM

Posted 31 January 2013 - 08:25 AM

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users