Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Caught In BSOD Loop


  • This topic is locked This topic is locked
36 replies to this topic

#1 SnowLeopard7

SnowLeopard7

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 07 March 2013 - 04:46 AM

Hi Folks -

I am having a problem with a new Dell Inspiron 15 3520 that came with Windows 8 installed and that I had been using for only a month when it went bad. I had tried to repair it as best I could, but, at this point, the problem seems to be beyond my capacities to deal with or understand, and I am seeking help.

The problems started when I turned it off about three week ago, and went I turned it back on a couple days later, and it was stuck in the apparently famous Win8 "Automatic repair couldn't repair your pc"/BSOD loop. I was not able to boot into safe mode. System restores made no difference. Somewhere along the line I found something that said that I had an "inaccessible_boot_device error".

From the repair menu maze, I was able to get to a command prompt. I used this to copy almost all of my files off of computer.

Chkdsk showed no bad sectors, no bad partition records, or other irregularities. sfc returned "Windows Resource Protection did not find any integrity violations". Some test (I do not remember which) showed that the boot record and BCD were fine. The Dell hardware diagnostic test showed everything working fine.

I am thinking that it is possible that the source of this was a virus or mechanical problem (I saw no evidence for either). If I had to guess, however, I would imagine that the computer stopped working after an automatic update pushed a corrupted/incompatible driver. I have seen discussions online about people having problems with NVIDIA video and/or SATA AHCI Controller hard drive drivers, and Win8 getting corrupted and stuck in the BSOD loop from that. At some point I saw a Windows Update Log (I am not sure where), that showed that, as Windows shut down the last time it was functional, automatic updates installed a new SATA AHCI hard disk driver.

I tried downloading some new drivers for the 3520 from the Dell web site and installing them on the dead computer through a thumb drive and the command prompt. The downloads are all executables, however, and when I tried to run them, I get the message, "the subsystem needed to support the image type is not present". I believe that this message means that the driver executables are 32 bit apps and won't run from a 64 bit command prompt. I also tried to use the "Drivers and Utilities" disk that came with my PC to do some driver rollbacks, but, I can't understand the file names or folder structure on the disk, and, when I try some to run some of the exe files ("setup.exe", for example) to get a gui interface, I get the "the subsystem needed to support the image type is not present" message.

After working on the problem for a while, I borrowed a friend's Win8 installation disk set. The computer will boot to the repair options off of the 64bit disk, but not the 32bit one. I did attempt a System Refresh off of the 64bit disk, and got back the message, "The drive where Windows in installed is locked. Unlock the drive and try again."

Around the time that I was messing with the BIOS settings to get the computer to boot off of the Win8 disk, I started getting a message "Your PC needs to be repaired - Boot Configuration Data file is missing some required information -- File:\BCD -- error code 0xc0000034" at the start of my boot ups. I am not sure if I deleted a file somewhere during my repair efforts, or if I am getting this message because the computer is confused in efforts trying to boot off of the DVD. I get this message even with the DVD removed and the BIOS set to boot off of the Windows Boot Manager, however, so I am guessing that a file is now missing. And the message stops me from getting into the repair menus/command prompt any other way except through the installation disk.

This is really frustrating. Any suggestions for how to un-bork this thing would be appreciated.

 

FWIW - I am thinking that the way to go is to regenerate the BCD, and then install a compatible disk driver.  But I am not an expert on these things.



BC AdBot (Login to Remove)

 


#2 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 07 March 2013 - 05:22 PM

FWIW, I used the FRST64.exe diagnostic tool, and the results are below. 

 

The last successful boot up was on 2/16, and the BSOD loop started when I tried to boot up on the evening of 2/17.

 

Thank you.

 

===============================================================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-03-2013 01
Ran by SYSTEM at 07-03-2013 02:53:32
Running from D:\
Windows 8   (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20591616 2012-08-06] ()
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4123 2012-05-30] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" [17408 2010-07-04] ()
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKU\A\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)
HKU\A\...\Run: [googletalk] C:\Users\A\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [271872 2012-07-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
2 0234021359642968mcinstcleanup; C:\Windows\TEMP\023402~1.EXE -cleanup -nolog [832664 2012-09-28] (McAfee, Inc.)
2 AECLFilters; C:\Windows\System32\AECLSr64.exe [99696 2012-08-06] (Andrea Electronics Corporation)
3 AllUserInstallAgent; C:\Windows\System32\AUInstallAgent.dll [122368 2012-07-25] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [169472 2012-11-05] (Microsoft Corporation)
2 BcmBtRSupport; C:\Windows\System32\BtwRSupportService.exe [2247992 2012-07-19] (Broadcom Corporation.)
2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [179712 2012-09-19] (Microsoft Corporation)
2 CirrusAudioService; "C:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe" [7168 2012-08-06] (Cirrus Logic)
2 DeviceAssociationService; C:\Windows\System32\das.dll [342016 2012-07-25] (Microsoft Corporation)
3 DeviceInstall; C:\Windows\System32\umpnpmgr.dll [107008 2012-09-19] (Microsoft Corporation)
3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [207872 2012-07-25] (Microsoft Corporation)
3 EFS; C:\Windows\System32\efssvc.dll [37376 2012-07-25] (Microsoft Corporation)
3 fhsvc; C:\Windows\System32\fhsvc.dll [116736 2012-09-19] (Microsoft Corporation)
2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
3 KeyIso; C:\Windows\System32\keyiso.dll [59904 2012-07-25] (Microsoft Corporation)
3 KeyIso; C:\Windows\SysWow64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
2 LSM; C:\Windows\System32\lsm.dll [438272 2012-07-25] (Microsoft Corporation)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
3 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [383608 2012-11-16] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [241016 2012-12-26] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-12-26] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [182312 2012-12-26] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 NcaSvc; C:\Windows\System32\ncasvc.dll [161792 2012-07-25] (Microsoft Corporation)
3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2012-07-25] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\netlogon.dll [743936 2012-07-25] (Microsoft Corporation)
3 Netlogon; C:\Windows\SysWow64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofmsvc.dll [463872 2012-07-25] (Microsoft Corporation)
3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675712 2012-11-05] (Microsoft Corporation)
2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [254512 2012-04-24] ()
2 SftService; "C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe" [1914728 2012-09-12] (SoftThinks SAS)
3 StorSvc; C:\Windows\SysWow64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
3 svsvc; C:\Windows\System32\svsvc.dll [12800 2012-07-25] (Microsoft Corporation)
3 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [178176 2012-12-05] (Microsoft Corporation)
3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [170496 2012-12-05] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\vaultsvc.dll [283648 2012-07-25] (Microsoft Corporation)
3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicrdv; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicshutdown; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmictimesync; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [263680 2012-07-25] (Microsoft Corporation)
3 WiaRpc; C:\Windows\System32\wiarpc.dll [65536 2012-07-25] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
3 WinHttpAutoProxySvc; C:\Windows\SysWow64\winhttp.dll [516608 2012-11-05] (Microsoft Corporation)
3 wlidsvc; C:\Windows\System32\wlidsvc.dll [1968128 2012-07-25] (Microsoft Corporation)
3 WSService; C:\Windows\System32\WSService.dll [2367528 2012-09-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) =====================

0 3ware; C:\Windows\System32\Drivers\3ware.sys [106736 2012-07-25] (LSI)
0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-25] (Microsoft Corporation)
3 acpipagr; C:\Windows\System32\Drivers\acpipagr.sys [10240 2012-07-25] (Microsoft Corporation)
3 acpitime; C:\Windows\System32\Drivers\acpitime.sys [10752 2012-07-25] (Microsoft Corporation)
0 arc; C:\Windows\System32\Drivers\arc.sys [104688 2012-07-25] (PMC-Sierra, Inc.)
0 arcsas; C:\Windows\System32\Drivers\arcsas.sys [108272 2012-07-25] (PMC-Sierra, Inc.)
1 BasicDisplay; C:\Windows\System32\Drivers\BasicDisplay.sys [48640 2012-07-25] (Microsoft Corporation)
1 BasicRender; C:\Windows\System32\Drivers\BasicRender.sys [29696 2012-07-25] (Microsoft Corporation)
3 bcbtums; C:\Windows\System32\Drivers\bcbtums.sys [164152 2012-07-19] (Broadcom Corporation.)
3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6824520 2012-07-10] (Broadcom Corporation)
3 BthAvrcpTg; C:\Windows\System32\Drivers\BthAvrcpTg.sys [31104 2012-11-26] (Microsoft Corporation)
3 BthHFEnum; C:\Windows\System32\Drivers\BthHFEnum.sys [51200 2012-07-25] (Microsoft Corporation)
3 bthhfhid; C:\Windows\System32\Drivers\bthhfhid.sys [29952 2012-11-26] (Microsoft Corporation)
3 BthLEEnum; C:\Windows\System32\Drivers\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFDx64.sys [41328 2012-08-06] (Cirrus Logic)
0 CLFS; C:\Windows\System32\Drivers\CLFS.sys [361200 2012-07-25] (Microsoft Corporation)
1 CLVirtualDrive; C:\Windows\System32\Drivers\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
3 condrv; C:\Windows\System32\Drivers\condrv.sys [33792 2012-07-25] (Microsoft Corporation)
1 dam; C:\Windows\System32\Drivers\dam.sys [58088 2012-10-10] (Microsoft Corporation)
3 DellRbtn; C:\Windows\System32\Drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
0 EhStorClass; C:\Windows\System32\Drivers\EhStorClass.sys [81136 2012-07-25] (Microsoft Corporation)
0 EhStorTcgDrv; C:\Windows\System32\Drivers\EhStorTcgDrv.sys [113904 2012-07-25] (Microsoft Corporation)
3 FxPPM; C:\Windows\System32\Drivers\FxPPM.sys [22528 2012-11-05] (Microsoft Corporation)
3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [12288 2012-07-25] (Microsoft Corporation)
3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [120040 2012-09-19] (Microsoft Corporation)
3 hidi2c; C:\Windows\System32\Drivers\hidi2c.sys [39936 2012-11-19] (Microsoft Corporation)
3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
3 hyperkbd; C:\Windows\System32\Drivers\hyperkbd.sys [11776 2012-07-25] (Microsoft Corporation)
3 HyperVideo; C:\Windows\System32\Drivers\HyperVideo.sys [24576 2012-07-25] (Microsoft Corporation)
0 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [651832 2012-10-26] (Intel Corporation)
3 kdnic; C:\Windows\System32\Drivers\kdnic.sys [18432 2012-07-25] (Microsoft Corporation)
0 LSI_SSS; C:\Windows\System32\Drivers\LSI_SSS.sys [81136 2012-07-25] (LSI Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
0 mfeelamk; C:\Windows\System32\Drivers\mfeelamk.sys [69168 2012-12-26] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-12-26] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [129536 2012-07-25] (Microsoft Corporation)
3 msgpiowin32; C:\Windows\System32\Drivers\msgpiowin32.sys [28392 2012-09-19] (Microsoft Corporation)
3 mshidumdf; C:\Windows\System32\Drivers\mshidumdf.sys [10752 2012-07-25] (Microsoft Corporation)
3 MsLldp; C:\Windows\System32\Drivers\MsLldp.sys [68608 2012-07-25] (Microsoft Corporation)
0 mvumis; C:\Windows\System32\Drivers\mvumis.sys [64240 2012-07-25] (Marvell Semiconductor, Inc.)
3 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation)
3 NDISWANLEGACY; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-25] (Microsoft Corporation)
2 Ndu; C:\Windows\System32\Drivers\Ndu.sys [97792 2012-07-25] (Microsoft Corporation)
1 npsvctrig; C:\Windows\System32\Drivers\npsvctrig.sys [23552 2012-07-25] (Microsoft Corporation)
0 pdc; C:\Windows\System32\Drivers\pdc.sys [69864 2012-11-05] (Microsoft Corporation)
3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [683664 2012-06-12] (Realtek                                            )
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 sdstor; C:\Windows\System32\Drivers\sdstor.sys [56552 2012-10-10] (Microsoft Corporation)
3 SerCx; C:\Windows\System32\Drivers\SerCx.sys [62976 2012-07-25] (Microsoft Corporation)
0 spaceport; C:\Windows\System32\Drivers\spaceport.sys [283888 2012-07-25] (Microsoft Corporation)
3 SpbCx; C:\Windows\System32\Drivers\SpbCx.sys [59392 2012-07-25] (Microsoft Corporation)
0 storahci; C:\Windows\System32\Drivers\storahci.sys [77552 2012-07-25] (Microsoft Corporation)
3 UASPStor; C:\Windows\System32\Drivers\UASPStor.sys [97008 2012-07-25] (Microsoft Corporation)
3 UCX01000; C:\Windows\System32\Drivers\UCX01000.sys [212200 2012-09-19] (Microsoft Corporation)
3 USBHUB3; C:\Windows\System32\Drivers\USBHUB3.sys [445160 2012-11-05] (Microsoft Corporation)
3 USBXHCI; C:\Windows\System32\Drivers\USBXHCI.sys [337128 2012-09-19] (Microsoft Corporation)
3 VerifierExt; C:\Windows\System32\Drivers\VerifierExt.sys [106224 2012-07-25] (Microsoft Corporation)
3 vpci; C:\Windows\System32\Drivers\vpci.sys [67824 2012-07-25] (Microsoft Corporation)
0 VSTXRAID; C:\Windows\System32\Drivers\VSTXRAID.sys [322800 2012-07-25] (VIA Corporation)
3 WdBoot; C:\Windows\System32\Drivers\WdBoot.sys [34216 2012-07-25] (Microsoft Corporation)
3 WdFilter; C:\Windows\System32\Drivers\WdFilter.sys [258288 2012-07-25] (Microsoft Corporation)
0 WFPLWFS; C:\Windows\System32\Drivers\WFPLWFS.sys [96496 2012-07-25] (Microsoft Corporation)
3 wpcfltr; C:\Windows\System32\Drivers\wpcfltr.sys [45056 2012-07-25] (Microsoft Corporation)
3 WpdUpFltr; C:\Windows\System32\Drivers\WpdUpFltr.sys [19968 2012-07-25] (Microsoft Corporation)
3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
3 mfeavfk01;  [x]
3 mfeavfk02;  [x]
3 mfehidk01;  [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-02-19 10:13 - 2013-02-19 10:13 - 00000000 ____D C:\FRST
2013-02-14 18:53 - 2013-02-14 18:53 - 05443718 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360896817314
2013-02-14 18:28 - 2013-02-14 18:28 - 05443238 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360895323056
2013-02-14 17:26 - 2013-02-14 17:26 - 05442209 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360891596008
2013-02-14 17:23 - 2013-02-14 17:23 - 05441494 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360891437054
2013-02-05 17:45 - 2013-02-05 17:46 - 07085400 ____A C:\Users\A\Downloads\SoulseekQt-1-26-2013.exe
2013-02-05 08:23 - 2013-02-05 08:23 - 00000000 ____D C:\ProgramData\Sun
2013-02-05 08:23 - 2013-02-05 08:22 - 00861088 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-02-05 08:23 - 2013-02-05 08:22 - 00782240 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-02-05 08:23 - 2013-02-05 08:22 - 00262560 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-02-05 08:23 - 2013-02-05 08:22 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-02-05 08:23 - 2013-02-05 08:22 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-02-05 08:23 - 2013-02-05 08:22 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-05 08:22 - 2013-02-05 08:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-02-05 08:19 - 2013-02-05 08:22 - 31512992 ____A (Oracle Corporation) C:\Users\A\Downloads\jre-7u13-windows-i586.exe
2013-02-05 01:23 - 2013-02-05 01:23 - 00001033 ____A C:\Users\A\Desktop\Soulseek.lnk
2013-02-05 00:53 - 2013-02-18 02:44 - 00000000 ____D C:\Program Files (x86)\SoulseekQt

==================== One Month Modified Files and Folders =======

2013-02-27 04:31 - 2012-07-26 00:13 - 00262144 ____A C:\Windows\System32\config\BCD-Template
2013-02-19 10:13 - 2013-02-19 10:13 - 00000000 ____D C:\FRST
2013-02-18 02:56 - 2013-01-21 15:56 - 00000000 ____D C:\users\Administrator
2013-02-18 02:56 - 2013-01-18 15:19 - 00000000 ____D C:\users\A
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 __RSD C:\Windows\Media
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ToastData
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\SysWOW64\WinMetadata
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\migwiz
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\L2Schemas
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\Cursors
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-02-18 02:55 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2013-02-18 02:55 - 2012-07-25 23:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-02-18 02:55 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-02-18 02:55 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\Dism
2013-02-18 02:55 - 2012-07-25 21:37 - 00000000 ____D C:\Windows\servicing
2013-02-18 02:49 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-02-18 02:46 - 2013-01-22 04:16 - 00000000 ____D C:\Users\A\AppData\Roaming\BitTorrent
2013-02-18 02:46 - 2013-01-22 03:46 - 00000000 ____D C:\Users\A\AppData\Roaming\Winamp
2013-02-18 02:45 - 2013-01-22 12:55 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-18 02:45 - 2013-01-22 12:55 - 00000000 ____D C:\Program Files\iTunes
2013-02-18 02:45 - 2013-01-21 15:35 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-02-18 02:45 - 2013-01-18 15:47 - 00000000 ____D C:\Users\A\AppData\Local\Microsoft Help
2013-02-18 02:44 - 2013-02-05 00:53 - 00000000 ____D C:\Program Files (x86)\SoulseekQt
2013-02-18 02:44 - 2013-01-24 00:34 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-02-18 02:44 - 2013-01-22 12:50 - 00000000 ____D C:\Program Files\Bonjour
2013-02-18 02:44 - 2013-01-22 03:47 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-02-18 02:44 - 2013-01-22 03:46 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-02-18 02:44 - 2013-01-21 16:16 - 00000000 ____D C:\Program Files (x86)\ProcessExplorer
2013-02-18 02:44 - 2013-01-21 15:52 - 00000000 ____D C:\Program Files (x86)\Unlocker
2013-02-18 02:44 - 2013-01-21 15:27 - 00000000 ____D C:\Program Files (x86)\Synchronizer
2013-02-18 02:44 - 2013-01-21 15:12 - 00000000 ____D C:\Program Files\CCleaner
2013-02-18 02:44 - 2013-01-21 15:00 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2013-02-18 02:44 - 2013-01-21 03:08 - 00000000 ____D C:\Program Files (x86)\Virus Stuff
2013-02-18 02:44 - 2013-01-18 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-18 02:44 - 2013-01-18 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-02-18 02:44 - 2012-10-26 16:07 - 00000000 ____D C:\Program Files\DellTPad
2013-02-18 02:44 - 2012-10-26 13:28 - 00000000 ____D C:\Program Files\Dell Support Center
2013-02-18 02:44 - 2012-10-26 13:21 - 00000000 ____D C:\Program Files\Cirrus Logic Audio Panel
2013-02-18 02:43 - 2013-01-24 00:29 - 00000000 ____D C:\Program Files (x86)\Eudora OSE
2013-02-18 02:43 - 2013-01-22 22:12 - 00000000 ____D C:\Program Files (x86)\ID3Kill
2013-02-18 02:43 - 2013-01-22 12:55 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-02-18 02:43 - 2013-01-22 05:39 - 00000000 ____D C:\Program Files (x86)\Direct WAV MP3 Splitter
2013-02-18 02:43 - 2013-01-22 03:54 - 00000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2013-02-18 02:43 - 2013-01-22 03:24 - 00000000 ____D C:\Program Files (x86)\Free RAR Extract Frog
2013-02-18 02:43 - 2013-01-21 14:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-18 02:43 - 2012-10-26 13:35 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-02-18 02:43 - 2012-10-26 13:32 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2013-02-18 02:41 - 2013-01-31 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe Media Player
2013-02-18 02:41 - 2013-01-23 03:23 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2013-02-18 02:41 - 2013-01-22 13:25 - 00000000 ____D C:\FreeOCR
2013-02-18 02:41 - 2013-01-22 12:51 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-02-18 02:41 - 2013-01-22 12:50 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-02-18 02:39 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\registration
2013-02-18 02:36 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-02-18 02:29 - 2013-01-22 13:05 - 00000000 ____D C:\Special Transfer
2013-02-18 02:29 - 2012-10-26 13:28 - 00000000 ____D C:\ProgramData\PCDr
2013-02-18 02:25 - 2013-01-22 13:40 - 00000000 ____D C:\)) 1 Files
2013-02-16 18:39 - 2013-02-04 14:46 - 00000000 ____D C:\Users\A\Downloads\For E drive
2013-02-15 14:02 - 2013-01-18 15:19 - 01076486 ____A C:\Windows\WindowsUpdate.log
2013-02-14 18:53 - 2013-02-14 18:53 - 05443718 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360896817314
2013-02-14 18:28 - 2013-02-14 18:28 - 05443238 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360895323056
2013-02-14 17:26 - 2013-02-14 17:26 - 05442209 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360891596008
2013-02-14 17:23 - 2013-02-14 17:23 - 05441494 ____A C:\Users\A\AppData\Local\soulseek-client.dat.1360891437054
2013-02-14 01:44 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\NDF
2013-02-12 07:04 - 2013-01-31 05:48 - 00000132 ____A C:\Users\A\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-02-08 03:25 - 2013-01-23 03:05 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-02-08 03:21 - 2013-01-21 15:11 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-02-07 23:04 - 2012-07-25 23:28 - 00850046 ____A C:\Windows\System32\PerfStringBackup.INI
2013-02-06 15:21 - 2013-01-21 15:11 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-02-05 17:46 - 2013-02-05 17:45 - 07085400 ____A C:\Users\A\Downloads\SoulseekQt-1-26-2013.exe
2013-02-05 08:23 - 2013-02-05 08:23 - 00000000 ____D C:\ProgramData\Sun
2013-02-05 08:22 - 2013-02-05 08:23 - 00861088 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-02-05 08:22 - 2013-02-05 08:23 - 00782240 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-02-05 08:22 - 2013-02-05 08:23 - 00262560 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-02-05 08:22 - 2013-02-05 08:23 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-02-05 08:22 - 2013-02-05 08:23 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-02-05 08:22 - 2013-02-05 08:23 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-05 08:22 - 2013-02-05 08:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-02-05 08:22 - 2013-02-05 08:19 - 31512992 ____A (Oracle Corporation) C:\Users\A\Downloads\jre-7u13-windows-i586.exe
2013-02-05 01:23 - 2013-02-05 01:23 - 00001033 ____A C:\Users\A\Desktop\Soulseek.lnk


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2013-01-22 04:26] - [2012-10-10 21:46] - 0517120 ____A (Microsoft Corporation) BCF2036A0DD579E47C008C133550283E

C:\Windows\System32\wininit.exe
[2012-07-25 16:03] - [2012-07-25 19:08] - 0132608 ____A (Microsoft Corporation) FE9AB232B56A12224E8A3F3F9878C9A3

C:\Windows\explorer.exe
[2013-01-22 04:27] - [2012-10-10 23:35] - 2380944 ____A (Microsoft Corporation) E13A31D5254C25406A7946BDD9B06364

C:\Windows\SysWOW64\explorer.exe
[2013-01-22 04:27] - [2012-10-10 21:56] - 2115952 ____A (Microsoft Corporation) 953ADECFF08202A01EFC6110214FDE02

C:\Windows\System32\svchost.exe
[2013-01-22 04:07] - [2012-09-19 22:33] - 0029696 ____A (Microsoft Corporation) EDE27EACE742EE2888C5DD36400A2EC0

C:\Windows\SysWOW64\svchost.exe
[2013-01-22 04:07] - [2012-09-19 21:55] - 0023040 ____A (Microsoft Corporation) A46DC432F81473F526E3994AA483E366

C:\Windows\System32\services.exe
[2013-01-22 04:08] - [2012-09-19 22:33] - 0410624 ____A (Microsoft Corporation) 8F226143046435C75C033B0C52E90FFE

C:\Windows\System32\User32.dll
[2013-01-22 04:06] - [2012-09-19 22:33] - 1342464 ____A (Microsoft Corporation) A99AD14F26BDA7D7F27F76BC91B7EED7

C:\Windows\SysWOW64\User32.dll
[2013-01-22 04:04] - [2012-09-19 20:10] - 1126912 ____A (Microsoft Corporation) BA1C3ACD929A71E88B49C2B6E38F92B3

C:\Windows\System32\userinit.exe
[2012-07-25 16:06] - [2012-07-25 19:08] - 0025088 ____A (Microsoft Corporation) 0E925F7BA032920D58DD284B6181A247

C:\Windows\SysWOW64\userinit.exe
[2012-07-25 16:08] - [2012-07-25 19:21] - 0021504 ____A (Microsoft Corporation) 9F6289D194A04A09671FEED4B6CB6EF7

C:\Windows\System32\Drivers\volsnap.sys
[2012-07-25 18:30] - [2012-07-25 20:57] - 0332016 ____A (Microsoft Corporation) 2FB3CDFD5EAF4CD9D4AFAF96877D13AE


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-01-29 15:11:35
Restore point made on: 2013-02-01 15:58:59
Restore point made on: 2013-02-04 17:06:39
Restore point made on: 2013-02-08 03:44:13
Restore point made on: 2013-02-11 12:10:43
Restore point made on: 2013-02-14 16:28:37

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 6009.09 MB
Available physical RAM: 5293.31 MB
Total Pagefile: 6009.09 MB
Available Pagefile: 5305.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:918.23 GB) (Free:325.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (MULTIBOOT) (Removable) (Total:3.73 GB) (Free:3.39 GB) FAT32
4 Drive f: (HRM_CCSA_X64FRE_EN-US_DV5) (CDROM) (Total:3.34 GB) (Free:0 GB) UDF
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS


  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          931 GB      0 B        *
  Disk 1    Online         3839 MB      0 B         
  Disk 2    No Media           0 B      0 B         

Partitions of Disk 0:
===============

Disk ID: {04485740-09DE-4ECE-9749-F00080E78478}

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    System (partition with boot components)             500 MB  1024 KB
  Partition 2    OEM                 40 MB   501 MB
  Partition 3    Reserved           128 MB   541 MB
  Partition 4    Recovery           500 MB   669 MB
  Partition 5    Primary            918 GB  1169 MB
  Partition 6    Recovery            12 GB   919 GB

==================================================================================

Disk: 0
Partition 1
Type    : c12a7328-f81f-11d2-ba4b-00a0c93ec93b
Hidden  : Yes
Required: No
Attrib  : 0X8000000000000000

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2         ESP          FAT32  Partition    500 MB  Healthy    Hidden  

=========================================================

Disk: 0
Partition 2
Type    : 796badd3-6bbf-4d9f-b631-466eb71a4965
Hidden  : Yes
Required: Yes
Attrib  : 0X8000000000000001

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 7         DIAGS        FAT32  Partition     40 MB  Healthy    Hidden  

=========================================================

Disk: 0
Partition 3
Type    : e3c9e316-0b5c-4db8-817d-f92df00215ae
Hidden  : Yes
Required: No
Attrib  : 0X8000000000000000

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 4
Type    : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden  : Yes
Required: Yes
Attrib  : 0X8000000000000001

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3         WINRETOOLS   NTFS   Partition    500 MB  Healthy    Hidden  

=========================================================

Disk: 0
Partition 5
Type    : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Hidden  : No
Required: No
Attrib  : 0000000000000000

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   OS           NTFS   Partition    918 GB  Healthy            

=========================================================

Disk: 0
Partition 6
Type    : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden  : Yes
Required: Yes
Attrib  : 0X8000000000000001

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4         PBR Image    NTFS   Partition     12 GB  Healthy    Hidden  

=========================================================

Partitions of Disk 1:
===============

Disk ID: 41510393

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           3827 MB    19 KB

==================================================================================

Disk: 1
Partition 1
Type  : 0B
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 5     D   MULTIBOOT    FAT32  Removable   3827 MB  Healthy            

=========================================================

Last Boot: 2013-02-11 12:03

==================== End Of Log =============================



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 10 March 2013 - 05:42 PM

Greetings SnowLeopard7 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the StartNewTopic.gif button but use the AddReply.gif button instead.
  • In the upper right hand corner of the topic you will see the WatchTopic.gif button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.

I will let you know from the start that Windows 8 issues are a bit more difficult to deal with because not all of our tools are currently compatible with that operating system.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 10 March 2013 - 10:41 PM

Greetings,

I would like you to try this first to see if we can restore your computer to the last known good boot.


===================================================


Farbar's Recovery Scan Tool - Run Fix

--------------------
  • From a clean computer press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
Last Boot: 2013-02-11 12:03
  • NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Insert the USB device into your infected computer
  • Enter the System Recovery Options (press F8 during boot up) and select Command Prompt.
  • Run FRST as you did the first time and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • Please attempt to boot your computer into Normal Mode
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Did your computer boot successful? If not, please describe what happens

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 11 March 2013 - 05:47 PM

Thank you for the assistance, I appreciate your time.

 

The contents of the Fixlog.txt are as follows:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2013 01

Ran by SYSTEM at 2013-03-11 14:39:29 Run:1
Running from F:\

==============================================

DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.

==== End of Fixlog ====

 

 

When attempting to boot up as normal, I get the message

 

"Recovery

Your PC needs to be repaired

The Boot Configuration Data file is missing some required information

File: \BCD

Error Code: 0xc0000034

 

You'll need to use the recovery tools on your installation media. If you don't have any installation media (like a disc or USB device), contact your system administrator or PC manufacturer."

 

============

 

Again, I do appreciate your time.  I find myself wondering if too many things are wrong with this computer, and if it would not be simplest (for you and for me) to return this laptop to CostCo and get a new one.  I have until March 26 (ninety days from purchase) to do so.



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 11 March 2013 - 07:16 PM

It is up to you on what you want to do. If you are OK starting from scratch you have a Recovery Partition on the computer which can be utilized to restore the computer to factory condition. That would certainly answer the question regarding whether this is a software or hardware issue.

Please let me know what you would like to do.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 11 March 2013 - 11:04 PM

Thank you, I appreciate that.

 

Honestly, the value for me of getting this Dell Inspiron back up and running would be if I could somehow repair the previous installation of Win8, and not have to reinstall all my software.  If that is not possible, then my preference would be to do a trade-in. 

 

The issue may be a hardware issue - I dropped the computer between the last time it worked and the first time it didn't.  But it was only a two foot drop onto a padded car seat, and, since it has started been having problems, the Dell diagnostic suite tests come up clean, and using the file explorer when I say "Save" or "Open" through Notepad (which I am able to open from the command prompt) seems to access (copy, etc) files fine.  So, again, if I had to guess, I think that the last updates that Windows pushed out as I shut it down the last time I shut it off corrupted Windows somehow, and I made it worse by somehow killing the BCD.

 

Greetings from El Cerrito, SF Bay Area, California also.  Hope you are enjoying the return of Spring.



#8 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 11 March 2013 - 11:25 PM

I hope you are OK with some untrained guesswork on my part:

 

The following are the final lines from the damaged computer's WindowsUpdate.log file, which last saved 2/15 at 2:02 pm (which I think was last time the computer worked).  To my untrained eyes, it looks to me like the computer was trying (and failing) to update the "Intel® 7 Series Chipset Family SATA AHCI Controller" driver.  Perhaps it removed the old driver before installing the new one.  This would explain the initial error that I was getting (before the BCD error) - an "inaccessible_boot_device error".

 

2013-02-15    14:02:20:821     976    47b4    Agent    Beginning install of conventional work item
2013-02-15    14:02:20:821     976    47b4    AU    <<## SUBMITTED ## AU: Install updates / installing updates [CallId = {127E55BE-A921-4AC9-8B7A-9DD95C22092C}, ServerId = {7971F918-A847-4430-9279-4A52D1EFE18D}]
2013-02-15    14:02:20:821     976    47b4    Shutdwn    InstallAtShutdown starts.
2013-02-15    14:02:20:821     976    3c94    DnldMgr    ***********  DnldMgr: Regulation Refresh [Svc: {7971F918-A847-4430-9279-4A52D1EFE18D}]  ***********
2013-02-15    14:02:20:821     976    3c94    DnldMgr    Contacting regulation server for 2 updates.
2013-02-15    14:02:20:821     976    3c94    Misc    Validating signature for C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab:
2013-02-15    14:02:20:821     976    39c0    Agent    *************
2013-02-15    14:02:20:821     976    39c0    Agent    ** START **  Agent: Installing updates [CallerId = AutomaticUpdates]
2013-02-15    14:02:20:821     976    39c0    Agent    *********
2013-02-15    14:02:20:821     976    39c0    Agent      * Updates to install = 1
2013-02-15    14:02:20:821     976    47b4    AU    #############
2013-02-15    14:02:20:821     976    47b4    AU    ## START ##  AU: Search for updates
2013-02-15    14:02:20:821     976    47b4    AU    #########
2013-02-15    14:02:20:821     976    39c0    Agent      *   Title = Intel Corporation - Storage Controller - Intel® 7 Series Chipset Family SATA AHCI Controller
2013-02-15    14:02:20:821     976    39c0    Agent      *   UpdateId = {54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C}.200
2013-02-15    14:02:20:821     976    3c94    Misc     Microsoft signed: Yes
2013-02-15    14:02:20:821     976    3c94    Misc     Infrastructure signed: Yes
2013-02-15    14:02:20:837     976    3c94    EP    Got 7971F918-A847-4430-9279-4A52D1EFE18D redir Client/Server URL: "https://fe1.update.microsoft.com/v6/ClientWebService/client.asmx"
2013-02-15    14:02:20:837     976    3c94    PT    WARNING: Cached cookie has expired or new PID is available
2013-02-15    14:02:21:259     976    47b4    Report    ***********  Report: Initializing static reporting data  ***********
2013-02-15    14:02:21:259     976    47b4    Report      * OS Version = 6.2.9200.0.0.66304
2013-02-15    14:02:21:259     976    47b4    Report      * OS Product Type = 0x00000065
2013-02-15    14:02:21:274     976    47b4    Report      * Computer Brand = Dell Inc.
2013-02-15    14:02:21:274     976    47b4    Report      * Computer Model = Inspiron 3520
2013-02-15    14:02:21:274     976    47b4    Report      * Platform Role = 2
2013-02-15    14:02:21:274     976    47b4    Report      * AlwaysOn/AlwaysConnected (AOAC) = 0
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Revision = A03
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Name = A03
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Release Date = 2012-09-20T00:00:00
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Sku Number = To be filled by O.E.M.
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Vendor = Dell Inc.
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Family =                       
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Major Release = 0
2013-02-15    14:02:21:274     976    47b4    Report      * Bios Minor Release = 3
2013-02-15    14:02:21:274     976    47b4    Report      * Locale ID = 1033
2013-02-15    14:02:21:368     976    47b4    AU    <<## SUBMITTED ## AU: Search for updates  [CallId = {E80AE7C8-093D-4105-978F-64E7B2BE45D8} ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}]
2013-02-15    14:02:21:368     976    47b4    Agent    SkipSelfUpdateCheck search flag set for serverId: 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782
2013-02-15    14:02:21:368     976    47b4    AU    <<## SUBMITTED ## AU: Search for updates  [CallId = {944ABC0C-B9FD-4F39-B9BA-6B18A665C5C1} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2013-02-15    14:02:21:368     976    4e0c    Shutdwn    InstallAtShutdown got install progress.
2013-02-15    14:02:21:368     976    91b0    Agent    *************
2013-02-15    14:02:21:368     976    91b0    Agent    ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2013-02-15    14:02:21:368     976    91b0    Agent    *********
2013-02-15    14:02:21:368     976    91b0    Agent      * Online = No; Ignore download priority = No
2013-02-15    14:02:21:368     976    91b0    Agent      * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-02-15    14:02:21:368     976    91b0    Agent      * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} Third party service
2013-02-15    14:02:21:368     976    91b0    Agent      * Search Scope = {Machine & All Users}
2013-02-15    14:02:21:368     976    91b0    Agent      * Caller SID for Applicability: S-1-5-18
2013-02-15    14:02:21:477     976    4e0c    Shutdwn    InstallAtShutdown got install progress.
2013-02-15    14:02:21:477     976    39c0    DnldMgr    Adding revision ID 200 for update 54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C to the lock revision cache.
2013-02-15    14:02:21:477     976    39c0    DnldMgr    Preparing update for install, updateId = {54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C}.200.
2013-02-15    14:02:21:587     976    3c94    EP    Got 7971F918-A847-4430-9279-4A52D1EFE18D redir Regulation URL: "https://fe1.update.microsoft.com/v6/UpdateRegulationService/UpdateRegulation.asmx"
2013-02-15    14:02:21:587     976    3c94    DnldMgr    Regulation server path: https://fe1.update.microsoft.com/v6/UpdateRegulationService/UpdateRegulation.asmx.
2013-02-15    14:02:21:618    52160    10ea0    Misc    ===========  Logging initialized (build: 7.8.9200.16465, tz: -0800)  ===========
2013-02-15    14:02:21:618    52160    10ea0    Misc      = Process: C:\Windows\system32\wuauclt.exe
2013-02-15    14:02:21:618    52160    10ea0    Misc      = Module: C:\Windows\SYSTEM32\wuaueng.dll
2013-02-15    14:02:21:618    52160    10ea0    Handler    :::::::::::::
2013-02-15    14:02:21:618    52160    10ea0    Handler    :: START ::  Handler: Driver Install
2013-02-15    14:02:21:618    52160    10ea0    Handler    :::::::::
2013-02-15    14:02:21:618    52160    10ea0    Handler      : Updates to install = 1
2013-02-15    14:02:21:618     976    4e0c    Shutdwn    InstallAtShutdown got install progress.
2013-02-15    14:02:21:868     976    3c94    DnldMgr      * Regulation call complete. 0x00000000
2013-02-15    14:02:21:868     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {B9517CD7-8295-40EF-A319-0C6FB790E802}.200]  ***********
2013-02-15    14:02:21:868     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:21:868     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {2187C276-EC82-4EBD-B42F-80DAAB4A2DEE}.200]  ***********
2013-02-15    14:02:21:868     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:21:868     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {B9517CD7-8295-40EF-A319-0C6FB790E802}.200]  ***********
2013-02-15    14:02:21:868     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:21:868     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {2187C276-EC82-4EBD-B42F-80DAAB4A2DEE}.200]  ***********
2013-02-15    14:02:21:868     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:21:868     976    4e0c    AU    AU checked download status and it changed: Downloading is paused
2013-02-15    14:02:21:884    52160    10ea0    Handler    Device id = PCI\VEN_8086&DEV_1E03&SUBSYS_05551028
2013-02-15    14:02:21:884    52160    10ea0    Handler    DriverPingback=1|1|PCI\VEN_8086&DEV_1E03&SUBSYS_05551028&REV_04|2012-05-30|11.2.0.1006|0x800003|0|0|Intel|Intel|Intel® 7 Series Chipset Family SATA AHCI Controller|PCI\VEN_8086&DEV_1E03&CC_0106
2013-02-15    14:02:21:884    52160    10ea0    Handler    WARNING: Driver install of {54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C} on PCI\VEN_8086&DEV_1E03&SUBSYS_05551028 failed with error 80070103; mapping to error 8024200B
2013-02-15    14:02:21:884    52160    10ea0    Handler      : WARNING: Exit code = 0x8024200B
2013-02-15    14:02:21:884     976    4e0c    AU    >>##  RESUMED  ## AU: Installing update [UpdateId = {54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C}]
2013-02-15    14:02:21:884    52160    10ea0    Handler    :::::::::
2013-02-15    14:02:21:884     976    4e0c    AU      # WARNING: Install failed, error = 0x80070103 / 0x80070103
2013-02-15    14:02:21:884    52160    10ea0    Handler    ::  END  ::  Handler: Driver Install
2013-02-15    14:02:21:884     976    4e0c    Shutdwn    InstallAtShutdown got install progress.
2013-02-15    14:02:21:884    52160    10ea0    Handler    :::::::::::::
2013-02-15    14:02:22:071     976    39c0    Report    REPORT EVENT: {E8EA1424-CFB1-4411-BE51-EF3DDB0AEC66}    2013-02-15 14:02:21:977-0800    1    198 [AU_SHUTDOWN_INSTALL_FAILED]    101    {54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C}    200    80070103    AutomaticUpdates    Failure    Content Install    Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation - Storage Controller - Intel® 7 Series Chipset Family SATA AHCI Controller.
2013-02-15    14:02:22:196     976    39c0    Report    CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-02-15    14:02:22:196     976    39c0    Report    WER Report sent: 7.8.9200.16465 0x80070103 54CE90B3-531A-4B6E-9D8D-FD60EC8CE69C Install 101 Unmanaged
2013-02-15    14:02:22:196     976    39c0    Report    CWERReporter finishing event handling. (00000000)
2013-02-15    14:02:22:196     976    39c0    Agent    *********
2013-02-15    14:02:22:196     976    39c0    Agent    **  END  **  Agent: Installing updates [CallerId = AutomaticUpdates]
2013-02-15    14:02:22:196     976    39c0    Agent    *************
2013-02-15    14:02:22:196     976    4e0c    AU    Install call completed.
2013-02-15    14:02:22:196     976    4e0c    AU      # WARNING: Install call completed, reboot required = No, error = 0x00000000
2013-02-15    14:02:22:196     976    4e0c    AU    #########
2013-02-15    14:02:22:196     976    4e0c    AU    ##  END  ##  AU: Installing updates [CallId = {127E55BE-A921-4AC9-8B7A-9DD95C22092C}]
2013-02-15    14:02:22:196     976    4e0c    AU    #############
2013-02-15    14:02:22:196     976    4e0c    Shutdwn    InstallAtShutdown got install progress.
2013-02-15    14:02:22:196     976    47b4    AU    Install complete for all calls, reboot NOT needed
2013-02-15    14:02:22:196     976    47b4    AU    WARNING: Scheduling safe to reboot check failed when checking IsRebootNeeded, hr=80004005.
2013-02-15    14:02:22:196     976    47b4    AU    AU initiates service shutdown
2013-02-15    14:02:22:196     976    47b4    AU    InstallAtShutdown completed.
2013-02-15    14:02:23:837     976    47b4    AU    ###########  AU: Uninitializing Automatic Updates  ###########
2013-02-15    14:02:23:837     976    47b4    WuTask    Uninit WU Task Manager
2013-02-15    14:02:24:071     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {B9517CD7-8295-40EF-A319-0C6FB790E802}.200]  ***********
2013-02-15    14:02:24:071     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:24:071     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {2187C276-EC82-4EBD-B42F-80DAAB4A2DEE}.200]  ***********
2013-02-15    14:02:24:071     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:24:071     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {B9517CD7-8295-40EF-A319-0C6FB790E802}.200]  ***********
2013-02-15    14:02:24:071     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:24:071     976    3c94    DnldMgr    ***********  DnldMgr: New download job [UpdateId = {2187C276-EC82-4EBD-B42F-80DAAB4A2DEE}.200]  ***********
2013-02-15    14:02:24:071     976    3c94    DnldMgr      * Update is not allowed to download due to service regulation or download size limitation.
2013-02-15    14:02:24:993     976    91b0    Agent      * WARNING: Exit code = 0x8024000B
2013-02-15    14:02:24:993     976    91b0    Agent    *********
2013-02-15    14:02:24:993     976    91b0    Agent    **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2013-02-15    14:02:24:993     976    91b0    Agent    *************
2013-02-15    14:02:24:993     976    91b0    Agent    WARNING: WU client failed Searching for update with error 0x8024000b
2013-02-15    14:02:25:040     976    47b4    Report    CWERReporter finishing event handling. (00000000)
2013-02-15    14:02:25:759     976    47b4    Service    *********
2013-02-15    14:02:25:759     976    47b4    Service    **  END  **  Service: Service exit [Exit code = 0x240001]
2013-02-15    14:02:25:759     976    47b4    Service    *************

 



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 12 March 2013 - 08:04 AM

Greetings,

I don't mind your guesswork nor do I mind trying to work through this. Please allow me some time to get my feet firmly planted in the information you have provided. One of the most seasoned members of our staff reviewed your situation at my request and mentioned Dell computers often have issues with driver updates. So I think you may be on to something.

And yes, I am enjoying the weather. So much so that I may take a bike ride to the beach! I think it is snowing somewhere, isn't it? Ah, there is a reason we live in a bankrupt state, it is the weather......

I will respond as soon as I am able. Thanks for your patience.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 12 March 2013 - 09:00 AM

Greetings,

I would like you to boot to the command prompt using the Installation disk. Once there, please type the following, press Enter, then post the results.

BCDEdit /enum all /v
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 12 March 2013 - 02:57 PM

Thanks.

 

I tried this from the prompt that says, "X:\Sources".

 

The reply was,

"The boot configuration data store could not be opened.

The volume for a file has been externally altered so that the opened file is no longer valid."



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 12 March 2013 - 03:56 PM

Greetings,

From the command prompt type C: and press Enter. If the directory changes to C: then please try BCDEdit /enum all /v again


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 12 March 2013 - 04:18 PM

The system gave the same reply from the "C:/" prompt as it did from the "X:/Sources" prompt.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:46 PM

Posted 12 March 2013 - 04:26 PM

Don't be surprised if this doesn't work but please try it anyway.

In the Recovery Environment please type Notepad then hit Enter. Click File, Computer on the left, and tell me what drives are listed.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 SnowLeopard7

SnowLeopard7
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 12 March 2013 - 04:45 PM

OS (C:) 794 GB free of 918 GB

Boot (X:) 30.3 MB free of 32.7 MB

Removable Disk (D:)

CD Drive (E:)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users