Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

full format win xp to install win 7 ( infinite reboot )


  • Please log in to reply
3 replies to this topic

#1 velynzee

velynzee

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 02 February 2014 - 06:54 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2014 03
Ran by SYSTEM on MININT-442O3F4 on 03-02-2014 03:20:17
Running from E:\
Windows 7 Professional (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\RunOnce: [iessetup] - C:\Windows\system32\rundll32.exe "C:\Program Files\Internet Explorer\iessetup.dll",LaunchProcessInputFiles  [16384 2009-07-13] (Microsoft Corporation)
HKLM\...\RunOnce: [wmssetup] - C:\Windows\system32\rundll32.exe "C:\Program Files\Windows Media Player\wmssetup.dll",LaunchProcessInputFiles  [16384 2009-07-13] (Microsoft Corporation)
HKLM\...\Runonce: [ehssetup] - "%WinDir%\system32\rundll32.exe" "%WinDir%\ehome\ehssetup.dll",LaunchProcessInputFiles
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [360448 2009-07-13] (Microsoft Corporation)

========================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================

S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc.              )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-03 03:20 - 2014-02-03 03:20 - 00000000 ____D () C:\FRST
2014-02-03 02:41 - 2014-02-03 02:41 - 00206312 __RSH () C:\AOISB
2014-02-03 02:41 - 2014-02-03 02:41 - 00000009 __RSH () C:\wedaolu
2014-02-03 02:40 - 2014-02-03 02:40 - 00000000 __SHD () C:\Recovery
2014-02-03 02:31 - 2014-02-03 02:31 - 122625306 _____ () C:\Windows\MEMORY.DMP
2014-02-03 02:31 - 2014-02-03 02:31 - 00142488 _____ () C:\Windows\Minidump\020314-35328-01.dmp
2014-02-03 02:31 - 2014-02-03 02:31 - 00000000 ____D () C:\Windows\Minidump
2014-02-03 02:28 - 2014-02-03 02:28 - 00000982 _____ () C:\Windows\TSSysprep.log
2014-02-03 02:26 - 2014-02-03 02:41 - 00000000 ____D () C:\Windows\Panther
2014-02-03 02:26 - 2014-02-03 02:26 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-03 02:26 - 2009-07-13 17:38 - 00383562 __RSH () C:\bootmgr
2014-02-03 02:18 - 2014-02-03 02:26 - 00000000 ____D () C:\$WINDOWS.~LS
2014-02-03 02:18 - 2014-02-03 02:18 - 00000000 ____D () C:\$WINDOWS.~BT

==================== One Month Modified Files and Folders =======

2014-02-03 03:20 - 2014-02-03 03:20 - 00000000 ____D () C:\FRST
2014-02-03 02:43 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-02-03 02:41 - 2014-02-03 02:41 - 00206312 __RSH () C:\AOISB
2014-02-03 02:41 - 2014-02-03 02:41 - 00000009 __RSH () C:\wedaolu
2014-02-03 02:41 - 2014-02-03 02:26 - 00000000 ____D () C:\Windows\Panther
2014-02-03 02:41 - 2009-07-13 20:34 - 00020080 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-03 02:41 - 2009-07-13 20:34 - 00020080 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-03 02:40 - 2014-02-03 02:40 - 00000000 __SHD () C:\Recovery
2014-02-03 02:39 - 2009-07-13 20:39 - 00011704 _____ () C:\Windows\setupact.log
2014-02-03 02:31 - 2014-02-03 02:31 - 122625306 _____ () C:\Windows\MEMORY.DMP
2014-02-03 02:31 - 2014-02-03 02:31 - 00142488 _____ () C:\Windows\Minidump\020314-35328-01.dmp
2014-02-03 02:31 - 2014-02-03 02:31 - 00000000 ____D () C:\Windows\Minidump
2014-02-03 02:31 - 2009-07-13 20:33 - 00266808 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-02-03 02:28 - 2014-02-03 02:28 - 00000982 _____ () C:\Windows\TSSysprep.log
2014-02-03 02:28 - 2009-07-13 23:50 - 00000000 ____D () C:\Windows\CSC
2014-02-03 02:28 - 2009-07-13 20:34 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-02-03 02:26 - 2014-02-03 02:26 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-03 02:26 - 2014-02-03 02:18 - 00000000 ____D () C:\$WINDOWS.~LS
2014-02-03 02:26 - 2009-07-13 20:57 - 00025600 ___SH () C:\Windows\System32\config\BCD-Template.LOG
2014-02-03 02:26 - 2009-07-13 20:52 - 00028672 _____ () C:\Windows\System32\config\BCD-Template
2014-02-03 02:18 - 2014-02-03 02:18 - 00000000 ____D () C:\$WINDOWS.~BT

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 61%
Total physical RAM: 510.49 MB
Available physical RAM: 196.49 MB
Total Pagefile: 510.49 MB
Available Pagefile: 187.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:459.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E5DD6169)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2014-02-03 02:27

==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:38 PM

Posted 07 February 2014 - 10:35 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

Restart the computer normally.

Run the Farbar program normally one more time and post a fresh log.

#3 velynzee

velynzee
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 08 February 2014 - 02:39 AM

tq for your help. very tq.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-02-2014 03
Ran by SYSTEM at 2014-02-08 15:35:31 Run:1
Running from E:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
start

C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.

end

*****************

"C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!." => File/Directory not found.

==== End of Fixlog ====



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:38 PM

Posted 08 February 2014 - 09:43 AM


I had hope that the FRST tool could repair the system.
It did not work.

This is not a malware issue.
I can only suggest you start a new topic in the Windows 7 forum.

http://www.bleepingcomputer.com/forums/forum167.html

An expert in that operating system should be able to help.

Good luck,




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users