Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Defender Offline Removed Root kit now Windows wont load


  • This topic is locked This topic is locked
10 replies to this topic

#1 Kevier

Kevier

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 06 May 2014 - 11:00 PM

I was Running Windows Security Defender it said i had a Root Kit Virus and needed to download Windows Defender offline so i did

ran it it fourd 2 so i removed them and it restarted and now while loading Windows it flashes blue screen and restarts i dont have a boot disk and i really need help


Edited by hamluis, 07 May 2014 - 07:18 AM.
Moved from MRL to AII - Hamluis.


BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 06 May 2014 - 11:38 PM

G'day Kevier, and :welcome:  to BC.

What operating system are you running?

How are you communicating with us now?


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#3 Kevier

Kevier
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 06 May 2014 - 11:38 PM

windows 7 another laptop



#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 06 May 2014 - 11:46 PM

Are you able to access Safe Mode ?

 

Windows 7

Using the F8 Method:

  1. Restart your computer.
  2. When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key on your keyboard repeatedly until you are presented with the Windows 7 Advanced Boot Options screen as shown in the image below.


    windows-7-f8.jpg
    Figure 11. Windows 7 Advanced Boot Options screen
  3. Using the arrow keys, select the Safe Mode option you want....WITH NETWORKING
  4. Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.
  5. When Windows starts you will be at a typical logon screen. Logon to your computer and Windows 7 will enter Safe mode.
  6. Do whatever tasks you require, and when you are done, reboot to go back into normal mode.

Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#5 Kevier

Kevier
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 06 May 2014 - 11:47 PM

nope cant access windows at all



#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 06 May 2014 - 11:53 PM

Ok....I will report this topic to people with more knowledge than myself, as an unbootable PC....they are exceptionally busy atm....so expect quite a delay.


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#7 Kevier

Kevier
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 07 May 2014 - 12:31 AM

i was reading somewhere else to run FRST64 and i did here is the txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by SYSTEM on MININT-KRNF8R6 on 07-05-2014 01:27:15
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NapsterShell] => C:\Program Files (x86)\Napster\napster.exe [323280 2010-01-19] (Napster)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1675160 2011-11-22] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1557160 2012-04-09] (Ask)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\cherylandshannon\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-05] (Google Inc.)
HKU\cherylandshannon\...\Run: [lime pro] => "C:\Program Files (x86)\Lime PRO\LimePro.exe" -h
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] ()
Startup: C:\Users\cherylandshannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk
ShortcutTarget: FrostWire On Startup.lnk -> C:\Program Files (x86)\FrostWire 5\FrostWire.exe (FrostWire)

==================== Services (Whitelisted) =================

S2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [844320 2009-09-30] (Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.)
S2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [502032 2011-10-18] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199272 2011-12-06] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [208536 2011-12-06] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [161168 2011-12-06] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.)
S2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools)
S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-03] (Acer)

==================== Drivers (Whitelisted) ====================

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2011-10-15] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160280 2011-10-15] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2011-10-15] (McAfee, Inc.)
S3 mfeavfk01; No ImagePath
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [481768 2011-10-15] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647080 2011-10-15] (McAfee, Inc.)
S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75808 2011-10-15] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2011-10-15] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [284648 2011-10-15] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-01] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 01:26 - 2014-05-07 01:27 - 00000000 ____D () C:\FRST
2014-05-04 23:11 - 2014-05-04 23:11 - 55574528 _____ () C:\Windows\System32\config\SOFTWARE4b533101
2014-05-04 23:00 - 2014-05-04 23:58 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2014-05-04 13:48 - 2014-05-04 13:50 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Local\Mozilla
2014-05-04 13:47 - 2014-05-04 13:50 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Roaming\Mozilla
2014-05-04 13:46 - 2014-05-04 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-04 13:46 - 2014-05-04 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-04 13:46 - 2014-05-04 13:46 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-04 13:42 - 2014-05-04 13:42 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Local\SearchProtect
2014-05-04 13:41 - 2014-05-04 13:42 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-05-04 13:14 - 2014-05-04 23:53 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-04 13:14 - 2014-05-04 23:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-04 13:03 - 2014-05-04 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-04 13:00 - 2014-05-04 12:53 - 13829304 _____ (Microsoft Corporation) C:\Users\cherylandshannon\Desktop\MSEInstall.exe

==================== One Month Modified Files and Folders =======

2014-05-07 01:27 - 2014-05-07 01:26 - 00000000 ____D () C:\FRST
2014-05-04 23:58 - 2014-05-04 23:00 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2014-05-04 23:53 - 2014-05-04 13:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-04 23:53 - 2014-05-04 13:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-04 23:53 - 2014-05-04 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-04 23:53 - 2012-05-07 16:32 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-05-04 23:53 - 2012-05-07 16:29 - 00000000 ____D () C:\Program Files (x86)\FrostWire 5
2014-05-04 23:53 - 2012-01-06 15:49 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-05-04 23:53 - 2011-12-26 04:27 - 00000000 ____D () C:\Program Files (x86)\Rhapsody
2014-05-04 23:53 - 2011-10-09 10:57 - 00000000 ____D () C:\Program Files\McAfee
2014-05-04 23:53 - 2011-10-09 10:57 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-05-04 23:53 - 2011-09-27 16:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-04 23:53 - 2011-07-08 14:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-04 23:53 - 2011-07-08 13:30 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-04 23:53 - 2011-06-28 19:32 - 00000000 ____D () C:\users\cherylandshannon
2014-05-04 23:53 - 2011-06-28 19:32 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-05-04 23:53 - 2009-11-05 10:10 - 00000000 ____D () C:\Program Files\Google
2014-05-04 23:53 - 2009-11-05 10:10 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-04 23:53 - 2009-07-13 23:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-04 23:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-05-04 23:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\servicing
2014-05-04 23:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-05-04 23:52 - 2011-10-09 10:57 - 00000000 ____D () C:\Program Files\McAfee.com
2014-05-04 23:52 - 2011-09-27 16:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 23:52 - 2009-11-05 10:10 - 00000000 ____D () C:\ProgramData\Google
2014-05-04 23:48 - 2014-05-04 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-04 23:48 - 2014-05-04 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-04 23:11 - 2014-05-04 23:11 - 55574528 _____ () C:\Windows\System32\config\SOFTWARE4b533101
2014-05-04 14:40 - 2009-11-05 09:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-04 13:50 - 2014-05-04 13:48 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Local\Mozilla
2014-05-04 13:50 - 2014-05-04 13:47 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Roaming\Mozilla
2014-05-04 13:46 - 2014-05-04 13:46 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-04 13:42 - 2014-05-04 13:42 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Local\SearchProtect
2014-05-04 13:42 - 2014-05-04 13:41 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-05-04 13:05 - 2011-06-28 19:43 - 00000000 ____D () C:\Users\cherylandshannon\AppData\Local\Google
2014-05-04 12:53 - 2014-05-04 13:00 - 13829304 _____ (Microsoft Corporation) C:\Users\cherylandshannon\Desktop\MSEInstall.exe
2014-05-04 12:00 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 12:00 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 11:58 - 2011-09-28 09:07 - 01720159 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 11:53 - 2011-09-28 15:55 - 00021215 _____ () C:\Windows\setupact.log
2014-05-04 11:53 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 11:44 - 2011-07-04 10:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-04 11:32 - 2009-07-13 21:13 - 00005152 _____ () C:\Windows\System32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\cherylandshannon\AppData\Local\Temp\0114831325893763mcinst.exe
C:\Users\cherylandshannon\AppData\Local\Temp\0304161318173103mcinst.exe
C:\Users\cherylandshannon\AppData\Local\Temp\installhelper.dll
C:\Users\cherylandshannon\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\cherylandshannon\AppData\Local\Temp\WiseUpdX.exe
C:\Users\cherylandshannon\AppData\Local\Temp\_is2273.exe
C:\Users\cherylandshannon\AppData\Local\Temp\_is58AA.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== Restore Points  =========================

Restore point made on: 2012-05-24 02:44:57
Restore point made on: 2012-05-26 11:40:10
Restore point made on: 2012-05-26 23:27:48
Restore point made on: 2012-05-31 13:11:20
Restore point made on: 2012-06-01 12:50:41
Restore point made on: 2012-06-01 12:53:20
Restore point made on: 2012-06-04 14:17:22
Restore point made on: 2012-06-06 13:41:47
Restore point made on: 2014-05-04 12:19:05
Restore point made on: 2014-05-04 13:06:13
Restore point made on: 2014-05-04 13:11:17
Restore point made on: 2014-05-04 13:41:38

==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 3001.98 MB
Available physical RAM: 2368.32 MB
Total Pagefile: 3000.13 MB
Available Pagefile: 2363.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:220.78 GB) (Free:166.1 GB) NTFS
Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:1.86 GB) NTFS
Drive g: (WDO_MEDIA64) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected.

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: F85E7820)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)


LastRegBack: 2014-05-04 12:11

==================== End Of Log ============================



#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,250 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:42 PM

Posted 07 May 2014 - 06:39 AM

Hello, I'll move this topic to the appropriate subforum.

 

Please try the following.

 

Start your computer and tap the F10 key until the boot menu options open. You will see some text within brackets ([.... ]). Let me know what is listed between the brackets.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 Kevier

Kevier
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 07 May 2014 - 09:43 AM

sorry for the delay /NOEXECUTTE=OPTIN /MININT



#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,250 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:42 PM

Posted 07 May 2014 - 10:03 AM

You can navigate with the cursor in that text. Please delete the /MININT part, press enter and continue boot. You'll now be able to boot into Windows.

 

Click Start > All programs > Accessories  and right click on command prompt. Select "run as administrator".

 

At the command prompt type the following:

 

bcdedit /set {default} winpe no

 

You should see a success message.

 

After doing this, restart your computer once more and let me know if you encounter any trouble.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,250 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:42 PM

Posted 11 July 2014 - 01:49 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users