TechSpot

Windows 7 (x64) stuck in recovery mode

Solved
By silversufer
Oct 25, 2012
  1. Hi everyone, I'm not sure how this happenend. My sony vaio laptop began acting slow about a week ago. All of sudden it froze. I did a system restore, using a restore point, that seemed to do the trick. I turned off the laptop for the night, tried to turn it back on in the morning, only to be stuck in recovery mode.

    Not sure what to do, any help would be much appreciated.

    Thanks Greg


    1st Log

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2012
    Ran by SYSTEM at 25-10-2012 01:57:57
    Running from G:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001
    ==================== Registry (Whitelisted) ===================
    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10060320 2010-02-09] (Realtek Semiconductor)
    HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [x]
    HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16397416 2010-01-11] (NVIDIA Corporation)
    HKLM-x32\...\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup [80384 2009-10-05] (Sony Electronics Corporation)
    HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [320880 2009-08-26] (Sony Corporation)
    HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
    HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
    HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [4282728 2012-08-21] (AVAST Software)
    HKU\greg\...\Run: [AdobeBridge] [x]
    HKU\greg\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-10] (Google Inc.)
    HKU\greg\...\Run: [gStart] C:\Program Files (x86)\Garmin\gStart.exe [x]
    HKU\Work\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-10] (Google Inc.)
    Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
    ==================== Services (Whitelisted) ===================
    3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [44808 2012-08-21] (AVAST Software)
    3 Roxio UPnP Renderer 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [313840 2009-08-31] (Sonic Solutions)
    2 Roxio Upnp Server 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" [362992 2009-08-31] (Sonic Solutions)
    2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" [257936 2010-08-12] (Sony Corporation)
    3 SOHDBSvr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [70952 2009-10-15] (Sony Corporation)
    3 SOHPlMgr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe" [91432 2009-10-15] (Sony Corporation)
    2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
    3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2009-09-14] (Sony Corporation)
    3 VUAgent; "C:\Program Files\Sony\VAIO Update 5\VUAgent.exe" [1223024 2010-06-09] (Sony Corporation)
    2 VzCdbSvc; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" [206336 2009-09-14] (Sony Corporation)
    3 wampmysqld; C:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld [9693696 2012-04-19] ()
    4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [x]
    2 MySQL; "C:\xampp\mysql\bin\mysqld.exe" --defaults-file="C:\xampp\mysql\bin\my.ini" MySQL [x]
    3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x]
    ==================== Drivers (Whitelisted) =====================
    3 ArcSoftKsUFilter; C:\Windows\System32\Drivers\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
    2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-08-21] (AVAST Software)
    1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-06] (AVAST Software)
    2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-08-21] (AVAST Software)
    1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
    1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [969200 2012-08-21] (AVAST Software)
    1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [359464 2012-08-21] (AVAST Software)
    1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-08-21] (AVAST Software)
    2 MySQL4; "C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.5\my.ini" MySQL4 [8919 2012-05-28] ()
    3 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.)
    3 qcusbser; C:\Windows\System32\Drivers\qcusbser.sys [120960 2009-08-14] (QUALCOMM Incorporated)
    2 regi; C:\Windows\SysWow64\Drivers\regi.sys [11032 2007-04-17] (InterVideo)
    4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-29] (Duplex Secure Ltd.)
    3 TVICHW64; C:\Windows\System32\Drivers\TVICHW64.sys [21200 2010-07-01] (EnTech Taiwan)
    3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
    3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
    3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
    0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [x]
    2 MSSQL$DDNI; [x]
    2 Oasis2Service; [x]
    ==================== NetSvcs (Whitelisted) ====================

    ==================== One Month Created Files and Folders ========
    2012-10-24 15:49 - 2012-10-24 15:49 - 00000000 ____D C:\FRST
    2012-09-25 15:07 - 2012-08-21 16:01 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
    2012-09-25 15:03 - 2012-10-12 14:36 - 00000000 ____D C:\Program Files (x86)\Cain
    2012-09-25 15:03 - 2012-09-25 15:03 - 00001823 ____A C:\Users\Work\Desktop\Cain.lnk
    2012-09-25 15:03 - 2012-09-25 15:03 - 00001823 ____A C:\Users\greg\Desktop\Cain.lnk
    2012-09-25 15:00 - 2012-09-25 15:02 - 07992528 ____A C:\Users\greg\Downloads\ca_setup.exe
    ==================== 3 Months Modified Files ==================
    2012-10-13 15:51 - 2011-01-04 15:38 - 00038034 ____A C:\Windows\setupact.log
    2012-10-13 15:51 - 2009-12-10 05:37 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-10-13 15:51 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-10-13 15:51 - 2009-07-13 23:45 - 00012288 _____ C:\Windows\System32\umstartup.etl
    2012-10-13 15:43 - 2009-12-26 06:55 - 01534208 ____A C:\Windows\WindowsUpdate.log
    2012-10-13 05:57 - 2009-12-10 05:37 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-10-13 05:50 - 2012-04-19 09:13 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-10-12 17:50 - 2012-04-19 09:13 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-10-12 17:50 - 2011-05-25 15:40 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2012-10-12 16:24 - 2009-07-13 23:45 - 00010096 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-10-12 16:24 - 2009-07-13 23:45 - 00010096 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-10-12 16:02 - 2009-07-13 23:45 - 00024576 ____A C:\Windows\System32\umstartup000.etl
    2012-10-12 15:48 - 2009-07-14 00:13 - 00779266 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-10-12 15:44 - 2012-06-20 14:46 - 00001933 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2012-10-12 15:44 - 2010-04-07 00:44 - 00000000 ____A C:\Windows\SysWOW64\config.nt
    2012-09-25 15:03 - 2012-09-25 15:03 - 00001823 ____A C:\Users\Work\Desktop\Cain.lnk
    2012-09-25 15:03 - 2012-09-25 15:03 - 00001823 ____A C:\Users\greg\Desktop\Cain.lnk
    2012-09-25 15:02 - 2012-09-25 15:00 - 07992528 ____A C:\Users\greg\Downloads\ca_setup.exe
    2012-09-24 18:19 - 2012-09-24 18:19 - 00011612 ____A C:\Users\greg\Downloads\hash (1)
    2012-09-24 18:19 - 2012-09-24 18:19 - 00011612 ____A C:\Users\greg\Downloads\hash
    2012-09-24 16:21 - 2010-03-21 17:10 - 00025917 ____A C:\test.xml
    2012-09-14 16:19 - 2012-09-14 15:49 - 17790056 ____A (Mozilla) C:\Users\greg\Downloads\Firefox Setup 15.0.1.exe
    2012-09-14 15:43 - 2012-09-14 15:12 - 00014293 ____A C:\Users\greg\Documents\index.html
    2012-09-13 14:54 - 2011-01-04 15:37 - 00224930 ____A C:\Windows\PFRO.log
    2012-09-12 15:30 - 2012-09-12 15:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
    2012-09-11 15:34 - 2012-01-12 18:16 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
    2012-08-31 01:43 - 2010-03-04 12:42 - 64462936 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-08-24 06:15 - 2012-09-24 14:57 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-08-24 05:39 - 2012-09-24 14:57 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-08-24 05:31 - 2012-09-24 14:58 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-08-24 05:22 - 2012-09-24 14:58 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-08-24 05:21 - 2012-09-24 14:58 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-08-24 05:20 - 2012-09-24 14:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-08-24 05:18 - 2012-09-24 14:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-08-24 05:17 - 2012-09-24 14:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-08-24 05:14 - 2012-09-24 14:58 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-08-24 05:14 - 2012-09-24 14:57 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-08-24 05:13 - 2012-09-24 14:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-08-24 05:12 - 2012-09-24 14:57 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-08-24 05:11 - 2012-09-24 14:58 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-08-24 05:10 - 2012-09-24 14:58 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-08-24 05:09 - 2012-09-24 14:58 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-08-24 05:04 - 2012-09-24 14:58 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-08-24 02:27 - 2012-09-24 14:57 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-08-24 02:03 - 2012-09-24 14:57 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-08-24 01:59 - 2012-09-24 14:57 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-08-24 01:51 - 2012-09-24 14:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-08-24 01:51 - 2012-09-24 14:58 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-08-24 01:51 - 2012-09-24 14:58 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-08-24 01:49 - 2012-09-24 14:58 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-08-24 01:48 - 2012-09-24 14:57 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-08-24 01:47 - 2012-09-24 14:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-08-24 01:47 - 2012-09-24 14:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-08-24 01:47 - 2012-09-24 14:57 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-08-24 01:45 - 2012-09-24 14:58 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-08-24 01:44 - 2012-09-24 14:58 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-08-24 01:44 - 2012-09-24 14:57 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-08-24 01:43 - 2012-09-24 14:58 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-08-24 01:40 - 2012-09-24 14:58 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-08-22 13:12 - 2012-09-12 15:40 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
    2012-08-22 13:12 - 2012-09-12 15:39 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-08-22 13:12 - 2012-09-12 15:39 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2012-08-22 13:12 - 2012-09-12 15:39 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2012-08-21 16:01 - 2012-09-25 15:07 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
    2012-08-21 04:13 - 2012-03-22 13:27 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
    2012-08-21 04:13 - 2011-03-07 19:24 - 00969200 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
    2012-08-21 04:13 - 2010-04-07 00:44 - 00359464 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
    2012-08-21 04:13 - 2010-04-07 00:44 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
    2012-08-21 04:13 - 2010-04-07 00:44 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
    2012-08-21 04:13 - 2010-04-07 00:44 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
    2012-08-21 04:12 - 2011-03-04 03:08 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
    2012-08-21 04:12 - 2010-06-29 13:16 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
    2012-08-21 04:12 - 2010-04-07 00:43 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
    2012-08-20 18:49 - 2009-07-13 23:45 - 05037616 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-08-02 12:58 - 2012-09-12 15:40 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
    2012-08-02 11:57 - 2012-09-12 15:40 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2012-07-31 16:54 - 2012-07-31 16:48 - 06955968 ____A (Microsoft Corporation) C:\Users\greg\Downloads\Silverlight.exe

    ==================== Known DLLs (Whitelisted) =================

    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ==================== Restore Points =========================
    Restore point made on: 2012-09-18 15:17:12
    Restore point made on: 2012-09-21 16:19:26
    Restore point made on: 2012-09-24 14:55:53
    Restore point made on: 2012-09-27 04:02:24
    Restore point made on: 2012-10-02 17:46:08
    Restore point made on: 2012-10-08 17:59:49
    Restore point made on: 2012-10-10 16:34:18
    Restore point made on: 2012-10-11 14:47:19
    Restore point made on: 2012-10-11 15:07:31
    Restore point made on: 2012-10-11 17:46:14
    Restore point made on: 2012-10-11 18:24:35
    Restore point made on: 2012-10-12 16:30:39
    ==================== Memory info ===========================
    Percentage of memory in use: 16%
    Total physical RAM: 4078.07 MB
    Available physical RAM: 3424.24 MB
    Total Pagefile: 4076.22 MB
    Available Pagefile: 3421.82 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.91 MB
    ==================== Partitions =============================
    1 Drive c: () (Fixed) (Total:457.23 GB) (Free:292.81 GB) NTFS
    2 Drive e: (Recovery) (Fixed) (Total:8.43 GB) (Free:0.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    4 Drive g: () (Removable) (Total:7.45 GB) (Free:7.4 GB) FAT32
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B
    Disk 1 Online 7633 MB 0 B
    Partitions of Disk 0:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Recovery 8 GB 1024 KB
    Partition 2 Primary 100 MB 8 GB
    Partition 3 Primary 457 GB 8 GB
    ==================================================================================
    Disk: 0
    Partition 1
    Type : 27
    Hidden: Yes
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E Recovery NTFS Partition 8 GB Healthy Hidden
    =========================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y System Rese NTFS Partition 100 MB Healthy
    =========================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 457 GB Healthy
    =========================================================
    Partitions of Disk 1:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 7633 MB 16 KB
    ==================================================================================
    Disk: 1
    Partition 1
    Type : 0B
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G FAT32 Removable 7633 MB Healthy
    =========================================================
    Last Boot: 2012-10-12 03:05
    ==================== End Of Log =============================


    2nd log

    Farbar Recovery Scan Tool (x64) Version: 21-10-2012
    Ran by SYSTEM at 2012-10-25 02:01:05
    Running from G:\
    ================== Search: "services.exe" ===================
    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009-07-13 18:19] - [2009-07-13 20:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    C:\Windows\System32\services.exe
    [2009-07-13 18:19] - [2009-07-13 20:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    ====== End Of Search ======
     
  2. Broni

    Broni Malware Annihilator Posts: 47,684   +267

    Welcome aboard [​IMG]

    I don't actually see anything malicious but let's see if we can fix your boot issue.

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    See if you can boot normally.
     

    Attached Files:

  3. silversufer

    silversufer TS Rookie Topic Starter

    Hey Broni, thanks for taking your time and helping!

    I finished following your instructions and I was able to boot into windows noramlly.

    Here is the log file:

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-10-2012
    Ran by SYSTEM at 2012-10-25 17:48:31 Run:1
    Running from G:\
    ==============================================
    DEFAULT hive was successfully copied to System32\config\HiveBackup
    DEFAULT hive was successfully restored from registry back up.
    SAM hive was successfully copied to System32\config\HiveBackup
    SAM hive was successfully restored from registry back up.
    SECURITY hive was successfully copied to System32\config\HiveBackup
    SECURITY hive was successfully restored from registry back up.
    SOFTWARE hive was successfully copied to System32\config\HiveBackup
    SOFTWARE hive was successfully restored from registry back up.
    SYSTEM hive was successfully copied to System32\config\HiveBackup
    SYSTEM hive was successfully restored from registry back up.
    ==== End of Fixlog ====
     
  4. Broni

    Broni Malware Annihilator Posts: 47,684   +267

    Good job :)

    Any other issues?
     
  5. silversufer

    silversufer TS Rookie Topic Starter

    Sorry, I just got home. I left the laptop running and it seems to be working fine!

    Thanks for all your help Broni :)
     
  6. Broni

    Broni Malware Annihilator Posts: 47,684   +267

    Cool :)
     
  7. silversufer

    silversufer TS Rookie Topic Starter

    Hey Broni, I'm curious, what was the casue of the problem?
     
  8. Broni

    Broni Malware Annihilator Posts: 47,684   +267

    Honestly I have no idea.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.