New
#1
Win7(32) BSOD unbootable
Hi there everyone. I'm really hoping for some help here I am optimistic given some of the similar cases Ive seen here. I posted a similar thread in another forum but they seem better at the malware side of things; I am hoping that the real BSOD gurus are here. ;-)
The Goal:
The System:
- I am desperately trying to avoid all of the pain and agony of a total system wipe and re-install of all my applications, preferences, and files.
- I am hopeful that if I can just get the currently unbootable system to boot, I'll be able to get help in removing the malware infection (and learn something).
A Dell Latitude E6400 running Windows 7 Ent Edition 32 bit OS, 4GB of matched RAM, 256GB Samsung SSD.
Current state:
BSOD on boot, every time. Can't restore to a previous restore point; they somehow are gone; attempts to do a repair with the install DVD fail (details below).
Important: I have a raw copy of the entire drive (all of its partitions) that I took to a spare drive, so if we want to try anything daring, we can, and I can roll back to that state.
How it started, Background
Late last week I managed to get a malware infection that hijacked my DNS config, along with my Google search results, regardless of which browser I used (IE, FF, Chrome). Who knows what else is in the package of evil regardless, whatever I got snuck past SEP 11 to begin with. Following the infection I used MalwareBytes, SpyBot S&D, and SEP 11 to try and remove it. I have been unable to permanently remove the infection thusfar, and matters are worse now.
There was a point on Thursday where the machine wouldn't boot - endless blue screens - but I was able to restore to a previous recovery point and get it to boot again. Shortly thereafter, the machine got to a state that it is never bootable anymore. This is no longer possible; when I boot from the Win7 Ent install CD and try and repair the installation, I get the following error:
StartRep.exe Application ErrorWhat Ive tried so far:
The instruction at 0x74818f18 referenced memory at 0x00000004. The memory could not be read.
As mentioned before, I used MalwareBytes, SpyBot S&D, and SEP 11 before the permanent BSOD issues occurred. I am attaching the logs along with a Hijack This log from those scans/efforts.
I have performed diskchk on the drive and found no errors.
Ran MemTest through 4 full passes (5:30 hours so far) with no errors.
I can get the machine booted using Hirem's BootCD on a USB flash drive, and as a result I can run anything that can be run remotely on the drive/registry/etc. But because the machine isnt booting, I can't run anything that needs to be run inside of the infected OS.
I am attaching a series of files:
1) The last minidump I was able to get off of the disk;
2) A zip file with containing MalwareBytes, SEP 11, and a list of startup items on the OS.
3) Logs from failed boots:
I would be incredibly grateful if someone can help me get to the point where I can get this OS to boot again. I am really trying to avoid having to do a system wipe and start that whole process over - I would really rather try and repair what happened if possible. Thanks so much to you all for your help!
- bootstat.dat
- ntbtlog.txt
- PFRO.log