Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: REDACTED on July 11, 2014, 08:27:26 PM
-
Hello,
My vista system tries to boot but hangs on aswRvrt.sys. I saw possible solutions in previous threads, but the recovery tool link was taken down. Can you help?
Thanks,
-
Hello,
My vista system tries to boot but hangs on aswRvrt.sys. I saw possible solutions in previous threads, but the recovery tool link was taken down. Cna you help?
Thanks,
Can you boot into Safe mode ?
Can you get to the Recovery Console via F8 ?......if so, FIRST try "Last Known Good Configuration".
http://windows.microsoft.com/en-us/windows/using-last-known-good-configuration#1TC=windows-7
I also PMed Essexboy for more advanced help past this.
Do you know if you had System Restore enabled in your PC ?
-
I can't boot in safe mode, no system restore point. I saw Essexboy helped someone else about a year ago, but the link to the startup file he posted isn't active anymore.
Thanks.
-
Sorry, I tried F8 and got the recovery console, I tried last known good config, it's been working for a while but seems hung up on a black screen with the mouse pointer.
-
Is it 32 or 64 bit ?
I took the link down as it was eating up my bandwidth like no ones business
-
32 bit, last known good config won't boot.
-
Download the following three programmes to your desktop :
1. Rufus (http://rufus.akeo.ie/)
For 32bit systems
2. Windows Vista RC
3. Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/)
Insert the USB stick Then run Rufus
(https://dl.dropbox.com/u/73555776/rufus.JPG)
Select the ISO file on the desktop via the ISO icon.
Press Start Burn
(https://dl.dropbox.com/u/73555776/RufusISO.JPG)
Then copy FRST to the same USB
(http://dl.dropbox.com/u/73555776/frstwintoboot.JPG)
Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here (http://lifehacker.com/5991848/how-to-boot-from-a-cd-or-usb-drive-on-any-pc)
Windows 7 and Vista screenshots
When you reboot you will see this.
Click repair my computer
(http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7275.jpg)
Select your operating system
(http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277202.jpg)
Select Command prompt
(http://i1224.photobucket.com/albums/ee362/Essexboy3/RepairVista_7277.jpg)
At the command prompt type the following :
notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe or e:\frst.exe dependant on system
and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
(https://dl.dropboxusercontent.com/u/73555776/frst.JPG)
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
-
Thanks, I'll try it out this evening.
-
#2 doesn't have a link to download the file.
-
#2 doesn't have a link to download the file.
Essexboy will PM you the link.
-
I PM'd the link for the RC
-
Having trouble with Rufus. When I click the disk icon in your second screen shot it wants me to select an .iso file.
-
Do I select the vista32rc.iso then select start?
-
Okay I made the bootable USB, but it says it's not compatable with my version of Windows. Is it possible I have 64 bit Vista? If so can you PM me a link for the 64 bit recovery tool? Thanks.
-
Okay, I ran frst64. Here's the log, thanks.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by SYSTEM on MINWINPC on 14-07-2014 09:11:56
Running from H:\
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2009-03-23] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7212576 2009-03-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM-x32\...\Run: [IdeaNotesUser] => C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe [221872 2009-08-24] (Digital Delivery Networks, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [5604168 2009-01-22] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8847360 2008-12-22] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => "C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\Ben\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Ben\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Ben\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Guest\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Maura\...\Run: [SmileboxTray] => C:\Users\Maura\AppData\Roaming\Smilebox\SmileboxTray.exe [325448 2012-05-15] (Smilebox, Inc.)
HKU\Maura\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Maura\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-13] (Adobe Systems Incorporated)
Startup: C:\Users\Maura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
BootExecute: autocheck autochk * autocheck lsdelete
==================== Services (Whitelisted) =================
S2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-17] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-28] (AVAST Software)
S2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DKService.exe [1813272 2008-11-24] (Diskeeper Corporation)
S2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited)
S2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-26] (McAfee, Inc.)
S4 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [303104 2008-02-14] (Motive Communications, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [434176 2008-09-27] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-28] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-01-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-28] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-01-28] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-28] ()
S1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [69136 2009-06-17] ()
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-27] (GFI Software)
S0 LPCFilter; C:\Windows\SysWOW64\DRIVERS\LPCFilter.sys [32040 2008-05-07] (COMPAL ELECTRONIC INC.)
S3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [183424 2009-01-23] (SMI)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-14 09:10 - 2014-07-14 09:10 - 00000000 ____D () C:\FRST
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 11:09 - 2012-09-28 07:32 - 05989776 _____ (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2014-07-07 11:09 - 2012-09-28 07:32 - 00053760 _____ (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-24 10:47 - 2014-06-24 10:48 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
==================== One Month Modified Files and Folders =======
2014-07-14 09:10 - 2014-07-14 09:10 - 00000000 ____D () C:\FRST
2014-07-14 05:06 - 2009-05-08 22:16 - 00000066 ___SH () C:\_PartitionInfo
2014-07-14 05:06 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 05:06 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 05:06 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 16:46 - 2014-01-28 14:29 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 16:21 - 2009-05-08 22:12 - 00000282 _____ () C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
2014-07-11 16:10 - 2013-04-19 12:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 15:12 - 2009-06-17 00:56 - 01528020 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 11:56 - 2008-01-20 19:26 - 00748954 _____ () C:\Windows\PFRO.log
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 02:46 - 2011-09-23 15:35 - 00010792 _____ () C:\Windows\System32\spsys.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:17 - 2006-11-02 04:46 - 00773288 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 10:45 - 2014-01-28 14:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 04:47 - 2013-03-27 17:42 - 00001739 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-07 04:47 - 2009-06-17 01:26 - 23378820 _____ () C:\FaceProv.log
2014-07-07 04:46 - 2010-12-23 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-03 17:12 - 2006-11-02 07:42 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-25 11:27 - 2009-12-30 12:23 - 00000000 ____D () C:\Users\Ben\AppData\Local\CrashDumps
2014-06-25 10:40 - 2014-01-28 14:29 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 10:40 - 2014-01-28 14:29 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 10:48 - 2014-06-24 10:47 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
2014-06-23 13:58 - 2014-01-27 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
Files to move or delete:
====================
C:\ProgramData\flashax9f.exe
Some content of TEMP:
====================
C:\Users\Ben\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Ben\AppData\Local\Temp\_is9B41.exe
C:\Users\Maura\AppData\Local\Temp\contentDATs.exe
C:\Users\Maura\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Maura\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Maura\AppData\Local\Temp\symlcsv1.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 2007.8 MB
Available physical RAM: 1499.58 MB
Total Pagefile: 1799.73 MB
Available Pagefile: 1482.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:252.95 GB) (Free:152.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:28.43 GB) NTFS
Drive e: () (Fixed) (Total:14.65 GB) (Free:3.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2008_03_29_2201) (Removable) (Total:7.55 GB) (Free:7.33 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 04AC1E08)
Partition 1: (Active) - (Size=253 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00086FA3)
Partition 1: (Active) - (Size=8 GB) - (Type=07 NTFS)
LastRegBack: 2014-07-11 15:15
==================== End Of Log ============================
-
Download the attached fixlist.txt to the same location as FRST
Run FRST from the recovery console and press fix
Now try a normal boot
-
Download the attached fixlist.txt to the same location as FRST
Run FRST from the recovery console and press fix
Now try a normal boot
Learning moment for me.......ZeroAccess Malware you think ?
http://en.wikipedia.org/wiki/ZeroAccess_botnet
-
FRST says it executed the fix, but my system still boots to a blank black screen with a pointer.
-
Same thing in safe mode. It still hangs at aswrvrt.sys.
-
Just remnants of ZA .. Lets now reset the registry
Download the attached fixlist.txt to the same location as FRST
Run FRST from the recovery console and press fix
Now try a normal boot
-
Still black screen with pointer. I ran another scan, here's the log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by SYSTEM on MINWINPC on 14-07-2014 11:39:49
Running from H:\
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2009-03-23] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7212576 2009-03-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM-x32\...\Run: [IdeaNotesUser] => C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe [221872 2009-08-24] (Digital Delivery Networks, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [5604168 2009-01-22] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8847360 2008-12-22] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => "C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\Ben\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Ben\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Ben\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Guest\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Maura\...\Run: [SmileboxTray] => C:\Users\Maura\AppData\Roaming\Smilebox\SmileboxTray.exe [325448 2012-05-15] (Smilebox, Inc.)
HKU\Maura\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Maura\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-13] (Adobe Systems Incorporated)
Startup: C:\Users\Maura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
BootExecute: autocheck autochk * autocheck lsdelete
==================== Services (Whitelisted) =================
S2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-17] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-28] (AVAST Software)
S2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DKService.exe [1813272 2008-11-24] (Diskeeper Corporation)
S2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited)
S2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-26] (McAfee, Inc.)
S4 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [303104 2008-02-14] (Motive Communications, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [434176 2008-09-27] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-28] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-01-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-28] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-01-28] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-28] ()
S1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [69136 2009-06-17] ()
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-27] (GFI Software)
S0 LPCFilter; C:\Windows\SysWOW64\DRIVERS\LPCFilter.sys [32040 2008-05-07] (COMPAL ELECTRONIC INC.)
S3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [183424 2009-01-23] (SMI)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-14 11:12 - 2014-07-14 11:12 - 00000000 ____D () C:\Windows\System32\config\HiveBackup
2014-07-14 09:10 - 2014-07-14 11:13 - 00000000 ____D () C:\FRST
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 11:09 - 2012-09-28 07:32 - 05989776 _____ (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2014-07-07 11:09 - 2012-09-28 07:32 - 00053760 _____ (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-24 10:47 - 2014-06-24 10:48 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
==================== One Month Modified Files and Folders =======
2014-07-14 11:13 - 2014-07-14 09:10 - 00000000 ____D () C:\FRST
2014-07-14 11:12 - 2014-07-14 11:12 - 00000000 ____D () C:\Windows\System32\config\HiveBackup
2014-07-14 07:37 - 2009-05-08 22:16 - 00000066 ___SH () C:\_PartitionInfo
2014-07-14 07:37 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 07:37 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 07:37 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 16:46 - 2014-01-28 14:29 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 16:21 - 2009-05-08 22:12 - 00000282 _____ () C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
2014-07-11 16:10 - 2013-04-19 12:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 15:12 - 2009-06-17 00:56 - 01528020 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 11:56 - 2008-01-20 19:26 - 00748954 _____ () C:\Windows\PFRO.log
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 02:46 - 2011-09-23 15:35 - 00010792 _____ () C:\Windows\System32\spsys.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:17 - 2006-11-02 04:46 - 00773288 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 10:45 - 2014-01-28 14:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 04:47 - 2013-03-27 17:42 - 00001739 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-07 04:47 - 2009-06-17 01:26 - 23378820 _____ () C:\FaceProv.log
2014-07-07 04:46 - 2010-12-23 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-03 17:12 - 2006-11-02 07:42 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-25 11:27 - 2009-12-30 12:23 - 00000000 ____D () C:\Users\Ben\AppData\Local\CrashDumps
2014-06-25 10:40 - 2014-01-28 14:29 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 10:40 - 2014-01-28 14:29 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 10:48 - 2014-06-24 10:47 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
2014-06-23 13:58 - 2014-01-27 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
Some content of TEMP:
====================
C:\Users\Ben\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Ben\AppData\Local\Temp\_is9B41.exe
C:\Users\Maura\AppData\Local\Temp\contentDATs.exe
C:\Users\Maura\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Maura\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Maura\AppData\Local\Temp\symlcsv1.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 2007.8 MB
Available physical RAM: 1495.64 MB
Total Pagefile: 1799.73 MB
Available Pagefile: 1483.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:252.95 GB) (Free:152.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:28.43 GB) NTFS
Drive e: () (Fixed) (Total:14.65 GB) (Free:3.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2008_03_29_2201) (Removable) (Total:7.55 GB) (Free:7.33 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 04AC1E08)
Partition 1: (Active) - (Size=253 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00086FA3)
Partition 1: (Active) - (Size=8 GB) - (Type=07 NTFS)
LastRegBack: 2014-07-11 15:15
==================== End Of Log ============================
-
The black screen is after the Windows boot Logo ?
If so, did you let the PC sit there for awhile ?
-
This fixlist will now disable Avast/Adaware/McAfee
Download the attached fixlist.txt to the same location as FRST
Run FRST from the recovery console and press fix
Now try a normal boot
-
It's after the boot. I let it sit for about 2 hours, it'll go to screen saver but when I move the mouse, back to black. I'll try the new fix and report back. Thanks.
-
No luck. When it boots I see Microsoft Copyright on a black screen with a segmented green progress bar moving (like normal), I get a message that says lstdelete missing skipping autocheck then black screen with pointer. Thanks again for your continued help.
-
BootExecute: autocheck autochk * autocheck lsdelete
This is part of adaware antivirus
I will remove that entry now and see if it helps
Download the attached fixlist.txt to the same location as FRST
Run FRST from the recovery console and press fix
Now try a normal boot
-
Still no luck. Boots to black screen with pointer.
-
Do you have the same problem in safe mode ?
-
Yes. When I try to boot in safe mode, it hangs on crcdisk (not sure if that matters), then boots to the black screen, with a low res pointer.
-
Yes. When I try to boot in safe mode, it hangs on crcdisk (not sure if that matters), then boots to the black screen, with a low res pointer.
May be long shot but can you select SAFE MODE WITH COMMAND PROMPT and see what happens ?
-
Or select vga mode
-
Safe mode with command prompt gives same result. Not sure how to do VGA mode.
-
Safe mode with command prompt gives same result. Not sure how to do VGA mode.
It is the one that says "Enable Low Resolution Video (640x480)".
Here is also good link on Advanced Boot Options and what they mean:
http://pcsupport.about.com/od/termsag/p/advanced-boot-options.htm
-
Still no luck, Black screen with big low res pointer. Thanks again for your continued help. Any other ideas?
-
How many disc drives are in this system ?
-
How many disc drives are in this system ?
Below is from User7 (OP) log.....looks to be more than one "physical" HDD, perhaps one HDD & one removable ?
Anyway, think what Essexboy is eluding to is to remove all HDDs from PC except for the one that boots Windows.
Obviously, try to boot PC with JUST that one HDD connected.
==================== Drives ================================
Drive c: () (Fixed) (Total:252.95 GB) (Free:152.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:28.43 GB) NTFS
Drive e: () (Fixed) (Total:14.65 GB) (Free:3.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2008_03_29_2201) (Removable) (Total:7.55 GB) (Free:7.33 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 04AC1E08)
Partition 1: (Active) - (Size=253 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00086FA3)
Partition 1: (Active) - (Size=8 GB) - (Type=07 NTFS)
-
Just one internal hard drive and the USB drive connected to run FRST. The other drives must be partitions on the main hard drive (I didn't partition it).
-
Just one internal hard drive and the USB drive connected to run FRST. The other drives must be partitions on the main hard drive (I didn't partition it).
Well, short of re-installing O/S I'm almost at end of ideas.
My only other suggestion would be to rebuild the BCD.......but Essexboy needs to give you the guidance....not me....he is the expert. Until he comments you can read the how-to: http://pcsupport.about.com/od/fixtheproblem/ht/rebuild-bcd-store-windows.htm
-
Thanks, I'll check it out. I don't have install disks (Vista came preinstalled on my computer). Thanks again.
-
A re-install is the only option now. Rebuilding the BCD has a chance of making your recovery partition unavailable.. That would be bad news.
Does the startup repair option from the recovery console work ?
-
Thanks, I'll check it out. I don't have install disks (Vista came preinstalled on my computer). Thanks again.
There are a lot of links our there....eg, Digital River.....that you can download a O/S ISO of Vista to burn DVD and use for "repair".
Make sure to get the EXACT version of Vista.....your log showed.....
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) OS
I assume your PC has a sticker on it with the VISTA license code ?.....not sure you'll need but wanted to ask.
Again, wait for further reply/guidance from Essexboy but click on this link and watch the video.
This video is basically like (is) the repair console but running from the DVD versus what is on your PC.
I only suggest this as another option to try since your PC Repair Console did not work.
http://www.top-windows-tutorials.com/reinstall-windows-vista/
-
When I try to use it, it says if I recently attached a device like a camera or portable music player to remove it and restart the computer. There's nothing attached except the USB Drive I booted from. After I remove the drive and run it, it says it cannot repair the computer automatically. I can view the event log, but not sure what to look for.
-
From the command prompt try this command, it may take a few minutes to complete :
sfc /scannow /offbootdir=c:\ /offwindir=c:\windows
-
From the command prompt try this command, it may take a few minutes to complete :
sfc /scannow /offbootdir=c:\ /offwindir=c:\windows
Good idea.......link for OP to read on what it does: http://pcsupport.about.com/od/toolsofthetrade/ht/sfc-scannow.htm
-
After about 5 minutes it says "Windows Resource Protection could not perform the requested operation."
-
After about 5 minutes it says "Windows Resource Protection could not perform the requested operation."
I think this error is related to you having to specify the correct drive letters.
"offbootdir" is the system reserved partition
"offwindir" is the Windows directory on the drive you would like to fix
http://pcsupport.about.com/od/termss/p/sfc-command-system-file-checker.htm
You used: sfc /scannow /offbootdir=c:\ /offwindir=c:\windows
I mention because your log mentions E: & X: as well.
Drive c: () (Fixed) (Total:252.95 GB) (Free:152.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:28.43 GB) NTFS
Drive e: () (Fixed) (Total:14.65 GB) (Free:3.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2008_03_29_2201) (Removable) (Total:7.55 GB) (Free:7.33 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Of course to really know for sure in the Command prompt type
diskpart
to enter the Disk Partitioning Console, then type
list volume
now view (& post) your machine's volume details
{User7, do not try until Essexboy comments}
Essexboy, thoughts ?
Would/Could it be ?...... sfc /scannow /offbootdir=x:\ /offwindir=c:\windows
-
Use thekochs as X should be the system reserved partition
-
Same result as before, 5 minute wait then same message.
-
Tried E: too, same result.
-
Not sure if it matters but the systems thinks windows is booting correctly. At the black screen I can use the hotkey to put the system to sleep, and if I press crtl+alt+del I get the thinking pointer icon like it's prepping to let me login. When I use last known good config it reverts to the same startup. I'm going to try sfc on D:.
-
Not sure if it matters but the systems thinks windows is booting correctly. At the black screen I can use the hotkey to put the system to sleep, and if I press crtl+alt+del I get the thinking pointer icon like it's prepping to let me login. When I use last known good config it reverts to the same startup. I'm going to try sfc on D:.
This is after you see the Windows Logo w/scroll bar and before the user login ?
In other words the Windows logo goes away, then black screen with mouse pointer then shows ?
And you've left the PC sit there for say....an hour.....in that state to see if it finally loads ?
-
Not sure if it matters but the systems thinks windows is booting correctly. At the black screen I can use the hotkey to put the system to sleep, and if I press crtl+alt+del I get the thinking pointer icon like it's prepping to let me login. When I use last known good config it reverts to the same startup. I'm going to try sfc on D:.
To learn more about what that key combo actually does, take a look at:
http://en.wikipedia.org/wiki/Control-Alt-Delete (http://en.wikipedia.org/wiki/Control-Alt-Delete)
-
Correct, I've let it sit for at least 2 - 3 hours. It will even go to the generic screen saver. I did list volume, transcribed below:
Volume ### LTR Label Fs Type Size Status info
Volume 0 F DVD ROM 0B No media
Volume 1 C NTFS Partition 253 GB Healthy
Volume 2 D Lenovo NTFS Partition 30 GB Healthy
Volume 3 E NTFS Partition 15 GB Healthy
Volume 4 G Removable 0 B No Media
Volume 5 H 2008_03_29_ NTFS Removable 7727MB Healthy
-
To me that suggests a video driver, as it is about that stage that it takes over from the windows one
-
To me that suggests a video driver, as it is about that stage that it takes over from the windows one
Agree....sounds like it but wouldn't it boot into Safe Mode or VGA then be OK ?
User7, is this a desktop PC or laptop ?
If laptop, one other thing to try is to connect an external monitor to the PC and when the screen goes black see if an image comes up on the monitor. You may have some odd setting that just changed the active display on you.....just a thought.
If desktop and you have on-board graphic controller with a graphics add-in card......pull the gfx card and set the BIOS to use the onboard.
............see if any of the above show anything.
The next option would be to get a boot/rescue CD and boot into that environment and remove/uninstall the graphics drivers.....just go back to Windows default. Perhaps bob3160 can suggest best bootCD ?......there are a lot out there (Hiren's , UBCD, BartPE, etc.)....here's some suggestions: http://lifehacker.com/5984707/five-best-system-rescue-discs
-
It's a laptop, but I don't have an external monitor available. I'll see what I can rig up, maybe I can try the HDMI output.
-
It's a laptop, but I don't have an external monitor available. I'll see what I can rig up, maybe I can try the HDMI output.
Maybe to your TV ?....I'd boot down the PC, hook up the cable/TV, then cold boot (power-on) the laptop.
Did you update a video driver lately ?
Do you know what video chip (vendor) is on the laptop ?
What brand & model # is the laptop ?
-
I'll try to hook it up tonight. It's a lenovo ideapad Y550. Thanks again. I'll report back after I try the HDMI hookup.
-
I have the same thing on the TV now, black screen, white pointer. The computer responds to the switch display hotkey and mirrors the LCD on the TV.
-
I can also get the sticky keys window at the black screen by pressing shift 5x. The dialog box looks like normal, background black. I click cancel and box disappears.
-
:( I am at a loss.....perhaps Essexboy has an idea ?
I would get (download/burn) one of the Rescue CDs and boot into that environment and try to debug what is going on.
Like Essexboy it appears to me to be graphics driver related.....but a guess at this point I must admit.
At the very least you can use this Boot/Rescue CD to copy off any files you need to as a backup in case you have to re-install O/S.
Once you boot the Rescue CD I would try to uninstall the gfx driver.....you want to get to basic Window default driver level.
The idea is Windows (your Vista) will use its generic gfx driver to boot to Normal Mode....you can get/re-install your specific driver later.
I would recommend Hiren's BootCD: http://www.hirensbootcd.org/hbcd-v152/
Read section on Device Driver Tools.
Examples:
◦Device Doctor 2.1: Scans the hardware and checks to see if there are new driver updates available, also checks for the unidentified devices (Windows Freeware).
◦PCI 32 Sniffer 1.4 (18-10-2012): Device information tool which is similar to unknown devices (Windows Freeware).
◦Remove Non Present Drivers: Automatically remove all non-present/disconnected devices from a Windows and can often be useful to prevent misbehaving/unnecessary drivers from being loaded, (Windows Freeware).
◦UnknownDevices 1.4.20 (18-10-2012): Helps you find what those unknown devices in Device Manager really are (Windows Freeware).
How to create the CD & Run: http://www.youtube.com/watch?annotation_id=annotation_784758&feature=iv&src_vid=3oXmwMIJLoo&v=Ejtm7J7Wqyk
You can select/run the mini-XP environment once you boot from the CD....once loaded browse/use tools (I list some above examples that may help).....but do some Googling on the tool you are going to run to make sure you understand it first. BUT, before you run any tools I'd copy off any files using the My Computer.
Here is tech spec of your Lenovo Ideapad Y550: https://shop.lenovo.com/ISS_Static/WW/AG/merchandising/US/PDFs/yseries_techspecs_110909.pdf
Is it the GMA (Intel Gfx) or NVidia one ?
-
Probably the quickest option will be to re-install
-
If it's the video card itself, it would be a little hard to do much of anything since all you get to see is the black screen.Video cards aren't that expensive and it may be wise, if all fails, to invest in a cheap one just to make sure the video card is the problem.
Essexboy, what do you think ???
-
Definitely a cheap option I feel
-
But OP's system is a laptop (Lenovo Ideapad Y550)........thus, no gfx "card".
However, I like the idea.......what I would do is go to FRYS or Best Buy and get a USB-to-RGB (or USB-HDMI since he has no monitor) dongle and try....only because these come with their own drivers installed. If the O/S truly is "up" then the USB driver within the dongle should load and maybe you get a screen....then can debug on the true O/S-system. OP can return the dongle within 30-days when he no longer needs. Example: http://www.monoprice.com/Product?c_id=101&cp_id=10114&cs_id=1011403&p_id=8079&seq=1&format=2
The Rescue CD above is at least a way to get his files before he re-installs the O/S and loses his info.
-
#2 doesn't have a link to download the file.
Essexboy will PM you the link.
Hello guys. I'm concerned as well by that problem. I tried to follow the different steps but I don't have a link to an .ISO to feed RUFUS. I have a VISTA family version installed on my ASUS laptop, which means I don't owe the CD. I' ve been searching for awhile and found numerous suspects links. So could you please help me? (My troubles are the same : unable to boot even on Safe Mode. )
Thank you by advance
-
I PMed Essexboy
-
@kurznach is it 32 or 64 bit version ?
Also could you start your own thread to avoid confusion
-
Hi,
I have the same problem with my vista, and i'm also searching for vista 32 bit rc Iso . Could you help me ?
-
Hi,
I have the same problem with my vista, and i'm also searching for vista 32 bit rc Iso . Could you help me ?
hey can you start your own topic please it get confusion for essexboy with so many users on the same topic.
-
@kurznach is it 32 or 64 bit version ?
Also could you start your own thread to avoid confusion
Thank you very much . I'm creating a new topic then. Thank you very much