[The Wayniac]

This is an HP Pavilion, running Windows 7 Home (upgraded from Vista).  It's always been rock solid, suddenly my external was not recognized, seemed like a driver issue.  Reinstalled the driver, external identified again.   Installed a copy of Avast since the machine hadn't had any sort of cleaning in a while.  Was running slow, and following the Avast install won't really run at all.  Goes to the Welcome screen, real slow then for a while hung darkly lit with a cursor, other times just goes to black.

 

Will not boot.   If it does boot, it is beyond slow, nothing in the start menu works, I don't seem to have explorer.exe at all.   It booted a couple times when I tried to enter safe mode, but only after seemingly loading windows 2 times, once as safe, then stalls and returns to normal mode (can't say what combination of modes allow it to boot 10% of the time)

 

I ran a FRST scan in Recovery Mode, it's attached.  I'm sure there's lots of info I'm leaving out, just ask.

 

Thanks in advance for any sort of suggestion or guidance, I don't know how to read the FRST output, but I see a whole lot of things that seem odd.   I like working on the machine, but something here is beyond my available skills set.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by SYSTEM on MININT-O5MSNSC on 05-12-2014 11:29:25
Running from G:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1560872 2008-07-24] (Synaptics, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM-x32\...\Run: [DVDAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [TSMAgent] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM-x32\...\Run: [TVAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-05-08] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-11-14] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Intuit SyncManager] => c:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1087752 2009-11-25] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-12-02] (AVAST Software)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-13] (Microsoft Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
S2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
S2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
S2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
S2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-07-10] (Western Digital Technologies, Inc.)
S3 STSService; "C:\Program Files (x86)\SoundTaxi Media Suite\STSService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-02] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-12-02] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-12-02] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34040 2011-02-16] (Windows ® Codename Longhorn DDK provider)
S2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Accelerometer.sys 60FBB29CCCE48B4C3A6517CAF42C3496
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\adfs.sys 2F0683FD2DF1D92E891CACA14B45A8C1
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\System32\DRIVERS\agrsm64.sys 98022774D9930ECBB292E70DB7601DF6
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsata.sys 7A4B413614C055935567CF88A9734D38
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys 001CFE1AE7A6377D70F654305ED10458
C:\Windows\system32\drivers\aswKbd.sys B5FE95B473992B4BD8DC723F063552D1
C:\Windows\system32\drivers\aswMonFlt.sys 92E0526D9148DED5E1EB31AFA18F354C
C:\Windows\system32\drivers\aswRdr2.sys 6669541A3566F5B2F64A87ACC9B8821F
C:\Windows\System32\Drivers\aswRvrt.sys 60FED5EA7F14315C319E7FFB3679CC24
C:\Windows\system32\drivers\aswSnx.sys 3CEC5CBD6611F35E53BC54E75B6C4612
C:\Windows\system32\drivers\aswSP.sys 6FC940A01C53BC874F531349E991F2BC
C:\Windows\system32\drivers\aswStm.sys 7250DFE069F4CB68F736A12F51AC083E
C:\Windows\System32\Drivers\aswVmm.sys 5EA98C99B780EE215401658BE5E217CA
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\enecir.sys F218A3A27ED6592C0E22EC3595554447
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hpdskflt.sys 4A435CA815A54639CA09DDF75D751EBC
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 0ECC54FD34D6A089C300846B011E81D6
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys C6238C6ABD6AC99F5D152DA4E9439A3D
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\IntcHdmi.sys BE1CB000C655396C9DEF09AEE3EA2D67
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5
C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s64.sys 39EDE676D17F37AF4573C2B33EC28ACA
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 9A6089B056EA1B83B36424FC9D0A300E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvraid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 777FC2C418465404E3D8A290DC247D24
C:\Windows\System32\DRIVERS\Rtlh64.sys 8B91737DA75ADD21CB1554B38089196A
C:\Windows\System32\drivers\RTSTOR64.SYS AA3987386CF7D9005C42BC974634BD56
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\drivers\SndTAudio.sys 1E3685796D04D598C0D505BDEE101D05
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 5BFCF934891022E15404BEFE0F5ECE9F
C:\Windows\System32\drivers\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\DRIVERS\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usb8023x.sys E388D1507E779D0B499A1D87476E4230
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys 9E425AC5C9A5A973273D169F43B4F5E1
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl 1CACFEF9E5DD866C5B79A135EE729E18

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 07:52 - 2014-12-05 11:29 - 00000000 ____D () C:\users\TEMP
2014-12-05 02:16 - 2014-12-05 11:29 - 00000000 ____D () C:\FRST
2014-12-03 08:55 - 2014-12-03 08:55 - 00284688 _____ () C:\Windows\Minidump\120314-19234-01.dmp
2014-12-02 22:02 - 2014-12-02 22:02 - 00001235 _____ () C:\Windows\unins000.dat
2014-12-02 22:02 - 2014-12-02 22:01 - 01180529 _____ () C:\Windows\unins000.exe
2014-12-02 21:51 - 2014-12-02 21:51 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-02 21:51 - 2014-12-02 21:51 - 00002022 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-02 21:51 - 2014-12-02 21:51 - 00001962 _____ () C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2014-12-02 21:51 - 2014-12-02 21:51 - 00000000 ____D () C:\Users\Wayniac\AppData\Roaming\AVAST Software
2014-12-02 21:51 - 2014-12-02 21:49 - 00436624 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2014-12-02 21:51 - 2014-12-02 21:49 - 00267632 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-12-02 21:51 - 2014-12-02 21:49 - 00116728 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-12-02 21:51 - 2014-12-02 21:49 - 00082768 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-12-02 21:51 - 2014-12-02 21:49 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-12-02 21:51 - 2014-12-02 21:49 - 00029208 _____ () C:\Windows\System32\Drivers\aswHwid.sys
2014-12-02 21:51 - 2014-12-02 21:48 - 00093568 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-12-02 21:49 - 2014-12-02 21:49 - 00364512 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-12-02 21:49 - 2014-12-02 21:44 - 01049920 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-12-02 21:49 - 2014-12-02 21:44 - 00028184 _____ (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2014-12-02 21:48 - 2014-12-02 21:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-02 21:42 - 2014-12-02 21:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-02 21:41 - 2014-12-02 21:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-02 21:32 - 2014-12-02 21:32 - 00000000 ____D () C:\Users\Wayniac\Desktop\Avast
2014-12-02 21:27 - 2014-12-02 21:27 - 00000000 ____D () C:\Users\Wayniac\Desktop\New folder
2014-11-18 22:17 - 2014-12-03 08:55 - 614094699 _____ () C:\Windows\MEMORY.DMP
2014-11-18 22:17 - 2014-11-18 22:17 - 00284608 _____ () C:\Windows\Minidump\111914-42588-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 10:43 - 2010-01-15 12:55 - 00000000 ____D () C:\users\Wayniac
2014-12-05 10:38 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-12-05 08:13 - 2011-03-11 16:13 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3479686060-1603551556-2831499421-1000UA.job
2014-12-05 08:07 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 08:07 - 2009-07-13 20:51 - 01129058 _____ () C:\Windows\setupact.log
2014-12-05 07:51 - 2012-10-31 20:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-04 20:43 - 2011-03-11 16:13 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3479686060-1603551556-2831499421-1000Core.job
2014-12-04 20:38 - 2010-01-15 13:36 - 01173033 _____ () C:\Windows\WindowsUpdate.log
2014-12-03 10:44 - 2010-01-15 12:51 - 00011104 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-03 10:44 - 2010-01-15 12:51 - 00011104 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-03 08:55 - 2010-01-21 15:17 - 00000000 ____D () C:\Windows\Minidump
2014-12-02 22:10 - 2009-07-13 21:13 - 00794430 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-12-02 22:03 - 2010-01-15 13:20 - 00290320 _____ () C:\Windows\PFRO.log
2014-12-02 21:28 - 2009-07-12 01:39 - 00049402 _____ () C:\Windows\DPINST.LOG
2014-11-26 16:38 - 2012-12-05 00:15 - 00000000 ____D () C:\Users\Wayniac\AppData\Roaming\vlc
2014-11-20 16:31 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-11-18 22:17 - 2014-01-03 17:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-18 22:17 - 2014-01-03 17:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-14 00:05 - 2013-07-22 23:01 - 00000000 ____D () C:\Windows\System32\MRT
2014-11-12 21:04 - 2012-10-31 20:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 21:04 - 2012-10-31 20:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 21:04 - 2012-10-31 20:21 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 20:17 - 2011-03-11 16:18 - 00002377 _____ () C:\Users\Wayniac\Desktop\Google Chrome.lnk
2014-11-12 20:08 - 2011-03-11 16:13 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3479686060-1603551556-2831499421-1000UA
2014-11-12 20:08 - 2011-03-11 16:13 - 00003494 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3479686060-1603551556-2831499421-1000Core

Some content of TEMP:
====================
C:\Users\Wayniac\AppData\Local\Temp\2n3wossg.dll
C:\Users\Wayniac\AppData\Local\Temp\ConduitEngine.dll
C:\Users\Wayniac\AppData\Local\Temp\converter.exe
C:\Users\Wayniac\AppData\Local\Temp\i4jdel0.exe
C:\Users\Wayniac\AppData\Local\Temp\j6ndvdhz.dll
C:\Users\Wayniac\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Wayniac\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Wayniac\AppData\Local\Temp\kkkznyt8.dll
C:\Users\Wayniac\AppData\Local\Temp\nsrF4E5.exe
C:\Users\Wayniac\AppData\Local\Temp\qg4fhnwl.dll
C:\Users\Wayniac\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\Wayniac\AppData\Local\Temp\tbMixi.dll
C:\Users\Wayniac\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-12-03 13:50:39

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {768789e4-35e9-11dd-b461-e92a35599e1c}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {572bcd55-ffa7-11d9-aae2-0007e994107d}
device                  ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
path                    \windows\system32\boot\winload.exe
description             HP Recovery Manager
osdevice                ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {768789e4-35e9-11dd-b461-e92a35599e1c}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\e1282102-021e-11df-9f44-00238bfb40d7\Winre.wim,{e1282103-021e-11df-9f44-00238bfb40d7}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\e1282102-021e-11df-9f44-00238bfb40d7\Winre.wim,{e1282103-021e-11df-9f44-00238bfb40d7}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {768789e4-35e9-11dd-b461-e92a35599e1c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \boot\boot.sdi

Device options
--------------
identifier              {e1282103-021e-11df-9f44-00238bfb40d7}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\e1282102-021e-11df-9f44-00238bfb40d7\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 6047.19 MB
Available physical RAM: 5307.16 MB
Total Pagefile: 6045.34 MB
Available Pagefile: 5301.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.72 GB) (Free:77.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:13.04 GB) (Free:1.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (FPS DRIVE) (Removable) (Total:0.93 GB) (Free:0.91 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2CF04D55)
Partition 1: (Active) - (Size=452.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 960 MB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=956 MB) - (Type=06)


LastRegBack: 2014-11-24 21:07

==================== End Of Log ============================

Attached Files

•  FRST.txt   34.9KB   382 downloads

[Advertisements]

Hi that could be a corrupt install of Avast causing that. This fix will remove Avast from the system

If it then boots properly I will give instructions for installing Avast cleanly from a direct link

Download the attached fixlist.txt to the same location as FRST
 fixlist.txt   2.75KB   401 downloads
Open FRST as before and press fix
On completion try a normal boot

[Essexboy]

Hi that could be a corrupt install of Avast causing that. This fix will remove Avast from the system

If it then boots properly I will give instructions for installing Avast cleanly from a direct link

Download the attached fixlist.txt to the same location as FRST
 fixlist.txt   2.75KB   401 downloads
Open FRST as before and press fix
On completion try a normal boot

[The Wayniac]

I'm going to try the fix right now.  I have a feeling the Avast has something to do with it, but it was running weird before the Avast install.

 

I'll feedback shortly.   Thanks for the help!

Wayne

[The Wayniac]

EDIT: Double post

Edited by The Wayniac, 08 December 2014 - 12:17 AM.

[The Wayniac]

Fix finished, attached is the FIxlog.  Closed FRST, attempted restart from same Repair menu.  Restart hung at Welcome/LogIn screen, no cursor response.

 

Forced reset, tried restart in safe mode, hung for a bit at "Windows" glowing flag screen, then was prompted to run CHKDSK..

 

Let CHKDSK run, attempted Start in Repair mode from choices offered, now hanging.

 

 

I think based on the FIXlog that some of the items in the fixlist are going to be problematic to change, and from the CHKDSK it sure seems I may have some bad sectors.   At this point, I'd really like to fire Windows to pull some stuff off the drive if I can.   I don't mind replacing it if it's failing.

 

Just wanted to get a response up, I'm not really sure what's up.

 

Is it advisable to run an FRST64 scan aagin, and should that be done anyhow?

 

 

Attached Files

•  Fixlog.txt   4.64KB   469 downloads

Edited by The Wayniac, 08 December 2014 - 12:18 AM.

[The Wayniac]

After letting the machine sit on black screen with cursor all night, I forced a shutdown.   No startup of Windows will enable, no safe mode, no normal start, etc, not even the Windows Repair startup.

 

I can get into Advance Boot Options, but it seems at the very least I neeed more than just the FRST64 fix.

 

Any suggestions?   I can scan again or perform any other functions off the ABO screen.

 

 

 

EDIT: Tried a boot from last known good configuration, get a blue screen with text that flashes for about 1/4 second, can't read any of the content.   I'm assuming this is bad.

 

At this point, I really just want the content from the harddrive, is there a mode by which I can extract data without running windows?

 

Not giving up, just preparing mentally for the worst case scenario b/c I haven't planned for a failure (backup, archive, etc)

Edited by The Wayniac, 08 December 2014 - 09:24 AM.

[Essexboy]

There is not a great deal further that can be done with FRST, but there is a way of recovering data if the drive is not totally toasted

This will allow you to backup your data to either a CD or a second USB drive

Download Peazip to the desktop
Run and install the programme
As it installs this page will show, deselect the AVG ticks
Press decline and it will then install cleanly



Download the following files to the desktop .. Right click the links and select save as...then select desktop

Rufus

OTLPE_standard

Right click OTLPE on your desktop and select ..Open as archive




Select OTLPE standard



Click Extract, ensure that desktop is selected



Insert the USB stick Then run Rufus

Select the ISO file on the desktop via the ISO icon.

Press Start Burn


Once the USB has burnt then boot using this to an XP style desktop

[The Wayniac]

I was able to burn the ISO, but I can't seem to get the laptop to boot from it.  I can jump into the BIOS no problem, even tried clearing the BIOS by powering down, removing battery, etc etc.

 

Would there be some issue with the ISO image due to it being burned on a Windows XP 32 bit desktop and Windows 7 being 64 bit?  For instance can this particular machine boot an x86 image since it's architecture works with x64?

 

ISO burned with all the settings as outlined in the above post, with the exception of the volume label, which i'm sure doesn't matter.  (BIOS/UEFI, NTSF, etc)

 

I feel like I'm right there and just can't get the last little piece.   The options in InsydeH2O v3.5 (BIOS F.33) allow me to change the boot order, but although the BIOS saves the change, the boot stills comes from the hard disc.  I see the USB stick listed right in the boot options as well, by name (SanDisk Cruzer).  Assuming "USB Diskette" means USB stick.

 

This BIOS seems to have no Legacy Boot and/or Secure Boot toggles, although I'm curious if there is something in the background and if so how to override it.   It doesn't even try to boot from the USB.  I've tried multiple USB sticks, and written each twice.   I'm also assuming FAT32 wouldn't work anyhow.   I did not try other permutations of the Rufus burn.

 

Suggestions?

Edited by The Wayniac, 09 December 2014 - 11:24 PM.

[Essexboy]

OTLPE is a windows pe environment so it will not matter where it is burnt from or used to boot.

A final option would be to burn OTLPE to a CD, in this case just insert a blank CD and double click the original file as downloaded, as it has imgburn built in to handle CD burning

Although looking at the way things are running I am veering towards a hard disc problem

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.