Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Won't Boot - Malware Related [Solved]

PC wont boot - MBAMSwissArmy

  • This topic is locked This topic is locked

#16
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

We still have some options.

 

Firstly though, if our remaining attempts don't work, things may be at the point where are reformat is needed or even, where the hard drive is failing.

 

So, my question is, do you have a backup of your data?

 

Edit

 

I overlooked answering you question about status 50.

 

I am not a techie but the information at the link below explains:

 

http://www.windowsfi...-status-50.html


  • 0

Advertisements


#17
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

Firstly, I'm not sure that I agree with the thought that you're "not a techie", but I'd have to know your definition of the term.

 

Anyway, please explain what "our remaining attempts" are.

 

Do I have a backup of my data? Like most people who get careless with our computers, no, I don't. Not directly anyway. Given how long I've been using them, you'd think I would know better.

 

Now, as to what I meant with that cryptic statement. A friend lent me a copy of Spotmau Boot Suite. This is essentially Windows PE with disk tools. I hope this will expand our options. I booted the machine on this utility. I have established a connection to the 1 TB drive attached to my router (a network share). I can read the contents of my C:\ partition without difficulty using Explorer. So, I can now transfer anything I want to the share. This utility has the Computer Management\Device Management plug ins, and a lot more Microsoft tools. I checked under Computer Management\Disk Management and it reports that the C:\ partition is Healthy (Active, Primary Partition). I can run Chkdsk, Defrag, Cleanup, Regedit, etc. from the CD.

 

I'm thinking of running chkdsk first, then disk cleanup and defrag. Since I can search\edit the registry, I can make any changes necessary there.

 

What do you think?

 

Thanks,

Tom


  • 0

#18
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

Sorry, I forgot to thank you for the link about 'status 50'. Interesting that one of the possible causes of the file corruption could be a trojan. Something I had suspected.

 

Tom


  • 0

#19
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

Anyway, please explain what "our remaining attempts" are.

 

  1. Remove as much as we can of AVAST. Sometimes a program can get corrupted and be the cause of the problem. Perhaps some malware that got caught by AVAST but left behind corruption... Removing it can sometimes allow us to run tools to fix the damage.
  2. We could try a regback using FRST backup which might be an outside chance if the corruption is confined to the registry. I don't think that likely to work but you never know.
  3. Run Chkdsk again. Sometimes it needs to be run two or three times to finish it's job.
  4. Run System File Checker to fix corrupted system files

 

 

Do I have a backup of my data? Like most people who get careless with our computers, no, I don't. Not directly anyway. Given how long I've been using them, you'd think I would know better.

 

Now, as to what I meant with that cryptic statement. A friend lent me a copy of Spotmau Boot Suite. This is essentially Windows PE with disk tools. I hope this will expand our options. I booted the machine on this utility. I have established a connection to the 1 TB drive attached to my router (a network share). I can read the contents of my C:\ partition without difficulty using Explorer. So, I can now transfer anything I want to the share. This utility has the Computer Management\Device Management plug ins, and a lot more Microsoft tools.

 

My purpose in asking if you had a backup was to find out if I needed to provide you with the tools to backup your data before trying the actions described above. If, for example, your hard disk is getting ready to fail, then we might not get through the actions without further corruption, even to the point of not being able to recover data.

 

It seems though, that you already have found a way to access what you need.

 

Would you like to backup what you want before I give you further instructions?


  • 0

#20
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

emeraldnzl,

 

I spent about 5 hrs in totoal today with the PC.

 

I ran chkdsk again. Same result.

I moved some files, but I can still move more.

I tried to run sfc, but it wouldn't run. The message said that there was a pending repair. I guess that's my fault for shutting the PC down too soon.

I ran System Repair. The results are shown in the 2 attached files.

 

5739 StartupRepair2.JPG 5738 StartupRepair1.JPG

 

I rebooted the PC and StartupRepair started again.

 

Thanks,

Tom

 

PS. Would using the original CD help in any way?


  • 0

#21
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

My question is, have you been able to back up your files? Running Chkdsk again before doing that risks chkdsk itself removing data you may want.

 

If you have your backups then let's see a fresh FRST scan before we do anything else.


  • 0

#22
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

OK, here is a new FRST Scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2016
Ran by SYSTEM on MININT-36PIQSI (01-12-2016 10:27:51)
Running from F:\
Platform: Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet004
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [CmPCIaudio] => RunDll32 CMICNFG3.cpl,CMICtrlWnd
HKLM\...\Run: [ACPW09EN] => C:\Program Files\ACD Systems\ACDSee Pro\9.0\acdIDInTouch2.exe [1731016 2016-07-14] (ACD Systems)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software)
S2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-14] (HP Inc.)
S4 lxdp_device; C:\Windows\system32\lxdpcoms.exe [589824 2007-11-19] ( )
S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [420920 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [420920 2016-10-25] (NVIDIA Corporation)
S2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [931896 2016-10-25] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\Dr.Fone for Android (CPC)\DriverInstall.exe [115856 2016-09-21] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-30] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-30] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-08-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [60424 2016-08-30] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-08-30] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2016-08-25] (IVT Corporation.)
S3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1872192 2009-11-30] (C-Media Inc)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [185472 2013-04-16] (eMPIA Technology Corp.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-10-25] (Samsung Electronics Co., Ltd.)
S3 DualCoreCenter; C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [36152 2010-02-08] (MICRO-STAR INT'L CO., LTD.)
S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [26112 2013-07-04] (eMPIA Technology Corp.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5632 2013-04-16] (eMPIA Technology Corp.)
S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-08-25] (REALiX™)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
S2 mi2c; C:\Windows\system32\drivers\mi2c.sys [18224 2016-01-28] (Nicomsoft Ltd.)
S3 NVR0Dev; C:\Windows\nvoclock.sys [6912 2006-10-13] (NVidia Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27704 2016-10-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [42040 2016-10-25] (NVIDIA Corporation)
S3 RushTopDevice2; C:\Program Files\MSI\DualCoreCenter\RushTop.sys [55296 2009-03-18] (Your Corporation)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [6144 2013-04-16] (eMPIA Technology Corp.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 MSICDSetup; \??\E:\CDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-26 07:43 - 2016-12-01 10:27 - 00000000 ____D C:\FRST
2016-11-18 07:18 - 2016-11-18 08:44 - 00000000 ____D C:\Users\TK\AppData\LocalLow\Mozilla
2016-11-18 06:16 - 2016-11-18 06:16 - 00003288 ____N C:\bootsqm.dat
2016-11-09 12:11 - 2016-11-09 12:11 - 00074635 _____ C:\Users\TK\Documents\H6LLWJ.pdf
2016-11-08 09:56 - 2016-11-08 09:56 - 04629193 _____ C:\Users\TK\Downloads\TomTom-ONEv5-XLv2-en-GB.pdf
2016-11-07 11:13 - 2016-10-25 12:21 - 00095800 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap32v.dll
2016-11-07 11:13 - 2016-10-25 12:21 - 00042040 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad32v.sys
2016-11-07 07:12 - 2016-11-07 07:12 - 00011895 _____ C:\Users\TK\Documents\Flash GN.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-30 03:58 - 2016-08-21 04:10 - 00775920 _____ C:\Windows\ntbtlog.txt
2016-11-27 17:07 - 2015-04-06 16:04 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-27 16:58 - 2016-09-24 04:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-27 16:58 - 2015-04-06 20:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-11-18 06:23 - 2009-07-13 20:34 - 00028720 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-18 06:23 - 2009-07-13 20:34 - 00028720 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-18 05:50 - 2015-04-06 10:31 - 00000000 ____D C:\users\TK
2016-11-16 16:14 - 2010-11-20 13:01 - 00006206 _____ C:\Windows\System32\PerfStringBackup.INI
2016-11-09 12:13 - 2015-04-22 08:09 - 00223744 ___SH C:\Users\TK\Documents\Thumbs.db
2016-11-08 08:22 - 2016-01-28 11:15 - 00182784 ___SH C:\Users\TK\Downloads\Thumbs.db
2016-11-08 07:36 - 2015-04-14 05:16 - 00000000 ____D C:\Users\TK\AppData\Roaming\NVIDIA
2016-11-07 12:29 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-11-07 11:14 - 2016-10-08 00:38 - 00001374 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-07 11:14 - 2015-04-06 16:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-07 11:13 - 2015-04-06 16:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-06 10:43 - 2015-05-05 07:23 - 00001259 _____ C:\Users\TK\Desktop\BillPay.txt
2016-11-05 07:12 - 2015-04-13 04:37 - 00000000 ____D C:\Users\TK\AppData\Local\Microsoft Help

==================== Known DLLs (Whitelisted) =========================

[2016-09-22 08:43] - [2015-11-10 10:36] - 0811520 ____A () C:\Windows\System32\user32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2016-09-22 08:43] - [2015-11-10 10:36] - 0811520 ____A () 2587CB3072AC5D41985B75833C765D2A

C:\Windows\System32\User32.dll => no Company Name <===== ATTENTION

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 4095.37 MB
Available physical RAM: 3598.15 MB
Total Virtual: 4093.65 MB
Available Virtual: 3595.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:456.77 GB) (Free:384.24 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DISK 1 PART 2) (Fixed) (Total:8.99 GB) (Free:5.61 GB) NTFS
Drive f: (TRAVELDRIVE) (Removable) (Total:3.73 GB) (Free:1.36 GB) FAT32
Drive g: (TOSHIBA EXT) (Fixed) (Total:298.01 GB) (Free:159.2 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: ED50ED50)
Partition 1: (Active) - (Size=456.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9 GB) - (Type=05)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 28032449)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: C27C4F8F)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)


LastRegBack: 2016-11-05 08:53

==================== End of FRST.txt ============================


  • 0

#23
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello Tom1178,

 

Open notepad.

Please copy the contents of the code box below.

To do this highlight the contents of the box and right click on it. Paste this into the open notepad.

Save it on the flashdrive as fixlist.txt

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-30] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-30] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-08-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [60424 2016-08-30] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-08-30] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
C:\Program Files\AVAST Software
C:\Windows\system32\drivers\aswHwid.sys
C:\Windows\system32\drivers\aswKbd.sys
C:\Windows\system32\drivers\aswMonFlt.sys
C:\Windows\system32\drivers\aswRdr2.sys
C:\Windows\System32\Drivers\aswRvrt.sys
C:\Windows\system32\drivers\aswSnx.sys
C:\Windows\system32\drivers\aswSP.sys
C:\Windows\system32\drivers\aswStm.sys
C:\Windows\System32\Drivers\aswVmm.sys
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 MSICDSetup; \??\E:\CDriver.sys [X]
CDriver.sys

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Please enter System Recovery Options, as we've done previously.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

After that

 

Try booting to Systems Recovery and running Startup Repair

 

Come back and tell me how it went.


  • 0

#24
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

Hi emeraldnzl,

 

Ran FRST/fix with the fixlist.txt above. fixlog.txt follows.

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 23-11-2016
Ran by SYSTEM (01-12-2016 16:18:41) Run:3
Running from F:\
Boot Mode: Recovery

==============================================

fixlist content:
*****************
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-30] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-30] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-08-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [60424 2016-08-30] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-08-30] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
C:\Program Files\AVAST Software
C:\Windows\system32\drivers\aswHwid.sys
C:\Windows\system32\drivers\aswKbd.sys
C:\Windows\system32\drivers\aswMonFlt.sys
C:\Windows\system32\drivers\aswRdr2.sys
C:\Windows\System32\Drivers\aswRvrt.sys
C:\Windows\system32\drivers\aswSnx.sys
C:\Windows\system32\drivers\aswSP.sys
C:\Windows\system32\drivers\aswStm.sys
C:\Windows\System32\Drivers\aswVmm.sys
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 MSICDSetup; \??\E:\CDriver.sys [X]
CDriver.sys
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AvastUI.exe => value removed successfully.
avast! Antivirus => service removed successfully.
aswHwid => service removed successfully.
aswKbd => service removed successfully.
aswMonFlt => service removed successfully.
aswRdr => service removed successfully.
aswRvrt => service removed successfully.
aswSnx => service removed successfully.
aswSP => service removed successfully.
aswStm => service removed successfully.
aswVmm => service removed successfully.
C:\Program Files\AVAST Software => moved successfully
C:\Windows\system32\drivers\aswHwid.sys => moved successfully
C:\Windows\system32\drivers\aswKbd.sys => moved successfully
C:\Windows\system32\drivers\aswMonFlt.sys => moved successfully
C:\Windows\system32\drivers\aswRdr2.sys => moved successfully
C:\Windows\System32\Drivers\aswRvrt.sys => moved successfully
C:\Windows\system32\drivers\aswSnx.sys => moved successfully
C:\Windows\system32\drivers\aswSP.sys => moved successfully
C:\Windows\system32\drivers\aswStm.sys => moved successfully
C:\Windows\System32\Drivers\aswVmm.sys => moved successfully
MBAMSwissArmy => service removed successfully.
MSICDSetup => service removed successfully.
CDriver.sys => Error: No automatic fix found for this entry.

==== End of Fixlog 16:18:42 ====

 

Then, booted to System Recovery/Startup Repair. It looked like the system was actually going to start!!! Windows splash screen and all. But, alas, it went back and ran Startup Repair again.

 

Results of the most recent Startup Repair are attached.

 

Thanks,

Tom

Attached Thumbnails

  • 5743 StartupRepair4.JPG
  • 5742 StartupRepair3.JPG

  • 0

#25
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Edit

 

Post edited to remove irrelevant content.

 

Okay my mistake I posted instructions forgetting you can't boot to your desktop. What we want to do is check your hard drive.

I think this one will work on most hard drives. I understand that these tests are not completely reliable but it might be enough to tell you what you need to know.

Here are some instructions to test that.

Go to Sea Tools for Dos tutorial for tutorial instructions.

Click on Seatools to download the tool.

Save the download to your desktop of the computer you are using.

In Windows 7 right click the ISO file, select Open With, then select Windows Disc Image Burning Tool then follow the prompts.
For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn Install the program and start the application. Select the top left hand option to Write image file to disc and then on the next window click on the small yellow folder icon and browse to the ISO file on your desktop. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

You will need a blank recordable CD or a re-recordable CD. You cannot use this software on a USB flash drive.

When the CD has been burned boot the sick PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence Bios Boot Order Guide. Insert the disk in the drive then reboot and the disc will load into DOS. Click on Basic Tests and select the Long Test.

A full set of instructions can be found here: Seatools instructions

When the test completes it will show a Pass or Fail.

 

Tell me the result.


  • 0

Advertisements


#26
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

emeraldnzl,

 

I assume I will be using the 'Long Test'. Is that correct?

 

Is this test destructive?

 

Thanks,

Tom


  • 0

#27
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

I assume I will be using the 'Long Test'. Is that correct?

 

 

Yes, for all the effort you are going to, we want to get the best information we can.

 

 

Is this test destructive?

 

I haven't had that happen with anyone before but if a hard drive is failing then I believe that is always a risk. Another reason why you should backup what you can before hand.

I think you said you were able to access your data but if I have that wrong I can give you some instructions to create a Puppy Linux disk which should help you access your data if the hard disk is not completely corrupted.


  • 0

#28
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

emeraldnzl,

 

OK, ran SeaTools/Long Test.

Results attached.

Was it the 0x45d Error code which caused you to suspect the drive?

 

Thanks,

Tom

 

5746 SeaToolsLog.JPG


  • 0

#29
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Was it the 0x45d Error code which caused you to suspect the drive?

 
That together with the problems running Chkdsk. I thought it the most likely possibility but it wasn't the only one.
 
Next thing to try

I think you said at one point that you had the Windows Installation Disk for that computer.

Assuming you have, put the Windows 7 installation disc in the disc drive, and then start the computer

  • Press a key when you are prompted. Select a language, a time, a currency, a keyboard or an input method, and then click next.
  • Click Repair your computer.
  • Click the operating system you want to repair, and then click Next.
  • In the System Recovery Options dialog box, click Command Prompt.
  • Type in the following command

Bootrec.exe

Press Enter

Tell me how it goes.


  • 0

#30
Tom1178

Tom1178

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

I have several options:

 

After bootrec.exe:

/FixMbr

/FixBoot

/ScanOs

/RebuildBcd


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP