Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 boot hangs after aswbidsha.sys (corrupted Avast startup file

avast windows boot aswbisha

  • Please log in to reply

#46
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,140 posts
  • MVP

OK.  Time to stop spinning our wheels and reinstall windows.  Let me know how it goes.


  • 0

Advertisements


#47
stallada

stallada

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Unexpected weirdness!  Before installing a fresh copy, I backed up the drive (via robocopy) on a new HDD I bought and partitioned.  First, it looks like it may have done some more strange juggling with the drive letters again, since it copied everything to a different drive than I specified (not a problem, it actually happened to just go onto a different partition on the drive).

 

However, when I restarted the computer, it now recognizes this as a bootable OS - I didn't think this was something robocopy was capable of?  On top of this, it seems to be a little more functional: it hangs in the same way as before (black screen with cursor in both normal and safe mode boots, still hangs for a few seconds after aswbidsha.sys in safe mode boot), but actually is able to load Windows after a few seconds.  In a normal boot, I can't login, I get the message "The User Profile Service failed the logon.  User profile cannot be loaded." for each of the accounts.  I am able to successfully get into safe mode though.

 

In the boot options menu, it lists the old drive as just "Windows 7", but this new build as "Windows 7 Professional N (recovered)" - the correct Windows version.

 

Before I went ahead with the install, I wanted to see if perhaps this opened up any new doors for us - maybe I can use this to generate a restore point?  Alternatively, might this be an indicator that my drive is failing?

Attached Files


  • 0

#48
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,140 posts
  • MVP

Can you create a new login while in Safe Mode?  If so give the new login admin power then reboot and see if you can log in with the new login.


  • 0

#49
stallada

stallada

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

I'm able to create a new account, but I can't login to it - it hangs on "Preparing New Desktop" for a while, before kicking me to the 'default profile'


  • 0

#50
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,140 posts
  • MVP

Run FRST from safe mode with networking.  Check the Addition.txt box then hit SCAN and post both logs.

 

Also see if you can do this:

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 


  • 0

#51
stallada

stallada

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Here are each of the output logs you asked for.

Attached Files


  • 0

#52
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,140 posts
  • MVP

Copy the next lines

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  

 

Type with an Enter after each line:

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /s > \junk.txt
dir /a c:\users\public >> \junk.txt
dir /a c:\users\stalla >> \junk.txt
dir /a /s c:\windows\system32\tasks >> \junk.txt
notepad \junk.txt

  Copy and paste the text from notepad into a reply.  Close notepad.  Close the Command Window.

 


  • 0

#53
stallada

stallada

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Here's the generated file - figured it would be neater for you if I attached the txt rather than copy/pasting the text (although I can obviously do so if you need me to)

Attached Files

  • Attached File  junk.txt   28.89KB   72 downloads

  • 0

#54
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,140 posts
  • MVP

Look at C:\Users\Stalla\NTUSER.DAT

 

That's essentially the user profile.  Right click on it select Properties and see what the permissions are and who owns it.


  • 0

#55
stallada

stallada

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

It has full control - 'Allow' for all, with no check (either allow or deny) for special permissions


  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,140 posts
  • MVP

try
Windows Repair all in one

http://www.tweaking....all_in_one.html

Download it and save it then run it.

You can skip to step 4 or 5 where it gives you the same picture as in the above link.

Just check all of the options then hit Start.

Reboot when done and run VEW again as before.


  • 0






Similar Topics


Also tagged with one or more of these keywords: avast, windows, boot, aswbisha

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP