Google redirects & spybot,hijack this problems
Posted 22 November 2009 - 05:21 PM
Register to Remove
Posted 23 November 2009 - 01:50 PM
Posted 23 November 2009 - 03:56 PM
There are a couple more services that could be disabled but I was hesitant to do so until we saw the results. I'd like to verify if anything has changed in the boot process before making any more changes. Please delete the C:\windows\ntbtlog.txt file once more then do an F8 startup>Enable bootlogging, then post the new ntbtlog.
Also, there will be a new C:\Windows\regmon.log I would like zipped and uploaded to my submission channel.
Posted 23 November 2009 - 05:50 PM
Posted 23 November 2009 - 11:58 PM
Posted 24 November 2009 - 02:30 PM
Posted 24 November 2009 - 08:57 PM
The presence of hiberfil.sys is normal if hibernation is enabled on the machine, and would be re-created automatically upon system startup if missing. The reason for renaming it is - if the machine had entered hibernation the last time it shut down from a successful logon session, all the information loaded in memory at that time (drivers loaded, programs running, etc) would have been saved to the hiberfil.sys file and the bootup session would be transfered to load that information instead of the configuration we currently have - it was a longshot.
I've put together another fix to try.
Please save this file to the MiniXP desktop.
Start Registry Editor PE, no user hive necessary, then minimize it to the taskbar when fiully loaded.
Double click the file to run it, then post the log it creates.
Exit the registry editor and restart to see if it boots normally.
If no change, restart and enable Boot Logging, then post the new ntbtlog.txt and upload the regmon.log file.
Posted 25 November 2009 - 04:14 PM
Posted 25 November 2009 - 05:13 PM
Posted 27 November 2009 - 12:05 AM
I've been studying all of the logs, looking for anything that might suggest what is causing the boot sequence to stall where it does, and as you know, have been addressing everything I see as suspect with some sort of action to work around it. We have gotten to a point where I see nothing else suspect. The latest Regmon log is void of any errors, failed or denied entries. The last log you posted, the list of .sys files, has been checked for filenames, sizes and dates created, with no irregularities. It's possible that I've overlooked something, though I did scrutinize carefully.
That said, a couple more things to try.
From the Hiren's BootCD menu, select Start BootCD.
At the menu, type 6 or use the arrow up key to highlight 6. Hard Disk Tools, then press Enter.
Type 1 or arrow up to 1. HDD Regenerator 1.61 then hit Enter.
Allow it to load and it will scan the system for Hard Disks, then display the results.
If only one is found, it will tell you to press any key to continue.
Press any key or select the proper hard disk if more than one, then continue.
The next screen will display 4 options - type 1 to select Scan and Repair then hit Enter.
Leave the default setting of 0 at the next screen to begin scanning at the beginning of the drive, then press Enter.
Your entire hard drive will now be scanned for bad sectors, and if any are found the utility will attempt to repair them.
Allow it to run to completion and make note of, then report the results to me.
Press Esc to exit the utility, then Ctrl+Alt+Del to restart the computer from the R:\> prompt.
See if the computer will boot successfully from the hard drive.
If unsuccessful, and you have an Operating System disc (Re-installation or Recovery cd will suffice here), eject the Hiren's disc and insert the Operating System disc, then restart and boot from the disc (you may need to press F12 to bring up the boot menu, where you can choose to start from the CD-Rom drive) by pressing any key when prompted to boot from the cd.
You should be presented with a Windows Setup screen, where you will press R to repair the system using the Recovery Console.
When loaded, you will be asked which operating system to logon to, which is generally 1. C:\Windows
Press 1 then Enter if applicable.
When/if prompted for the Administrator password, type the password you gave the Administrator account or press Enter to leave blank (blank is default on most systems).
At the C:\Windows> prompt, type chkdsk /r then hit Enter.
When checkdisk completes, type exit then hit Enter to restart and try a normal startup to the hard drive.
If still unsuccessful, go back to the recovery console and at the C:\Windows> prompt, type fixboot c: then hit Enter.
Type Y at the 'Are you sure prompt' then hit Enter.
You should receieve a 'new boot sector was successfully written' message then it will return to the C:\Windows> prompt.
Type exit and hit Enter to restart and attempt booting normally again.
Register to Remove
Posted 27 November 2009 - 06:13 PM
Posted 27 November 2009 - 06:50 PM
Edited by noahdfear, 27 November 2009 - 06:54 PM.
Posted 27 November 2009 - 07:05 PM
Posted 27 November 2009 - 07:09 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users