blackscreen on startup windows 7

[RandyL]

You might also want to try the System Update Readiness Tool

[Plastic Nev]

Hi, first try all of RandyL's suggestions as you didn't say if that copy of Windows 7 is just that or Windows 7 service pack 1.

If that SP1 isn't in, then later updates will cause confusion to the system. The update trouble shooter http://support.microsoft.com/kb/949358#method1 or the System Update Readiness Tool should help in that, but if not, you may need to find Service Pack 1 and install that first.

 

Nev.

[kaos]

ok i tried all of the above suggestions and downloaded system update readyness tool. when i ran it it said that it had recognised win update database error 0x80070005 and rectified it. also repaired 3 win update components and installed a hotfix for windows KB947821.

 

i restarted and it blackscreened again. the only way i can get my computer to boot is by keep tapping f8 until i get a menu in which i can choose to boot from last known good configuration.

this is so annoying!

 

windows 7 pro sp1 64 bit

[RandyL]

When you update manually don't install any driver updates from the optional updates. It's possible that may be the cause since safemode boots.

[kaos]

ok but even now with updates off. i can only boot computer from last known good config. without installing anything if i restart i still get blackscreen so its impossible to tell which update it would be.

everytime i boot it has to be f then last known good config

[KenB]

Hi

even now with updates off. i can only boot computer from last known good config.

With a new install I assume that you have not got an Anti-Virus yet ?

 

Having to use "Last Known ...." every time implies that on shut-down your registry is getting corrupted.

 

Boot up again and download MBAM from here:

click here

 

You want the free version.

Install and run it.

It will produce a log. Copy this and post it here please.

 

(This is not an AV :) )

[kaos]

results of MBAM:

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.19.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Kaos :: KAOS-PC [administrator]

Protection: Enabled

19/01/2013 11:15:05

MBAM-log-2013-01-19 (15-23-40).txt

Scan type: Full scan (C:\|D:\|F:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 380609

Time elapsed: 25 minute(s), 40 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 12

HKCR\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCR\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} (PUP.Datamngr) -> No action taken.

HKCR\BrowserConnection.Loader.1 (PUP.Datamngr) -> No action taken.

HKCR\BrowserConnection.Loader (PUP.Datamngr) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

Registry Values Detected: 2

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Data: Search-Results Toolbar -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> Data: -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 9

C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (PUP.Datamngr) -> No action taken.

C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (PUP.Datamngr) -> No action taken.

F:\programs\Stardock.ObjectDock.Plus.v2.0.50727\Keygen.exe (RiskWare.Tool.CK) -> No action taken.

F:\programs\winrar\winrar_3.93_PRO_final_activated_latest_akhilesh910\Winrar3.93.exe (RiskWare.Tool.CK) -> No action taken.

(end)

[KenB]

PUP.Datamngr

 

This could be malware.

However I will need one of our security experts to confirm.

 

I will ask one of them to take a look and advise :)

 

By the way .........do you have an Anti Virus installed ?

[Starbuck]

Hi kaos

 

Can you please explain why the items in the MBAM report are marked as... No action taken

 

Please update MBAM and run another scan:

Start MBAM

Click on the Update tab

 

http://img.photobucket.com/albums/v708/starbuck50/new/mbamnew.png

 

Click Check for Updates

 

The latest Database Version is: v2013.01.19.09

 

If it says that MBAM needs to close to update it... let it close and then restart.

Then click the Scan button.

 

Don't forget:

• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  
• Click OK to close the message box and continue with the removal process.
  
• Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

 

Also:

 

Download CKScanner

 

Important - Save it to your desktop.

Doubleclick CKScanner.exe and click Search For Files.

After a very short time, when the cursor hourglass disappears, click Save List To File.

A message box will verify the file has been saved.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

In your next reply, please submit:

New MBAM report

CKFiles.txt

 

Thanks

[kaos]

hi,

ok i updated MBAM from 2013.01.19.07 to .10

 

i do not have any av programs although i do have advanced system care pro 6 which i thought did everything like that?

 

results of scan after update:

 

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.19.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Kaos :: KAOS-PC [administrator]

Protection: Enabled

19/01/2013 21:42:08

mbam-log-2013-01-19 (21-42-08).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 224928

Time elapsed: 1 minute(s), 4 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 12

HKCR\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCR\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} (PUP.Datamngr) -> No action taken.

HKCR\BrowserConnection.Loader.1 (PUP.Datamngr) -> No action taken.

HKCR\BrowserConnection.Loader (PUP.Datamngr) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken.

HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken.

Registry Values Detected: 2

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> Data: Search-Results Toolbar -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> Data: -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (PUP.Datamngr) -> No action taken.

C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (PUP.Datamngr) -> No action taken.

(end)

 

it asked me to restart to fully remove all the selected options which i did. then it blackscreened. had to restart to last know config.

 

results for ckfiles:

 

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad

c:\program files (x86)\stardock\objectdockplus2\keygen.exe

scanner sequence 3.AP.11.RBNAKN

----- EOF -----

[Starbuck]

Hi kaos

 

i do not have any av programs although i do have advanced system care pro 6 which i thought did everything like that?

Well they say that something is better than nothing..... but not in this case.

I can't think of one 'Helper' that would recommend that program.

 

Ok, here's where we are at:

The MBAM report is showing an illegal download.

The CKScanner report confirms this.

Unless this program is removed we can no longer assist you.

 

Why is the MBAM report still showing.... No action taken. (after every entry)

Can you explain this?

[kaos]

The MBAM report is showing an illegal download

 

really? what is it called and how do i remove it? maybe this 'illegal' download is malware??

 

Why is the MBAM report still showing.... No action taken. (after every entry)

Can you explain this?

 

i dont have a clue. how would i be able to explain this? i have never used this program before, or do i know anything about it.

i have followed your instructions regarding the update etc so i am unsure of what to do next?

[kaos]

ok.....

 

i have removed the potential 'illegal' program (objectdock)?

 

this is a program i was given off a friend which is basically just a dock to store my icons on kinda like a mac. i cant see this being the problem as i have used it for years but never the less it has been removed.

 

i updated and ran another full scan with MBAM but it is still reporting 'no action taken'? i made sure every box was checked to removed everything found.

 

i also installed avg 2013 free trial and ran a full system scan.

it found 8 potential threats and removed them all successfully.

 

any idea why MBAM is taking no action regarding these issues?

should i now run another scan as avg has removed all threats?

 

while installing avg the computer was restarted about 3 times and i am pleased to report that it booted up successfully everytime. :)

[KenB]

Another MBAM scan would do no harm - post the log for Starbuck to take a look at :)

[kaos]

looks like avg took care of it....

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.20.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Kaos :: KAOS-PC [administrator]

Protection: Enabled

20/01/2013 09:48:17

mbam-log-2013-01-20 (09-48-17).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 226145

Time elapsed: 1 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Starbuck]

this is a program i was given off a friend which is basically just a dock to store my icons on kinda like a mac. i cant see this being the problem as i have used it for years but never the less it has been removed.

We wasn't trying to be awkward, but it is our site policy that if we see anything illegal in the reports.... we stop help until it's been removed.

A lot of the staff have dealings with companies that have their software used illegally...... it doesn't look good if we continue when we see it.

Obviously this was a one off and has now been removed.

I thank you for that.

 

That MBAM report looks nice. :)

 

while installing avg the computer was restarted about 3 times and i am pleased to report that it booted up successfully everytime.

Maybe it was something that AVG removed that was interfering with MBAM and was causing the files to not be removed.

 

See how the system runs now and come back if there's any problem.

The thread will remain open for you.

[kaos]

thankyou all for your help it is very much appreciated! i will monitor the computer and report back any problems. :)

[KenB]

Looking good so far :)

 

i also installed avg 2013 free trial

Starbuck will be able to advise - but this ( if it is a trial version ) will be asking you for some cash shortly.

 

There are some totally free - and excellent - AVs available.

 

Reminder - only have one AV on your system at any one time.

[kaos]

great! can starbuck reccomend some good free AV's? :)

 

when im finished with the avg trial do i need to download the removal tool from avg's site to remove it properly?

[KenB]

Not sure if Starbuck missed this - so I will try to answer your question.

 

reccomend some good free AV's?

Starbuck and I both use Microsoft Security Essentials at the moment.

This is totally free and updates regularly.

As it is a Microsoft product it will check to see if your OS is legal before it installs.

 

Avast and Avira are two other AVs that I have seen recommended.

 

do i need to download the removal tool from avg's site to remove it properly?

Yes - this is your best option.

[Starbuck]

As KenB pointed out, i run MSSE on 3 systems and have never had a problem.

 

• Avira AntiVir ... see note* ....installation guide Here
  
• Avast free
  
• MS Security Essentials ... see note** ... installation guide Here
  

 

Note*:

Avira now includes the Ask.com Toolbar unless you choose not to install it. This means it is pre-checked by default and it is recommended that you uncheck that option during installation.

This may have changed recently.... but check for it when installing.

 

Note**:

Upon installation MS Security Essentials will check that your OS is a legal copy.

 

Only install one AntiVirus program as KenB stated

 

To remove AVG, run the uninstaller in add/remove:

Then go to:

http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

 

download to your desktop.

then double click to start the uninstaller.

 

Then install your new AV program.