Solved Vista Black screen BSOD - Acer PC

T

takberapapandai

Member
Acer veriton m661 Core 2 Duo - Vista Business 32bit OEM, 3 years

Start PC just only my Rising antivirus logo, mouse cursor and a couple of minutes the Vista screen saver played.

I had hooked to the next PC or/and used AV live CD to scan for virus.

System believed had been infected by malware/virus. Scan by Rising, Kaspersky and malwarebytes and spybots.

F8 (safe mode) - all the same. No Ctrl+Alt+Del function to access the explorer.exe.

What I had done based on my googling guide;

1. Run Vista Recovery CD.

run regedit/Regedt32 to check ;

a. Check the "ObjectName" value

On the File menu, select Load Hive.

HKEY_LOCAL_MACHINE\MySYSTEM\Select and find the “Current” value in the Right hand side. Current value is 2

But the available entry under

Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00X is ControlSet001.
There is no ControlSet002.

ControlSet002 missing.

Checked for the "ObjectName" value

Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcSs

Value Name of "ObjectName" is still "NT AUTHORITY\NetworkService"


b. Checking the "Shell" and "Userinit" String Value

go to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Shell= cmd.exe /k start cmd.exe
Userinit= X:\windows\system32\userint.exe,

I had changed the shell value for so many time but after reboot, there is no change.
Some sort the registry file is not save or write protect or lock by something.

I also had checked the

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RUN

there is no entry - empty.


2. RUN BARTPE Live CD

a. Check the "ObjectName" value

Value Name of "ObjectName" is "LocalSystem" not "NT AUTHORITY\NetworkService"
ControlSet002 missing.

b. Checking the "Shell" and "Userinit" String Value

Shell= Explorer.exe
Userinit= X:\system32\userint.exe,

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RUN (empty).

Edit and save but no change. Still black screen and registry still with the same value.

_________________________________________________

I had run your BSOD Dump & System File Collection app. But can't run the a System Health Report - START | type perfmon /report

because Im using the Vista Recovery Cd command prompt.

But managed to found an old "perfmon.msc" file in the C:\windows\system32 folder.

I zipped in one file.

Chkdsk /f or sfc /scannow failed - An unspecified error occurred.

Help me please before I format the hd.

Tq.:cry:
 

Attachments

My Computer

System One

  • Manufacturer/Model
    Acer Veriton M661
    CPU
    Intel Pentium Core 2 DUO
    Motherboard
    Acer
    Memory
    4GB
    Graphics card(s)
    Intel
    Sound Card
    Intel
    Monitor(s) Displays
    Acer
All not working

My Question ;

I had changed the shell value for so many time but after reboot, there is no change.
Some sort the registry file is not save or write protect or lock by something.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

The Shell is still "Shell= cmd.exe /k start cmd.exe"
and "Userinit= X:\windows\system32\userint.exe,"

Some sort that I am keeping on running regedit to edit the registry file belong to the Recovery CD.

Am I right, if so, how am I going to edit the registery file located in the hard disk.

:sa::cry:
 

My Computer

System One

  • Manufacturer/Model
    Acer Veriton M661
    CPU
    Intel Pentium Core 2 DUO
    Motherboard
    Acer
    Memory
    4GB
    Graphics card(s)
    Intel
    Sound Card
    Intel
    Monitor(s) Displays
    Acer
Ok , I managed to edit the registry file. I load hive. Checked all the necessary entries for error based on my google finding.

But still not solved.

Find this trick

[HKEY_USERS\ .Default\ Control Panel\ Desktop]
SCRNSAVE.EXE = "cmd.exe"
ScreenSaveTimeOut = 15 (Default = 900 secs)
ScreenSaveActive = 1 (Default = 0)

ok, managed to get the command prompt and run explorer, but these happen ;

explo.jpg

ev.jpg

locals.jpg

cm1.jpg

cm2.jpg


Can't shutdown.

locals.jpg


????:cry: Its open the Local service user after the screensaver run.
 

My Computer

System One

  • Manufacturer/Model
    Acer Veriton M661
    CPU
    Intel Pentium Core 2 DUO
    Motherboard
    Acer
    Memory
    4GB
    Graphics card(s)
    Intel
    Sound Card
    Intel
    Monitor(s) Displays
    Acer
Can close this, I had solved the problem.
 

My Computer

System One

  • Manufacturer/Model
    Acer Veriton M661
    CPU
    Intel Pentium Core 2 DUO
    Motherboard
    Acer
    Memory
    4GB
    Graphics card(s)
    Intel
    Sound Card
    Intel
    Monitor(s) Displays
    Acer
To mark a thread as solved click on the
and write solved.I have done it for you this time.
 

My Computer

System One

  • Manufacturer/Model
    Lenovo Thinkpad T400
    CPU
    Intel Mobile Core 2 Duo P8700 @ 2.53GHz
    Motherboard
    LENOVO 64734VM
    Memory
    2.00GB Single-Channel DDR3 @ 531MHz
    Graphics card(s)
    Intel Mobile Intel 4 Series Express Chipset Family
    Sound Card
    Conexant 20561 SmartAudio HD
    Monitor(s) Displays
    15 inch
    Screen Resolution
    1280 x 800
    Hard Drives
    1x 180GB Intel 530 series SSD 1 x 120GB Hitachi 5400rmp 1 x 650GB Western Digital Elements 5400rpm 1x 1Tb Western Digital Elements 5400rpm
    Internet Speed
    Medium for New Zealand
    Other Info
    Weakest part of my computer is the graphics chipset. Only ever used a laptop. Also use USB Freeview TV Card Lenovo Docking Station External Speakers Other bits a pieces as needed
I have this same issue, but on windows 7. After I delete the cmd file in winlogon in registry, it comes back. Can someone tell me how to fix this>>>?
 

My Computer

System One

You must log in or register to reply here.
Back
Top