Category: Windows Vista


These are the instructions to make a cloned drive bootable again if the original had bad sectors. These instructions are only applicable for any Windows that uses the BCD, which is Vista and beyond, and has a MBR. You will need a Windows 7 or later DVD or equivalent USB stick; a Windows Vista disc will be harder. This assumes that the OS files were cloned successfully.

  • Run chkdsk on all the partitions.
  • Identify which partition has the BCD files. If there is a recovery partition, chances are good the BCD is stored on that drive.
  • Use the following commands in the diskpart program:
    • LIST DISK (use this command to identify the cloned hard drive number)
    • SELECT DISK # (where # is the cloned hard drive number)
    • LIST PARTITION (use this command to identify the partition with the BCD files)
    • SELECT PARTITION # (where # is the partition with the BCD files)
    • ACTIVE
    • EXIT
  • Now run the following commands: (Of course, some are redundant!)
    • bootsect /nt60 sys /force
    • bootrec /fixboot
    • bootrec /fixmbr
    • bcdboot d:\windows /s c: (where d:\ is the drive letter with all your Windows files and c: is the system partition from above)
      • NOTE: Usually but not always the system partition is given the driver letter c:. If it was not given any drive letter, you will have to use the diskpart commands to assign it a drive letter. But it some cases it may not be c:, in some cases it may be on the same drive as your Windows files.
  • Reboot.
  • If problems still persist, run startup repair.
Advertisements

I encountered a Windows 7 computer that would only boot to a black screen. The only thing I saw was a mouse arrow. At first I suspected the hard drive was corrupt, so I cloned the hard drive. But the problem still existed. With this computer I still had reason to believe the hard drive was bad. Next I scanned for a virus in Windows directory and the only that was discovered was one of those junk free programs that deliver pop-up ads.

It was at this point that I decided to try an easy solution. Since this was Windows 7 there would a good copy of the registry files at %windir%\system32\config\RegBack\. So after making a backup of the current registry files, I copied the good registry over the current ones. With this computer, some of the current registry files were twice as big as the good copies, which is why I think something was wrong with the old hard drive. After I did this, the computer booted fine.

Some other suggestions included running System Restore. I was lazy in this instance and didn’t try that. But I did increase the System Restore capacity once I got back into Windows. If you are still using Windows XP, you can always find the registry files under the \System Volume Information\ folder. Some other suggestions are that certain key folders have been corrupted or have corrupt permissions. Check the Windows folder, the Program Files folders, and the Recycle Bin folder.

This is a guide to fix Windows Update for Windows Vista and later. It is a guide for when Windows Update just does not work. The steps below assume there are no malware, viruses, or rootkits on the computer.

  1. If using an Intel processor, update the Rapid Storage Technology (RST) driver. Try downloading it from Intel’s website first, but if a compatible one is not found, you can download a know good copy here. Try Windows Update after restarting.
  2. If Windows Update still does not work, download the Tweaking.com Windows All In One repair. Make all the necessary backups. The repairs you want to make sure are done are to (1) Reset Registry Permissions; (2) Reset File Permissions on the Windows drive, usually c:; (3) Repair WMI; (4) Repair Windows Firewall; (5) Repair Internet Explorer; (6) Repair HOSTS File; (7) Remove Policies Set by  Infections; (8) Repair Winsock & DNS Cach; (9) Repair Proxy Settings; (10) Repair Windows Update; (11) Repair MSI; (12) Restore Important Services; and (13) Set Windows Services to Default Settings. Reboot after complete and try Windows Update again.
  3. If Windows Update still does not work, try an in-place upgrade.
  4. If the in-place upgrade fails, then start using Google to search for the error code given by Windows Update. If no code is given, then search for Windows Update problems without an error code.

Sometimes in Windows when you log in, you will get this message: “Windows cannot load the user’s profile but has logged you on with the default profile for the system”. The cause of this message is one of the user specific files has become corrupted. Chances are good that user’s registry hive is corrupted. There are several hidden files in the folder c:\users\[username]\ folder (Windows Vista and later) or c:\documents and settings\[username]\ folder (Windows XP and earlier). Hereafter in this blog post we will call these directories [old user].

Chances are good you won’t be able to fix this problem.

  • Try System Restore first, but be sure to choose a restore point several days before the problem occurred.
  • If that does not work, try your backup next, if you have one.
  • If that does not work, then you will need to create a new user. Below are the steps you need to take to migrate to a new user.
  1. Create a new user and log in to that new user. Do not open any programs just yet. And do not delete your old profile until you are absolutely sure everything has been copied.
  2. Browse to the new user’s folders, c:\users\[new user]\ or c:\documents and settings\[new user]\, hereafter called just [new user].
  3. Copy all the non-hidden files and folders from [old user] to [new user].
  4. After that finishes, browse to [old user]\appdata\local\ (Windows Vista or later) or [old user]\local settings (Windows XP or earlier). If you want, you can copy everything from this folder to the corresponding folder in your new user profile. It probably is a good idea only to copy folders from Microsoft or programs you currently have installed.
  5. Next browse to [old user]\appdata\roaming\ or [old user]\local settings\application data\ and copy those folders to the corresponding folder in your new profile.
  6. Log off and then log back in.
  7. See if your settings transferred. You might have to set up your email again. And that means you will might need to Google the location of the old email files and how to import them.

If the Master Boot Record (MBR) or partition information has been damaged by a virus, Windows will not boot. Variants of the TDSS rootkit, for instance, will infect the MBR and remove the system and active flags on all partitions. The purpose of that is to make sure the boot process must active the TDSS rootkit. You’ll know this has happened when all you get is a flashing cursor when attempting to boot from the primary hard drive. It can be easily fixed with the Windows 7 DVD. This process is easier with the Windows 7 DVD than with the Windows 8 or Windows Vista DVD. This solution only works if the hard drive has a MBR. The MBR replacement, GUID Partition Table (GPT), requires a computer with the UEFI instead of the BIOS. GPT is more secure than the MBR.

  1. Boot into the Windows 7 DVD and choose Repair Your Computer.
  2. Startup Repair may run, if it does, let it fix the problem. If it doesn’t, then run startup repair immediately. Then immediately reboot back into the Windows 7 DVD.
  3. Open a command prompt.
  4. If using Windows Vista or later, run the following commands:
    chkdsk c: /f /x (NOTE: The Windows DVD may have the Windows partition another drive letter. Make sure you use that drive letter.)
    bootsect /nt60 sys /force /mbr

    bcdboot c:\windows /s c: (NOTE: The Windows DVD may have assigned the Windows partition another letter. Use the drive letter Windows assigned for c:\windows.)
    diskpart
    select disk # (use the list disk command to get a list of drives and use the # of the boot drive.)
    select partition # (use the list partition command to get a list of partitions on this drive and choose the partition with Windows on it, likely the largest.)
    active
    exit
  5. If using Windows XP or earlier, use the same commands except replace /nt60 with /nt52 in the bootsect command and do not use bcdboot.
  6. Reboot and run TDSSKiller.

Recently I had someone call me up and asked if I could help her install Vista Service Pack 1. She explained that the normal way of using Windows Update did not work. I was trying to be helpful, so I suggested she try the standalone installer. She did and it didn’t work. But there were two problems. The failure of the standalone installer left the computer unable to get back into Windows. That wasn’t the biggest problem.

The biggest problem was Dell, in their infinite stupidity, decided it was not a good idea to installer the standard Vista recovery console. The problem is fixable with the Vista DVD. But why didn’t Dell give the computer a way to repair automatically like Vista allows?

Anyway, this person called me late Friday, I couldn’t get to her until Monday. In the meantime, she called Dell. Big mistake. All over-the-phone tech support people know how to do is read down a list. The problem was with Vista and its quirk and with Dell and their stupidity at the time. But, in my experience with tech supports, if their list doesn’t know how to fix the problem, it must be your fault or someone else’s fault. A common trait in too many businesses now.

Dell put the blame on me. I have the Vista DVD. I could have fixed the problem. Granted, it will take a very long time, but it is fixable. Dell made out like it wasn’t fixable. A lie or an act of ignorance. Either way, this person bought a new computer from Dell and then fussed me out.

Okay, now that the story is over, here is the lesson. If a Service Pack does not install with Windows Update, do not use the standalone installer. Instead, do an in-place upgrade first. An in-place upgrade is Microsoft way of saying a repair installation where Windows is rebuilt from scratch. The process works like you are upgrading Windows. In other words, in this instance you are upgrading Vista to Vista. The in-place upgrade must be for the same version and service pack of Windows. You cannot use an in-place upgrade to go Vista SP1 to Vista SP2. After the in-place upgrade finishes, then you can install the service packs.

Another lesson, don’t ever give advice on what to do with Windows Vista over the phone.

So here is a problem I encountered. A computer would not connect to the internet. The first thing I do is, of course, run the ipconfig command. This showed that it wasn’t getting an IP address from the router. So I tried to open the command prompt as an administrator, but all I got was a message saying “The specified service does not exist as an installed service” along with something else below it related to the action I was trying to perform. Whenever I tried to run anything as an administrator, I got this same message: “The specified service does not exist as an installed service“. Continue reading

Recently I encountered a computer that would not let me turn on the file and printer sharing in Vista. When attempting to turn on printer sharing, there was a message. Everytime I tried, I was giving a message that said something I can no longer remember. If I do, I will update this post.

Through a little work, I discovered that the Base Filtering Engine service was deleted. This was done by malware. The fix was easy enough. I just followed the instructions at the link below. It has registry files to repair the BFE service for Vista and Windows 7.

http://www.hageltech.com/blog/2012/02/07/base-filtering-engine-problems.html

This would be a good place to also provide two other commands that can fix network problems. Both must be run as an Administrator.

  • netsh int ip reset resetlog.log
  • netsh winsock reset

Also be sure to use Kaspersky’s TDSSKiller because if BFE is missing, chances are good the computer has a rootkit or an infected MBR.

 

A Windows Vista laptop is currently not booting. System Restore did not work. The customer said the blue screen of death appeared but I never saw it. The system file checker in the recovery console did not work, even though it said it found corrupt files but was unable to fix them. I tried chkdsk and bootrec /fixboot and bootrec /fixmbr from the recovery console already on the computer. When I was attempting to boot in safe mode, the boot process stops after loading hal.dll.

Because bootrec did not work and because safe mode stopped after hal.dll, I thought it was a virus infecting one of the Windows files. That is why I ran the system file checker. So I decided to scan the hard drive for viruses.

I pulled the hard drive and scanned with Eset on my computer. Eset discovered a boot sector rootkit and several other rootkit files on the computer, but didn’t clean any of them. (If I copied some of the files to my hard drive, Eset removed the file of my hard drive. Eset tends to be better for keeping things off rather than getting things off.) I found this interesting because I ran bootrec already which should have cleared and recreated the Master Boot Record and boot sector. Since Eset didn’t clean the boot sector, I ran Kaspersky’s TDSSKiller and that cleaned the boot sector.

I didn’t try to run the bootrec or bootsect commands from the Windows 7 disc. I wonder if these new rootkits alter the built-in recovery console so that the bootrec command does not clear the boot sector rootkit. From now on, if I suspect there is a rootkit I will boot using the Windows DVD and then try to fix the boot sector.

These are malware types Eset identified: (Eset tends to use their own name and not an industry standard name.)

  • Kryptik.AGVE trojan
  • Kryptik.AHVU trojan
  • Olmarik.AXY trojan – This is Eset’s name for the TDSS rootkit