PC starts up and goes black after Win Screen

I'm able to boot into safe mode without issue. That's what I'm on right now.

Spybot seems to remove problem, but it returns upon next reboot.

I removed my nvidia driver and reinstalled a new one (from download). This seemed to help for most of today. Then my wife said the screen just went black in the middle of checking her email.

Here are the symptoms: When I started the pc the other day, it ran through the bootstrap process. Just before completing this, the screen was covered with horizontal lines like this: | with text in front of them. Then the windows bootup starts. The background at this point has long diagonal green lines. It looks like an analog TV with bad reception. It looks like the desktop is going to come up and the screen goes black. The hard drive continues to run like it's starting up programs, but nothing else comes into view.

I tried to find processes I didn't recognize and look them up online using a-squared hijack free. Everything I looked up was a standard windows process. I did find a mention that the NVidia driver can get infected and cause video issues. That's when I thought I'd try to remove it and put a clean driver on.

I hope someone has some suggestions for me. The symptoms I'm experiencing are difficult to google for solutions.

Here's my HJT log:

Inline HJT log removed.

 

Hello mjpeebles,

This sounds more like a hardware/driver issue than it does a malware one. What problems was Spybot continually finding? Do you have a log saved from Spybot that you can post?

 

If it's a driver issue, why would putting the most current driver on the machine only fix the issue temporarily? If it's a hardware issue, why would putting on a new driver fix the issue at all?

 

I searched through Spybot to find a log file and couldn't find one. It appears spybot didn't retain a log file. I actually don't even see an option to create one. Next time I run a scan I'll attempt to save the results.

 

Okay, I removed the Nvidia driver in safe mode then rebooted the machine. Windows started in normal mode just fine. My screen is in VGA right now, but it is working.

Here's a new log file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:17:24 PM, on 10/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Edit by chaslang: Inline HJT log removed. READ & RUN ME sticky not followed.

End of file - 7663 bytes

 

HJT Log is now uploaded...
Matt

 

Hello mjpeebles,

Those were simply ideas, the reason I mentioned them is because your log showed no signs of malware. Malware has been known to hide from HijackThis, though. Let's get some more information and make sure this isn't malware, if it isn't we'll run through some other diagnostic methods.

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

• READ & RUN ME FIRST. Malware Removal Guide

• If something does not run, write down the info to explain to us later but keep on going.

• Do not assume that because one step does not work that they all will not.

Notes:

1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
   
   • Starting your computer in Safe mode
2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.

 

The problem was solved after going through the malware removal guide. Running Malware Bytes Antimalware identified a couple of registry issues. I've attached the log file. Hopefully, it helps the next person who has this issue.

 

Here are the other 3 logs. I have not toggled my restore point. I did install the Recovery Console that ComboFix requires. I did not encounter any critical errors since running ComboFix and have not rebooted my machine since running it.

 

Problem returned as you predicted. Occured after windows update autoran overnight. Computer rebooted to black windows screen.
I booted into safe mode. Ran system restore to 2 days prior. Did not resolve the problem.
Booted back into safe mode. Removed NVidia driver.
Rebooted and started normal windows.
Ran Scans again to get new logs to post: CCleaner (0 results), Super Antispyware (0 problems found), Spybot (0 problems found), Malware Bytes (0 problems)
-Combofix receiving an error when trying to run this program again. "Were you trying to run CFScript? The name, CFScript appears to be incorrectly spelt". When I click okay the program terminates. I know "spelt" is not a word, so this is clearly suspicious.
I Downloaded a fresh copy of Combofix and reran it, but received the same error.
I checked the website bleepingcomputer.com to see if it addresses the error, but it does not.
I'm not sure what to do next. I could try running MBtools, but would prefer to have explicit instruction to do so first.

 

Did you read my last post?
Yes, I am still having problems. I can't use my Nvidia driver. Whenever I put it on the machine I have malware problems.
Also, you didn't address the error I was having with combofix. Seems like something's wrong if it won't run.

 

I will rerun malware bytes, toggle the restore, then reinstall a freshly downloaded driver. I always get drivers directly from the manufacturer web site. I'll repost if issues return.

 

Problem came back. I rebooted to safe mode and attached a copy of what the screen looks like if that helps.

I removed the nvidia driver in safe mode and rebooted and everything works again.

 

The first time I was posting a word doc, but didn't see the notice that it wasn't an eligible file type. This picture I took when I booted to safe mode. Then I removed the video driver. I don't know if the checkerboard pattern in images is related to the black screen issue or not.