Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Registry section information

27 Jul 2012   #11
5Clint7

Windows 10 Pro 64-bit
 
 

Quote   Quote: Originally Posted by F5ing View Post
You should be able to find chkdsk results, even when no errors were found, by going into event viewer and searching for wininit and/or chkdsk events. Can you post it here when you find it?
I found the wininit file.

wininit.txt

I still have the No Company Name Folder thing.

I don't now have The autocheck and AVG line in the Boot Execute key like yours. Is that a problem?

Thanks again F5ing

Clint




My System SpecsSystem Spec
.
27 Jul 2012   #12
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

The bad news. AVG causes all kinds of problems with Windows 7.
The good news. Microsoft Security Essentials.
Microsoft Security Essentials - Free Antivirus for Windows
My System SpecsSystem Spec
27 Jul 2012   #13
F5ing

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by 5Clint7 View Post
I found the wininit file.
So it looks like chkdsk found and cleaned some leftover crud.

Quote   Quote: Originally Posted by 5Clint7 View Post
I still have the No Company Name Folder thing.
If you're sure no other files exist in that folder structure (make sure Explorer is set to 'show hidden' and' don't hide system files' to be sure) I would rename 'No Company Name' by adding another character to the end (maybe 'No Company Name1'). Go through some runtime and reboots. If any issues pop up you can always remove the extra character. If no issues arise delete the txt file and the rest of the folder structure ('No Company Name' and deeper).

I seriously doubt you'll encounter issues if they only contain that one txt file.

Quote   Quote: Originally Posted by 5Clint7 View Post
I don't now have The autocheck and AVG line in the Boot Execute key like yours. Is that a problem?
I think both of those entries are required. Does AVG appear to be running? Correctly and with all features available?

Try this again: open an elevated command prompt, type chkdsk /f <enter>, type Y to schedule at reboot, but before rebooting check to see what appears in the Session Manager regkey. Is the autochk entry there?

Then reboot and make sure it does another chkdsk. As the last chkdsk reported problems it's best to run it again anyway to ensure repairs were properly completed.

Quote   Quote: Originally Posted by 5Clint7 View Post
Thanks again F5ing

Clint
Quite welcome of course!
My System SpecsSystem Spec
.

31 Jul 2012   #14
5Clint7

Windows 10 Pro 64-bit
 
 

Quote   Quote: Originally Posted by 5Clint7 View Post
I don't now have The autocheck and AVG line in the Boot Execute key like yours. Is that a problem?
"I think both of those entries are required. Does AVG appear to be running? Correctly and with all features available?"

All of AVG is working. Looking in Task Manager it is there.

"Try this again: open an elevated command prompt, type chkdsk /f <enter>, type Y to schedule at reboot, but before rebooting check to see what appears in the Session Manager regkey. Is the autochk entry there?"

No the autochk is not there and it's not there after reboot.

"Then reboot and make sure it does another chkdsk. As the last chkdsk reported problems it's best to run it again anyway to ensure repairs were properly completed."

I found this about "autochk". From what I read, It's not there unless you don't shut down correctly. I have not added it yet.


The BootExecute subkey is located in the HKEY_LOCAL_MACHINE hive under the SYSTEM, CurrentControlSet, Control and Session Manager keys and subkeys. It contains a default REG_MULTI_SZ value of Autocheck Autochk *. The benefit of BootExcecute is that it allows you to remove certain applications, services and commands from startup, which in turn can greatly enhance your computer's boot speed.

The Autocheck Autochk * value in the BootExecute subkey tells the operating system to run Autochk* every time the system launches. This tool verifies the logical integrity of the filesystem. It cannot be accessed directly in any other way, though you can indirectly access it through the Chkdsk tool. The benefit of allowing it to run automatically is that it is able to lock the entire disk volume and thus function more effectively.

Autochk bootup routine and the "dirty bit" (also called the "chkdsk flag")
When the system is shut down improperly or stops responding, Autochk runs against any volumes that are marked as being "dirty". At least, I know this is done with NTFS, and I think it is also done with FAT32. Autochk will not initiate a check of any partitions if none of them are flagged !! Autochk is set to run during bootup because of the registry entry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager . . . BootExecute
The BootExecute entry tells Windows what to run upon bootup. By default, its value is "autocheck autochk *" - this tells Windows to run Autochk on any drive whose dirty bit is set

You can cancel Autochk within the first few seconds by hitting an key. However, each time you stop chkdsk, the system "remembers" that it still needs to run Autochk due to the flagged partition and will try to run it the next time you reboot. This continues forever, each time you reboot, until you allow Autochk to run and to complete.
My System SpecsSystem Spec
31 Jul 2012   #15
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Windows has a autologger on my two computers. Just trying to help.

Registry section information-capture.png

amd64_microsoft-windows-setup-autologger_31bf3856ad364e35_6.1.7600.16385_none_215a93120028ac5a.manifest


My System SpecsSystem Spec
31 Jul 2012   #16
F5ing

Windows 7 Ultimate x64
 
 

So after rebooting did a chkdsk actually occur?

When you select 'yes' to do the chkdsk after the restart I think all it may be doing is setting that volume's dirty bit to on (so that a run of autochk can see it and run the chkdsk before Windows completes loading).

Description of the autochk command from the Microsoft help file:

Quote:
Applies To: Windows XP,Windows Server 2008 R2,Windows Server 2008,Windows Vista,Windows Server 2003,Windows Server 2000,Windows Server 2003 R2,Windows 7,Windows Server 2008 R2 with SP1

Runs when the computer is started and prior to Windows Server® 2008 R2 starting to verify the logical integrity of a file system.


Autochk.exe is a version of Chkdsk that runs only on NTFS disks and only before Windows Server 2008 R2 starts. Autochk cannot be run directly from the command-line. Instead, Autochk runs in the following situations:
  • If you try to run Chkdsk on the boot volume
  • If Chkdsk cannot gain exclusive use of the volume
  • If the volume is flagged as dirty
Remarks
  • Warning: The Autochk command-line tool cannot be directly run from the command-line. Instead, use the Chkntfs command-line tool to configure the way you want Autochk to run at startup.
  • You can use Chkntfs with the /x parameter to prevent Autochk from running on a specific volume or multiple volumes.
  • Use the Chkntfs.exe command-line tool with the /t parameter to change the Autochk delay from 0 seconds to up to 3 days (259,200 seconds). However, a long delay means that the computer does not start until the time elapses or until you press a key to cancel Autochk.
My System SpecsSystem Spec
01 Aug 2012   #17
5Clint7

Windows 10 Pro 64-bit
 
 

"So after rebooting did a chkdsk actually occur?"

Yes chkdsk did occur.

I put the "autocheck autochk*" back in the CurentControlSet, 001 and 002 Boot Execute key with the quotation marks and * . When I looked at autoruns it said "file not found". The autochk.exe file is in the System32 folder. Do I need to add the path? I noticed that yours don't have the quotations marks. Is mine wrong?

I ran the Chkntfs. It said both my internal Hard drives are not dirty.

Clint
My System SpecsSystem Spec
02 Aug 2012   #18
F5ing

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by 5Clint7 View Post
"So after rebooting did a chkdsk actually occur?"

Yes chkdsk did occur.

I put the "autocheck autochk*" back in the CurentControlSet, 001 and 002 Boot Execute key with the quotation marks and * . When I looked at autoruns it said "file not found". The autochk.exe file is in the System32 folder. Do I need to add the path? I noticed that yours don't have the quotations marks. Is mine wrong?

I ran the Chkntfs. It said both my internal Hard drives are not dirty.

Clint
CurentControlSet is the only one that matters. The OS will propogate the data to 001 and 002 and any others as appropriate.

Post another screenshot of autoruns so I can see that "file not found". You should not need the path as the path is already known by the environment variables that are already set (autochk, chkntfs and chkdsk should all reside in the System32 folder). You also might try removing the quotes from the entry and make sure there is a space between 'autochk' and the '*'.

Open Task Manager, click on Processes, and make sure avgrsa.exe is running. The last few machines I've worked on that had AVG installed (that I had while working with your thread) all had that extra line in the Boot Execute key.
My System SpecsSystem Spec
02 Aug 2012   #19
5Clint7

Windows 10 Pro 64-bit
 
 

"Post another screenshot of autoruns so I can see that "file not found". You should not need the path as the path is already known by the environment variables that are already set (autochk, chkntfs and chkdsk should all reside in the System32 folder). You also might try removing the quotes from the entry and make sure there is a space between 'autochk' and the '*'.

Open Task Manager, click on Processes, and make sure avgrsa.exe is running. The last few machines I've worked on that had AVG installed (that I had while working with your thread) all had that extra line in the Boot Execute key. "

This Is autoruns with "file not found" before I removed the space and quotation marks.

Registry section information-autochk.jpg

This is autoruns after removing space and quotation marks from autochk. It puts the path in automaticaly. I Also added the AVG line with no quotation marks.


Registry section information-autochk4.jpg


This is reg. after adding autochk and AVG. It put autochk in Session Manger (Default) key also. Is this OK?

Registry section information-autochk6.jpg


This is TaskManger before I added the line to Boot Execute. The avgrsa.exe was loaded then. It must have loaded after windows started this way. I think now it loads at boot before Windows starts, because it takes longer for Windows to start.

Registry section information-avg.jpg

I have rebooted several times now and everything seems to be working OK. I will still wait a few days before I mark it solved.

Thanks again
Clint


My System SpecsSystem Spec
02 Aug 2012   #20
F5ing

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by 5Clint7 View Post
This is autoruns after removing space and quotation marks from autochk. It puts the path in automaticaly. I Also added the AVG line with no quotation marks.
Autoruns is likely just using the "path" environment variable in order to find the exact file location. Even if you have two versions of autochk on your disk (not likely) it's letting you know that this is the one that'll run when the key gets processed.

Quote   Quote: Originally Posted by 5Clint7 View Post
This is reg. after adding autochk and AVG. It put autochk in Session Manger (Default) key also. Is this OK?
I'm not sure if it'll harm anything, but it's not needed. See if you can modify the (Default) key by deleting its contents so that it end up with the value of '(value not set)'. Reboot and recheck it to see that it stays that way and that the BootExecute entry remains as is (because it now looks good).

Quote   Quote: Originally Posted by 5Clint7 View Post
This is TaskManger before I added the line to Boot Execute. The avgrsa.exe was loaded then. It must have loaded after windows started this way. I think now it loads at boot before Windows starts, because it takes longer for Windows to start.
I think you're right. Starting it this way helps to ensure it gets up and running before any malware can start and possibly interfere. That '/restart' switch may also be there to make it 'persistent' (if malware succeeds in shutting it down it'll attempt to restart itself).

When you started this thread one of your concerns was finding a reference to an autologger. Perfectly natural to jump to the conclusion that it may be malware. But remember that Windows and some legitimate third party software is autologging data all the time (even when Windows is seemingly idle you can see it doing stuff).

That autologger reference you had found in the registry appears to be legitimate but in the wrong location. You might find the correct location to be at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger. You had stated early in the thread that you had searched the registry for 'autologger' and only found it in the three BootExecute keys. Were you searching with 'keys', 'values' and 'data' all selected?

I wonder how your BootExecute key got so discombobulated to begin with.
My System SpecsSystem Spec
Reply

 Registry section information




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Cannot delete certain Registry Key; Cannot change Owner of Registry Ke
In order to get rid of the *.zip folder view in WinExplorer on a64bit WIn7 system I tried to delete (according to some tutorials) the Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} Unfortuantely this is NOT possible immediately....
General Discussion
Registry: can't control Desktop Background Slideshow in registry?
Just a rough test: 1. No slideshow on desktop; 2. Backup the registry file; 3. Turn on the slideshow (Desktop - Personalize - Desktop Background - Select All - Save Changes); 4. Run the backup registry file; The desktop starts with the original picture (the desktop wallpaper picture...
Customization
Registry problem after windows update and registry optimization tool
Hello sevenforum, I've already spend some time on this forum today but I can't find the solution to a particular registry problem I'm having. While windows was uploading some updates yesterday, I cleaned my registry using Iolo's system mechanic tool and that's where the problems started. (I...
Backup and Restore
DVD drives configuration information in the registry damaged (Code 19)
For some reason my Windows 7 Home Premium (32bit) PC is now refusing to operate the DVD ROM and DVD RW Drives. A suspect the latest update to iTunes as they were working fine till the automatic install for that failed. Had to do it manually & that went with some hiccoughs, needing to "Retry" to get...
Hardware & Devices
Driver Sweeper can't delete all registry files in registry editor
http://i2.aijaa.com/b/00227/9175142.png So this is the situation: I've unistalled Amd Driver from Device Manager, Unistalled Catalyst software and ran Driver Sweeper. There is only 3 registeries that the Driver Sweeper CAN'T delete and these are under SYSTEM\ folder. I've tried to change user...
Drivers


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 23:50.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App