Crash, probably by malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by Ghost1mike, Jan 13, 2014.

  1. Ghost1mike

    Ghost1mike Private E-2

    Good morning geeks!

    I had a coworkers computer giving him some issues recently(slow, freezing, etc). He is working on a Dell Latitude with Windows 7 64bit. Ran the Microsoft essentials on his computer and Lavasoft just to see what it came up with. Microsoft essential said it found a threat which could not be removed without Microsoft essentials offline. I had no thumb drive, so I figured I would get to it the next day. The next day, black screen of death on boot. No safe mode possible or boot options possible. I seemed to have misplaced my windows 64 bit cd..... or someone walked off with it... either way, I tried using a 32 bit cd. which doesn't allow me to do everything, but access to a few things like command prompt. startup repair does nothing, tried it several times. missing or corrupt boot manager. in command prompt I tried all the bootrec.exe commands, no go. I have the Farbar Recovery Text attached. farbar told me I was using a 32 bit cd.... I hope that doesn't change anything. I would appreciate any help. No rush, I know y'all are busy.. thanks Geeks!
     

    Attached Files:

    Ghost1mike, Jan 13, 2014
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You must not use a 32 bit CD on a 64 bit PC. Especially running programs like bootrec.exe from it.

    Not sure the below is going to fix your problem. Exactly what did you do between the time the PC was bootable and when it was not. Did you run that Microsoft Defender Offline disk? We strongly recommend not running this because it cause unbootable CDs when it removes some infections.

    Also not that you should not be running three antivirus programs ( Ad-Aware, Microsoft Essential Security, and Trend Micro ). Only one should even be installed and we do not recommend Ad-Aware.


    Download this >> View attachment fixlist.txt

    Save fixlist.txt to your flash drive.
    • You should now have both fixlist.txt and FRST64.exe on your flash drive.
    Use the below method to boot to the System Recovery Options menu without using the CD. Hopefully this works.

    Please do the below so that we can boot to System Recovery Options to run a scan.

    For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive. ( if you already have this on your flash drive, just continue ).

    Plug the flashdrive into the infected PC.


    Enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • Run FRST64 and press the Fix button just once and wait.
    • The tool will make a log on the flashdrive (Fixlog.txt).
    • Please attach this to your next message. (See how to attach)
    Now see if you can boot into normal Windows.
     
    chaslang, Jan 13, 2014
    #2
  3. Ghost1mike

    Ghost1mike Private E-2

    Thank you Chaslang for the quick response!
    I'll answer as many of your questions as I can. I didn't even think about running bootrec from a 32bit CD messing up the 64os. I don't know why, it makes perfect sense. good thing I don't have a career in computers.

    In the time between when the computer was bootable and not, I ran the virus scans which were already on it. I have never heard of Trend Micro and didn't know it was on it, so I only ran Ad Aware and Microsoft Essentials. I did NOT run windows defender offline even though it was recommended(actually it said it was the ONLY way to remove the threat) by Microsoft Essentials. It was my plan to do it the next day. I am not sure what else the owner of the computer did before his boot failed.

    (Thanks for the recommendation on Ad aware, I uninstalled it from my personal.)

    I will attempt the FRST64 from a usb, however I am not sure it will work because F8 will not. Advanced boot options will not load. I can press F12 and get to the Boot menu and boot from CD, drive, etc. Which is why I was using the windows 7 32bit CD. I will see what I can do to get the FRST.txt without using that CD.

    I did find my 64bit CD, unfortunately it's windows 8.

    Another option I have if the FRST does not work. The company ordered an external hard drive for us. Is there a way to dump what's on the laptop hard drive onto the external without the ability to boot, or by using the 32bit cd I have and command prompt, or slaving it over or something. If this is even a viable option I would appreciate any links or instruction/advice you have. If this is a horrible idea, please feel free to shut me the hell up.

    Thank you very much Chaslang!
     
    Ghost1mike, Jan 14, 2014
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    So what is your current status?
     
    chaslang, Jan 18, 2014
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds