Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bootkit remover messed up windows 7


  • Please log in to reply
13 replies to this topic

#1 ashdrms

ashdrms

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 09:02 AM

I am using Windows 7 and Windows XP on the same system. I have the same problem, C:\SYSTEM VOLUME INFORMATION\MICROSOFT\SERVICE.EXE and C:\SYSTEM VOLUME INFORMATION\MICROSOFT\SMSS.EXE are infected by worm. The files couldn't be deleted in Windows. I deleted them using a Sabayon Linux Live CD. The folder disappeared during the successive boot, but after the next boot, the files reappeared.
I tried doing as you have told in the thread. Now, neither XP nor 7 is booting, it shows error saying, the requested device could not be found. I don't have the installation CD. What do I do? Please respond as early as possible, I am in hysterics.. Please...

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 09:19 AM

First of all a warning for everyone who tries to follow fixes that are meant for other users: Please note that whatever repairs we make, are for fixing this computer problems only and by no means should be used on another computer. Ignoring this warning can have disastrous consequences like your computer no longer being able to boot!

At which point do you get this "requested device..." error? before or after you can choose which OS to boot?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 ashdrms

ashdrms
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 09:21 AM

Ya, I agree.
The warning is after choosing the OS. The same warning appears for both XP and 7.

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 09:23 AM

What is the boot order of your dual boot? Which OS was installed first?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 ashdrms

ashdrms
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 09:24 AM

XP was installed first.

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 09:33 AM

Since you have no windows 7 disk, lets try the following: we will create a disk to access the XP recovery console and from there fix the MBR. Most likely this will give us access to the XP installation.

Its difficult to say if this will fix Windows 7 also, if not, we can attempt to fix that from within XP.

If you are okay with this, follow the steps below.

Please download ARCDC from Artellos.com.
  • Double click ARCDC.exe
  • Follow the dialog until you see 6 options. Please pick: Windows Professional SP2 & SP3
  • You will be prompted with a Terms of Use by Microsoft, please accept.
  • You will see a few dos screens flash by, this is normal.
  • Next you will be able to choose to add extra files. Select the Default Files.
  • The last window will allow you to burn the disk using BurnCDCC
Your ISO is located on your desktop.
  • Restart the computer.

  • If your PC is not booting from the CD, you need to change the boot order:
    • Restart your PC
    • As soon as you get an image, press the Setup key. This is usually F2, or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
    • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
    • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
    • The tab should now show your current boot order.
      If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
    • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.
  • Your PC should now boot from your XP-CD.
    Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

  • When the "Welcome to Setup" screen appears, press R to start the Recovery Console.

  • When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.

  • A command prompt will open
Type fixmbr and press enter. You will most likely be prompted you have a non-standard MBR and if you want to proceed. Confirm.

When done, type exit and press enter to reboot and let me know if you can boot in either XP or Windows 7.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 ashdrms

ashdrms
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 09:38 AM

But how do I run the exe file? None of Windows OS are booting and linux won't support .exe file...

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 10:13 AM

Ah, you are actually posting from a linux distro? You will need to create the CD on a working computer with windows.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 ashdrms

ashdrms
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 10:16 AM

Yep... By the way, I tried it using WINE, but somehow, it didn't proceed.
So, perhaps, it means, I should go to the technician.... :thumbsup:

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 10:21 AM

What we can do is install GRUB. This is a linux based boot manager that iwll overwrite the MBR and should work fine with Windows as well.

See if you can download it from here

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 ashdrms

ashdrms
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 10:28 AM

Ok, does it mean that it will install linux, too?

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 10:31 AM

No, it is a stand alone bootloader. It will recognize your windows installations and you will no longer see windows standard bootloader, but instead you will see GRUB.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 ashdrms

ashdrms
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 16 July 2010 - 10:40 AM

Sorry, maybe I am irritating you very much, but will you please provide me with the installation instructions?? :thumbsup:

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,249 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:45 AM

Posted 16 July 2010 - 12:21 PM

I am not very familiar with your live CD, but please see if you can follow these steps with your live CD.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users