Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I unable to get help on this? is prob too foreign?


  • Please log in to reply
1 reply to this topic

#1 mrmatt2

mrmatt2

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 19 April 2011 - 06:19 PM

Posted 13 April 2011 - 08:17 PM
Hi, I am not sure from where this came from, - from what site, but here it sits on my computer..

I have a homebuilt computer, XP OS,
MotherBoardECS Elitegroup A790GXM-AD3

I knew I had a virus as it downloaded a bunch of nasty things, including it stopping MSE from running. There was also the virus "WIN 7 antivirus" running. I hit RKILL 2x to stop everything. I ran spybot, and Malwarebytes. Mal found over 50 items, spybot found a few. Even after this the MSE would not start. Running spybot again, it came up with the one same item as it tried to delete previously - something called MSE overide.

SOoo Malwarebytes told me to reboot, I did, now the computer cycles to boot, but will not boot completely, it goes up to the windows screen just for half a sec then the computer reboots itself. Upon reboots, I see a flicker of a blue screen which I think would give me some info on what is being halted, but is waaay to quick.
Any Safemode option does not work, tries to launch, but reboots. Because of this I cannot put up any log files, etc.

I believe I have a boot virus.

I am able to get to the recovery console, but never dealt with that.
Read the information on the recovery console here at this site, -and on the computer proceeded as far as to it asking "Which windows installation would you like to log onto?" I hit "1" as I only have one OS loaded. ( I do have 2 HD though)

I am thinking the next step would be to type "FIXMBR" then "FIXBOOT".

Is this correct? I need some help here, just a little nervous about doing it and am looking for confirmation.

I did find this comment from browsing - came from hardforum:

FIXMBR grabs the original MBR code from the drive's EEPROM chip and restores it, effectively wiping out anything that might be in there, be it LILO, GRUB, a Windows bootloader, and any possible traces of a virus, etc. When that command is finished, the MBR is as good as it was the moment the drive passed QA testing at the factory.

FIXBOOT restore the native ability for Windows to boot with the NTLDR file and bootloader, simply put.

There's also BOOTCFG which lets you modify boot time parameters just like you can inside Windows by modifying the boot.ini file under Advanced System Properties.

There's also a proper order for the commands if you need to use them from the Recovery Console:

FIXMBR first, then FIXBOOT right after that, then type exit and press Enter to reboot the 'puter.

Hope this helps...



I would greatly appreciate some help or input. You guys have helped me in the past, so to me you are the last word on what to do. If possible I would rather not loose all my data here.


I figure even when this gets fixed, the virus still may be lurking?...another prob.

Thank you very much!

Matt

Also during the infection, my WIN PATROL was telling me new programs were being added and I denied them all. Hopefully this was not a mistake having it delete pertinent things that exist already on my computer (!?)

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:57 PM

Posted 19 April 2011 - 08:52 PM

Hello, Let's STOP the Reboot loop

When running Windows and it crashes and you get a blue screen of death( BSOD ) with an error message and it will automatically restart, Most times it restarts too fast for you to see and read the error message. We are going to disable auto restart on system failure. So the screen will stop and you can copy down the complete error message.

1. Go to Start -> Control Panel -> System (Windows+Pause works, too)
2. Go to Advanced
3. Under the Startup and Recovery section, click Settings...
4. Under System Failure un-check "Automatically restart"
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users