Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Won't reboot


  • This topic is locked This topic is locked
45 replies to this topic

#1 Kryptonite

Kryptonite

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 11 June 2011 - 07:51 AM

I've had this Trojan Horse and or virus problem for almost a month now.

Several Bleeping members have tried helping but whatever is going on the fix programs do not complete.

Yesterday i ran superantispyware in smart mode ( 168 problems /fix ) then ran it in full mode ( took hours) but found more issues/ fixed them. During the full version run Avira found another trojan and quarantined it.

After a require reboot the computer started and finished eliminating the threats.

i rebooted again and tried running DrWeb which was one of the programs that would bluescreen after running for about 40 minutes. Once again it quit running and blue screened. i made screen shots of the error messages.

i restarted in safe mode with networking and ran DrWeb that way. It ran for 9 hours and 22 mins. It found 6 or 7 issues. It moved them instead of removing them.

The DrWeb sceen would not close. i tried esc which didn't work. i tried ctrl/alt/del. it didn't work. An X box in the upper right of DrWeb didn't close the program.

i held down the on/off button and it turned it triggered another reboot attempt. None of those choices worked. The only options that will work is Bios Setup utility, and a settings screen with a choice for my hard drive, cdrom, and ? i'll have to get back to that screen to say what it is. ( found it: Network: B2 DO Yukon PXE )

In the bios screen i can scroll anywhere but the only option that i have not tried is "restore defaults" If that will start the computer but lose everything on it then i need to know if there is another way.

ANY HELP MUCH APPRECIATED! The ripple effect of this TH is far and wide.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,887 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:54 PM

Posted 11 June 2011 - 08:16 AM

One of the BC Staff personnel who was trying to help you...suggested that you initiate a topic in the Malware Removal Logs forum...and I don't see where you actually did such.

I see a number of different posts in other forums that you subsequently made...but no log topic, following the directions provided in http://www.bleepingcomputer.com/forums/topic397686.html/page__p__2250357#entry2250357 .

I suggest that you do so now, in the appropriate malware forum.

Based upon the expectation that you will follow instructions previouly provided...this topic is now closed.

If you have any questions re such, please contact me via PM.

Louis

Edited by hamluis, 11 June 2011 - 07:30 PM.


#3 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:11:54 PM

Posted 21 June 2011 - 12:00 PM

Topic reopened as computer is unbootable. Please stand by for assistance.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 21 June 2011 - 01:09 PM

Hello Kryptonite,

Can you please tell me what exactly happens when you attempt to start your computer? Does it just hang or does it BSOD and reboot? If it is the latter, can you try the following steps?

We Need to Diagnose Your BlueScreen
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    Posted Image
Please post me the error(s).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 Kryptonite

Kryptonite
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 22 June 2011 - 06:27 AM

Hello Kryptonite,

Can you please tell me what exactly happens when you attempt to start your computer? Does it just hang or does it BSOD and reboot? If it is the latter, can you try the following steps?

We Need to Diagnose Your BlueScreen

  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    Posted Image
Please post me the error(s).


Hello Elise,

Thanks for replying. I will follow your instructions to the T.

The effected computer has been off now since June 11th the day that I posted this question.

I'll do my best to be brief. That said I think that I need to report how I got the computer to turn off on that day because since turning it off
( forcing it to turn off ) what I see on the screen has changed in one way. ( BTW if you can tell me how to post pictures of the screen that I am taking with a digital camera I think it will help for you and others TO SEE what i am seeing. )
In the mean time i want to comment about the differences in the black "Windows Advanced Options Menu" window. I just took the photo of it.

My window does not say "Windows Advanced Options Menu"
It starts out with We apologize for the inconvenience, but windows did not start successfully. A recent hardware or software change might have caused this.

( If you want me to go on and type every word I can do that but if i can add the picture to my post you can see it yourself. )

It suggests two options which are listed in your picture but clearly does not have offer me the same amount of start options. Missing from my window is the one that you have highlighted. Below "Safe Mode with Command Prompt" is ( space ) Last known Good Configuration....." Then another (space) then "Start Windows Normally" ( space ) the "Use the up and down arrow....."
Below that was a count down counter. If i did nothing it continued to cycle back to this window.

In between i am first offered F11 for recovery with a count down counter. The another new screen with the F10 and F2 suggestion. Then it goes back the above mentioned screen and options.


Important change since forcing this action to stop. After trying every option on the "Windows Advanced Options Menu" that i just explained there was a brief view of the Windows logo with the blue progress bar. ( This is the place if i recall correctly that i normally start tapping F8 to get to the "Windows Advanced Options Menu" )


It is this place that i went to start the computer in "Safe Mode with Networking" to try and run in full scan any and all of the programs that have been suggested in hopes of getting a log of a full scan. Running in that Mode i did what i mentioned in my original post above. "Superantispyware" is the only program that ran in full mode which I ran after running it in Smart Mode.
Once again about that day and the running of that program: Smart Mode found 168 problems and fixed them. I am pretty sure that it require a restart and when it did it took me back to the "Windows Advanced Options Menu" where i chose the same Safe Mode with Networking to attempt running it again in Full Mode. I think it was then that I posted the abbreviated log in the other post to the person who suggested that I run that program.
Much to my surprise the program ran to the end in full scan mode. Once again I was informed half way through the fix part of the program the the computer needed to be rebooted. All i did was hit okay. Once again it took me to the same "Windows Advanced Options Menu" but the computer has never again booked into Windows.

I created this second post because there now was a new problem even if it was related in some way to the other problem. Without getting back to my desktop there is/was no way to copy any log or now to tell you any of the blue screen questions.

I am stuck in this one spot.

If we can get back to my desktop without reformatting I can gather any information that you want.

I have theorized that if i can not reboot to Windows maybe I can remove the hard drive and mount it in a case and save my personal files, get any information that you may want running the hard drive as an external drive. I have asked this question in other posts and it has not been answered if it is even possible to do such a thing.

One last thing. How do i stop the blue screen long enough to see it? I hit "end" to stop the counter on the black screen.

Thanks again.

Kryp

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 22 June 2011 - 07:20 AM

My window does not say "Windows Advanced Options Menu"
It starts out with We apologize for the inconvenience, but windows did not start successfully. A recent hardware or software change might have caused this.

At this point, highlight Normal mode, put one finger on the Enter key and the other on F8. Press enter and tap immediately after that repeatedly F8. This will make the Advanced Boot Options come up (it may take you a few tries). Once there, select "Disable Automatic Restart On System Failure" option, which will make the Blue Screen stay on, so you can copy the requested data.

At this point there is no need to slave the hard disk; we can use a bootable CD which will help you access your files. However, before doing that, I'd like to see the BSOD so I have an idea what we're dealing with.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 Kryptonite

Kryptonite
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 22 June 2011 - 07:34 AM

Update:

I managed to get to that blue screen that you mention.

Here is everything on the page:

A problem has been detected and windows has been shut down to prevent damage to your computer.

If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again, follow these steps:

Disable or uninstall any anti-virus, disk defragmentation or backup utilities. Check your hard drive configuration, and check for updated drivers. Run CHKDSK / F to check for hard drive corruption, and then restart your computer.

Technical information:

*** STOP: 0x00000024 ( 0x00190203,0x8A4F5EF0,0xC0000102,0x00000000)

___________________________________________________________________________________________________________

At this point I am not sure what to do. Do I leave this blue screen up until you or someone else instructs me to restart? To shut down? And from this blue screen how would I do that?

I imagine that i can press the on/off button but i am gun shy to do anything.

For now i will leave the blue screen up and check back often.

Thanks

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 22 June 2011 - 07:50 AM

Is this Windows XP and do you have an install CD/DVD at hand? (if not, no problem, we'll use something different)

You can turn off the computer, no more need for the BSOD screen. :)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 Kryptonite

Kryptonite
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 22 June 2011 - 07:53 AM

Is this Windows XP and do you have an install CD/DVD at hand? (if not, no problem, we'll use something different)

You can turn off the computer, no more need for the BSOD screen. :)


Yes XP

No CD or DVD ( restore on D drive )

Okay, i pressed the on off button and it turned off.

Edited by Kryptonite, 22 June 2011 - 07:54 AM.


#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 22 June 2011 - 08:35 AM

Hi again,

Please download ARCDC from Artellos.com.
  • Double click ARCDC.exe
  • Follow the dialog until you see 6 options. Please pick: Windows Professional SP2 & SP3
  • You will be prompted with a Terms of Use by Microsoft, please accept.
  • You will see a few dos screens flash by, this is normal.
  • Next you will be able to choose to add extra files. Select the Default Files.
  • The last window will allow you to burn the disk using BurnCDCC
Your ISO is located on your desktop.


  • Insert the CD you just created into the CD-ROM drive, and then restart the computer.

  • If your PC is not booting from the CD, you need to change the boot order:
    • Restart your PC
    • As soon as you get an image, press the Setup key. This is usually F2, or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
    • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
    • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
    • The tab should now show your current boot order.
      If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
    • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.
  • Your PC should now boot from your XP-CD.
    Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

  • When the "Welcome to Setup" screen appears, press R to start the Recovery Console.
  • When prompted to choose a windows installation, type 1 and press enter.
  • When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.

  • A command prompt will open
Type chkdsk /r and press enter.

Note, this may take a long time, and the scan progress may seem to "jump back" (for example from 72% to 54%), this is normal. Please wait until the disk check finishes.

When done, let me know what was returned (you'll see a few lines saying how many sectors were scanned, what was repaired and so on).

After that, type exit and press enter.

Let me know if you notice any change.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 Kryptonite

Kryptonite
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 22 June 2011 - 09:25 AM

Hi again,

Please download ARCDC from Artellos.com.

  • Double click ARCDC.exe
  • Follow the dialog until you see 6 options. Please pick: Windows Professional SP2 & SP3
  • You will be prompted with a Terms of Use by Microsoft, please accept.
  • You will see a few dos screens flash by, this is normal.
  • Next you will be able to choose to add extra files. Select the Default Files.
  • The last window will allow you to burn the disk using BurnCDCC
Your ISO is located on your desktop.


[list]
[*] Insert the CD you just created into the CD-ROM drive, and then restart the computer.


[*]If your PC is not booting from the CD, you need to change the boot order:
[list]
[*]Restart your PC


Remember that the computer shut down when i hit the on/off button. I wasn't sure if the CD is suppose to be made on the XP computer or the Vista one that i am writing on now.
So I tried to restart the Gateway XP that has been down and it went back to the recycling black screen with the choices minus the "Disable auto restart....."

Can the ARCDC CD be made from my other PC?

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 22 June 2011 - 10:26 AM

Yes, it can be used on any computer with windows xp/vista/7

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 Kryptonite

Kryptonite
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 22 June 2011 - 01:55 PM

Yes, it can be used on any computer with windows xp/vista/7


Had to buy some CD R's.

Things went perfect until this part:

# When the "Welcome to Setup" screen appears, press R to start the Recovery Console. <-----done

# When prompted to choose a windows installation, type 1 and press enter.<-----done leads to command prompt: D:\MiniNT> typed: my password The command is not recognized Type HELP for a list of supported commands. Then typed : chkdsk/r and got the same message. Then typed Administrator, administrator, Administrator password, and always got the same message

# When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER. <----can't get past here.

PS typing HELP i see a command for chkdsk but without the /r there is also a CHDIR command

Suggestions?

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,207 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 22 June 2011 - 02:08 PM

# When prompted to choose a windows installation, type 1 and press enter.<-----done leads to command prompt: D:\MiniNT>

Was MiniNT the only choice listed? You are supposed to see there Windows too (with another number in front of it).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#15 Kryptonite

Kryptonite
  • Topic Starter

  • Members
  • 139 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 22 June 2011 - 02:16 PM

# When prompted to choose a windows installation, type 1 and press enter.<-----done leads to command prompt: D:\MiniNT>

Was MiniNT the only choice listed? You are supposed to see there Windows too (with another number in front of it).


I typed exit and i am now back at the Welcome to setup screen. There are 3 choices there. The last time i chose "To repair a Windows XP installation using recovery console, press r




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users