Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows wont start after ASWMBR


  • This topic is locked This topic is locked
9 replies to this topic

#1 atkh

atkh

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 08 August 2011 - 08:51 AM

Hi

My computer got infected with the "Windows 7 fix" virus and also the Google Redirect virus.

I was able to remove "Windows 7 fix" after following different instructions, but the Google Redirect dint go even after I restored my entire harddisk to factory settings.
TDSSkiller wont detect anything, and I used aswmbr which did detect something like TDL4 & I went ahead to 'fix' it.

Windows wouldn't reboot afterwards as it would just go to the 'Startup Recovery' screen which would fail. I even tried running Sony's recovery solutions to restore the entire pc but it eventually fails by saying 'Windows could not complete the installation. To install windows on this computer, restart the installation'.

Now I'm not looking to recover any data or anything. I think my harddisk's master boot record is corrupt. How do I restore it to go back to original factory settings and get a clean install.

Thanks alot for your help. It has been a frustrating week :(

BC AdBot (Login to Remove)

 


#2 weatherman13

weatherman13

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 08 August 2011 - 09:37 AM

Hello and Welcome to Bleeping Computer,
If I under stand you want to recover you important files like pictures, docs, etc. Here are some steps to start you out. These are not all the steps so please reply after you are done with these first steps.

Thanks

Step 1: Go to http://www.ubuntu.com/

Step 2: Click get Ubuntu

Step 3: Click Try it from a CD or USB disk.

Step 4: Click Start download and Save the file to your desktop.

Step 5: Go to http://fileforum.betanews.com/detail/ImgBurn/1128426215/1 . Click Download now and run.

Step 6: After ImgBurn is done downloading and installing open it up. Click Write Image to disk.

Step 7: Then click the first Icon under Source. Select the file you downloaded to your desktop.

Step 7: Insert a Blank disk.

Step 8: Burn the disk by pressing the picture at the bottom with the disk.

Step 9: In BIOS make sure you are booting from the disk. Then Ubuntu should boot. Make sure you choose Try Ubuntu not install.

#3 atkh

atkh
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 09 August 2011 - 07:53 AM

Thanks alot for your reply.

Like I said, Im NOT looking to recover any files or documents. I just want to reinstall my windows as currently even Sony's recovery solution isnt able to install windows on my pc.

Any advice?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:57 PM

Posted 09 August 2011 - 11:48 AM

If this is not what you want then ask in the Windows 7 forum up top.

Win7′s no-reformat, nondestructive reinstall
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 atkh

atkh
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 09 August 2011 - 04:25 PM

I posted it here coz running ASWMBR did some damage to my master boot record while trying to fix TDL4... and thts why i cannot install new windows now.

Anyway ill look at other options.. if any one has any clue, please let me know! Thanks

#6 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,992 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:57 PM

Posted 09 August 2011 - 06:39 PM

Hello,

Let me alert some folks who specialize in fixing borked MBRs.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:57 PM

Posted 10 August 2011 - 02:48 AM

Hello, lets see if we can see what is wrong with the MBR first. I will move this topic to the malware removal forum.

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Press Tool at the top
  • Choose Open Terminal
  • Type the following and press enter:

    dd if=/dev/sda of=mbr.bin bs=512 count=1

  • Press Enter
  • After it has finished a file will be located on your USB drive named mbr.bin
  • Remove the USB drive and insert it back in your working computer and navigate to mbr.bin, zip it up and attach it to your next reply.

This will allow me to have a look at the MasterBootRecord of your drive and see if it is infected.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 atkh

atkh
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 10 August 2011 - 07:33 PM

Hi

Thanks alot for your reply.

The file is attached!

Attached Files

  • Attached File  mbr.zip   580bytes   7 downloads


#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:57 PM

Posted 11 August 2011 - 07:25 AM

That is indeed infected with a rootkit.

Try this please. You will need a USB drive (no need to recreate the xPUD CD if you still have it).

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Download xPUDtestdisk.exe and save it to the USB device
  • Double click xPUDtestdisk.exe to extract the contents to your USB device
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Press Tool at the top
  • Choose Open Terminal
  • Type testdisk/testdisk_static
  • Press Enter
The first screen will present log options - press Enter to continue.

Posted Image

TestDisk will scan the system and show drive information.
If more than 1 drive, select the correct drive, make sure [Proceed] is selected then press Enter to continue.

Posted Image

Select [Intel] partiton and press Enter to continue.

Posted Image

Select [MBR Code] and press Enter to continue.

Posted Image

Type Y when prompted to write a new mbr code to the first sector, then confirm at the next screen by typing Y again.

Posted Image

Press Q repeatedly until TestDisk exits then reboot.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:57 PM

Posted 28 August 2011 - 04:34 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users