Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows won't boot after running windows defender offline


  • This topic is locked This topic is locked
8 replies to this topic

#1 pakoeikan

pakoeikan

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 30 September 2012 - 12:25 PM

I recently ran windows defender on my pc to remove the alureon trojan. After running it my pc will not boot up in normal mode only in safe mode. It reaches the user profile page and will even go to where I enter my password then seems to time out and shut down and restart going to the windows did not shutdown properly page. I have tried system restore with no luck. I read in another forum that the trojan puts in a partition so that boot has to go through it first and to use action@ or liveboot to set my original patition to active. I tried action@ and don't really know which partition is what so I changed which one was active, then got a message that bootmng wasn't present, so I set it back. Don't know where to go from here.

Edited by hamluis, 01 October 2012 - 06:23 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 easyrider2

easyrider2

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:29 PM

Posted 30 September 2012 - 01:55 PM

Hi pakoeikan,

my name is easyrider2. I have found that Windows Defender does not remove the Alureon trojan (please see: http://en.wikipedia.org/wiki/Alureon)

I am not a security expert but I think it would be best to try to remove existing malware on your computer before running Windows Vista System Restore. If you have an access to another computer with CD/DVD recorder I would recommend downloading and burning the Kaspersky Rescue Disc (http://support.kaspersky.com/faq/?qid=208282173). Once downloaded and burned into the CD/DVD, you would need to enter BIOS on your non-running computer. To enter to the BIOS you need to press a specific key which is mentioned on the very first screen once you power the computer on). Usually it can be F2 or Del. Once in BIOS, you would need to change the booting sequence so the CD/DVD reader is before the hard drive. Save the settings and try to restart the computer. Once restarted, run the Kaspersky Rescue Disc and let us know if it detected/removed any malware.

Best of luck.

#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:29 PM

Posted 01 October 2012 - 10:30 AM

:welcome:

Lets give it a try. You will need a USB Flash drive.

Download the appropriate version for your system of the Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:29 PM

Posted 01 October 2012 - 11:10 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 pakoeikan

pakoeikan
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 03 October 2012 - 03:13 PM

thanks for the suggestions, i will let you know if anything works

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:29 PM

Posted 03 October 2012 - 10:04 PM

:thumbup2:

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 pakoeikan

pakoeikan
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 05 October 2012 - 04:24 PM

got to repair computer and when I hit it, it just started up and went to the usual spot and shut down. But I did this part first, i wil try it again with the Farbar recovery scan tool. Long process as I can't work on it for any length of time in one sitting.

#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:29 PM

Posted 05 October 2012 - 07:26 PM

Keep me posted on the FRST scan.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,538 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:29 PM

Posted 06 January 2013 - 12:45 PM

Due to the lack of feedback this Topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users