Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus? Something else?


  • This topic is locked This topic is locked
29 replies to this topic

#1 Obscurity

Obscurity

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 18 November 2012 - 01:24 PM

I am using a Sony Vaio model PCG-7133L with Windows Vista. I think it got a nasty virus a month or so ago, and now it's unable to boot. I have tried safe mode, but I get a blue screen every time. I've tried the Vaio recovery partition thingy, but it doesn't seem to work. Since I get the blue screen no matter what, I'm starting to wonder if this is a hardware issue, but I can't be sure. What should I do next?

Edited by Obscurity, 18 November 2012 - 01:29 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:49 AM

Posted 18 November 2012 - 03:37 PM

I will ask another that handles these situations to look here when they can.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Obscurity

Obscurity
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 18 November 2012 - 03:49 PM

Thanks, appreciate it.

#4 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:49 AM

Posted 18 November 2012 - 04:03 PM

Hello Obscurity :)

  • I will be helping with your computer problems.
  • From this point on, it is very important that you refrain from doing anything else to your computer other than what I have requested of you.
  • I do not mind if you browse the web, do basic tasks, or even test to see if the problem(s) you are experiencing are still occurring with the computer while we are working together, but do not run any tools/fixes unless I or another helper from this thread has asked you to do so.
  • Remember that you came here for help, so allow us to help you :)
  • If something does not run, make a detailed note of what problems you encountered along the way (exact error messages are preferred), but continue onto the next steps until you reach the end of my post.
  • Always do the steps they are listed in (left to right, top to bottom).
  • I prefer that you complete all the steps while you are in Normal Mode. However, I understand that sometimes this is not possible. If you are unsuccessful in getting a tool/fix to run from Normal Mode, but Safe Mode works, then use Safe Mode.
  • If you have a question about something, do not hesitate to ask.

Let's begin:

Posted Image Please download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please attach this log to your next reply.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:49 AM

Posted 18 November 2012 - 04:13 PM

You're welcome!.. You are in great hands now.
Just letting you know I moved this to the Virus, Trojan, Spyware, and Malware Removal Logs forum,where it will stay.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Obscurity

Obscurity
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 18 November 2012 - 05:45 PM

http://imageshack.us/a/img267/8440/img0518i.jpg
^This is all I see under Advanced Boot Options, I don't see the option to repair.

And I can't use a Windows installation disk, since Sony doesn't give one upon purchase (brilliant idea, right?). They use something called Vaio partition recovery, but I don't think mine is functioning correctly.

Edited by Obscurity, 18 November 2012 - 05:46 PM.


#7 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:49 AM

Posted 18 November 2012 - 06:09 PM

since Sony doesn't give one upon purchase (brilliant idea, right?).

Yes unfortunately the PC manufacturers do not understand the necessity of providing their customers with an actual recovery disc that doesn't just wipe the entire system.

From that list you provided, select "Disable automatic restart on system failure".
If the computer blue screens again, write down the STOP: error code (look at screenshot below) and give me that code in your next reply.

Posted Image

#8 Obscurity

Obscurity
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 18 November 2012 - 06:17 PM

STOP: 0x000000F4

#9 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:49 AM

Posted 18 November 2012 - 06:38 PM

Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download dumpit to your USB
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • Click on sdb1 (sdb1 represents the USB drive).
  • Double click on the dumpit file.
  • A black window will pop-up and it will dump and zip the MBR to your USB drive.
  • Press Enter to exit the black window.
  • Click on HOME tab and choose Power Off to turn off xPUD.
  • Remove the USB drive and insert it back on your working computer.
  • Locate the mbr.zip file in your USB drive and attach it when you reply.


#10 Obscurity

Obscurity
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 18 November 2012 - 07:05 PM

There we go.

Attached Files

  • Attached File  mbr.zip   2.26KB   6 downloads

Edited by Obscurity, 18 November 2012 - 07:12 PM.


#11 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:49 AM

Posted 19 November 2012 - 02:28 AM

Thank you, please try the below and let me know how it works out

Please right click the following link and select "Save link/target as....". Save the file as mbr.bin to your flashdrive (please delete any old copy of mbr.bin if one happens to exist first): http://thisisudax.org/downloads/mbr.bin

Note: be sure the name of the file is mbr.bin, if it is not, manually rename the file.

Now reboot in xPUD and navigate to your usb drive (usually sdb1). Make sure you see the downloaded mbr.bin and click Tool > Open Terminal.

Type the following command and press enter.

dd if=mbr.bin of=/dev/sda bs=512 count=1

When done restart the computer and let me know if you can boot up normally now.

#12 Obscurity

Obscurity
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 November 2012 - 07:14 PM

Still hits the BSOD after the Windows loading screen. :(

#13 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:49 AM

Posted 19 November 2012 - 07:32 PM

Still hits the BSOD after the Windows loading screen. :(

Interesting, that should have worked. Make sure that you did everything correctly (do them again if needed).

If there is still an issue, use dumpit once again to obtain mbr.bin (a new version of it) and attach it here for me to review.

Edited by thisisu, 19 November 2012 - 07:32 PM.


#14 Obscurity

Obscurity
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 November 2012 - 08:00 PM

Still not working, I even redid it 3 times.
After I put in the command each time it said:
1+0 records in
1+0 records out

Not sure if this tells you anything.
Here's the new dumpit.

Attached Files

  • Attached File  mbr.zip   2.22KB   2 downloads


#15 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:49 AM

Posted 19 November 2012 - 08:32 PM

You did it correctly.
So we have another issue now :)

Can you retry doing the F8 on startup and selecting "Disable automatic restart on system failure".

Let me know the new error code (if it has changed).

Also, try booting into Safe Mode.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users