Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 won't boot due to trojan, virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 dragoula

dragoula

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 13 July 2013 - 01:56 PM

Hi!

 

My computer (acer extensa 5635ZG) with windows 7 (x86) in the last 2/3 weeks became more and more slow, showing pop up and programs closing unexpectedly. I ran the antivirus and appeared some trojans, virus and some other "things" I can't recall the name. I couldn't quarantine or delete because the license had expired so I decided to unistall the antivirus and install another one. I unistalled it and when I was intalling the other antivirus, the computer froze somewhere in the installation and I turned it off. 

 

Now windows won't start again, I tried all the options that appear: safe mode, start windows normally and startup repair (recommended). 
In startup repair I can get to the command prompt, since other options won't take me anywhere. 
 
I read the preparation guide and decided to follow it. I used the dds.com tool but I couldn't get the dds.txt, it was only displayed the attach.txt, I saved it. I decided to use  Farbar Recovery Scan Tool and I got a txt file that follows:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-07-2013 01
Ran by SYSTEM on 13-07-2013 18:33:43
Running from Y:\
WIN_7 (X86) OS Language: Portuguese Standard
Boot Mode: Recovery
Attention: Could not load system hive.
Attention: System hive is missing.
 
==================== Registry (Whitelisted) ==================
 
Attention: Software hive is missing.
 
ATTENTION: Software hive is not loaded.
 
 
========================== Services (Whitelisted) =================
 
 
==================== Drivers (Whitelisted) ====================
 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
 
==================== One Month Modified Files and Folders =======
 
 
==================== Known DLLs (Whitelisted) ============
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!.
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: <===== ATTENTION!
HKLM\...\exefile\DefaultIcon:  <===== ATTENTION!
HKLM\...\exefile\open\command:  <===== ATTENTION!
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 10%
Total physical RAM: 4060.93 MB
Available physical RAM: 3617.82 MB
Total Pagefile: 4059.2 MB
Available Pagefile: 3614.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.57 MB
 
==================== Drives ================================
 
Drive e: () (Removable) (Total:3.66 GB) (Free:0.06 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Removable) (Total:3.65 GB) (Free:0.12 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)
 
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
 
==================== End Of Log ============================

 

 

 

I attached the attach.txt file. 
Can you help me?
 
 
Thank you in advance for all the support you give here.
 
Pedro

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 dragoula

dragoula
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 15 July 2013 - 05:00 AM

Anyone? :)



#3 dragoula

dragoula
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 15 July 2013 - 02:01 PM

Hi guys!

 

I solved the problem! Thank you for all the information we can find in the forum!

You may  close the topic.

 

Pedro



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 AM

Posted 16 July 2013 - 05:50 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users