Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help- trying to boot to safe mode-then pc restarts & locks to blank white screen


  • Please log in to reply
3 replies to this topic

#1 debsan7

debsan7

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 17 September 2013 - 10:31 AM

Customer reports "FBI virus".  I can't even get that far.  Regular boot goes to startup repair and reports that it can't automatically fix.  Safe mode boot looks like it will boot, but then the computer reboots itself as if to regular mode and then locks up to a blank white screen.  This is the second one I have seen this month like this.  What is it, and how to fix?


Edited by hamluis, 17 September 2013 - 01:06 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:27 AM

Posted 17 September 2013 - 02:08 PM

Welcome aboard p22002758.gif

 

I'll report this topic to appropriate helpers.

1. Please let us know what Windows version you have and if it's 32- or 64-bit.
2. Is the computer bootable in any mode?

Hold on there....


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 technonymous

technonymous

  • Members
  • 2,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:27 AM

Posted 17 September 2013 - 09:06 PM

Sounds like you probably need to run a offline mode virus scanner. At this link you can download ISO image to burn to cd and boot from them. If you scroll down towards the end of the list and just before the comments section there is 2 more pages to browse to more brands.
http://www.raymond.cc/blog/13-antivirus-rescue-cds-software-compared-in-search-for-the-best-rescue-disk/2

It sounds like you got a very destructive virus payload and that it trashed the MBR (master boot record). MBR is the first sector or section on the drive that tells windows how to boot and which file to look for to boot. Be sure to try the offline virus detectors first before attempting a MBR fix. Reason being is even if you fix the MBR this virus more than likely resides in a start up type location. Be it in the start up folder, msconfig, start services, registry /run area or some other file like a .ini file, it may even overwrote a system file with it's own. Without the virus actually being removed and damage repaired it will more than likely trash the MBR again on next boot up. If you do boot into the Windows OS successfully you will need to go over all those key areas where the virus resides and disable them etc if it's even possible. The first thing that these viruses do is disable the virus scanner & takes away your ability to fix stuff. IE: the ability to run CMD.exe, It does the same for regedit.exe etc. It will then make sure it starts up in the start up files, It will probably wipe out all the restore points on the drive, trashes the MBR so you cannot get to safe mode or even boot in this case which was probably it's ultimate goal. You may have to just restore the system completely as the damaging payload was to great.

to repair the MBR you set the bios to boot from CD/ROM first, then you boot from the windows disc to get to recovery options.

This is link shows the procedure for XP & Vista/Windows 7.
http://helpdeskgeek.com/how-to/fix-mbr-xp-vista/

Once you have everything running again I highly suggest changing some passwords unless you had them passwords stored in Firefox under the master password feature, as the file itself is 256AES encrypted. Also, you should have a backup solution plan. Some sort of HD imaging software that clones the HD and stores it on a separate USB HD. First line of defense if the Virus scanner, Second line of defense is a system backup. I suggest retail copy of Norton antivirus or COMODO. Many dislike Norton as it installs itself to deeply into the system and takes over control of the Firewall etc, or it uses to much ram bla bla bla. There is a reason why it does this as it has to protect itself from viruses like the one you have.


Edited by technonymous, 17 September 2013 - 09:25 PM.


#4 debsan7

debsan7
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 18 September 2013 - 10:31 AM

Thanks for all the help.  What I ended up doing was remove the HDD from infected PC and connect it to a working computer with good virus protection.  The viruses were immediately detected and quarantined.  I then ran Malwarebytes Antimalware on the infected drive and it removed some additional trojans.  Upon reinstalling the drive in the origiinal computer, it booted up and I was able to run complete scans on everything and it seems to be fine now. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users