Main Forum > General Computer Support
Windows 7 Ult 64 bit trapped by BSD and can not get out.
FreeCat:
Hi Boggin,
Sorry if opening a thread on Windows backup not recognizing H drive was wrong. Seems like a different subject to me. I will delete it if you want.
I did run the MalwareBytes and quarantined the one very bad flag but then could not have windows com up without just a black desktop. JiohnC in Bleeping told me to try F8 with LAST KNOW GOOD CONFIGURATION and that worked. But, now stuck.
I am making a backup with EASEUS which is free and seems to be working. Will let you know how it ends.
Boggin:
Malware removal is a specialised subject and while MBAM is a good program, it had also snagged other items which could impact your machine.
I don't know if they were the cause of your black screen after MBAM had removed that Trojan, but you would be better served allowing the experts on the Bleeping Computer forum clean up your machine.
Last Known Good Configuration restores your computer back to where it was able to boot but in doing so, could have reinstated that infection.
Read through what I had posted and submit the FRST logs on that forum as requested in the malware removal section.
FreeCat:
Howdy Boggin,
So, I have made and verified a system image backup to H with EASEUS some; it's free; it ran in a reasonable amount of time; seems to have good ratings; pro version does not cost a lot and has more features like restore to different machine, etc. So, it is painful for me to loose my "friend" AOMEI which I have used for this an many other machines flawlessly in the past (including restoring to a different machine.) But, that is life.
So, now that I have an image backup, I wonder if I should do what you suggested:
Press any key when prompted to boot from CD/DVD and you may be presented with an inverse window with Windows Setup (EMS Enabled) highlighted - just press enter then navigate to the Install screen and click on Repair your computer and select Command Prompt.
Enter bcdedit |find "osdevice" and using that partition letter instead of the X I have exampled, enter -
"sfc /scannow /offbootdir=X:\ /offwindir=X:\Windows
For clarity that is a Pipe symbol before find and is the uppercase of \ and note there is a space before each /
When it's done, it will report as for the same when you do a normal sfc /scannow.
Enter exit to close the cmd window, remove the install disk and select Restart."
I have my Win 7 64b Ultimate distribution disc with SP1. (Or, do I need to ge the download one?)
Should I try it within Windows first?
Also, FWIW since I used the MalwareBytes program I have some annoying ByteFence thing that keeps showing up. I will mention that to Bleeping.
So, last question is: Should I go to Bleeping first or just do the SFC?
Thanks, again, Boggin for your assistance.
Boggin:
So success at last in creating an image :)
I would go to Bleeping Computer first to get the machine disinfected as it could resolve any problems and then you could run the offboot sfc /scannow, should the infection have caused any damage.
FreeCat:
Good, Boggin, that is why I waited to hear from you. Early this morning I posted about removing threat and on re-boot weeing only black desktop in BSOD forum. No replies. Should I go to some other place? Or, do they have a tool like Tweaking (Could not find one.) Thanks, again for your help.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version