Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer won't reboot after running GMER to identify malware


  • Please log in to reply

#1
Ted H

Ted H

    Member

  • Member
  • PipPip
  • 26 posts
Hi,

Rorschach112 sent me here after trying to help me out in the malware removal forum with an issue that turned into an inability to boot up in Windows XP Professional. Here is my original post in that forum below:


"I started having problems about a week ago with Google searches being redirected, and I came across your site instructions for cleaning and removing malware. I performed the first three tasks below and identified a rootkit during the MBAM phase. Also ran my McAfee Virus full scan without detecting anything. After rebooting and testing my system I still had the same redirect problems. I downloaded GMER and executed it. It detected a suspicious alteration and asked if I wanted to run a full scan. I clicked "No" as per the instructions, and at that point the computer locked up and i was unable to do anything further. I turned the computer off via the power button and tried to reboot, but the computer will now not reboot. I can still get into the SETUP functions at the beginning of the boot process, but I'm not enough of a geek to know what to do when I get there. Obviously, I am unable to get to any log information to send you until I can get back into my computer. Help!


1. TFC completed
2. erunt completed
3. MBAM completed (1 items found: 1 rootkit, which said it would be removed after reboot)
4. GMER downloaded and run to the point of asking if I wanted to run a full scan. When I clicked No, the computer locked up, and now will not boot up."


Rorschach112 suggested that I use my Windows CD to try a repair, and directed me to the link on this site to go through those steps. I did so, and the computer said that the process had completed successfully and the computer would now reboot to complete the setup process. The computer went through the initial BIOS setup page, but never got to the "Windows Starting" screen...just back to a blank screen again. I repeated this process twice, with the same result. He then suggested that I hit F8 during restart, which I did. I was able to get to the screen that allowed me to select Last Known Good Configuration. When I selected that, it brought up another screen that said to select the operating system to start. The only option available was Microsoft Windows XP Professional. I hit Enter, but got only a blank screen once again.

I hope you have some further suggestions I might try!

Thanks!
  • 0

Advertisements


#2
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
How To Run Chkdsk /r from Recovery Console:


How to run checkdisk from recovery console (Windows xp). (Courtesy dsenette)
  • Insert the Windows XP startup disk into the floppy disk drive, or insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer.
    Note:Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted to do so.
  • When the "Welcome to Setup" screen appears, press R to start the Recovery Console.
    Note:If you have a dual-boot or multiple-boot computer, select the installation that you want to access from the Recovery Console.
  • When you are prompted to do so, type the Administrator password. If the administrator password is blank, just press ENTER.
  • At the Recovery Console command prompt, type the following then press Enter:

    chkdsk /r

  • Allow this to run UNDISTURBED until completed (45 min or so)
  • Report any errors


If this doesn't fix the problem then do the below instructions.

If you have Windows CD...

1. Insert your Windows XP CD into your CD and assure that your CD-ROM drive is capable of booting the CD.
2. Once you have booted from CD, do NOT select the option that states: Press F2 to initiate the Automated System Recovery (ASR) tool.
You’re going to proceed until you see the following screen, at which point you will press the “R” key to enter the recovery console:

Posted Image

3. After you have selected the appropriate option from step two, you will be prompted to select a valid Windows installation (typically number “1").
Select the installation number, and hit Enter.
If there is an administrator password for the administrator account, enter it and hit Enter (if asked for the password, and you don't know it, you're out of luck).
You will be greeted with this screen, which indicates a recovery console at the ready:

Posted Image

4. There are eight commands you must enter in sequence to repair any of the issues I noted in the opening of this guide.
I will introduce them here, and then show the results graphically in the next six steps.
NOTE. Make sure, you press Enter after each command. Make sure, all commands are exact, including "spaces".
These commands are as follows:

CD..
ATTRIB -H C:\boot.ini
ATTRIB -S C:\boot.ini
ATTRIB -R C:\boot.ini
del boot.ini
BOOTCFG /Rebuild


Note about the above command.
BOOTCFG /REBUILD command which searches for pre-existing installations of Windows XP and rebuilds sundry essential components of the Windows operating system, recompiles the BOOT.INI file and corrects a litany of common Windows errors.
It is very important that you do one or both of the following two things:
A.) Every Windows XP owner must use /FASTDETECT as OS Load Option when the rebuild process is finalizing.
B.) If you are the owner of a CPU featuring Intel’s XD or AMD’s NX buffer overflow protection, you must also use /NOEXECUTE=OPTIN as an OS Load Option.
For the Enter Load Identifier portion of this command, you should enter the name of the operating system you have installed.
If, for example, you are using Windows XP Home, you could type Microsoft Windows XP Home Edition for the identifier (it's not crucial, however what the name is, as long, as it's meaningful).
Here is your computer screen:

Posted Image

5. Following command verifies the integrity of the hard drive containing the Windows XP installation. While this step is not an essential function in our process, it’s still good to be sure that the drive is physically capable of running windows, in that it contains no bad sectors or other corruptions that might be the culprit:

CHKDSK /R

6. This last command writes a new boot sector to the hard drive and cleans up all the loose ends we created by rebuilding the BOOT.INI file and the system files. When the Windows Recovery Console asks you if you are Sure you want to write a new bootsector to the partition C: ? just hit “Y”, then Enter to confirm your decision:

FIXBOOT

7. It’s time to reboot your PC by typing
EXIT
and pressing Enter.

With any luck, your PC will boot successfully into Windows XP as if your various DLL, Hive, EXE and NTLDR errors never existed.




Thanks To Broni For The Instructions
  • 0

#3
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Thanks for the very quick reply. Ok, I have run chkdsk /r on C:\WINNT. It did report finding and fixing one or more errors on the volume. Here is the complete log:

Volume created 04/07/04 07:40p
The volume Serial Number is 8c28-c5e1
CHKDSK is checking the volume...
CHKDSK is performing additional checking or recovery...
CHKDSK is performing additional checking or recovery...
CHKDSK is performing additional checking or recovery...
CHKDSK found and fixed one or more errors on the volume.
78132092 kilobytes total disk space.
13924272 kilobytes are available.

4096 bytes in each allocation unit.
19533023 total allocation units on disk.
3481068 allocation units available on disk.

At this point I tried to restart the computer, but again it did not boot up. I will try the additional fixes you listed in the 2nd part of your message and report back to you.
  • 0

#4
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
Rerun chkdsk /r to make sure it fixed everything.
  • 0

#5
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
I didn't see your suggestion to run chkdsk again until I had already started the second fix. When I got to the recovery prompt (which was C:\WINNT and not C:\WINDOWS, if that matters), I started entering the commands. It did not recognize CD.. as a valid command, and stayed in the c:\WINNT directory, but I proceeded with the others in any case. I suppose perhaps I should not have done that, but I proceeded with the following:


ATTRIB -H C:\boot.ini
ATTRIB -S C:\boot.ini
ATTRIB -R C:\boot.ini
del boot.ini (it did not recognize this one either)
BOOTCFG /Rebuild

I also entered the load identifier (Microsoft XP Home edition) and the OS load option /fastdetect

I then ran chkdsk in this directory, and got the error that there was an unrecoverable error in that volume.

I saw your note online and, after still not being able to reboot, am running chkdsk again in the c:\WINNT directory. It still has at least 40 minutes to go at this point.
  • 0

#6
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok, I ran chkdsk again after booting up from the CD. It didn't mention finding any errors this time, but neither did it boot into Windows after I exited from the DOS prompt. What next?
  • 0

#7
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
OK lets go to a repair of the OS and see if that will fix the problem.

Repair Installation Instructions

· Insert your Windows XP CD in your CD-ROM and then Restart your computer.
· At the first post screen start tapping the Del key to enter System Bios
· Find the Advance Options or Boot Sequence screen.
· You will need to change the boot sequence so that the CDrom is first and the HD is second.
· Press F10 to Save and Exit and then press Enter to accept.
· The system will now reboot
· When the "Press any key to boot from CD" message is displayed on your screen, press a key to start your computer from the Windows XP CD.
· When you see the following message displayed on the Welcome to Setup screen, press ENTER
· To setup Windows XP now, press ENTER.
· At this point an option to press R to enter the Recovery Console is displayed. DO NOT SELECT THIS OPTION.

· On the Windows XP Licensing Agreement screen, press F8 to agree to the license agreement.
· Make sure that your current installation of Windows XP is selected and highlighted in the box, and then press the R key to repair Windows XP.
· Follow the instructions on the screen to complete Setup.

You can also go HERE
to read a step by step tutorial with screenshots.
  • 0

#8
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
I actually had tried this OS fix just prior to coming to this forum (see my initial message), but I will give it another try now since I've done some intervening activities.
  • 0

#9
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok, I went through this step again (the repair program reminded me that it had attempted to fix the OS previously, and I selected "Retry"). It went through the process again and said it had completed this part of the installation successfully (as before), and that the computer would reboot after 15 seconds to complete the setup process or that I could press Enter to restart, which I did. Then, back to the blank screen again....*sigh*. I sense we're running out of options to recover anything from my hard drive!
  • 0

#10
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
Nope still got another trick up my sleeve called a parallel installation.
Parallel Installation of Windows XP

Boot to the Windows XP installation cd by pressing a key when the "Press any key to boot from cd" prompt appears at the top of the screen.
  • At the "Welcome to Setup" screen, press Enter to set up Windows XP.
  • Accept the License Agreement by pressing F8
  • With your current installation selected in the box, press Esc
  • Select C: Partition1 [NTFS] in the box and press Enter
  • To continue setup using this partition, press C
  • Now you should see formatting options...choose the last one, Leave the current file system intact (no changes), and press Enter
  • To use a different folder, press Esc
  • Name the folder WINDOWS0 (just type a 0 (zero)) and press Enter
The Windows installation should begin. This will install Windows to a new folder, leaving your data intact. Any programs installed on the old directory will have to be reinstalled to the new one. Device drivers will also have to be installed for all the hardware to work as it should.

The data will be located in the Documents and Settings folder (C:\Documents and Settings) under your old user account name...so when you set up the new installation, give yourself a slightly different user account name.
  • 0

Advertisements


#11
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hurray! Windows is installing! It was just nice to see something other than a blank screen for a change. It still has 35 minutes to complete setup, but I will let you know when I've successfully located my files. Then, i suppose I still have to head back to the other forum to deal with the malware issue that led to all this in the first place, right? (after backing up a few key files first, that is... :) )
  • 0

#12
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok, I was able to get everything installed and located my old files. I'll get a bunch of stuff backed up and then activate XP firewall before connecting and then install all the critical Windows updates before doing anything else. Thanks alot for all your help!
  • 0

#13
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
Yes finish the malware topic also and once Ror has you declared healthy then you should be ready to dance and celebrate again. :)
Just make sure to get the files backed up and follow the instructions to move your files over to the new installation. Programs may need to be reinstalled but hopefully not many if that happens.
  • 0

#14
Ted H

Ted H

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
You mentioned "following instructions" to get my files moved over to the new installation. Is there a specific procedure I should follow, or can I not simply move them over from one location to the other in Windows Explorer?
  • 0

#15
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
After doing the installation follow these steps:

The Windows installation should begin. This will install Windows to a new folder, leaving your data intact. Any programs installed on the old directory will have to be reinstalled to the new one. Device drivers will also have to be installed for all the hardware to work as it should.

The data will be located in the Documents and Settings folder (C:\Documents and Settings) under your old user account name...so when you set up the new installation, give yourself a slightly different user account name.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP