Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 not booting after running Kaspersky Online Scanner [Solved]


  • This topic is locked This topic is locked

#1
Richk138

Richk138

    Member

  • Member
  • PipPipPip
  • 190 posts
I ran Kaspersky's online virus scanner on my computer to fix a virus problem. It detected a rootkit and attempted to clean it. I received a message saying that the machine would reboot after cleaning the virus but it hung up. Now the machine will not boot at all. I get the Windows 7 splash screen then a quick blue screen then the option to repair the start up files or start normally. Neither option works. I have tried running the repair option from the Windows 7 CD ROM as well as trying a System Restore but they do not work either. Any suggestions on how to recover this system.
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Hi, Richk138! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.






Do you have another computer we can use to download files? If so what is the operating system (i . e. XP, Vista, Windows 7)

Do you have a small USB flash drive to transfer files?

Do you have some blank CD's to make CD's on the good machine?

I am glad you have the Windows 7 Install disk we will probably use it!
  • 0

#3
Richk138

Richk138

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 190 posts
I am still having a problem getting the machine to boot to Windows. I do have another machine that I am working on so I can download files.
  • 0

#4
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Do you have blank CD's and can the other machine be used to make CD's?

Do you have a USB flash drive to transfer files?


Regards,

CompCav
  • 0

#5
Richk138

Richk138

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 190 posts
Yes
  • 0

#6
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
We Need to Diagnose Your BlueScreen
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    Posted Image
Please post me the error(s).

Regards,

CompCav
  • 0

#7
Richk138

Richk138

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 190 posts
There was no fault error only information listed under the Tech Info section.

***STOP: 0X0000007B (0XFFFFF880009A98E8, 0XFFFFFFFFC0000000D, 0X0000000000000000, 0X0000000000000000)
  • 0

#8
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Try this please:

  • Please restart your system and tap F10 repeatedly, until the "Edit Boot Options" screen appears.
  • In last line you should see this:
Note: You may see other settings as well between the brackets, but do not delete anything except for /minint.

[ /NOEXECUTE=OPTIN /MININT ]


  • Delete /MININT from that entry so that now you have:
[ /NOEXECUTE=OPTIN ]


  • Press Enter key
  • Once back in Windows go to Start and type cmd in the search box.
  • In the results, right click CMD.exe and click on Run as Administrator.
  • Copy and paste the below command into the command prompt window and press enter:
bcdedit /set {current} winpe no

  • Restart. Windows should start normally.

  • 0

#9
Richk138

Richk138

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 190 posts
It worked!!! You are da bomb!!! What was the problem?
  • 0

#10
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Glad it booted but we are not completely out of the woods. I will have additional steps to complete the cleaning process later after review by my instructor. Please be patient as we move forward here.

Regards,

CompCav
  • 0

Advertisements


#11
Richk138

Richk138

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 190 posts
I will have to finish the scans on Monday. This computer is at my place of employment and it is quitting time. I will send a reply to this post on Monday morning so we can finish the process. Although in my panic this morning, I ran a Dell Data Safe backup and restored the OS from the factory partition. The computer was still not booting after that process. After running the command you sent the machine booted and set up the OS as a fresh install. I have not run the back up files installer yet and they may very well be infected as may the factory partition. I will get back to you on Monday. Thank you very much for all the help and I will chat with you on Monday. Have a great weekend. :)
  • 0

#12
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
You too and some instructions will be waiting for you on Monday!

Regards,

CompCav
  • 0

#13
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Is this a business/institution computer?
If it is, are you the domain administrator? If you are not, have you informed your domain administrator, (business manager, Systems Analyst, or Information Technology (IT) Specialist)?


I ask for several reasons:
  • There may be restrictions and modifications installed on such machines that could be damaged or altered by the actions we take to remove Malware.
  • Any infection could jump terminals in a computer network.
  • There may also be legal issues regarding any loss of business data that I do not wish to deal with.
  • Some people who come here use their computers for work, and the computers may contain the patient records of a physician or the financial records of an accountant's clients or credit card and bank account information of their employer's customers.
  • There may be tremendous risks and legal liability for such users for not fully securing the computer. We will not know this unless we ask. We do not want to be accidentally putting those we help in vulnerable positions for lawsuits.
  • Business factors outweigh technical factors in making the reformat and reinstall decision. Sometimes friends give missing CDs or lack of expertise as a reason for not doing a reformat and reinstall.
  • The cost of replacing missing Windows XP and MS Office CDs and getting an Microsoft Certified Systems Engineer to come in for 3 hours to do the reinstall and apply all the critical updates, is trivial compared with the potential cost of a multi-million dollar lawsuit for breach of trust if confidential client or patient information is disclosed.
  • In specific situations where highly confidential information about others is on the computer, and a backdoor virus or trojan is found, we are helping people more by identifying that they have a backdoor trojan which puts them in a particularly vulnerable situation and sending them to seek local professional help from a Microsoft Certified Systems Engineer or Certified Information Systems Security Professional or Global Information Assurance Certification Certified Security Expert or Certified Computing Professional or Internet Service Provider than we would be trying to fully resolve their problems long distance.


Please respond to these quesitons before we continue.

Regards,

CompCav
  • 0

#14
Richk138

Richk138

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 190 posts
I work for a college and am working on a student computer. They have already given me permission to back up their data and reinstall the OS. The data has been backed up using the Dell Data Safe back up utility and is stored on the local drive under the Emergency folder.
  • 0

#15
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check
  • Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

  • Post both logs



Step 2.

Please post:

OTL.txt
Extras.txt



Please give me an update on how the computer is performing
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP