Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Rootkit malware, ran HitmanPro, can't boot computer
Message
<blockquote data-quote="Agent_J" data-source="post: 187365" data-attributes="member: 21475"><p>Hello,</p><p></p><p>I had a malware infection, rootkit, ran HitmanPro to fix it and now my computer will not boot. I get a black screen after the memory and CPU diagnostics. Think MBR has been deleted.</p><p>Computer is windows vista 32-bit.</p><p></p><p>I was able to run the x32 (x86) bit systems <a href="http://download.bleepingcomputer.com/farbar/FRST.exe" target="_blank"><strong>Farbar Recovery Scan Tool</strong></a> and save it to a flash drive after burning a recovery disc. Here is the link in case any other OEM Vista users need it.</p><p><a href="http://c4consulting.com.au/vista-recovery-disc" target="_blank">http://c4consulting.com.au/vista-recovery-disc</a></p><p></p><p>I was stuck for a bit because my C:\ Drive was not recognized and spent an hour trying all the different .inf files on the (Boot) X:\</p><p></p><p>But I found out you just have to ignore it, click next and it will bring you to the System Recovery Options. So here are my results, thank you for help in advance.</p><p></p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014</p><p>Ran by SYSTEM on MINWINPC on 23-04-2014 21:43:41</p><p>Running from F:\</p><p>WIN_VISTA (X86) OS Language: English(US)</p><p>Boot Mode: Recovery</p><p>Attention: Could not load system hive.</p><p>Attention: System hive is missing.</p><p></p><p></p><p>The only official download link for FRST:</p><p>Download link for 32-Bit version: <a href="http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/%C2%A0" target="_blank">http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ </a></p><p>Download link for 64-Bit Version: <a href="http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/%C2%A0" target="_blank">http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ </a></p><p>Download link from any site other than Bleeping Computer is unpermitted or outdated.</p><p>See tutorial for FRST: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>ATTENTION: Software hive is missing.</p><p>ATTENTION: Software hive is not loaded.</p><p>ATTENTION: System hive is not loaded.</p><p></p><p>========================== Services (Whitelisted) =================</p><p></p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p></p><p>==================== Known DLLs (Whitelisted) ============</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>C:\Windows\explorer.exe IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.</p><p>C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.</p><p>C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!.</p><p></p><p>==================== Restore Points =========================</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Percentage of memory in use: 12%</p><p>Total physical RAM: 2549.81 MB</p><p>Available physical RAM: 2220.62 MB</p><p>Total Pagefile: 2349.67 MB</p><p>Available Pagefile: 2215.48 MB</p><p>Total Virtual: 2047.88 MB</p><p>Available Virtual: 1985.66 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive d: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF</p><p>Drive e: (ServiceV002) (Fixed) (Total:6.92 GB) (Free:2.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive f: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT32</p><p>Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 149 GB) (Disk ID: 95F3457A)</p><p>Partition 1: (Not Active) - (Size=7 GB) - (Type=27)</p><p>Partition 2: (Active) - (Size=142 GB) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 1 (Size: 960 MB) (Disk ID: 73696D20)</p><p>No partition Table on disk 1.</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="Agent_J, post: 187365, member: 21475"] Hello, I had a malware infection, rootkit, ran HitmanPro to fix it and now my computer will not boot. I get a black screen after the memory and CPU diagnostics. Think MBR has been deleted. Computer is windows vista 32-bit. I was able to run the x32 (x86) bit systems [URL='http://download.bleepingcomputer.com/farbar/FRST.exe'][B]Farbar Recovery Scan Tool[/B][/URL] and save it to a flash drive after burning a recovery disc. Here is the link in case any other OEM Vista users need it. [url]http://c4consulting.com.au/vista-recovery-disc[/url] I was stuck for a bit because my C:\ Drive was not recognized and spent an hour trying all the different .inf files on the (Boot) X:\ But I found out you just have to ignore it, click next and it will bring you to the System Recovery Options. So here are my results, thank you for help in advance. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014 Ran by SYSTEM on MINWINPC on 23-04-2014 21:43:41 Running from F:\ WIN_VISTA (X86) OS Language: English(US) Boot Mode: Recovery Attention: Could not load system hive. Attention: System hive is missing. The only official download link for FRST: Download link for 32-Bit version: [URL='http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/%C2%A0']http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ [/URL] Download link for 64-Bit Version: [URL='http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/%C2%A0']http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ [/URL] Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Registry (Whitelisted) ================== ATTENTION: Software hive is missing. ATTENTION: Software hive is not loaded. ATTENTION: System hive is not loaded. ========================== Services (Whitelisted) ================= ==================== Drivers (Whitelisted) ==================== ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== ==================== One Month Modified Files and Folders ======= ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!. C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION!. C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!. C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!. C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!. ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 2549.81 MB Available physical RAM: 2220.62 MB Total Pagefile: 2349.67 MB Available Pagefile: 2215.48 MB Total Virtual: 2047.88 MB Available Virtual: 1985.66 MB ==================== Drives ================================ Drive d: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF Drive e: (ServiceV002) (Fixed) (Total:6.92 GB) (Free:2.66 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 149 GB) (Disk ID: 95F3457A) Partition 1: (Not Active) - (Size=7 GB) - (Type=27) Partition 2: (Active) - (Size=142 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 960 MB) (Disk ID: 73696D20) No partition Table on disk 1. ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top