1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Vista Won't Start, Normally Or Repair Mode, Black Screen

Discussion in 'Malware Removal Help' started by CarolsSis, Jun 23, 2012.

  1. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    When I woke in the middle of the night, I decided to go online to look up something. Next thing I know, my antivirus is going crazy with messages, scans, several running at same time, things being put into quarantine, and I don't have enought time to read all these before they dissappear. I must have seen 8 scans going, two or three at a time, popups at bottom right of malware detected and put into quarantine, all at the same time. Maybe 12 popups about malware, all in the space of 5 minutes. Then it says it's shutting down my computer. Not good, I go to start, to see if I can shut it down first, 3 of 5 choices are greyed out. I hit the power button. Waited a few minutes, and hit power. Black screen with choice to restart normally. will not start normally, screen changes to repair start. Will not start. Have tried this several times. One of the files I can recall going into quarantine was "services.exe" and that;s when it went into shut down. Freaked me to see it, which is why I tried to shut down before it could quarantine my whole os, which it looks like it did. Free version of Avira is the antivirus program I was using. I do have recovery discs I made after setting this laptop up. Thanks in advance for any help or suggestions.
     
  2. KenB

    KenB Registered Members

    Joined:
    Oct 21, 2010
    Messages:
    1,223
    Location:
    Wirral UK
    Operating System:
    Windows Vista Home Premium
    Hi again :)

    By the sounds of it - this is one for our security guys. ( I will leave a message for them )

    Can you get the machine to boot up if you use Safe Mode ?
    Switch on - constantly tap F8 about once per second.> select safe Mode from the list of options.

    You can also try Last Known Good Configuration.
     
  3. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    Hi, my name is etavares and I'll be helping you with the removal of the malware.

    While we work together, please do not do anything (scans, fixes, etc.) that I don't instruct you to do. We can end up working against each other and making the problem worse if we both are attempting fixes. Second, please respond within 2 days at the latest or the thread may be closed. If you're gone longer, that's fine, but please let me know.

    We should be able to restore it without the recovery disks, but first things first...please follow KenB's instructions and let me know if you can boot into safe mode.

    -etavares
     
  4. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    Have booted to Error recovery. will not change if I choose startup repair. Have tried last known good configuration. what if I hit the wrong thing when I was trying to get the pop ups to stop long enough for me to read them. I may have hit "remove" and taken out the "services.exe".
     
  5. BeeCeeBee

    BeeCeeBee ADMINISTRATOR IN MEMORY

    Joined:
    Apr 20, 2009
    Messages:
    7,201
    Location:
    New Jersey "Stronger than the Storm"
    Operating System:
    Windows 7
    OK so you can get to the Advanced Boot Options window where safe mode is located. However the question that both KenB and etavares have asked is whether you can get into safemode. That question needs to be answered so etavares can give you the help you need. The information you have given is helpful but does not address the actual issue.
     
  6. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    When I choose safe mode the screen changes, does not give me more than a few seconds to read what is there, Then it reverts to error recovery screen,
     
  7. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    Safe mode loads drivers, then says please wait, goes to blue screen that doesn't give me enough time to read it all, and reverts to recovery screen.
     
  8. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    Hi. The window that opens when you try to get into safemode (F8) is the "Advanced Boot Options" window. It is the black window with a list of choices. Select "Disable Automatic Restart on System Failure" and then post the blue screen error codes which appear for etavares.
     
  9. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    Chose disable auto restart on system failure, screen went black, waited several minutes, powered off, power on, F8 again, disable auto restart etc. again. 4 minutes later, screen still black
     
  10. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    OK, we'll look using a different tool. Please follow these instructions.


    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
  11. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    don't know what my laptop is, 32 or 64 bit. also have problem with flash drive. pop up message says it will run faster if I install 2.0 usb port. the antivirus program, Avira blocks me down loading the file to save to flash drive. the Avira pop up doesn't come up far enough to get to a different choice before it drops off screen.
     
  12. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    Hi.I am not trying to take over here.
    Trying to speed things along till etavares returns.
    Turn off Avira till you load the file to your Flash Drive
     
  13. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    I chose 32 bit, think it downloaded to flash. inserted into usb port. it blinked a few times while I was doing F8, chose Repair your computer, it does nothing. I do not have one operating system disc. I have 10 or 12 of them. I don't have a problem with re-installing the OS, what my big problem with that is, the Vista version I have is longhorn, the very first one. It is no longer supported, so I lose all the fixes, patches, etc. that Microsoft put out after release. My question is, how safe and managable will the os be without all the patches that were issued?
     
  14. BeeCeeBee

    BeeCeeBee ADMINISTRATOR IN MEMORY

    Joined:
    Apr 20, 2009
    Messages:
    7,201
    Location:
    New Jersey "Stronger than the Storm"
    Operating System:
    Windows 7
    Please go back and follow etavares' instructions again but disable Avira first. This is the same advice given by DSTM above. If that fails then you will need to wait for etavares or starbuck to return and give further advice.

    For the record longhorn is a prerelease version of Vista. Please stop trying other fixes until one of them advises or you may make things worse.
     
  15. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    Don't know where you got the idea I was trying other fixes, am not doing anything other than what is being instructed here. Have tried the flash drive, F8 start up with choice of Repair computer. As before, it refreshes the screen only. I get no choice of language or next. will not do anything else until I have further instructions here.
     
  16. BeeCeeBee

    BeeCeeBee ADMINISTRATOR IN MEMORY

    Joined:
    Apr 20, 2009
    Messages:
    7,201
    Location:
    New Jersey "Stronger than the Storm"
    Operating System:
    Windows 7
    Sorry, I did misread your posts slightly but we do need to wait.
     
  17. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    Just in case... reformatted flash drive. downloaded 32 bit recovery scan tool to it. Plugged flash drive into laptop, power on, F8 key. Error recovery screen, chose launch start up repair. Enter. screen flashes, returns to error recovery . Am taking notes on what I do so I make no more mistakes. Have laptop in room with this computer, so I can read instructions and perform them. Will not continue with any thing else.
     
  18. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    Thanks for expediting BeeCeeBee and DSTM. I can't log on from work during the weekdays unfortunately.

    This is a fairly rare situation. Almost always a nonbooting computer will either crash before you even get the Advanced Boot Menu, or you'd be able to launch startup repair. It could be a virus, corrupt hard disk or corrupt RAM generally. Do you have the installation CDs for Vista? Did you try using that? (It was an alternate part of my instructions above.) You didn't mention trying the CD. I've copied the relevant instructions below.

    32 bit should be OK. Usually you know if you have a 64 bit system.

    Plug the flashdrive with FRST into the infected PC.


    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

    If you don't have the Vista installation CD to do this, we do have other options. Just let me know and I'll provide alternate instructions.
     
  19. CarolsSis

    CarolsSis Registered Members

    Joined:
    Aug 28, 2011
    Messages:
    206
    Location:
    home
    Operating System:
    Windows Vista Enterprise
    I'm getting old, didn't have my glasses on, middle of the night. When the Avira went nuts, I couldn't get the cursor over to the top bar of the popup to try to stop them. They were quarantining all my main operating files. When I was trying to get the cursor over to the pop up, it stopped on the "delete" button, when I tried to move it, it depressed the delete button, and that was the "services.exe" file. I think I shouldn't use a touch pad, it's what caused me to delete my "services.exe" file. Avira had "detected" several malwares in services, MW32, and several other files. I thought they were all main operating system files, and that's why I turned it off.
    I will try the flash drive and first of 11 recovery discs. Thanks for the help.
    Flash drive in, first boot disc in, power on, same error recovery screen, enter on repair computer, no change.
     
  20. etavares

    etavares Malware Removal Specialist - Moderator

    Joined:
    Aug 6, 2011
    Messages:
    259
    Location:
    USA (GMT -5)
    Hello, Carolsis.

    The recovery disk wouldn't work for this, you would need the actual Windows installation CD. The fact your antivirus went nuts could be a file infector. That would be extremely bad. DO you remember what virus it was detecting?

    Let's try this to get an initial start.



    Step 1

    Try this please. You will need a USB drive.

    Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http:/ oahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
    • Insert your USB drive
    • Press Start > My Computer > right click your USB drive > choose Format > Quick format
    • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
    • Press Run then OK
    • Select the DiskImage option then click the browse button located on the right side of the textbox field.
    • Browse to and select the xpud-0.9.2.iso file you downloaded
    • Verify the correct drive letter is selected for your USB device then click OK
    • It will install a little bootable OS on your USB device
    • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
    • After it has completed do not choose to reboot the clean computer simply close the installer
    • Next download http:/ oahdfear.net/downloads/driver.sh to your USB
    • Remove the USB and insert it in the sick computer
    • Boot the Sick computer
    • Press F12 and choose to boot from the USB
    • Follow the prompts
    • A Welcome to xPUD screen will appear
    • Press File
    • Expand mnt
    • sda1,2...usually corresponds to your HDD
    • sdb1 is likely your USB
    • Click on the folder that represents your USB drive (sdb1 ?)
    • Confirm that you see driver.sh that you downloaded there
    • Press Tool at the top
    • Choose Open Terminal
    • Type bash driver.sh
    • Press Enter
    • After it has finished a report will be located on your USB drive named report.txt
    • Remove the USB drive and insert back in your working computer and navigate to report.txt

      Please note - all text entries are case sensitive
    Copy and paste the report.txt for my review

    etavares
     

Share This Page