Jump to content

Computer wont start windows after malwarebytes scan


Recommended Posts

Relative Thread: https://forums.malwarebytes.org/index.php?/topic/153649-update-v2014072609-entire-system32-quarantined/  <---- Maybe possible not sure what databse version he was using to be completely honest.

 

 

Hello,

 

I am one of two techs here at Silvercreek Realty Group and I am posting as a disaster has struck our office! The CEO's computer has crashed after a quarantine and then a  restart. I say crash because it won't load windows and will onyl show a Samsung logo and a grey loading bar. I have been using malwarebytes for quite awhile as a last step or resort to cleaning malware and viruses this is the first time this has happened.

 

I can only boot to the bios no windows 8 recovery options are available not a system restore or repair or any windows options of any kind Safe mode etc..... When I tried to load to Bios and change boot priority to a external dvd drive with a windows 8 repair / recovery CD and it still wont load. Shy of disassembling my CEO's laptop pulling the hard drive to backup all dataq and performing a clean install I would like to know if there is anything I can do. If I could somehow get to a CMD prompt and run the SFc commands or something that would be  a start! Any help is greatly appreciated as time is imperative and this has created MANY additional hours for no reason!

 

Unfortunately as I was pressed for time I did not get to look at all of the infections found before apply actions only the first few which were malware such as Conduit, Spigot, Minspark etc were some of the names but not a excessive amount was found as that computer gets scanned regularly. I just wanted you to know something irregular did not pop out to me!

Link to post
Share on other sites

Hello and Welcome to Malwarebytes

Being that the computer is probably still infected and the damaged was caused more than likely due to the infection itself, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

No offense but this issue needs a little more attention then canned responses. I just told you windows wont load of any kind so regular malware troubleshooting steps isnt going to suffice as windows CAN'T be loaded at all.....I have been using this product for over 6 years and it is the first time I have ever needed to come to the forums for assistance or help. I have a bachelors in Cyber Security and am well versed in the malware world. Shall I just contact consumer support for this particularly advanced issue?

Link to post
Share on other sites

Backup Disk Images of your operating systems ?  Does the CEO's hard drive have any separate partitions with enough free space you could install a temp operating system so you can get it and and do a boot repair (dual boot config on a temp basis) I've had OS belly up numerous times and I'm sure you don't need to hear this from a self taught layman but it's wise to frequently make back-up image disk of your OS. Dual boot systems can come in handy as well. How are you doing with the meltdown. Any progress. 

Link to post
Share on other sites

Heres the log

 

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/09/18 08:30:06 -0600</date>
<logfile>mbam-log-2014-09-18 (08-30-04).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.09.18.03</malware-database>
<rootkit-database>v2014.09.15.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>Aaron</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>399158</objects>
<time>635</time>
<processes>0</processes>
<modules>0</modules>
<keys>1</keys>
<values>1</values>
<datas>0</datas>
<folders>0</folders>
<files>4</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY</path><vendor>PUP.Optional.OneSoftPerDay.A</vendor><action>success</action><hash>54c74fa081fa8caaabf9f90957ac8c74</hash></key>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>ospd_us_66</valuename><vendor>PUP.Optional.OneSoftPerDay.A</vendor><action>success</action><valuedata></valuedata><hash>ee2da44bed8e0333475f32d0db28ff01</hash></value>
<file><path>C:\Users\Aaron\AppData\Local\Installer\Installcr_22396\DCytdiegut_gutdu_setup.exe</path><vendor>PUP.Optional.Goobzo</vendor><action>success</action><hash>20fbf4fba1daf83e0eea78432bd629d7</hash></file>
<file><path>C:\Users\Aaron\AppData\Local\Installer\Installcr_9999\DCytdiegut_gutdu_setup.exe</path><vendor>PUP.Optional.Goobzo</vendor><action>success</action><hash>35e630bf106b53e313e57a41be432cd4</hash></file>
<file><path>C:\Users\Aaron\AppData\Local\Installer\Installiwebar_5090\DCytdiegut_gutdu_setup.exe</path><vendor>PUP.Optional.Goobzo</vendor><action>success</action><hash>9d7e3bb49be0a096eb0d02b9f809ef11</hash></file>
<file><path>C:\Users\Aaron\AppData\Local\Installer\Installiwebar_9999\DCytdiegut_gutdu_setup.exe</path><vendor>PUP.Optional.Goobzo</vendor><action>success</action><hash>3be0bb3452298aac17e139823cc51fe1</hash></file>
</items>
</mbam-log>

Link to post
Share on other sites

I would like to add that I "applied actions" to the scan yesterday on 10/6/2014 which resulted in my issue and the start of this thread. From the looks of the log it was actually scanned on September 18th? So the viruses were sitting in that quarantined state for over half a month. Not sure if this matter but wanted to be sure I clarified any concerns.

Link to post
Share on other sites

Is there anyway to restore the files that were quarantined in malwarebytes back to where they were. Without booting from the broken hard drive and opening malwarebytes up itself and clicking restore in the history section? If I could somehow restore them while accessing the drive or replace any critical windows or system files with new ones and then boot back up like normal would be ideal. Please let me know if anyone is still working on this issue or if we just need to do a fresh install and replace the data.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.