Computer had malware, cleaned and now it won't start.

[BoomChickn]

My computer got infected with a program called AV guard oline (Something close to that), so I cleaned it out with Malwarebytes, but after I restarted the computer and scanned again malwarebytes found more files, so I decided to let it run for the night on a full scan, and when I came back this morning the computer was locked at a blank screen.

The screen had a single flashing grey bar to the top, and I could do nothing. Attempting a ctrl+alt+delete would cause the computer to attempt to reboot (Fans begin revving in the booting sequence), the BIOS screen would show up with the loading bar, and the black screen would be there again. When shutting the computer off by the button, it shuts off immediately, rather than needing the several seconds to hold before it shuts off.

Will I have to take the computer to where I bought it to get it restarted or something?

[OhpUldum]

Helps if we know which operating system you are using, for example I have Windows 7 Ultimate 64Bit. If you have a back up or recovery disk for your operating system you will want to boot to the disk. Should you be running Windows Vista or Windows 7 you want to select repair rather than install. The repair screen should show up, you may need to select advanced options. Once in the advanced options open the command prompt. Inside the command prompt type in "bootrec.exe /fixboot" type yes if prompted. After that you will want to type "bootrec.exe /fixmbr" type yes if prompted. For both of the command prompts you do not include the quotation marks. Exit the repair and the system should restart and Windows properly now.

Should you be running windows xp you boot to the recovery disk and when given the option to click F8 to continue or R for recovery console, select R. Select your operating system, if it asks you for an administrator password just press enter. Now type in "fixboot" then yes when prompted. Now type in "Fixmbr" then yes when prompted. Type exit and hit enter. The computer should restart and enter Windows.

Once you are back into Windows finish the malware removal by visiting this forum and working through the guided steps in the thread How to remove Keyloggers.

[Phatsamurai]

If that "flashing grey bar" is a cursor, your OS is hosed and needs to be reinstalled.

[OhpUldum]

If that "flashing grey bar" is a cursor, your OS is hosed and needs to be reinstalled.

Flashing grey bars are far different from a cursor. Most people can tell the difference between a single line and an arrow. Even if it was just the cursor the OS is not hosed, it is generally a registry issue then at that point which can be repaired.

In this instance it sounds like the virus had affected the MBR of the system.

[Munk]

Flashing grey bars are far different from a cursor. Most people can tell the difference between a single line and an arrow. Even if it was just the cursor the OS is not hosed, it is generally a registry issue then at that point which can be repaired.

In this instance it sounds like the virus had affected the MBR of the system.

This is exactly why im a big fan of manual removal vs using some program to do it for you. Often times your OS can get damaged by blunt av/as software. If you CAN do the work yourself you almost always should. Unfortunatley people are becomming more and more willing to just let someone else take care of ti for them instead of understanding how the OS works and how to remove infections.

[OhpUldum]

This is exactly why im a big fan of manual removal vs using some program to do it for you. Often times your OS can get damaged by blunt av/as software. If you CAN do the work yourself you almost always should. Unfortunatley people are becomming more and more willing to just let someone else take care of ti for them instead of understanding how the OS works and how to remove infections.

Comes down to time. Takes me five minutes from start to finish to reset the boot record and MBR for an operating system. Can take far longer to find every trace of the virus in a registry, system volume information, system32 folders, or AppData folder. This is also a rare instance where more than likely it was a rootkit on the computer that has infected the MBR of the system. Removing part of the virus has caused the MBR portion to become corrupted in turn the computer can now not load Windows.

In most cases doing exactly what I said previously will get you back into Windows, no more no less.

[Munk]

Youre correct its a time thing I just dont personally LIKE it. Getting viruses shoudlnt be a normal thing for most people and I dont LIKE that people have gotten so stuck in the immediate gratification mindset they cant just do things right anymore.

Im not going to lie I myself have removed many a virus with a tool, or program but that again doesnt mean its the most effective or best way to do so. You are however still correct they do work the majority of the time, its just awful to tell a client their OS is hosed and either they pay for a data retrieval/backup or its all lost because you were trying to save time. I know I sure wouldnt like it if my mechanic just used a special program to fix my car because it worked like 90% of the time and only left my car with a 5% chance of blowing up :P. Understandably a life is more important than data but to some people that data loss can be invaluable.

[Beazy]

Is that the one that says "OMFG YOUR INFECTED CLICK HERE FOR 20 BUX TO FIX"?

If so, its an ez fix. First thing you need to do change your IE settings from proxy back to TCPIP. Then you'll need to clean the registry entry out. Its rly easy. You can find 1 million tutorials on how to do this from google.

You may need to use your cellphone to look at the page while you fix it from windows. I hate that damn thing, Happened to me 2x allrdy.

[Phatsamurai]

Flashing grey bars are far different from a cursor. Most people can tell the difference between a single line and an arrow. Even if it was just the cursor the OS is not hosed, it is generally a registry issue then at that point which can be repaired.

In this instance it sounds like the virus had affected the MBR of the system.

We'll you'll notice that I quoted "flashing grey bar" as I wasn't sure if it was the cursor or not, and when have you ever actually seen a "flashing grey bar" before the OS loads that is NOT a cursor? My guess would be never, because it doesn't happen. My main point was that, if it's to the point where he cannot boot to the OS, then it's HIGHLY doubtful he will be able to repair it on his own. (Not doggin you OP, just the truth) While there are steps he could take to try, an inexperianced user would likely do more harm than good.

[Azerox]

Fix your MBR with the Windows Disk?

If it is a little gray cursor blinking in top left corner that is (_ << that one)

[bondgirl]

Im quite sure he got smth lower than w7. So if you have xp or vista, try booting from install cd and reinstall it. Sorry but fixing this might help, tho I got no clue how, but in the end youll just overload your system more and slower it. So just do a fresh install (since no important data (should be) is saved on c and get some proper programs to prevent getting villians again.
For instance: Avira Antivir + Spybot Search and Destroy. With regualr updateing (free and legal programs) you should be save until eternity.

[BoomChickn]

Culadin you magnificent computer savvy bastard, it worked.

I would like to thank you all, this place is one of the best I know for any sort of information that is covered in the forums because of you guys.

And it was windows 7...I always manage to leave one bit of information out that is the final piece of the puzzle, thanks for the directions on all the options.

[OhpUldum]

Culadin you magnificent computer savvy bastard, it worked.

I would like to thank you all, this place is one of the best I know for any sort of information that is covered in the forums because of you guys.

And it was windows 7...I always manage to leave one bit of information out that is the final piece of the puzzle, thanks for the directions on all the options.

I'm totally going to quote you and add you to my sig. Wearing the post as a proud symbol of my greatness :P