Jump to content











Photo
- - - - -

Spyhunter 4 and boot problem


  • Please log in to reply
50 replies to this topic

#1 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 04:15 PM

I was using spyhunter 4 to take dowb some malware and than it requested reboot so i rebooted my laptop and the.this problem appeared
"chainloader/bootmgr
Error 13: Invalid or unsupported executable format
Press any key to continue..."
When i press any key a red screen appears with several options but they all lead to first screen which i described above :(
Please help
Im using Windows 7 Ultimate
Thanks in advance

#2 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 04:22 PM

Yep :), that (crappy) program mingles senselessly with the boot sequence installing an (obsolete) version of grub4dos and mis-configures the menu.lst (or *whatever*).

 

You should be able to press "c" and get to a grub> command prompt, then follow here:

http://reboot.pro/to...creen/?p=191035

 

Ask if you have doubts BEFORE issuing commands.

 

:duff:

Wonko



#3 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 04:45 PM

I tried command "find/bootmgr" and Error 27 poped up saying its and unrecognized command then i came to RPRPERUSB bootable device and im wondering do i need another computer to make this bootable device work since i dont have another computer :(

#4 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 04:55 PM

Well, there is a space between "find" (which is the command) and "/bootmgr" which is the argument of the command:

find /bootmgr

as in find[SPACE]/bootmgr

if you are using a translating page it often happens that spaces are removed.

 

There is no need of another computer nor of another boot device at this stage, it will be needed only if there are issues with the suggested procedure (which however normally works fine), for the moment simply forget about making a bootable USB and RMPREPUSB.

 

:duff:

Wonko



#5 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 05:04 PM

Im sory for my stupidity :D i never worked with prompts before
So i write find /bootmgr and nothing happens it simply show another "grub>"

#6 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 05:08 PM

Ok.

Let's try some other commands.

After each command you have to press [ENTER] of course.

 

root

[ENTER]

 

Typically you should have a feedback of:

(hd0,0)

 

Now try:

geometry (hd0)

[ENTER]

 

What do you get?

 

:duff:

Wonko



#7 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 05:16 PM

After root i dont get anything but after i write geometry (hd0) i get following
"drive 0x80(LBA): C/H/S=1024/255/63, Sector Count/Size=16450560/512
Partition num: 0, active, Filesystem type is ntfs, partition type 0x07
Partition num: 1, Filesystem type is ntfs, partition type 0x07
Partition num: 2, Filesystem type is ntfs, partition type 0x07"

#8 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 05:30 PM

Good.

Now type:

root (hd0,0)

[ENTER]

(we are now establishing root on first partition, the active one, where likely your system files are, but they could well be on second or third partition).



Then try:

ls

[ENTER]



repeat the same with (hd0,1) and (hd0,2), compare with results in this post:

http://reboot.pro/to...oting/?p=179637

We are trying to find which partition contains the "boot" and the "system" files, specifically the /Windows/Boot/PCAT/bootmgr in order to establish root to the "right" drive to issue a set of commands *like*

root (hd0,n)
ls /Windows/Boot/PCAT/bootmgr
chainloader /Windows/Boot/PCAT/bootmgr
boot

 

:duff:

Wonko



#9 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 05:53 PM

Whenever i type root (hd0,0) and also root (hd0,1) root (hd0,2) none works i mean nothing happens just another grub> pops up
When i type ls(I typed it few times and got different results)
First one is "Boot bootmgr bootmgr_ BOOTSECT.BAK GRLDR sh4ldr System\ Volume\ Information SYSTEM~1"
Second one is "ArcTemp Filmovi msdownld.tmp Muzika Program\ Files PROGRA~1 Slike System\ Volume\ Information SYSTEM~1 Download"

#10 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 06:04 PM

Yep, it is normal, when you issue command root (hd0,0) you simply tell it to change root, unless there is an error there is not a feedback.

Try again, this way, (with [ENTER] after each line of course):

root (hd0,0)

root

ls

 

The first command "root (hd0,0)" simply changes current root (giving no feedback).

The second command "root" should return "current root" (i.e. provide "(hd0,0)" as feedback)

The third command "ls" gives a file/directory listing of the "current" root.

 

We are looking for which one among the (hd0,0), (hd0,1) and (hd0,2) contains your "main" Windows directory (in a standard install the directory is called "Windows" but it is possible that it has another name on your system - you should know it as if I recall correctly changing it in Windows 7 is not straightforward).

 

:duff:

Wonko



#11 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 06:40 PM

Ok.
"root (hd0,0)
root
ls"
It gives following "Boot bootmgr...just like in previous post)
"root (hd0,1)
root
ls"
Gives following "PerfLogs Users AdwCleaner ADWCLE~1 AI_RecycleBin AI_REC~1 AMD autoexec.bat config.sys Counter Strike\ 1.6 COUNTE~1.6 Documents\ and\ Settings DOCUME~1 found.000 hiberfil.sys Intel IO.SYS Microsoft_SDK MICROS~1 MSDOS.SYS MSOCache pagefile.sys Program\ Files ProgramData PROGRA~1 PROGRA~2 Recovery Sandbox Scenario sh4ldr spyhunter.fix SPYHUN~1.FIX System\ Volume\ Information SYSTEM~1 Windows'
Third one is
"root(hd0,2)
root
ls"
Gives
"ArcTemp Filmovi msdownld.tmp Muzika Program\ Files PROGRA~1 Slike System\ Volume\ Information SYSTEM~1 Download"

#12 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 06:53 PM

Good. :)

So the intended partition is (hd0,1) and you want to issue:

 

root (hd0,1)
ls /Windows/Boot/PCAT/bootmgr
chainloader /Windows/Boot/PCAT/bootmgr
boot

 

:duff:

Wonko



#13 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 07:03 PM

I write root (hd0,1) [ENTER]
ls /Windows/Boot/PCAT/bootmgr/boot [ENTER]
And error 15 pops up saying File not found i also done the 2nd order and same thing happens I even tried both paths together and error ocurs again

#14 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 07:09 PM

I write root (hd0,1) [ENTER]
ls /Windows/Boot/PCAT/bootmgr/boot [ENTER]
And error 15 pops up saying File not found i also done the 2nd order and same thing happens I even tried both paths together and error ocurs again

Sure, that is not what I wrote, try EXACTLY this::

 

First command:

root (hd0,1)

[ENTER]

 

Second command:
ls /Windows/Boot/PCAT/bootmgr
[ENTER]

 

Third command (only if you have not an error on the previous one):

chainloader /Windows/Boot/PCAT/bootmgr

[ENTER]

 

Fourth (and last) command:
boot

[ENTER]

 

:duff:

Wonko



#15 sixcentgeorge

sixcentgeorge

    Frequent Member

  • Advanced user
  • 190 posts
  •  
    France

Posted 10 August 2015 - 07:11 PM

try to launch install dvdrom , and try to repair..., if that fails , make an install on a second drive so windows will recreate boot files and add a window in the BCD . then you will reboot your old os .

if you have no second hd , install in a vhd [ 25 - 30 Go ] a new windows



#16 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 07:14 PM

Ok it worked
New screen poped up "Windows Boot Manager"
Asking me to insert Windows installation disc which i dont posses :(
I can press enter to continue or esc to exit

#17 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 07:19 PM

Ok it worked

Good. :)
 

New screen poped up "Windows Boot Manager"
Asking me to insert Windows installation disc which i dont posses :(
I can press enter to continue or esc to exit

Can you describe this screen? I mean it is an error message, it is a BLUE SCREEN of DEATH (I doubt this) or is it some white text on black background? :unsure:

Can you try quickly pressing F8 just after having issued the last "boot" command and see if you can reach safe mode?

This error seems to lead to believe that *something* else has been "botched" in your case by the stupid Spyhunter (or by the pre-existing infection or by the combined effect of both :ph34r:), set aside the booting sequence of bootmanagers/OS loaders. :dubbio:

:duff:
Wonko

#18 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 07:20 PM

Im sory for multiple posts it looks like a spam but my internet failed for a minute so i pressed it multiple times :(
The first one failed so is there a step by step guide for the 2nd one??

#19 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 07:24 PM

Im sory for multiple posts it looks like a spam but my internet failed for a minute so i pressed it multiple times :(
The first one failed so is there a step by step guide for the 2nd one??

No prob, they have vanished ;) (as well as the double post by sixcentgeorge).

The issue here is that if we do not understand what the issue is, we cannot say if it will be possible to fix the thing from grub4dos or if you will need a Windows 7 install disk (or at least a PE of some kind).

:duff:
Wonko

#20 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 07:27 PM

Good. :) Can you describe this screen? I mean it is an error message, it is a BLUE SCREEN of DEATH (I doubt this) or is it some white text on black background? :unsure:Can you try quickly pressing F8 just after having issued the last "boot" command and see if you can reach safe mode?This error seems to lead to believe that *something* else has been "botched" in your case by the stupid Spyhunter (or by the pre-existing infection or by the combined effect of both :ph34r:), set aside the booting sequence of bootmanagers/OS loaders. :dubbio: :duff:Wonko

It is a black screen with white leaters and it says
File: \Boot\BCD
Status: 0xc000000f
Info: An error occured while attempting to read the boot configuration data.
Also f8 doesnt work

Edited by Agrael98, 10 August 2015 - 07:30 PM.


#21 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14284 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 August 2015 - 07:36 PM

Good.
We must understand if - for some strange reasons - the \boot\BCD is not read (or if it is actually corrupted).

Try rebooting and using this slightly changed set of commands:
root (hd0,0)
chainloader (hd0,1)/Windows/Boot/PCAT/bootmgr
boot

though I doubt they will make a difference :unsure: but trying it costs nothing.



:duff:
Wonko

#22 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 10 August 2015 - 07:47 PM

Same thing happened

#23 tinybit

tinybit

    Gold Member

  • Developer
  • 1078 posts
  •  
    China

Posted 11 August 2015 - 03:51 AM

After root i dont get anything but after i write geometry (hd0) i get following
"drive 0x80(LBA): C/H/S=1024/255/63, Sector Count/Size=16450560/512
Partition num: 0, active, Filesystem type is ntfs, partition type 0x07
Partition num: 1, Filesystem type is ntfs, partition type 0x07
Partition num: 2, Filesystem type is ntfs, partition type 0x07"

 

>>> After root i dont get anything

 

This shows the grub4dos is a heavily modified version. It could be a malware. You should try installing chenall's grub4dos.



#24 Agrael98

Agrael98

    Newbie

  • Members
  • 19 posts
  •  
    Serbia

Posted 11 August 2015 - 04:29 AM

>>> After root i dont get anything
 
This shows the grub4dos is a heavily modified version. It could be a malware. You should try installing chenall's grub4dos.

How am I supposed to install something using comand prompt??

#25 sixcentgeorge

sixcentgeorge

    Frequent Member

  • Advanced user
  • 190 posts
  •  
    France

Posted 11 August 2015 - 07:16 AM

another example that M$ and its os are DUMB....

i mean that it should be easy to repair because it is always the folder windows on the drive C with a special partition made for "boot files config"...

BUT NO...it turns into a nightmare ...where is Ramb0 ?

 

that is why i love grub4dos and loading the os in ram....that can never happen...

one reset , a new boot , a perfect windows.... ready to work

 

do an install in the vhd , during install format the partition of 100 Mo or 350 Mo , that should be the first one .






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users