windows and ubuntu won't boot after bsod, possible virus

both the windows and linux drives are active. startup repair three times didn't fix it. moving on to step 7 of the guide.

7. If no installation shows up to repair on an MBR (non-UEFI) install when booting into DVD System Recovery Options or Repair CD, or Startup Repair won't work after several tries, click through to System Recovery Options, open a Command Line to use the Bootrec.exe tool running each one of the commands shown. If ScanOS or RebuildBCD does not find an OS, be sure to do the final steps to export and delete the BCD store which often will find and correct it. Now try to reboot and if necessary run Startup Repair again.
 

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
Ok I shall leave this to cottonball and Greg as you seem to have ruled out a malware - good luck.
 

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
Thanks for the recommendation, ICit2lol!

Please look at the following:
Security Snapshots: Why I don't recommend Linux rescue CDs

It is just the opinion of one highly regarded expert, but has received full attention in forums dedicated to malware removal.


@exeviss,

Is this how you determined the Partitions with Windows 7 and Ubuntu are marked as Active?
http://www.sevenforums.com/system-s...-cant-boot-windows-7-linux-2.html#post2972693


@gregrocker,

Would you mind taking a look at the Disk Management capture to make sure all is well?

No drive letter for the Ubuntu Partition....?

Thanks!
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
No probs Cottonball I just thought a Windows free scan would be helpful:)
 

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
Yes that is how I determined they were active. I never assigned a drive letter to my linux disk because I had no intention of using it with windows, I mistakenly referred to it as the D drive out of habit.

I'm on step 7 of the guide now. So far nothing has worked, I'm about to try bootsect /ntfs60 C:


"7. If no installation shows up to repair on an MBR (non-UEFI) install when booting into DVD System Recovery Options or Repair CD, or Startup Repair won't work after several tries, click through to System Recovery Options, open a Command Line to use the Bootrec.exe tool running each one of the commands shown. If ScanOS or RebuildBCD does not find an OS, be sure to do the final steps to export and delete the BCD store which often will find and correct it. Now try to reboot and if necessary run Startup Repair again.

If this isn't sufficient then add the command bootsect /ntfs60 C: (replace drive letter with your boot drive letter). How To Use Bootsect /nt60 To Update the Volume Boot Code to BOOTMGR"




If that doesn't work I may just call it quits and back up my files to an external HDD from an Ubuntu live cd (since there are a few files on linux to recover). I believe this would be ok since we determined there was no infection. I don't know what that vbcrypt was, maybe it was just a minor unrelated infection AVG took care of from safe mode. Let me know what you guys think.

edit: Disk management capture below for gregrocker
 

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
OK. Guess the reference to the D: drive is what threw me off.

After C:\, you basically have a /root, /home, and a /swap partition, from left to right?

Found the following of a Windows/Ubuntu installation. No Partition shows as active?
View attachment 344988

In GParted (Linux), no flags on the /root, /swap, and /home:
View attachment 344989

Guess I am the one confused...:confused:
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Yeah, sorry about that.
 

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
Only the System partition should be marked Active. I'd mark the other partition Inactive to make sure it doesn't interfere: Partition - Mark as Inactive - Windows 7 Forums

You are unplugging the second hard drive to try all repairs for Win7, correct?

If not I would do them over, or just go ahead and skip to the Clean Reinstall Windows 7
because if you stick with the steps, tools and methods given then you'll have the best install of Win7 one can have, as proven by over a million consumers who have followed those steps without a single complaint or even returning with a single problem when they stick with those tools and methods.
 
I'll try marking inactive and disconnecting the hdd and doing the repairs again.

edit: just tried to mark inactive and my linux drive doesn't show up when I run "list volume"
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
Last edited:

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
None of that looks familiar to me, It almost looks like an entirely different drive. Both my Linux and windows disks are marked active in disk management and I'm currently trying to mark the linux drive inactive as gregrocker requested.
 

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
exeviss, assign a drive letter to the partition to mark it Inactive.

Cottonball, the drive you pictured is an EFI system on a GPT disk, which have no Active flags or MBR.

Only on an MBR disk, the Active flag points to the System partition intended to boot Win7. If it is moved it must have the System boot files (signified by the System flag) moved as well or it won't boot. During the moving of the System boot files, the System partition is also made bootable using bootsect which is why it requires a process and not just copying the files:
Startup Repair - Run 3 Separate Times
Bootmgr - Move to C:\ with EasyBCD - Windows 7 Forums
 
Cottonball, the drive you pictured is an EFI system on a GPT disk, which have no Active flags or MBR.

Thanks gregrocker! Was wondering about that...couldn't tell it was an Extensible Firmware Interface (EFI) on a GUID Partition Table (GPT) disk. I have not kept up with all of this.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
It seems I'm not able to assign a drive letter to any of the linux partitions because they are not ntfs. The option is greyed out in disk management.

edit: Maybe I'm using the wrong guide

Drive Letter - Add, Change, or Remove in Windows

Will EasyBCD remove the active flag? Reformatting to ntfs is kind of a hassle
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
exeviss,

The Linux file system is not supported by windows.
To my understanding, Windows can’t read Linux partitions without third-party software.

In Disk Management, can I assume that Disk 1 is all Ubuntu?

Are you trying to remove the Active flag on the 18.63 GB (Active, Primary Partition)?
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
yes disk one is 100% ubuntu. I'm just going to remove the drive while I do repairs.
 

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
An option is running the Diskpart commands to set the Ubuntu partition inactive:

Start the computer, and tap the F8 key until you get to the Advanced Boot Options menu
Use the arrow keys to select the Repair your computer menu item

From there...
Select your language settings, and click: Next
Select your User account and click: OK (If you did not set a password, leave blank.)

On the System Recovery Options you get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Scan your computer's memory for errors
Command Prompt

Select: Command Prompt

Press ENTER after you type in each of these commands (in red) (not case sensitive):

DISKPART (to open the partition utility)
LIST DISK (disk number(s) shown)
1 (select disk: 1 where Ubuntu is contained, if that is the case)
LIST PARTITION (partition numbers shown)
n (where n is the number of the Primary partition you wish to make Inactive)
INACTIVE (the selected partition on the selected disk is made Inactive)

EXIT (to exit DiskPart)
EXIT (to exit the Command Prompt)

Restart the computer, and go to Disk Management. Is the Partition inactive?


.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Someone who knows Linux will have to say for sure if it could/should have an Active partition, as it could be misreporting by Disk Mgmt which normally can't even show Linux partitions.

If Diskpart can't work then just unplug the drive while doing the repairs. Later you can plug that drive in alone to make it bootable using GRUB, or if you want to add it to a Windows Dual Boot menu follow Dual boot Ubuntu-Win7

I'm sorry I'm swamped here with installs for friends before I change coasts so am only able to check infrequently.
 
I'm trying to go through the bootrec.exe steps again with the ubuntu drive unplugged. Now I'm getting a message I didn't get before. When I run

ren c:\boot\bcd bcd.old

it tells me that a duplicate file name exists or the file can not be found. Duplicate would make sense because I already went through these steps before. Should I modify it to another name? if so how?

edit: found this post

http://www.sevenforums.com/backup-r...00f-diskpart-wont-list-my-main-partition.html

bcdedit /export c:\bcd_backup
c:
cd boot
attrib bcd-s-h-r (here it says file not found)
ren c:\boot\bcd bcd.old (here it says a duplicate files exists)
bootrec /rebuildbcd ( here it scans but doesn't find any windows installations)

You did export bcd store succesfully.

attrib bcd-s-h-r should be: attrib -h -s -r bcd

ren c:\boot\bcd bcd.old should be: ren c:\boot\bcd bcd.old2
if bcd.old alreadyy exists. Those commands are not needed at all btw!! No reason (yet) to beleive bcd store is corrupt.

so "ren c:\boot\bcd bcd.old2" is what I want right? I was thinking "ren c:\boot\bcd bcd2.old" but I didn't want to just guess so I googled what I thought the command could be.
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Professional 64 bit
Computer type
PC/Desktop
OS
Windows 7 Professional 64 bit
Back
Top