- May 11, 2013
- 26
- 0
- 18,530
Hi all,
Last night a friend I thought I could trust when it comes to this stuff, shared a cracked program with me, telling me that it was safe. I scanned it with Malwarebytes Pro and it came back fine. I stupidly downloaded it and immediately realized the installer was doing something shady. I'm pretty sure it was attempting to make changes to my MBR. I was too late to stop it and although my computer did not show any signs of infection after the download, i decided to run a Quick Scan with Windows Defender. It found the trojan Win32/Persistence!rfn. I removed it with defender. I told my friend and asked where he got the program from, then looked up the site and first off, the site was blocked by my Malwarebytes, second, plenty of people have complained about the site hiding Cryptominers and Ransomwear in it's downloads.
The next thing I did, which in hindsight might have been the wrong choice, was frantically attempt to use a backup of my system drive to attempt go restore to a clean version from earlier this week. The new problem is that after my computer restarted, it was unable to boot windows! I receive an error from my bootmanager stating:
\Windows\system32\winload.exe
0xc000000e
The selected entry could not be loaded because the application is missing or corrupted.
So, my computer is now seemingly out of commission and i'm very freaked out that there's something bad hiding in the bios and what not. I'm out of my element here and would appreciate some help. My first instinct is to repair windows using the Windows 7 Install disk and to use bootrec to repairmbr but I don't want to do more damage here. Even if I have to reformat and start with a fresh computer I'd just like to be sure I get rid of whatever this is. I know without me being able to send logs or info from the comp it may be hard to help but I appreciate any advice you have. Thank you!
Last night a friend I thought I could trust when it comes to this stuff, shared a cracked program with me, telling me that it was safe. I scanned it with Malwarebytes Pro and it came back fine. I stupidly downloaded it and immediately realized the installer was doing something shady. I'm pretty sure it was attempting to make changes to my MBR. I was too late to stop it and although my computer did not show any signs of infection after the download, i decided to run a Quick Scan with Windows Defender. It found the trojan Win32/Persistence!rfn. I removed it with defender. I told my friend and asked where he got the program from, then looked up the site and first off, the site was blocked by my Malwarebytes, second, plenty of people have complained about the site hiding Cryptominers and Ransomwear in it's downloads.
The next thing I did, which in hindsight might have been the wrong choice, was frantically attempt to use a backup of my system drive to attempt go restore to a clean version from earlier this week. The new problem is that after my computer restarted, it was unable to boot windows! I receive an error from my bootmanager stating:
\Windows\system32\winload.exe
0xc000000e
The selected entry could not be loaded because the application is missing or corrupted.
So, my computer is now seemingly out of commission and i'm very freaked out that there's something bad hiding in the bios and what not. I'm out of my element here and would appreciate some help. My first instinct is to repair windows using the Windows 7 Install disk and to use bootrec to repairmbr but I don't want to do more damage here. Even if I have to reformat and start with a fresh computer I'd just like to be sure I get rid of whatever this is. I know without me being able to send logs or info from the comp it may be hard to help but I appreciate any advice you have. Thank you!
Facebook
Twitter
Instagram