Link to home
Start Free TrialLog in
Avatar of Andrew
AndrewFlag for Australia

asked on

Windows 7 wont boot

Hi Experts,

I have a Windows 7 Home 64bit machine that wont boot in normal or safe mode....

I have pulled the drive out & backed up the data, run all tests on memory and harddrive (all ok) while I had it out I ran chkdsk /r /f  no issues found. I'm currently downloading a windows 7 disk so I can either attempt to repair from that or am  best of with a W & R? or is there something that may assist in repairing.

Windows repair from boot up does not fix it although I did come across a message about a driver missing?

The user was hacked by some one who called and he let them on his PC one thing I noticed is that windows 7 is installed on the D drive

cheers.
ASKER CERTIFIED SOLUTION
Avatar of ☠ MASQ ☠
☠ MASQ ☠

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Check your hard drive is ok to boot sector.
Boot off windows dvd and there is a command to run
And fix your mast boot record.

Run command prompt and use the dvd drive letter

type the following commands:

bootrec /FixMbr bootrec /FixBoot bootrec /ScanOs bootrec /RebuildBcd.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hello,

If your operating system does not start in normal mode and safe mode, it is most likely that the operating system is corrupt or is missing some startup file.

Similarly try to repair the operating system to see if you get good results.

Otherwise, start a new installation of the operating system.

regards..
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
what a lot of these 'repair' places do is run 'syskey' on the system which password protects the SAM database. Their 'fix' is to after receiving your money is to enter the sam database password and then run syskey again and remove the password.
Avatar of Andrew

ASKER

thanks for all the comments guys working on this today I will have a quick go at the other options mentioned but thinking that I will wack in another drive but sticking with Win7 for now...

I will upgrade him closer to end of support (if the pc can take it) or convince him to purchase a new one as it is getting on in age, but budget is the key here...

@ David can you elaborate why I would need syskey in this instance please... I might be missing something here?
Hello,

Syskey is a utility that encrypts the hash of the information password in a SAM database, using the Microsoft Windows system, using a 128-bit encryption with an RC4 encryption key that, by default, is stored in the registry. Windows

I remain attentive to your comments.

regards...
Avatar of Andrew

ASKER

Hi Jeimy,

Thanks for the info but like I said I'm not quite not sure how it can help me in this particular situation as I don't have an issue with passwords?

But maybe Im missing something here?
Hello,

I recommend you first perform the mentioned actions to see the results.

regards...
I think they were mentioning syskey in the case that the attack was syskey based (common with phone scams).

Usually, this involves a lockout prompt like this:

User generated image
If this is what you are running into, or want to try this procedure just in case the attacker malformed the entry, follow these steps below, otherwise, you could skip this and replace the drive and reinstall the OS.

1.     Boot from a Windows 7 install cd.

2.     When the Install Windows page appears, click Repair your computer to access system recovery options.

3.     Run System Restore to last point before syskey password blocked access. (This will fail, but must be done). Click run system restore again (this will take you back to the options list)

4.     Open Command Prompt from the options list.

5.     Open Regedit (Type regedit into the command prompt). Regedit will open.

6.     Navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa, and change 'SecureBoot' value to 0.

7.     HKEY_LOCAL_MACHINE \SAM\SAM\Domains\Account Change F value to 0000

8.     Reboot and Login
Avatar of Andrew

ASKER

Thanks anyway NerdsOfTech that wasnt the issue...

Quickest way was to swap the drive out and reinstall Win 7, thanks for all the tips and advice.
Glad to be of assistance.
Avatar of Andrew

ASKER

Thanks for your assistance guys!!