[font="Comic Sans MS"][/font][size="3"][/size]This is for my Mom's HP laptop..I have done searches on your site and although they are close to her problem, they don't have the 'added' twist of my Sis helping her (not)

not-a-virus:adware.win32.searchit.t came up on her LT yesterday, she is running xp. She called my sister who tried to walk her through restoring it to about a month ago. Then all heck broke loose.

A blue 'warning' screen popped up warning of clamity and was gone very quickly before she could read the whole thing. The next screen gave her several options to 'safely restart', everytime they picked one the same warning blue screen came up and the cycle began again. They then did a manual shutdown (holding power button for 8 seconds) When powered back up, same cycle.

Today: Powered up and started hitting f8, now has that screen and is on 'hold' not knwoing what to do.........Suggestions/cures?

I have 'grilled Mom, trying to get exact info, but if you think something is missing, let me know and I will repost...I know just enough to be very dangerous and not much help Thank you........................T

The nice part about living in a small town is that when you don't know what you are doing, someone else does.

Hi tracerracer,

Welcome to Geeks To Go!

My name is mpascal, and I will be helping you fix your problem.

Please keep in mind that I am still in training, so there may be a delay between replies. This is so that my posts can be checked by a resident expert, ensuring an accurate response that will get your computer back to normal as soon as possible.

Before we begin, I would like to make a few things clear so that we can fix your problem as efficiently as possible:

• Be sure to follow all my instructions carefully! If there is anything you don''t understand, don''t hesitate to ask.
• Please do not do anything or perform other steps unless I have asked you to do so.
• Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.
• If you are unsure of how to reply, or need help with anything regarding the website, please look here

I also recommend that you print these instructions as you may be required to boot in safe mode

Hi tracerracer

Reboot your computer. When the PC starts to boot, repeatedly press F8 before the Windows logo shows up. You should get to a menu with a variety of boot options. Choose Last Known Good Configuration and see if you can boot into Windows.

If you manage to boot into Windows:

STEP 1 - OTS

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop

• Close ALL OTHER PROGRAMS.
• Double-click on OTS.exe to start the program.
• Check the box that says Scan All Users
• Under Additional Scans check the following:
  • Reg - Shell Spawning
    
  • File - Lop Check
    
  • File - Purity Scan
    
  • Evnt - EvtViewer (last 10)
• Under Custom Scans, copy and paste the following:[code][/code]
• Now click the Run Scan button on the toolbar.
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

STEP 2 - RootRepeal

Download RootRepeal from one of the following locations and save it to your desktop:

Link 1.
Link 2
Link 3

• Double click to start the program
• Click on the Report tab at the bottom of the program window
• Click the button
• In the Select Scan dialog, check:
  • Drivers
  • Files
  • Processes
  • SSDT
  • Stealth Objects
  • Hidden Services
  • Shadow SSDT
• Click the OK button
• In the next dialog, select all drives showing
• Click OK to start the scan
  

  Note: The scan can take some time. DO NOT run any other programs while the scan is running

• When the scan is complete, click the button and save the report to your Desktop as RootRepeal.txt
• Go to File, then Exit to close the program

If the report is not too long, post the contents of RootRepeal.txt in your next reply. If the report is very long, it will not be complete if you post it, so please attach it to your reply instead.

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

STEP 3 - Reply

Please reply with the following:

• OTS Log
• RootRepeal Log

What I should have told you is I am doing this by telephone with my Mom, the LT is not here. She can get to an F8 screen that gives options:
safe mode
safe mode with networking
safe mode with comand prompt
enable boot logging
enable VGA mode
last known good configuration (most recent settins that worked)
directory service restore mode (windows domain controllers only)
debugging mode
disable automatic restart on system failure
start windows normally
reboot
return to OS choices menu
use up and down arrows to highlight your choice.

She tried the " last known good configuration" and the blue screen that has something about an error, check...? (but is gone before it can be read). then a choose restart screen a lot like the F8 screen, but isn't. Than the cycle will start again with the blue screen.............any suggestions?
win32 seems to be a big problem but don't know what to do to get past this to get you the reports you want.......

Oh, please excuse my rudeness, thank you for your help.........

Hi tracerracer,

Go to the advanced boot menu again, but this time choose Safe Mode. If you are able to boot up, run the above scans.

When she goes to the advanced boot menu and tries the safe mode it takes her to the screen described in my second post, which then will let her go back to F8 or start a 'loop'...The blue screen (as decribed before) to the same screen...........She can't seem to get past it, there is a debugging mode. What does that do? Or are there any other options?....

Hi tracerracer,

Does your mother have a Windows CD? If so, try the following:

• Put the disk into the CD drive, and reboot the computer.
• You should get to a screen that says Welcome To Setup. Press enter now.
• Windows will now search for existing installations. Choose the one that you currently have installed, and press R.
• If pressing R is not an option, do not continue. Reboot your computer and post back here.

Let me know how this goes.

Will do, have a lot goin' on today will post back as soon as possible, thanks

Hi tracerracer,

Sounds good, I'll be here

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

Hi tracerracer,

Welcome back, are you still experiencing the same problems?

Yes, she is, she was not at home when the problem happened and I couldn't find her disks....She is now home and has found them. She inserted her disk, did not get a welcome to windows screen insead got a 'if you want to boot from disk press any key'....Does she want to boot from disk?

Yes, boot from disk

We have completed the instruction and a window for system restore came up and I clicked ok and then a error window came up and it says IEXEPLORE.EXE - Ordinal Not Found The ordinal 410 could not be located in the dynamic link library urlmon.dll