[fenzodahl512]

Ok, let see if those two files are still there...

Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")

• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  [kill explorer]
  EmptyTemp
  purity
  [start explorer]

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


Post the OTMoveIT2 log here..

[Advertisements]

The machine rebooted.

Explorer killed successfully
< EmptyTemp >
File delete failed. C:\WINDOWS\temp\bca4e2da.$$$ scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\fa56d7ec.$$$ scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07042008_150712

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\bca4e2da.$$$ scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\fa56d7ec.$$$ scheduled to be moved on reboot.

[decane]

The machine rebooted.

Explorer killed successfully
< EmptyTemp >
File delete failed. C:\WINDOWS\temp\bca4e2da.$$$ scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\fa56d7ec.$$$ scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07042008_150712

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\bca4e2da.$$$ scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\fa56d7ec.$$$ scheduled to be moved on reboot.

[fenzodahl512]

Ok.. Those files are still there.. I'm calling the big guns now.. Waiting for their reply..


Thank you for being patience with me..

Regards
fenzodahl512

[decane]

Ok. Lets do it. Thanks.

[fenzodahl512]

Hello.. It seems we need to run fix via Recovery Console..


First, please restart your computer and, you'll see the option for the Recovery Console... Choose that!

Please refer here for step-by-step information regarding Recovery Console


Once you enter Recovery Console, you will have Which Windows installation would you like to log onto question.. Choose the number that direct you to C:\WINDOWS (usually 1) and press Enter..


At Type the Administrator password request, enter the password and press Enter. (If you do not set the password, simply press Enter.


The Recovery Console is now fully loaded. At C:\WINDOWS, please type fixmbr and press Enter.. Follow all the prompt...


After it finish.. Please restart your computer and tell me about it...

[decane]

dumb question - how do I access the recovery console?

I don't have the XP disk. It was preinstalled on my laptop.

I tried to hold down F8 when I rebooted, but it didn't provide a recovery console option.

I then rebooted and held down R. It allowed me to select recovery console, but it did not ask me for a password. Instead it compressed something and then rebooted. I'm not doing something right.

Thanks.

[fenzodahl512]

dumb question - how do I access the recovery console?

I don't have the XP disk. It was preinstalled on my laptop.

I tried to hold down F8 when I rebooted, but it didn't provide a recovery console option.

I then rebooted and held down R. It allowed me to select recovery console, but it did not ask me for a password. Instead it compressed something and then rebooted. I'm not doing something right.

Thanks.

No... It is not a dumb question..


Ok.. please refer to website below:

http://www.howtogeek...-on-windows-xp/


Skip the above part and start reading from Accessing the Recovery Console part..

Do you see the screen below?



Please just choose Microsoft Windows Recovery Console via your arrow key and then press Enter.. (Don't press F8)

Then you will see below screen..



Type 1 and press Enter

Next, at C:\WINDOWS just type fixmbr and press Enter.. Then just follow the instruction (if any)..

Restart your computer and tell me about it..


p/s: You might need to print this for your review

[decane]

I'm back. I'm able to see the first screen. I selected the Recovery Console Option, but it doesn't take me to the 2nd screen pictured in your email.

Instead I get a screen that says:
NTDLR is compressed.
Press Ctrl+Alt+Del to restart

I'm unable to type anything on this screen. The only thing I can do is restart.

I'm never presented the C:Windows nor can I enter a password or type in fixmbr.

[decane]

It's 8:45am. I'm back on and ready to get rid of this thing

[fenzodahl512]

It's 8:45am. I'm back on and ready to get rid of this thing

Hello decane, sorry for the delay.. Currently I'm consulting the experts regarding your computer problem.. Please bear with me.. It seems we have a toughie here


Regards
fenzodahl512

[decane]

No problem. Do you think the issues that I'm having with the Recovery console are related to the malware?

[fenzodahl512]

No problem. Do you think the issues that I'm having with the Recovery console are related to the malware?

To be honest, you have a dangerous rootkit called mbr rootkit.. MBR is Master Boot Record..

More information about MBR can be found below:

http://en.wikipedia....ter_boot_record

In order to fix your MBR, we need to do it via Recovery Console.. Unfortunately, you can't access it (even after you install Recovery Console)..

I need to wait for expert input before I can give you further instruction (or if I find something new and good).. If you can find a Windows XP cd, it would be very handy I believe.. Can you find one?

[decane]

I don't have an XP CD because it was came pre-installed on my laptop. They didn't provide any physical CDs.

I don't want to do this yet, but would reformatting the laptop eliminate the problem. Approximately, how long would the reformatting process take?

[fenzodahl512]

Erm.. before we thinking about re-formatting.. Please navigate below website..

http://h10025.www1.h...p;product=12455


Please follow instruction from Alternate steps and then tell me about it...


Regards
fenzodahl512

[decane]

I literally compressed the files within the last 2 weeks. I was running out of space so I did it. Afterwards someone told me that it could present problems in the future. I guess they were right.

I don't have any CDs so I'm going to try the 2nd option.

I should have something to post within the next 30 minutes.