Edited by cantbootwindowsxp, 28 July 2010 - 03:09 AM.
Can't Boot Windows XP Pro - trying virus removal boot cds
#1
Posted 28 July 2010 - 02:16 AM
#2
Posted 28 July 2010 - 05:38 AM
My name is Maser00 and I will be helping you with your problem(s).
Before we start I need to mention a few things:
- I am still in training (here at GeekU), therefore my instructions will be checked by someone of the malware staff first. It could take a little bit more time then usual because of this.
- Please post all the requested logs directly in your reply, do not attach them unless asked to or unless you are unable to post them.
- It's best to read all my instructions at least once before carrying them out, this will make sure you understand them before you start.
- Try to reply every one-two days, I'll try to do the same. At some point your computer will run better (hopefully ), but keep following my instructions because there can still be malware on your computer. I'll tell you when were done.
- Please don't run any other malware removal tools/programs or instructions that I didn't asked for.
========================
- Download OTLPENet.exe to your desktop (or from another computer)
- Ensure that you have a blank CD in the drive
- Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here - As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
- Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy - Double-click on the OTLPE icon.
- Select the Windows folder of the infected drive if it asks for a location
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start.
- Drag and drop this attached scan.txt into the Custom scans and fixes box
Scan.txt 983bytes 184 downloads - Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive if you do not have internet connection on this system.
- Right click the file and select send to : select the USB drive.
- Confirm that it has copied to the USB drive by selecting it
- You can backup any files that you wish from this OS
- Please post the contents of the C:\OTL.txt file in your reply.
- Maser00
#3
Posted 28 July 2010 - 06:05 PM
Hi, welcome to Geeks to Go !
My name is Maser00 and I will be helping you with your problem(s).
Before we start I need to mention a few things:
- I am still in training (here at GeekU), therefore my instructions will be checked by someone of the malware staff first. It could take a little bit more time then usual because of this.
- Please post all the requested logs directly in your reply, do not attach them unless asked to or unless you are unable to post them.
- It's best to read all my instructions at least once before carrying them out, this will make sure you understand them before you start.
- Try to reply every one-two days, I'll try to do the same. At some point your computer will run better (hopefully ), but keep following my instructions because there can still be malware on your computer. I'll tell you when were done.
- Please don't run any other malware removal tools/programs or instructions that I didn't asked for.
========================
- Download OTLPENet.exe to your desktop (or from another computer)
- Ensure that you have a blank CD in the drive
- Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here- As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
- Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy- Double-click on the OTLPE icon.
- Select the Windows folder of the infected drive if it asks for a location
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start.
- Drag and drop this attached scan.txt into the Custom scans and fixes box
Scan.txt 983bytes 184 downloads- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive if you do not have internet connection on this system.
- Right click the file and select send to : select the USB drive.
- Confirm that it has copied to the USB drive by selecting it
- You can backup any files that you wish from this OS
- Please post the contents of the C:\OTL.txt file in your reply.
- Maser00
Thanks for getting back to me...when you say,"Download OTLPENet.exe to your desktop (or from another computer)," well I will have to use another computer - my clean laptop that I am typing from now, as I can't get into Windows whatsoever on the infected computer...just before I attempt this, exporting the scan log via USB, can I be sure once I attach the USB flash drive to the affected computer that viruses, malware etc will not get into the files going on the USB and then into my currently clean laptop? Also how long is the scan log likely to be and will the log list just the problems or will it log other things as well like how many files it scanned etc and any problem files it finds will it list them in full like full file name, as the problem computer is about 90% full (135 gig out of 150 on C drive) and do I only scan C drive, or ENTIRE computer? If only C drive how do I actually select C drive - will it be in a list where you have to 'check' a box, or will I have to type in C drive, and if so, do I type C or C:\ or C:\Windows etc. If I wanted to scan entire computer do I have to do each drive one at a time or is there an option to do the whole computer in one go. If one at a time will there be seperate logs for each scan? There is another administrator account on the computer other than mine which I don't have the password for, so will that block the scan scanning files from that account, and for my account will I have to give my password for it to scan my files? How do I drag and drop the attatched txt file on the infected computer? Is that file included within the CD? Also if I do have an internet connection on the infected computer can I post the scan log from there instead of exporting it to the USB or will the geekstogo site not be accessible as I can't get into Windows on that system? Edit...It appears my reply automatically quotes your entire post - I did not intend to do that. Thanks.
Edited by cantbootwindowsxp, 28 July 2010 - 09:05 PM.
#4
Posted 29 July 2010 - 09:57 AM
exporting the scan log via USB, can I be sure once I attach the USB flash drive to the affected computer that viruses, malware etc will not get into the files going on the USB and then into my currently clean laptop?
There is a little chance that may happen since OTLPE does not run Windows, but it's not impossible. You can follow these steps on your clean computer to protect your fashdrive.
Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
- Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
- Insert your flash drive when asked to.
- Wait until it has finished scanning and then exit the program.
- Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.
The scan will not take that long I think. It will not tell exactly what the problems are but it will give me much information about your system so we can make a fix to try to delete any malware and to get your system back running. I forgot to ask this last time; why doesn't your computer boot: do you get a Blue Screen Of Death, is the screen black, is it restarting... ?Also how long is the scan log likely to be and will the log list just the problems or will it log other things as well like how many files it scanned etc and any problem files it finds will it list them in full like full file name, as the problem computer is about 90% full (135 gig out of 150 on C drive) and do I only scan C drive, or ENTIRE computer?
Here is an exemple of an OTLPE log: http://www.bleepingc...dpost&p=1619582
You only need to scan the drive where Windows is installed on, probably C.
You will be able to select it.If only C drive how do I actually select C drive - will it be in a list where you have to 'check' a box, or will I have to type in C drive, and if so, do I type C or C:\ or C:\Windows etc.
I do not think that will be a problem since you are not in Windows.There is another administrator account on the computer other than mine which I don't have the password for, so will that block the scan scanning files from that account, and for my account will I have to give my password for it to scan my files?
Just click the txt file and drag it into the program. No it is not included with the cd, you need to download it from my post (step 13. Scan.txt)How do I drag and drop the attatched txt file on the infected computer? Is that file included within the CD?
Yes you can, you will probably be able to.Also if I do have an internet connection on the infected computer can I post the scan log from there instead of exporting it to the USB or will the geekstogo site not be accessible as I can't get into Windows on that system?
- Maser00
#5
Posted 29 July 2010 - 12:42 PM
With the txt file to drag into the custom scans and fixes box...this confuses me...first of all if I am running the CD on the infected computer are you saying I can download the txt file while on the infected computer to drag and drop it into the CDs custom scans and fixes box, or do I have to download the txt file on the healthy computer, then transfer it to the infected computer via USB, then run the CD on the infected computer and drag and drop the txt once I have imported the txt via USB from the healthy computer to the infected one? I drag the txt file into the box right after the scan, so by doing that action does that then force a scan log txt file to be produced in the folder you mentioned? Is that the reason for dropping the txt file into that box?
To use CD and USB at the same time on the infected computer that is OK? So I will select CD ROM first, removable drives second and hard drive third in the BIOS system boot priority settings? Also, what do I do if the malware has blocked the USB from being recognised or read?
I have not attempted anything you have advised me yet, I simply first want to make absolutely sure that I have everything clear and I understand everything before doing it and why I'm doing each individual action, and to take every step to make sure my laptop does not also get infected...when I do the log of the scan I will try posting it from the infected computer if it allows me even though I won't be in Windows, but if that does not work I will use the USB as the only other option and just pray nothing bad happens to the laptop when the txt is importing into the laptop.
Thanks so much for your help.
Edited by cantbootwindowsxp, 29 July 2010 - 12:48 PM.
#6
Posted 29 July 2010 - 01:47 PM
Yes, that's a BSOD. Do you see this option “Disable automatic restart on system failure” on that list? If possible, select it and press [ENTER]Hi again, when I attempt to start up Windows it goes straight to a black screen(if hard drive or removable drive is first in the BIOS boot priority order, and it says disk error if CD ROM is first in the priority order if there is no CD or DVD in the drive) and so for when the first in boot priority is hard drive or removable drive it says Windows has encountered a problem due to a recent hardware or software change, and gives options to startup in regular mode, or safe mode, or safe mode with networking, and last known good configuration etc, then when I select any of those it loops back to the same screen again, after very briefly having the Windows logo screen with blue "pulse light, left to right" as it normally would just before it gets to the user login page, but instead of that it goes right back to the problem page, just after a very brief flash of a dark blue screen which I'm assuming is this famous blue screen of death I keep hearing about but that blue screen only flashes for half a second then to the problem page...so its really a loop as if you don't select normal, safe, safe with networking etc after 30 secs it attempts to boot up again but eventually back to the problem page again over and over again for hours.
Now your computer won't keep restarting but show you the BSOD instead. Please post the description, the Windows STOP message and the filename in your next reply (it's possible they aren't all displayed, just post what you can):
With the txt file to drag into the custom scans and fixes box...this confuses me...first of all if I am running the CD on the infected computer are you saying I can download the txt file while on the infected computer to drag and drop it into the CDs custom scans and fixes box, or do I have to download the txt file on the healthy computer, then transfer it to the infected computer via USB, then run the CD on the infected computer and drag and drop the txt once I have imported the txt via USB from the healthy computer to the infected one? I drag the txt file into the box right after the scan, so by doing that action does that then force a scan log txt file to be produced in the folder you mentioned? Is that the reason for dropping the txt file into that box?
I'll give you some steps witch hopefully explains how it's done
1. On your clean computer - download OTLPENet.exe (step 1) and Scan.txt (attached in step 13)
2. On your clean computer - burn the cd (see step 2-3) and put the Scan.txt on a flash drive on witch you used Flash_Disinfector.exe.
3. Put the cd in your infected computer and follow step 4-12.
4. When OTL is started, insert your flash drive, open it and drag Scan.txt into the Custom scans and fixes box. (See picture)
5. Follow step 14-20
Note: you will need to set your computer to boot from CD (see step 4)
If you still have problems you can always ask them If you still feel uncomfortable using that file then you can skip that. This is the reason why we use that file - malware is constantly changing and targeting different parts of the system. Our tools need to able to directly scan these new parts where malware is hiding, this is a lot of work for the developers. (In this case Oldtimer) For some new malware we use that scan.txt to tell the program witch parts it should also check except from the standard scan. This way the tool does not need to be changed for every new type of malware that could be gone in a few weeks. It also gives is the opportunity to let the program scan whatever we want when we need more information on something.
I hope this helped a bit.
Oh, I think I know what you mean. You do not need to change anything from the BIOS for the flash drive Just put CD ROM first in the BIOS, hard drive second. And start from the CD, it will load another operating system then Windows in witch you can work in. It is like when Windows is running, just put in the drive.To use CD and USB at the same time on the infected computer that is OK? So I will select CD ROM first, removable drives second and hard drive third in the BIOS system boot priority settings? Also, what do I do if the malware has blocked the USB from being recognised or read?
No problem. Just use Flash_Disinfector.exe to be sure and no harm will be done to your laptop.I have not attempted anything you have advised me yet, I simply first want to make absolutely sure that I have everything clear and I understand everything before doing it and why I'm doing each individual action, and to take every step to make sure my laptop does not also get infected...
That's right. Try to go on the internet with your infected computer, if it doesn't have internet connection, use the flash drive. I know it can be a bit hard to understand how OTLPE works, but I'm sure you will get it when you follow the stepswhen I do the log of the scan I will try posting it from the infected computer if it allows me even though I won't be in Windows, but if that does not work I will use the USB as the only other option and just pray nothing bad happens to the laptop when the txt is importing into the laptop.
- Maser00
#7
Posted 30 July 2010 - 03:37 AM
Edited by cantbootwindowsxp, 30 July 2010 - 04:16 AM.
#8
Posted 30 July 2010 - 04:42 AM
So you don't see this option in the list: “Disable automatic restart on system failure” ? (This picture is from Windows 7 so it will be slightly different.)Hi, the dark blue screen you posted above only flashes for a millisecond AFTER the main BLACK screen problem menu page, so the page which lists there is a problem with Windows and gives me the list of starting in normal, safe, safe with networking, last known good configuration is not blue, and this black Windows problem screen counts down from 30 seconds and has the normal mode highlighted by default and if you don't press enter or change to a different mode once it gets to zero seconds it will automatically try to boot then go to Windows logo screen, then super quick flash of blue screen of death(too fast to select anything or see anything) and then back to the BLACK Windows problem screen with 30 second countdown with Windows startup 4 modes options, so it appears I will not be able to tell you what is listed on my BSOD unless there is another way of doing it...
If you find this option, select it and press [ENTER]. Now you will see the BSOD.
This is an false positive from AVG. OK, leave the txt file out. If I need it, I'll use it later. So instead of step 13 and 14, just press Quick Scan.I just tried downloading the USB disinfector but my AVG removed it as malware straight away and so can you please tell me if the txt file is absolutely 100% necessary, like can I still post the log WITHOUT dragging and dropping the txt file into the scans box or not?
by the way I am thinking of trying the F Secure Rescue CD, which scans, and removes threats, and if it cant remove it will rename the virus files...is this risky in terms of it may rename an important file which could totally mess up Windows even more than what it is now, or is it worth the risk as it may get rid of the problem...I'm at the point where I just don't want to risk infecting my laptop to try and save my other computer, as then I will have both computers infected, so I want to try any method that does not involve using the USB disinfector on the clean laptop, or importing anything from USB into the clean laptop...
No, do not use the F Secure Rescue CD please. I would like to see the OTLPE log first. Flash_Disinfector is 100% safe and malware free, some antivirusses may see this tool as malware because of the actions it will do to your computer, but this will protect that drive. But as I said earlier, you can leave out the Scan.txt for now.
Your laptop will not get infected due that other computer if you follow the steps correctly, I will make sure no malware will transfer to your laptop. In OTLPE you can backup your files if you want by the way, but make sure you scan these files first before you put them on another computer if you want to do that.if my only option ends up with having to order the Windows CD to totally reinstall Windows on the infected computer I would rather do that and lose all my files instead of lose the laptop to infection as well.
Please follow the instructions for OTLPE, you don't need to use your other laptop so it will not get infected that way. (Not that it would of been if you used it to transfer the .txt file)
- Maser00
#9
Posted 31 July 2010 - 01:36 AM
Edited by cantbootwindowsxp, 31 July 2010 - 02:12 AM.
#10
Posted 31 July 2010 - 05:26 AM
That's not so good.A disk read error occured press Ctl + Alt + Del to restart
OTLPE does not 'find' any malware, it gives me a report from your computer from witch I need to seek and remove the malwareIf OTLPE finds viruses or malware can it delete or quarentine them?
OK, try using OTLPE and follow the instructions. Be sure to also backup your important data if OTLPE works since your hard drive could brake very soon.I have just burnt the CD successfully and I am ready to run the quick scan option on the infected computer but I will just wait for your next post before doing that.
#11
Posted 31 July 2010 - 09:25 PM
#12
Posted 31 July 2010 - 09:51 PM
Selecting 'My Computer' said - RunScanner: No Windows Installations Found
Selecting 'A', 'B', 'C', 'X'(ReatogoPE), 'Shared Documents', all said - RunScanner Error: Target Is Not Windows 2000 Or Later
The txt is ready on the USB to be imported into the infected computer if needed.
I just hope if a total reinstall or official Windows repair disk is needed, that I could actually keep using the computer rather than having to throw it away.
Edit...I just tried the AVG Rescue CD again(the first time I tried it a few days ago it recognized and scanned C drive), and this time when trying to select drives to scan it said: No Volumes Found!
I will await your response.
Edited by cantbootwindowsxp, 01 August 2010 - 08:19 PM.
#13
Posted 01 August 2010 - 10:45 AM
6. Your system should now display a Reatogo desktop.
7. Double-click on the OTLPE icon.
8. Select the Windows folder of the infected drive if it asks for a location
Let me help you through this steps Boot using the cd until you see the Reatogo desktop. On this desktop you have to start OTLPE , you can do this by double-clicking it. Then you have to select where the Windows folder is located. You can do this by double-clicking the Windows folder. You can see the following steps in my first post, it shouldn't be too difficult.
#14
Posted 01 August 2010 - 05:34 PM
#15
Posted 02 August 2010 - 09:10 AM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users