Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BSOD*Virus/malware..XP/Lenovo laptop**keeps rebooting


  • This topic is locked This topic is locked

#1
sal13

sal13

    Member

  • Member
  • PipPip
  • 98 posts
hello,

whenever i try to boot my laptop i get BSOD and it restarts, then same thing again.....how do I even get the basic steps done to get started here and post my logs...I have been through steps with an XP expert and doen everything after which have been referred here...This thread can be found http://www.geekstogo...57#entry1997057

Please advise how to get started?

Thanks
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I have read the other thread, are you still able to burn a CD ? Also what can you remember about the virus scan popup that you had

Please print these instruction out so that you know what you are doing

Latest version: v3.1.46.0

OTLPENet.exe
MD5=79209302A1AFB2490808DB890A815CED
Size: 127,222,215b / 121.3MB

  • Download the attached scan.txt to a USB drive [attachment=51361:scan.txt]
  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Double click the Custom scans and fixes box
  • In the dialogue locate the scan.txt you have on the USB
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#3
sal13

sal13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
using a different laptop so can burn a cd on this laptop etc, however havent got another blank cd now so will have to do that 2mrw...but the question is how do i save/run anything on the infected laptop as if i turn it on and wait for it to boot, halfway through the BSOD appears and it restarts and thats it!!
  • 0

#4
sal13

sal13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
btw, am in essex too essexboy :)
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This is where we are being sneaky the CD you are going to burn holds an operating system so we will bypass your windows and access the hard drive from the CD, you will also be able to back up files :)

Where from I was drug up in Romford
  • 0

#6
sal13

sal13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
not far from romford...in barking!! ok, well need to get a blank CD tomorrow to continue then i guess....
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
See you on the morrow, I'll be here about sixish
  • 0

#8
sal13

sal13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
hiya, made the CD yesterday and have tried repeatedlly to get the infected laptop to boot from it but doesnt seem to work. Have been into the boot setting and changed priority to boot from CD and still tried but again and again it then tries to reboot and same thing......frustrating beyond belief!! Am not supposed to connect the USB while rebooting am i????

Can I not so something else? maybe in safe mode or something else??
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Can you get to safe mode ? My impression was that you were in a reboot loop

If you can run in safe mode with networking then

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %USERPROFILE%\..|smtmp;true;true;true /FP
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#10
sal13

sal13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
hmm...so tried safe mode with networking and didnt work....then just tried safe mode and worked but another problem...it asks me to login with my password and I just cant remember it !!!! I have forever been using the fingerprint scanner to log in so cant even remember!!!

trying hard to remember now...any way I can bypass that step?
  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We could try and reset your system to previous restore point, as without access to even safe mode there is no real way I can attempt a fix


On the clean computer.

Creating a bootable USB using xPUD
  • Please download the following files and save it to the desktop
  • Insert the USB device to made bootable to the computer. (Make sure that no other USB's are inserted)
  • Double-click on unetbootin.exe to run
  • Select Disk Image, ISO and in the space provided, enter the path location of xpud-0.9.2.iso (ex. C:\Documents and Settings\yourusername\Desktop\xpud-0.9.2.iso)
  • Select USB Drive type and the drive letter assigned to your USB stick.
  • Click "OK" and wait until the program finishes. You now have a bootable xPUD.
  • Download the following tool and save it inside the bootable USB



On the infected computer.
  • Reboot your system using the xPUD bootable USB you just created.
    Note : If you do not know how to set your computer to boot from USB follow the steps here
  • Your system should now display a xPUD desktop.
  • Select on the File icon; on the right pane click on the "mnt" folder and highlight "sdb1" - this is your USB device.
  • Click on the "Tool" menu and select Open Terminal
    Posted Image
  • In the open terminal window, type in the following:

    bash rst.sh
  • Press "Enter" and let it run uninterrupted.
    (The program lists available Restore Points and will save a report enum.log located in the USB drive.)
  • The program is finished when it say's "Done".
  • Type "Exit" to close the terminal window.
  • Please attached the enum.log file in your reply. (You may remove your USB drive when transferring log to a clean computer).

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP