Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unbootable computer


  • Please log in to reply

#151
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
[System Process] 0 TCP LENOVO-PC 12080 localhost 50332 TIME_WAIT
[System Process] 0 TCP LENOVO-PC 12080 localhost 50352 TIME_WAIT 2 335 1 1,132
[System Process] 0 TCP LENOVO-PC 12080 localhost 50348 TIME_WAIT
[System Process] 0 TCP LENOVO-PC 12080 localhost 50350 TIME_WAIT 5 513
[System Process] 0 TCP LENOVO-PC 12080 localhost 50355 TIME_WAIT
[System Process] 0 TCP LENOVO-PC 12080 localhost 50357 TIME_WAIT
AppleMobileDeviceService.exe 2276 TCP LENOVO-PC 27015 LENOVO-PC 0 LISTENING
AppleMobileDeviceService.exe 2276 TCP LENOVO-PC 27015 localhost 49168 ESTABLISHED
AppleMobileDeviceService.exe 2276 UDP LENOVO-PC 49152 * *
AppleMobileDeviceService.exe 2276 UDP LENOVO-PC 49153 * *
AtService.exe 1080 TCP LENOVO-PC 5550 LENOVO-PC 0 LISTENING
AtService.exe 1080 TCP LENOVO-PC 5550 localhost 49182 ESTABLISHED
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50265 ESTABLISHED 139 67,302 39 35,014
AvastSvc.exe 2012 TCP LENOVO-PC 12025 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12080 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12110 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12119 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12143 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12465 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12563 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12993 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP LENOVO-PC 12995 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP lenovo-pc 50264 channel-175-181.01.snc6.tfbnw.net http ESTABLISHED 33 52,376 56 61,175
AvastSvc.exe 2012 TCP LENOVO-PC 12080 LENOVO-PC 0 LISTENING
AvastSvc.exe 2012 TCP lenovo-pc 50266 www-13-02-ash3.facebook.com http ESTABLISHED 37 32,094 62 75,004
AvastSvc.exe 2012 TCP lenovo-pc 50268 www-13-02-ash3.facebook.com http ESTABLISHED 27 21,027 26 13,343
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50275 ESTABLISHED 7 15,232 2 798
AvastSvc.exe 2012 TCP lenovo-pc 50270 a92-123-75-26.deploy.akamaitechnologies.com http ESTABLISHED
AvastSvc.exe 2012 TCP lenovo-pc 50272 195.10.18.33 http CLOSE_WAIT
AvastSvc.exe 2012 TCP lenovo-pc 50277 195.10.18.33 http CLOSE_WAIT
AvastSvc.exe 2012 TCP lenovo-pc 50278 195.10.18.33 http CLOSE_WAIT
AvastSvc.exe 2012 TCP lenovo-pc 50282 star-14-01-ash2.facebook.com http ESTABLISHED 1 1,198 1 335
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50276 ESTABLISHED 2 3,054 1 396
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50274 ESTABLISHED 13 4,894 11 7,745
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50281 ESTABLISHED 2 335 1 1,198
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50271 ESTABLISHED 20 15,390 20 30,748
AvastSvc.exe 2012 TCP lenovo-pc 50346 195.10.18.33 http CLOSE_WAIT 1 396 2 4,514
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50273 ESTABLISHED 2 156
AvastSvc.exe 2012 TCP LENOVO-PC 12080 localhost 50269 ESTABLISHED
AvastSvc.exe 2012 TCP lenovo-pc 50354 195.10.18.33 http ESTABLISHED
chrome.exe 3452 TCP LENOVO-PC 50263 localhost 12080 ESTABLISHED 32 50,969 82 60,431
chrome.exe 3452 TCP LENOVO-PC 50265 localhost 12080 ESTABLISHED 37 32,094 136 76,978
chrome.exe 3452 TCP LENOVO-PC 50267 localhost 12080 ESTABLISHED 26 20,858 65 15,717
chrome.exe 3452 TCP LENOVO-PC 50269 localhost 12080 ESTABLISHED
chrome.exe 3452 TCP LENOVO-PC 50271 localhost 12080 ESTABLISHED
chrome.exe 3452 TCP LENOVO-PC 50273 localhost 12080 ESTABLISHED
chrome.exe 3452 TCP LENOVO-PC 50274 localhost 12080 ESTABLISHED
chrome.exe 3452 TCP LENOVO-PC 50275 localhost 12080 ESTABLISHED 2 798 9 15,977
chrome.exe 3452 TCP LENOVO-PC 50276 localhost 12080 ESTABLISHED 1 396 3 4,514
chrome.exe 3452 TCP LENOVO-PC 50281 localhost 12080 ESTABLISHED 1 1,198 2 335
cssauth.exe 780 TCP LENOVO-PC 49182 localhost 5550 ESTABLISHED
fbserver.exe 3216 TCP LENOVO-PC 3050 LENOVO-PC 0 LISTENING
iexplore.exe 4732 UDP LENOVO-PC 50757 * *
iexplore.exe 4772 UDP LENOVO-PC 59092 * * 152 152 152 152
iexplore.exe 5512 UDP LENOVO-PC 63278 * *
iTunesHelper.exe 2008 TCP LENOVO-PC 49168 localhost 27015 ESTABLISHED
iTunesHelper.exe 2008 UDP LENOVO-PC 63414 * *
iTunesHelper.exe 2008 UDP LENOVO-PC 63415 * *
lsass.exe 752 TCP LENOVO-PC 49154 LENOVO-PC 0 LISTENING
lsass.exe 752 TCPV6 lenovo-pc 49154 lenovo-pc 0 LISTENING
mDNSResponder.exe 2320 TCP LENOVO-PC 5354 LENOVO-PC 0 LISTENING
mDNSResponder.exe 2320 UDP lenovo-pc 5353 * *
mDNSResponder.exe 2320 UDP LENOVO-PC 49154 * *
mDNSResponder.exe 2320 UDPV6 [0:0:0:0:0:0:0:1] 5353 * *
mDNSResponder.exe 2320 UDPV6 lenovo-pc 49155 * *
msnmsgr.exe 4008 TCP lenovo-pc 49590 baymsg1020426.gateway.edge.messenger.live.com msnp ESTABLISHED 3 192 62 17,643
msnmsgr.exe 4008 TCP LENOVO-PC 49644 LENOVO-PC 0 LISTENING
msnmsgr.exe 4008 TCP LENOVO-PC 49644 localhost 49648 ESTABLISHED 4 64
msnmsgr.exe 4008 TCP LENOVO-PC 49648 localhost 49644 ESTABLISHED 4 64
msnmsgr.exe 4008 TCP lenovo-pc 49656 by2msg4020307.phx.gbl msnp ESTABLISHED 10 1,430
msnmsgr.exe 4008 TCP lenovo-pc 49674 baymsg1020204.gateway.edge.messenger.live.com msnp ESTABLISHED 10 1,060
msnmsgr.exe 4008 TCP lenovo-pc 49718 by2msg4020406.phx.gbl msnp ESTABLISHED 11 1,144
msnmsgr.exe 4008 TCP lenovo-pc 50149 host86-141-228-163.range86-141.btcentralplus.com 50967 ESTABLISHED
msnmsgr.exe 4008 UDP lenovo-pc discard * *
msnmsgr.exe 4008 UDP LENOVO-PC 54110 * * 6 6 6 6
msnmsgr.exe 4008 UDP LENOVO-PC 57899 * *
msnmsgr.exe 4008 TCP lenovo-pc 50283 by2msg4020306.phx.gbl msnp ESTABLISHED 25 3,092 35 4,512
services.exe 740 TCP LENOVO-PC 49157 LENOVO-PC 0 LISTENING
services.exe 740 TCPV6 lenovo-pc 49157 lenovo-pc 0 LISTENING
svchost.exe 1132 TCP LENOVO-PC epmap LENOVO-PC 0 LISTENING
svchost.exe 1272 TCP LENOVO-PC 49153 LENOVO-PC 0 LISTENING
svchost.exe 1360 TCP LENOVO-PC 49156 LENOVO-PC 0 LISTENING
svchost.exe 1572 UDP LENOVO-PC ntp * *
svchost.exe 1360 UDP LENOVO-PC isakmp * *
svchost.exe 1572 UDP LENOVO-PC ssdp * * 18 2,370
svchost.exe 1572 UDP lenovo-pc ssdp * *
svchost.exe 1360 UDP LENOVO-PC teredo * *
svchost.exe 1572 UDP LENOVO-PC 3702 * *
svchost.exe 1572 UDP LENOVO-PC 3702 * *
svchost.exe 1360 UDP LENOVO-PC ipsec-msft * *
svchost.exe 1860 UDP LENOVO-PC llmnr * * 18 516
svchost.exe 1572 UDP LENOVO-PC 49156 * *
svchost.exe 1360 UDP lenovo-pc 55884 * * 16 923 15 1,411
svchost.exe 1360 UDP LENOVO-PC 63416 * *
svchost.exe 1132 TCPV6 lenovo-pc epmap lenovo-pc 0 LISTENING
svchost.exe 1272 TCPV6 lenovo-pc 49153 lenovo-pc 0 LISTENING
svchost.exe 1360 TCPV6 lenovo-pc 49156 lenovo-pc 0 LISTENING
svchost.exe 1572 UDPV6 lenovo-pc 123 * *
svchost.exe 1360 UDPV6 lenovo-pc 500 * *
svchost.exe 1572 UDPV6 [0:0:0:0:0:0:0:1] 1900 * *
svchost.exe 1572 UDPV6 [fe80:0:0:0:148:e165:666d:789d] 1900 * *
svchost.exe 1572 UDPV6 [fe80:0:0:0:305f:25b3:ade6:6f2b] 1900 * *
svchost.exe 1572 UDPV6 lenovo-pc 1900 * *
svchost.exe 1572 UDPV6 [fe80:0:0:0:b53d:ee23:d5b5:dc9b] 1900 * *
svchost.exe 1572 UDPV6 lenovo-pc 3702 * *
svchost.exe 1572 UDPV6 lenovo-pc 3702 * *
svchost.exe 1860 UDPV6 lenovo-pc 5355 * *
svchost.exe 1572 UDPV6 lenovo-pc 49157 * *
svchost.exe 1572 UDP lenovo-pc 56332 * * 12 1,580 10 3,140
svchost.exe 1572 UDP LENOVO-PC 56333 * * 12 1,580
svchost.exe 1572 UDPV6 [fe80:0:0:0:b53d:ee23:d5b5:dc9b] 56327 * *
svchost.exe 1572 UDPV6 lenovo-pc 56328 * *
svchost.exe 1572 UDPV6 [fe80:0:0:0:148:e165:666d:789d] 56329 * *
svchost.exe 1572 UDPV6 [0:0:0:0:0:0:0:1] 56330 * *
svchost.exe 1572 UDPV6 [fe80:0:0:0:305f:25b3:ade6:6f2b] 56331 * *
System 4 TCP lenovo-pc netbios-ssn LENOVO-PC 0 LISTENING
System 4 TCP LENOVO-PC microsoft-ds LENOVO-PC 0 LISTENING
System 4 TCP LENOVO-PC 5357 LENOVO-PC 0 LISTENING
System 4 UDP lenovo-pc netbios-ns * * 61 3,050 14 712
System 4 UDP lenovo-pc netbios-dgm * * 1 201
System 4 TCPV6 lenovo-pc microsoft-ds lenovo-pc 0 LISTENING
System 4 TCPV6 lenovo-pc 5357 lenovo-pc 0 LISTENING
tvttcsd.exe 2820 TCP LENOVO-PC 6060 LENOVO-PC 0 LISTENING
wininit.exe 696 TCP LENOVO-PC 49152 LENOVO-PC 0 LISTENING
wininit.exe 696 TCPV6 lenovo-pc 49152 lenovo-pc 0 LISTENING
wlcomm.exe 2756 UDP LENOVO-PC 55285 * *
  • 0

Advertisements


#152
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
OTS still freezes on scanning modules
  • 0

#153
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Copy the following and paste them in a text file in your USB drive named scan.txt

netsvcs
%SYSTEMDRIVE%\*.exe
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
wininit.exe
lsass.exe
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT




Next:

Please print these instruction out so that you know what you are doing

File details OTLPENet.exe
Bytes=126,850,486
MB=120.9
MD5=8A7C5BA1C92552ADDCC5E468D0AA069A




  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created with the USB drive containing scan.txt connected
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Paste the contents of scan.txt under Custom Scans/Fixes
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#154
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Any ideas what the problem is? i will carry out the steps shortly

Also my usb drive is infected everytime Mbam removes the virus with it it just err reappears should i plug it in and we clean it?

Edited by nortan360, 30 August 2011 - 10:07 AM.

  • 0

#155
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Run this from a clean computer:

  • 1 - Flash Drive Disinfector
    Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.

    Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.




I can't find anything in the logs to justify the symptoms, however as we can't scan modules online I have to see an offline log to see if the problem is that
  • 0

#156
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
Okay so i manage to get in to the desktop
i run the optl and when i click on the drives it says they arnt windows 2000 or higher so i decide to post back here
the computer wont boot in to normal mode so i do a last known good config which goes succesfully Chkdsk does a scan on C and F
Fat32 and NTFS


Also the time has been changed?

Edited by nortan360, 30 August 2011 - 01:01 PM.

  • 0

#157
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

You need to click OTLPE, then it will ask you the Windows folder location
You need to locate the Drive that's named Local Drive, open it and then select the Windows folder
  • 0

#158
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
There is no local drive
  • 0

#159
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
It's named Local Disk, I'm sorry:
Posted Image
Expand it and select the windows folder
Select ok
Then follow the instructions to scan
  • 0

#160
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
No local disk

C Drive is named something random when i try to open that it says it is not windows 2000 or higher
  • 0

Advertisements


#161
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Please open My computer and tell me what drives are present
  • 0

#162
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
SW_Preload C
Lenovo Q
SERVICEV003 S
  • 0

#163
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Open the lenovo drive and see if that's the normal drive that you have your data stored.
If that's not the one, check them all and tell me
  • 0

#164
Bismillah

Bismillah

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 514 posts
SW_Preload has a Windows sign next to it
System32 in it and stuff

Lenovo has folders in like Factory recovery
Weird Lenovo has a folder for Mcafee?


Servicev003 has stuff in like
boot
preboot
Recovery
MFGSTAT
  • 0

#165
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Is preload your drive? Try to check to see if your files are on that drive to determine if it's the normal drive
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP