Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer will only boot in safe mode.


  • This topic is locked This topic is locked

#16
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
its denying me access to the C drive but the documents and settings folder is in the ramdisk B: drive.. so copy it ro ramdisk(b:) drive?
after i open the documents and setting folder there are only 2 folders in it labeled all users and default users

Edited by Slink, 01 September 2011 - 01:51 PM.

  • 0

Advertisements


#17
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
No. Just check in the Documents and Settings folder that a folder with your user account's name exist, so you're sure that the drive is the correct one. Ramdisk isn't the correct drive.

If you get an error denied when trying to copy in the drive at OTLPE environment, do this:
Right click on the Drive
Select Properties
Go to security tab
From the Group or User names: space select Administrators
Under it, where it says permissions for Administrators, make sure that the Full control (under Allow) is checked.
Then try again and tell me if you get the same error.
  • 0

#18
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
ok im getting confused now. i cant find a file with my account name on it..

this is what im looking at. in attachment
the (b:) and (x:) drives are the only ones that says it has something on it

Attached Thumbnails

  • photo.JPG

Edited by Slink, 01 September 2011 - 02:12 PM.

  • 0

#19
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,
Local Disk (C:) is the drive we want. Continue with the instructions above :)
  • 0

#20
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
ok i so sorry i miss read that.. but everything is already set too allow besides special permission which i wont let me check allow or deny (and it still denys me access to C:)
  • 0

#21
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
OK, let's try another thing that i think will work:

Boot from the Windows XP CD as before. Select the windows installation folder number and then enter the administrators password as before.
Then type:

set AllowAllPaths = true

Then:

COPY D:\i386\ntldr C:\
COPY D:\i386\ntdetect.com C:\

Tell me if you get the access denied error.
Then, type this: (even if you got the error or not)

set AllowAllPaths = false

Reboot and see what happens
  • 0

#22
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
right? still didnt work if i did it right

Attached Thumbnails

  • 1photo.JPG

  • 0

#23
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,
Sorry for having you to switch from environment to environment

Boot from the OTLPE cd.
Click the Start > run
Type:

Regedit

Navigate to this key from the left panel:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole

Double click SetCommand from the right panel and set the value to 1:
Posted Image

The boot from the Windows XP CD and try the same previous steps at post#21
  • 0

#24
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
still access denied
  • 0

#25
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Did set AllowAllPaths = true produced any errors?
  • 0

Advertisements


#26
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
i got the exact same message as before in post #22
  • 0

#27
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

I've asked the creator of OTLPE for some help on this. Let's run a scan until I get an answer:


Posted Image OTL Custom Scan
  • Download OTL to your Desktop
  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    netsvcs
    %SYSTEMDRIVE%\*.exe
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.exe
    %APPDATA%\*.
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole|SetCommand /rs
    CREATERESTOREPOINT

  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.


It's late here, so I'll answer you back tomorrow morning :)
  • 0

#28
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
want me to run that in the OTLPE environment?
if so it wont let me and says it failed to start framedyn.dll

Edited by Slink, 01 September 2011 - 04:34 PM.

  • 0

#29
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Sorry that was the wrong set of instructions:


  • Download scan.txt to your USB:
    Attached File  scan.txt   510bytes   30 downloads
  • Reboot your system using the boot CD you created and after it loads the Desktop, attach the USB
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Drag and drop this attached scan.txt into the Custom scans and fixes box
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.
  • Before rebooting, check in C:\ and see if a text file named OTL.txt is there. Tell me if it's there or not


Next:

Double Click MBRFix from the Desktop and type:

MbrFix /drive 0 savembr C:\mbr.dat

After that there should be a file called mbr.dat in C:\. Move it to your usb.
From a clean computer put it in a zip archive
Attach it here in your next reply
  • 0

#30
Slink

Slink

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
got to step 6 and got a message (target is not windows 2000 or later)
but im running xp

Edited by Slink, 02 September 2011 - 11:26 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP