Please tray again, then after running these commands, reboot back to xPUD. That usually helps to keep the files saved in the drive.
SMART virus
Started by
hknh
, Jul 02 2012 05:19 PM
#16
Posted 21 July 2012 - 01:22 PM
Please tray again, then after running these commands, reboot back to xPUD. That usually helps to keep the files saved in the drive.
#17
Posted 21 July 2012 - 03:41 PM
I did it again, but still can only get the file find file.
Attached Files
#18
Posted 21 July 2012 - 04:10 PM
I tried again - I don't know what else to do.
Attached Files
#19
Posted 21 July 2012 - 04:47 PM
There are drivers in two locations, mnt/sda2/Windows/System32 and mnt/sda3/Windows/System32. Browsing these locations, are you able to tell which location is the System Drive? You may be able to do so by browsing to the mnt/sda2/Users or mnt/sda3/Users and see your username.
#20
Posted 21 July 2012 - 05:42 PM
I don't know how to tell ... I checked mnt/sda2/Users or mnt/sda3/Users and under sda3 Heidi is a folder. That is my username.
#21
Posted 21 July 2012 - 08:35 PM
I believe is sda3 also.
Seems that there is an issue with the registry. No user accounts are found. Lets take a look at what may be available as a backup.
Please delete the current filefind.txt file from the USB drive.
Boot to xPUD
Please post the filefind.txt on your next reply.
Seems that there is an issue with the registry. No user accounts are found. Lets take a look at what may be available as a backup.
Please delete the current filefind.txt file from the USB drive.
Boot to xPUD
- Expand mnt
- sda1,2...usually corresponds to your HDD
- sdb1 is likely your USB
- Click on the folder that represents your USB drive (sdb1 ?)
- Confirm that you see driver.sh that you downloaded there
- Press Tool at the top
- Choose Open Terminal
- Then type bash driver.sh -af
- Press Enter
- You will be prompted to input a filename.
- Type the following:
SAM
- Press Enter
- If successful, the script will search for this file.
- After it has completed the search enter the next file to be searched
- Type the following:
DEFAULT
- Press Enter
- If successful, the script will search for this file.
- After it has completed the search enter the next file to be searched
- Type the following:
SYSTEM
- Press Enter
- If successful, the script will search for this file.
- After it has completed the search enter the next file to be searched
- Type the following:
SECURITY
- Press Enter
- After it has completed the search enter the next file to be searched
- Type the following:
SOFTWARE
- Press Enter
- After it has completed the search enter the next file to be searched
- Type the following:
XBURDERWHJWA.EXE
- Press Enter
- After the search is completed type Exit and press Enter.
- After it has finished a report will be located in the USB drive as filefind.txt
Please post the filefind.txt on your next reply.
#22
Posted 22 July 2012 - 07:22 AM
#23
Posted 22 July 2012 - 10:21 AM
It is a little bit confusing as it looks as if you have two hard drives with a Windows installation.
Lets attempt this manually. There is no automatic way to do this throughout xPUD.
Boot to xPUD.
First browse to /mnt/sda3/ProgramData and rename the file xBuRdeRWhJWa.exe to xBuRdeRWhJWa.exe.vir
Second, browse to /mnt/sda3/Windows/System32/config and rename the file sam to sam.123
Then browse to /mnt/sda3/Windows/System32/config/RegBack, right click on the file SAM and select Copy. Browse back to /mnt/sda3/Windows/System32/config, right click on an empty space and select Paste. That should copy the file SAM from the RegBack to the config folder after being renamed.
If successful, attempt to reboot into Normal Mode and let me know the outcome.
Lets attempt this manually. There is no automatic way to do this throughout xPUD.
Boot to xPUD.
First browse to /mnt/sda3/ProgramData and rename the file xBuRdeRWhJWa.exe to xBuRdeRWhJWa.exe.vir
Second, browse to /mnt/sda3/Windows/System32/config and rename the file sam to sam.123
Then browse to /mnt/sda3/Windows/System32/config/RegBack, right click on the file SAM and select Copy. Browse back to /mnt/sda3/Windows/System32/config, right click on an empty space and select Paste. That should copy the file SAM from the RegBack to the config folder after being renamed.
If successful, attempt to reboot into Normal Mode and let me know the outcome.
#24
Posted 22 July 2012 - 10:35 AM
When I tried to start windows normally, it looped me back to the start screen and asked if I wanted to started windows normally or repair. Then it automatically went to the repair option and then to the wondows screen with otheruser. I click on other user and go to the username and password page, which won't let me in.
#25
Posted 22 July 2012 - 11:26 AM
If you select "Repair my computer" in the Advanced Menu, wouldn't that let you in? How about typing your username and password?
#26
Posted 22 July 2012 - 11:34 AM
I don't have a username and password - If I click on repair, it goes to that screen - if I click on run normal, it loops back to tht page
#27
Posted 22 July 2012 - 11:38 AM
If you can't get to a command prompt throughout the Repair Console, lets try another application:
You will need a CD to burn and a flash drive to move information from the troubled computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).
Here is what you need to do.
You will need a CD to burn and a flash drive to move information from the troubled computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).
Here is what you need to do.
- Download OTLPEStd.exe to your desktop. NOTE: This file is 93.5MB in size so it may take some time to download.
- Once downloaded, insert a blank CD in your burner and click on OTLPEStd.exe.The executable includes the OTLPE_New_Std.iso and a copy of imgburn, a program to burn .iso files. When executed, the application will extract both and start the burning process automatically.
- Once the CD is burned, boot the Non working computer using the boot CD you just created.
- In order to do so, the computer must be set to boot from the CD first
Note : For information click here
- Your system should now display a REATOGO-X-PE desktop.
- Double-click on the OTLPE icon.
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start. Change the following settings
- Change Drivers to All
- Change Standard Registry to All
- Press Run Scan to start the scan.
- When finished, the file will be saved in the root directory of your hard drive, usually C:\.
- Copy this file to your USB drive.
- Please post the contents of this file in your reply.
#28
Posted 22 July 2012 - 11:41 AM
According to xPUD, your username is Heidi. Try that one. If you do not have a password, leave it in blank.
#29
Posted 22 July 2012 - 11:46 AM
I tried and nothing - the specified domain either does not exist or could not be contacted -
#30
Posted 22 July 2012 - 11:53 AM
what do I chose for windows directory after double clicking otlpe?
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users