Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ComPaq Presario running Windows XP virus. [Closed]

Started by bobmoore07 , Sep 25 2012 11:34 AM

  • This topic is locked This topic is locked

#1
bobmoore07
Posted 25 September 2012 - 11:34 AM

bobmoore07

    New Member

  • Member
  • Pip
  • 2 posts
I am trying to help a friend out with a problem surfaced after he allowed someone else to use one of his older laptops.

When booting it comes up with a screen saying "Page is loading, please wait. This may take up to 30 seconds."

Initially, during use, a screen came up saying that "You have been detected visiting unauthorized sites and the FBI will be contacting you within 48 hours." or something similar.

This computer's hard disk is partitioned with a system recovery on the "D" drive. The problem is, I have not been able to get it to give me the option to boot from the D: drive or invoke system recovery(I feel I have forgotten as it has been a long time since I have done this.)

When I boot it up now, it boots normally and allows you to sign on but I can not get to a screen whence I can see the start button.

Any ideas,
Bob
  • 0

Advertisements

#2
Essexboy
Posted 25 September 2012 - 12:42 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yep first we will attempt to clear the bad boy
Once on the desktop press the windows and R key together to get the run box open
Then type in Iexplore.exe
Hit return and IE will open

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
bobmoore07
Posted 25 September 2012 - 01:48 PM

bobmoore07

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Essexboy,

I may not have been clear, but I cannot get to the desktop. Once I log on, it immediately goes to a white screen with the words "Page is loading, please wait. This may take up to 30 seconds."
  • 0

#4
Essexboy
Posted 25 September 2012 - 02:01 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Sorry I thought you could get to the desktop but it was blank .. In that case on to plan B

OK next we will work outside of windows then Please print these instruction out so that you know what you are doing

  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#5
Essexboy
Posted 29 September 2012 - 06:50 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP