[Jenna91]

Hello,

Below is what my lap top has:
http://www.fixpcyour...tigation-virus/

I already have malwarebytes (my anti-virus) installed on the lap top ready to go.
The problem is I am unable to boot up to get to windows to use it. I cannot do safe mode/safe mode with networking/etc. None of the options work. I have tried them all. When I try to start up windows it works for about 3 seconds then I get an FBI warning sign (scam) that totally locks my computer up and freezes it. This one is really bad. I disconnected the lap top from my router just in case it could infect my desktop here.

I need to know how to get my anti virus to scan and clean it off without going to windows. This is the file path:
C:\Program Files\Malwarebytes' Anti-Malware

Is there any way to do that or... does anyone else have any ideas on how to go about cleaning this off? If anyone has any questions or needs more info. just let me know.

Thank you for your time,

Jenna

p.s. people have helped me on this site before and I always remembered how impressed I was. this is a great place.

[Advertisements]

Hello Jenna91 and welcome to my office here at G2G!

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:

• Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
• Absence of symptoms does not always mean the computer is clean
• Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
• Please DO NOT run any scans or fix on your own without my direction.
• Please read all of my response through at least once before attempting to follow the procedures described.
• If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
• You must reply within 3 days or your topic will be closed

For this step we will need clean PC and one blank CD. Please print these instruction out so that you know what you are doing

Do this on clean PC:

• Download OTLPEStd.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD

Now use this CD on infected PC:

• Reboot your system using the boot CD you just created on clean PC.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\\OTL.txt file in your reply.

[maliprog]

Hello Jenna91 and welcome to my office here at G2G!

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:

• Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
• Absence of symptoms does not always mean the computer is clean
• Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
• Please DO NOT run any scans or fix on your own without my direction.
• Please read all of my response through at least once before attempting to follow the procedures described.
• If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
• You must reply within 3 days or your topic will be closed

For this step we will need clean PC and one blank CD. Please print these instruction out so that you know what you are doing

Do this on clean PC:

• Download OTLPEStd.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD

Now use this CD on infected PC:

• Reboot your system using the boot CD you just created on clean PC.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\\OTL.txt file in your reply.

[Jenna91]

I'll follow your instructions in the morning. It's 12:19 a.m. here and i'm so tired. I'll let you know how it goes. Thank you for your reply.

[maliprog]

OK. Good night and see you in the morning.

[Jenna91]

Hi, I am stuck on part 2 step 1 (booting with CD).
This is the CD I used. I assume it is ok for this purpose:

http://img13.imagesh...91/11111eao.jpg

I downloaded the file and saw the imgburn logo, so then I assume it is on the CD. I close the program on this computer then take the CD out and put it in the lap top. Done.

I start up the lap top, and open up the boot menu. I put in the CD here before I click boot from CD then wait a moment to let it read it. The lap top acts like it reads it (noise) then it stops about 15 seconds later.

I tell it to boot up, then it takes me back to the screen with safe mode, safe mode w/ networking, etc. I try same process again. Same result. On third try it took me straight to the windows desktop and then I got the gray screen of death (that's the virus).

To my knowledge the CD reader in this lap top works fine. I tested it when I picked it up and it reads CDs fine. I am not sure if the CD I used to burn the program is no good. It seemed to burn fine and was brand new.

By the way the lap top is Dell windows XP. I'm not sure if that matters.

Let me know if you have any suggestions or ideas or need any more information.

Jenna

Edited by Jenna91, 16 November 2012 - 10:13 AM.

[maliprog]

I downloaded the file and saw the imgburn logo, so then I assume it is on the CD. I close the program on this computer then take the CD out and put it in the lap top. Done.

I think you didn't burn CD right. It suppose to take at least 5min to burn full CD. And you should see actual burning progress. At the and it will tell you that your CD is ready. If you didn't see all this than your CD is not burned.

Please try again and this time wait for few minutes.

[Jenna91]

Thank you for your patience so far.

Edit: i think i figured out my mistake. I bet I am supposed to click something when the imgburn opens. I don't know what to click though. I double click icon...then it says... do you want to burn cd. I say "yes". Then it extracts. I thought it was done at that point. Not sure if I need to click something else or something??? :
http://img26.imagesh...83/18097810.png

Edited by Jenna91, 16 November 2012 - 08:13 PM.

[maliprog]

It's not your mistake. I thing you don't have CD/DVD writer on this computer. I see message "No writer detected". Are you sure you have CD/DVD burner on this system?

One question. On infected machine, do you run Windows XP or Windows 7? I need to know so I can choose tools to try on infected machine.

[Jenna91]

Windows XP on all my machines. Going to sleep again for tonight. I'll try to burn on my other PC tomorow morning.

[Jenna91]

Hi Mailprog,

This morning I attempted to replace the CD/DVD drive on this dell desktop with the one from my old HP desktop. The HP has a bad hard drive and power supply so I was just holding it for possible parts. I was unable to switch these out. If you look below, they don't seem to be compatible. None of the connecters fit:
http://img6.imagesha...2/img0966ee.jpg

The lap top doesn't seem to want to burn either. I guess they both read cd's but won't burn them. So I think we can just forget about this thread I guess.
I'm going home (to my parents house) next week and i was already planning on trying to get the other PC that I recently lost (bad power supply) up and running again (more spare computer parts at home). I know that PC burns for a fact. So at that point I might start a new thread and ask for help or bump this one in a week (maybe) because I will then be able to move on with this process and get secondary lap top working again. I had 2 lap tops and 2 desktops. I'm down to one of each at the moment. I'll save this page with your instructions for future use.

You can lock this thread if you like. **Sorry for the headache**. Thank you very much for your patience and help. If I can't get this lap top back on it is not a great loss to me because I already have another lap top that was ready to go sitting next to me right now. So no worries, I was just trying to make each PC last as long as possible.

Thanks for your help again,

Jenna

Edited by Jenna91, 17 November 2012 - 10:45 AM.

[maliprog]

I understand. I will close this topic and if you wish to continue with it just send me a message.

Goodbye and stay safe