Virus or malware removal help needed. Slow computer 1/9/13 [Solved]
Started by
JohnGo
, Jan 09 2013 03:10 PM
#16
Posted 12 January 2013 - 09:11 AM
#17
Posted 12 January 2013 - 09:29 AM
Restart the computer and press repeatedly to get to safe mode
Select last known good and reboot
You should now return to windows
Select last known good and reboot
You should now return to windows
#18
Posted 12 January 2013 - 10:06 AM
#19
Posted 12 January 2013 - 10:23 AM
At the safe mode menu select last known good
#20
Posted 12 January 2013 - 10:42 AM
It does the same thing: thru winxp startup screen, then the blue message I sent, then bsod.
#21
Posted 12 January 2013 - 10:45 AM
Looks like the registry was corrupted on the forced shutdown
Please print these instruction out so that you know what you are doing
Please print these instruction out so that you know what you are doing
- Download OTLPENet.exe to your desktop
- Download Farbar Recovery Scan Tool and save it to a flash drive.
- Ensure that you have a blank CD in the drive
- Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here - As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
- Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy - Insert the flash drive with FRST on it
- Locate the flash drive and run FSRT
- The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
#22
Posted 12 January 2013 - 10:47 PM
In the event you check here before I arise is the morning, I'll leave you an update now.
Farbar Recovery Scan Tool ran for 7 hours on the first attempt. When it started, the tray clock stopped but the scan appeared to be running. At this point I stopped it and restarted it again. As of now it has been running 3 1/2 hrs. The clock has continued to run this time. I'll let it continue to run thru the night and check it in the a.m.
Farbar Recovery Scan Tool ran for 7 hours on the first attempt. When it started, the tray clock stopped but the scan appeared to be running. At this point I stopped it and restarted it again. As of now it has been running 3 1/2 hrs. The clock has continued to run this time. I'll let it continue to run thru the night and check it in the a.m.
#23
Posted 13 January 2013 - 07:41 AM
The computer seems to be still running Farbar this a.m. (12 hours now).
#24
Posted 13 January 2013 - 09:12 AM
Farbar should take no longer than two or three minutes
We will use OTL instead. Reboot from the CD. You should be able to connect to the net with this
We will use OTL instead. Reboot from the CD. You should be able to connect to the net with this
- Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy - Double-click on the OTLPE icon.
- Select the Windows folder of the infected drive if it asks for a location
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start.
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive if you do not have internet connection on this system.
- Right click the file and select send to : select the USB drive.
- Confirm that it has copied to the USB drive by selecting it
- You can backup any files that you wish from this OS
- Please post the contents of the C:\OTL.txt file in your reply.
#25
Posted 13 January 2013 - 01:26 PM
When I double click OTLPE, it will flash up a black window for a split second. It looks like it might be a
"c\prompt" window. After that, the OTLPE name under the icon is grayed out and the computer won't do anything else till a reboot.
"c\prompt" window. After that, the OTLPE name under the icon is grayed out and the computer won't do anything else till a reboot.
#26
Posted 13 January 2013 - 01:27 PM
The mouse pointer still moves but that's all.
#27
Posted 13 January 2013 - 02:17 PM
Do you have a windows CD as we will need to use the recovery console
If you have then the following commands will need to be typed when you access the command prompt on the recovery console
md tmp
copy c:\windows\system32\config\system c:\windows\tmp\system.bak
copy c:\windows\system32\config\software c:\windows\tmp\software.bak
copy c:\windows\system32\config\sam c:\windows\tmp\sam.bak
copy c:\windows\system32\config\security c:\windows\tmp\security.bak
copy c:\windows\system32\config\default c:\windows\tmp\default.bak
delete c:\windows\system32\config\system
delete c:\windows\system32\config\software
delete c:\windows\system32\config\sam
delete c:\windows\system32\config\security
delete c:\windows\system32\config\default
copy c:\windows\repair\system c:\windows\system32\config\system
copy c:\windows\repair\software c:\windows\system32\config\software
copy c:\windows\repair\sam c:\windows\system32\config\sam
copy c:\windows\repair\security c:\windows\system32\config\security
copy c:\windows\repair\default c:\windows\system32\config\default
If you do not have the CD or recovery console let me know and I will locate a copy
If you have then the following commands will need to be typed when you access the command prompt on the recovery console
md tmp
copy c:\windows\system32\config\system c:\windows\tmp\system.bak
copy c:\windows\system32\config\software c:\windows\tmp\software.bak
copy c:\windows\system32\config\sam c:\windows\tmp\sam.bak
copy c:\windows\system32\config\security c:\windows\tmp\security.bak
copy c:\windows\system32\config\default c:\windows\tmp\default.bak
delete c:\windows\system32\config\system
delete c:\windows\system32\config\software
delete c:\windows\system32\config\sam
delete c:\windows\system32\config\security
delete c:\windows\system32\config\default
copy c:\windows\repair\system c:\windows\system32\config\system
copy c:\windows\repair\software c:\windows\system32\config\software
copy c:\windows\repair\sam c:\windows\system32\config\sam
copy c:\windows\repair\security c:\windows\system32\config\security
copy c:\windows\repair\default c:\windows\system32\config\default
If you do not have the CD or recovery console let me know and I will locate a copy
#28
Posted 13 January 2013 - 02:24 PM
I have my XP disc that I bought a few years back and I have kept all updates current. I will continue with your instructions with that disc.
#29
Posted 13 January 2013 - 02:39 PM
I'm at the command prompt in the recovery console. I'm not too skilled here...Where it says "Which Windows installation would you like to log onto", do I start there and type all 3 of your groups at one time and hit enter?...with a line space between each group?
#30
Posted 13 January 2013 - 02:44 PM
No select the main windows which you use .. It should be the first one Windows XP
Then enter each line individually pressing enter after each
Then enter each line individually pressing enter after each
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users