keeps repeating. Can't stop it.
WIN 32/ Expiro Infection
Started by
shar907
, Feb 03 2013 10:12 AM
#16
Posted 07 February 2013 - 01:57 PM
keeps repeating. Can't stop it.
#17
Posted 07 February 2013 - 03:09 PM
OK. Start in Normal mode and do OTL scan as I described. Last OTL showed root-kit infection and we tried to remove it with TDSSKiller and Combofix. Let's see what new OTL shows.
#18
Posted 07 February 2013 - 03:12 PM
I can't get off the black screen with Start Windows normally, Safe Mode etc page. When I click start Windows normally it just start over on the black screen again.
#19
Posted 07 February 2013 - 03:15 PM
I'm on another cpu here.
#20
Posted 08 February 2013 - 01:26 AM
Hi shar907,
Looks like malware fighting back. Let's get offline and try to remove it. For this step you will need blank CD, USB memory stick and another, clean, system.
Do this on clean PC:
Do this on infected PC now:
Looks like malware fighting back. Let's get offline and try to remove it. For this step you will need blank CD, USB memory stick and another, clean, system.
Do this on clean PC:
- Download OTLPEStd.exe to your desktop
- Ensure that you have a blank CD in the drive
- Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
- Copy attached scan.txt to USB memory stick so you can use it later
Do this on infected PC now:
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here - As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
- Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy - Double-click on the OTLPE icon.
- Select the Windows folder of the infected drive if it asks for a location
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start.
- Drag and drop this attached scan.txt into the Custom scans and fixes box
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive if you do not have internet connection on this system.
- Right click the file and select send to : select the USB drive.
- Confirm that it has copied to the USB drive by selecting it
- You can backup any files that you wish from this OS
- Please post the contents of the C:\OTL.txt file in your reply.
Attached Files
#21
Posted 09 February 2013 - 12:52 PM
Made Disk on the other cpu. When I put it in the my cpu it said Invalid system disk replace disk. When I try another one it says the same message then goes back to the black screen with the safe mode messages. Can't get a boot from CD disk or USB stick. Went to setup F2 and Boot F12. It said cd rom was present but the USB was not present. Still can't get it to safe mode. Goes to Windows logo screen very fast then Dell screen then Black screen again. Does this over and over again.
Thanks
Thanks
#22
Posted 11 February 2013 - 12:08 AM
Hi shar907,
Can you try to insert just CD but not USB at the same time. Some systems can make problems with this.
So insert just CD you created and try to boot it. Let me know results.
Can you try to insert just CD but not USB at the same time. Some systems can make problems with this.
So insert just CD you created and try to boot it. Let me know results.
#23
Posted 11 February 2013 - 12:18 PM
Removed the usb stick. Still didn't work.
Thanks
Thanks
#25
Posted 12 February 2013 - 11:27 PM
Thanks for you're help. Going to try the other website .
Shar907
Shar907
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users