Tech Support Forum banner
Status
Not open for further replies.
1 - 11 of 11 Posts

·
Registered
Joined
·
7 Posts
Discussion Starter · #1 ·
Hi there, earlier today i was working on some video footage. I had went downstairs for an hour i came up and i had all these anti virus pop ups flashing all over my screen. i dont know how they got on there as i scan my computer every 2 days. The only possible reason i can think of is visiting The Pirate Bay.org. I tried opening task manager but the software keeps closing it. No matter what i tried the software would tell my system not to open it. I tried restarting the computer but when it gets onto the windows loading screen it flashes a blue screen then resets and this continually happens. I tried safe mode and last safe config, it still happens.

Some of the malware i saw:

Anti Malware doctor
Security suite

and some more.

I cannot use my DVD drive as it doesnt work so my only option is to do some via USB stick.. Is there any other way? please help.

How can i fix this without having to use a DVD drive and formatting / recovery console?

Thanks.

Need this help urgently.
 

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Hello Joeygfx,

Without a DVD or CDrom drive, you're asking for quite a lot. Does this computer support booting from a usb? If it doesn't, the usb would not be of any use. Do you have the Windows install disk? The Windows install disk will be necessary to create a working Windows environment.
 

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Excellent. I'll have a better idea of the most efficient way to proceed if you can get me the bsod error code. Restart the machine and tap F8 to get the Advanced Menu. Select 'Disable auto restart' and press enter. The machine will proceed as usual to boot Windows, then at logon screen it should bsod for you and halt there. Write down the stop error code, and post that here, please. :)
 

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Thanks. Given your initial description, the malware you did cite for me, along with this bsod gives me a good idea of what I'm after. These instructions will seem overwhelming, but it's not as difficult as it looks - it's merely detailed.

You'll need a blank CD for this next set of instructions. Please download the Ultimate Boot CD for Windows. In the left side panel of that webpage, click 'How to Build' for step by step instructions to create this boot disk.

Please note: If your XP install disc is SP1 then please do the following:
  • Disable DComLaunch Service
  • Enable- LargeIDE Fix

This can be done by pressing the "Plugin" button and checking or unchecking the appropriate selections


Also note: If you have a Dell XP install disc you will need to follow the instructions here http://www.ubcd4win.com/faq.htm#dell


=============================

Next........

From your working computer, download OTLPE.zip and save it to a flash drive.


Double click and unzip OTLPE.zip to its own folder on your flash drive. Name it OTLPE <-- Important!!

==========

Plug your flash drive into the infected computer.

==========

Ensure the infected computer is set to boot from DVD/CDRom drive first, hard drive second.

Insert the UBCD4Win disc in to one of your CD/DVD drives and restart your computer.

The computer should choose to boot from the UBCD4Win CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.
  • In the window that pops up select Launch The Ultimate Boot CD For Windows and press Enter.
  • It may take a little longer for the Desktop to appear than it does when you start your computer normally. Just let the process run itself until the desktop appears.
  • Once the desktop appears, you will receive a message asking: Do you want to start Network support? Click on Yes if you want to use the PE environment to get online to post your log
You should now have a desktop that looks like this:


==========

Single click My computer from your UBCD4W desktop to navigate to the OTLPE folder that you saved to your flash drive.

Open the OTLPE folder and double click Start.cmd.

  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTLPE should now start

    Change the following settings
    • Change Services, Drivers, Standard and Extra Registry to All

  • Copy and Paste the following code into the
    textbox. Do not include the word "Code"

    Code:
    /md5start
    userinit.exe
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    CREATERESTOREPOINT
  • Push
  • A report will open. Save that log to your flash drive. Copy and Paste that report in your next reply.
 

·
Registered
Joined
·
7 Posts
Discussion Starter · #10 ·
Hey, i will do this shortly but i was wondering if i could possibly partition it and then install a fresh copy of windows or completely reformat my computer as i am willing to let go of whats stored on my computer since the majority is software and not work.
 

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Yes, indeed. Although I wouldn't partition and install alongside as I can't see a reason to leave the infected OS on there unless you intend to fix it.

Certainly a format and fresh install of the OS is your safest and quickest way to ensure the machine is clean going forward.

If you'd still like to try to get it working, post the log and I can take it from there.
 
1 - 11 of 11 Posts
Status
Not open for further replies.
Top