Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus..Safemode/Normalmode Restarting...


  • This topic is locked This topic is locked
11 replies to this topic

#1 greenskittle

greenskittle

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:England
  • Local time:10:18 AM

Posted 03 September 2010 - 10:24 AM

Hi

[Previous INFO]
A few weeks ago I got the "Security Suite" virus... and the virus that redirects Search Engines to random links.
I got rid of it by going into Safemode, downloading the rkill program (This never seemed to do anything though and simply closed itself) and malwarebytes and search and destroy and scanning with all of these removing anything that came up, and it seemed all fixed...
Then I went on holiday for two weeks and when I came back my computer wouldn't load into windows and kept getting so far then blue-screening for like a blink of a second then restarting... I went back into safemode and did a system restore back to when I had just finished fixing it two weeks ago, and everything started up fine.
I was running a few virus scans after that just to feel abit safer, AVG found one trojan, then malwarebytes found nothing, then Search n Destroy found about 37things and removed them all...

[NOW]
A few hours later after some gaming my AVG suddenly detected 4/5 viruses, then the Security Suite popped up again, telling me I was infected and ofcourse not letting me run anything. Feeling sick of it all I restarted my pc intending to go into SafeMode... It didn't work.
Safemode boots and gets to the line "Press ENTER to continue loading the file SPTD.sys" then waits about 5-10seconds then it restarts... This is just after booting the System32/Drivers/Mup.exe file I think...
Normal Mode just does the same as before, getting almost to the log in screen then throwing up a Blue-Screen for about half a second then restarting aswell.

[I have Tried]
I'm happy to reformat my PC, I have a windows 98 disk and a windows xp disk (both burned copys) (and a windows 7 upgrade disk coming in the mail), however when I tell it to boot from the DVD drive it just does the same thing as all the other times, saying my pc has failed to start correctly and asking if I want to go in safemode/normalmode etc and then booting as normal. I'm not sure if this is just my computers disk drive not working as it has had problems running DVDs yet all other disks have been fine.
I have also tried from the F8 menu the debugging option... and it just did the same thing...


Please help! I'm at a loss of what to do, I really want this PC fixed and I cant afford a new one, going back to uni in a week!

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,723 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:18 AM

Posted 03 September 2010 - 10:35 AM

Please be patient...I've asked some of our more knowledgeable staff members to take a look.

Thanks smile.gif.

Louis

#3 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 03 September 2010 - 12:05 PM

Hi,

I am thcbytes and am happy to help you.

Few questions first...
  • Do you want me to try and get you booting again or would you prefer to install Windows 7?
  • Would you like me to help you rescue the data on that hard drive?
  • Are you able to get a "Choose the boot device" menu? Ususally it requires you to start the computer than quickly tap F12, F1, F2 or Esc. Many times as the computers loads it quickly flashes on the screen what you need to press.
  • Do you have a USB drive available?
  • What OS does this computer have installed?
Regards,
~ t

Edited by elise025, 03 September 2010 - 12:21 PM.
Moved as requested ~ Elise

Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#4 greenskittle

greenskittle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:England
  • Local time:10:18 AM

Posted 03 September 2010 - 01:07 PM

QUOTE(thcbytes @ Sep 3 2010, 05:05 PM) View Post
  • Do you want me to try and get you booting again or would you prefer to install Windows 7?
  • Would you like me to help you rescue the data on that hard drive?
  • Are you able to get a "Choose the boot device" menu? Ususally it requires you to start the computer than quickly tap F12, F1, F2 or Esc. Many times as the computers loads it quickly flashes on the screen what you need to press.
  • Do you have a USB drive available?
  • What OS does this computer have installed?



Oooo thanks !!!
- Just to have it booting again would be great, can always install windows 7 after that.
- No not really too fussed, I can re-install games and thats all thats really on there
- Yes I've used that to try and get it to boot to CD but it didnt work (it was f8 repeatedly as soon as it starts up)
- Yes I think so
- Windows XP Home Edition I think?
=)

#5 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 03 September 2010 - 01:43 PM

What is the exact make and model of your computer? When you press F8 at boot do you get a screen that allows you to choose how you want to boot?
  • Hard disc
  • CD
  • USB
  • etc...

Are you sure it is not another key like F12?

Please also do this....
  1. When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  2. Select "Disable Automatic Restart on System Failure", as shown here:
  3. When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:

    If it lists a file please also post it for my review.

Regards,
~ t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#6 greenskittle

greenskittle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:England
  • Local time:10:18 AM

Posted 03 September 2010 - 02:14 PM

What is the exact make and model of your computer?
I'm not sure how to find that kind of thing, it was custom designed by my mum
EDIT - intel ® core ™ 2 cpu 4300 @ 1.8 ghz - that the sort of thing you mean???

When you press F8 at boot do you get a screen that allows you to choose how you want to boot?
[*]Hard disc
[*]CD
[*]USB

Its this screen:


((laptop camera is kinda tiny, it says 1st Floppy Drive, DVD DC DW1670, HDT722525DLA380))

Are you sure it is not another key like F12?
Its deffinately f8 to get to this screen

And the blue screen says....
Technical Info:
*** STOP: 0x0000007E (0xC0000005,0x89CEB963,0xB84F78B4,0xB84F75B0)


Thanks =)

Edited by greenskittle, 03 September 2010 - 02:22 PM.


#7 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 03 September 2010 - 02:26 PM

I can't see what is displayed on that pic. Could you post the text for me?

Let's try to boot your computer using a Boot CD.

If this fails then we have other options. thumbup2.gif

Please print this guide for future reference!

You will need a blank CD, your Windows XP install disc, a clean computer and a flash drive.

Please follow the steps below and let me know if you were successful. Please tell me what error messages you got and/or what steps you got hung up on.

1. Download the PE Builder to your desktop

http://www.nu2.nu/download.php?sFile=pebuilder3110a.exe
  • Double-Click on the PE Builder that you just downloaded to your desktop.
  • Follow all of the instructions/prompts that come up.
2. Insert your XP CD with SP1/SP2/SP3 into a CD Rom drive
  • Double-Click on PE Builder.exe located on your desktop.
  • Click NO to Search for Windows Installation Files
  • Make the following selections from the Main Screen that pops up:
    • Builder
      • Source:(path to Windows installation files)[list]
      • Enter the path to the drive where your XP CD is located.
      • You can click on the "..." button on the right to navigate to the path as well.
    • Custom: (include files and folders from this directory)
      • No information is necessary, leave blank.
    • Output:
      • Keep the default
  • Media output
    • Choose Create ISO image
    • Do not choose Burn to CD/DVD
      • Download the RunScanner plugin and save it to your desktop
      http://www.paraglidernc.com/Files/RunScanner10025.cab

      Please note: You will be prompted for the folder that it shall be saved. By default it appears as runscanner10025. It should be modified to just runscanner <--- Important!!!

      • Press the Plugin button on the PE Builder interface
      • Press the Add button and navigate to the location of the RunScanner plugin to install
      • Please note: If you are using a Windows XP disc with sp2 then highlight RpsSS needs to launch DComLaunch and then press Enable
    • When your done press Close and the PE Builder interface will re-appear
3. Click on the "Build" button
  • You will see the Windows EULA message. Click on I Agree
  • You will now see the Build Screen. Let it run it's course
  • When the Build is finished you can click close, then exit
4. Burn your ISO file to CD
==========

Next........

From your clean computer..

Please download OTLPE.zip and save it to a flash drive.
http://oldtimer.geekstogo.com/OTLPE.zip
http://www.itxassociates.com/OT-Tools/OTLPE.zip

Double click and unzip OTLPE.zip to its own folder on your flash drive. Name it OTLPE <-- Important!!

==========

Plug your flash drive into your sick computer now and do as instructed below..

==========

1. Restart Your sick Computer Using the PE Builder ISO CD That You Have Created
  • Insert the CD in to one of your CD/DVD drives.
  • Restart your computer.
    • The computer should choose to boot from the CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.
  • Once the desktop appears, you will receive a message asking: Do you want to start Network support?
    • Click on No
  • After it loads press the Go button in the lower left and do this....
    • Go
    • System
    • Display
    • Screen Resolution
    • 1024x768
    Next choose....
    • Go
    • Programs
    • A43 File Management Utility
==========

In A43File Management you should see your flash drive
Navigate to the OTLPE folder that you saved to your flash drive.

Open the OTLPE folder and double click Start.cmd.
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTLPE should now start

    Change the following settings
    • Change Services, Drivers, Standard and Extra Registry to All
    • Uncheck LOP and Purity check

    Please note: Stay with your computer during the course of the scan. If "Entry Point Errors" are encountered simply press "ok" and allow the program to continue. <-- Important!!

  • Copy and Paste the following code from your flash drive into the textbox. Do not include the word "Code"

    CODE
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    CREATERESTOREPOINT

  • Push
  • A report will open named "OTL.txt" and another will be minimized to the system tray named "Extra.txt". Save both log's to your flash drive. Copy and Paste them in your next reply.
=========

With your next post please provide:

* OTLPE.txt
* Extra.txt

Kind regards,
~ t


Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#8 greenskittle

greenskittle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:England
  • Local time:10:18 AM

Posted 03 September 2010 - 02:40 PM

You will need a blank CD, your Windows XP install disc, a clean computer and a flash drive. -
Unfortunately I have neither the Blank CD or the Clean Comp with a disk drive atm (this laptop has no cd drive),

I will borrow my friends PC tomorrow and get a disk while in town to make the Boot CD,
Should be back on Monday to try it all and will let you know how it goes as it seems to be a dead end until I can get these things.

Thank you so much for your help so far =)

#9 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 03 September 2010 - 02:43 PM

thumbup2.gif
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#10 greenskittle

greenskittle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:England
  • Local time:10:18 AM

Posted 07 September 2010 - 10:14 AM

Hey,
I havn't been able to get the boot cd yet =/ still lacking 2 disk drives to do it.
HOWEVER some good news!! Or so it seems at the minute:
Got my win7 update disk my pc managed to boot from it ! (Thinking maybe something was wrong with the other disks I was using since theyre not genuine windows disks maybe? Not sure)
Tried a few of the repair options that seemed right (System image restore (or something) - it couldn't find an image, and start up repair it couldnt do either, one other too I cant remember)
I did find I could access all the stuff on my pc by using the load drivers on one of the repair options (it wanted me to find my win xp OS but I wasn't sure how to, it said to insert media - would have tried inserting win xp disk however i only have one disk drive)

so currently I'm doing a custom install of win 7.... pc is going VERY slowly, can't remember how much RAM my pc has and I'm not too sure it's enough to really run win7 smoothly but aslong as its working I can take it from there.
Will update if anything goes wrong and if I'm doing something really stupid please let me know!

#11 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 07 September 2010 - 04:01 PM

Are you wiping the hard drive clean and installing Windows 7 fresh or are you partitioning your hard drive with Windows XP remaining on one of the partitions?
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#12 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 AM

Posted 13 September 2010 - 05:00 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users