1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Won't Start _ HELP!

Discussion in 'Virus & Other Malware Removal' started by stardanz1, Apr 4, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    Hi Guys,

    I usually update and run several Anti-Virus and Anti-Malware programs to keep the nasties away and take care of any problems right away. But this time...!

    I downloaded a keygen (yeah, I know I shouldn't have) and upon opening, I got the Virtumonde virus and others too. I ran Ad-Aware, Spybot S&D, MalwareBytes and SuperAntiSpyware. It got most of the bad guys.

    On startup, I was still getting 2 or 3 Alert messages. One saying "Could not locate rizizozu.dll" and another saying "Intellimouse had encountered a problem and will now shut down". Sometimes also, "Ad-Watch had encountered a problem and will now shut down".

    I watched a movie last night on Cyberlink PowerDVD. Afterward, I was going to run an online Virus scans. Then everything went wrong.

    When starting up, I can normally hit the F8 key to go into Safe Mode and run Anti-Malware progrems. This time, as it goes into Safe Mode, I can see the list of drivers and apps that are loading and about halfway through it just quits and begins to restart. I tried several times. Even if the computer restarts normally, it continually restarts itself after doing it's memory check and system hardware check. It's stuck in some kind of loop.

    How can I get into Safe Mode? Is there a bootable CD/files to help start in Safe Mode? HELLPPP!!!

    sincerely,
    Mark

    Running: Pentium 4 - 2.8 GHz, 2 GB RAM, Windows XP Pro Service Pack 3, 250 GB HDD + 250 GB secondary drive.
     
  2. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Hi, :)

    Welcome.

    Lets give this a try. You will need a flash drive to move information from the sick computer to a working computer, so we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

    Here is what you need to do.

    Two programs to download

    First

    Download ISOBurner. Click Here for ISOBurner Instructions. Install the program, and follow the next set of steps.

    Second

    • Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 276.7MB in size so it may take some time to download.
    • When downloaded double click and this will then open ISOBurner to burn the file to CD
    • Boot the Non working computer using the boot CD you just created.
    • In order to do so, the computer must be set to boot from the CD first
      Note : For information click here
    • Your system should now display a REATOGO-X-PE desktop.
    • Double-click on the OTLPE icon.
    • When asked "Do you wish to load the remote registry", select Yes
    • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
    • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
    • OTL should now start. Change the following settings
      • Change Drivers to All
      • Change Standart Registry to All
      • Under the Custom Scan box paste this in

        /md5start
        eventlog.dll
        scecli.dll
        netlogon.dll
        cngaudit.dll
        sceclt.dll
        ntelogon.dll
        logevent.dll
        iaStor.sys
        nvstor.sys
        atapi.sys
        IdeChnDr.sys
        viasraid.sys
        AGP440.sys
        vaxscsi.sys
        nvatabus.sys
        viamraid.sys
        nvata.sys
        nvgts.sys
        iastorv.sys
        ViPrt.sys
        eNetHook.dll
        ahcix86.sys
        KR10N.sys
        nvstor32.sys
        ahcix86s.sys
        nvrd32.sys
        userinit.exe
        explorer.exe
        ntoskrnl.exe
        /md5stop
        %SYSTEMDRIVE%\*.*
        %systemroot%\*. /mp /s
        %systemroot%\System32\config\*.sav

    • Press Run Scan to start the scan.
    • When finished, the file will be saved in drive C:\OTL.txt
    • Copy this file to your USB drive.
    • Please post the contents of the C:\OTL.txt file in your reply.
     
  3. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    Okay, everything seemed to go as instructed. I downloaded OTLPE.ISO and burned it to CD.
    The desktop started Reatogo-X-PE and I started OTLPE and ran the scan.
    The odd thing is, I can't find the text file??

    I looked in B,C & D drives and used "Search" to find the .txt file. But can't find it.
    Where could it be hiding? Can I specify a folder to save it?

    thanks,
    Mark
     
  4. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Yes.

    Can you see the contents of the flash drive in any of those drives?
     
  5. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    Yes, I can see my flash drive as F:\
    I can see several files on the flash drive.
     
  6. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Copy and paste the instructions I posted in a Notepad document and Save them in the flash drive as Instructions, or Readme. Once in the Reatogo environment, browse to the flash drive and open the document, then copy and paste the Custom Scan entries into OTLPE.
     
  7. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    Hi,

    I think you misunderstood my previous reply. I've already run the SCAN.
    I can't find the resulting C:\OTL.txt file. I looked and did a system Search.

    Can I specify a location, maybe on the flash drive to save the OTL.txt file.
    There doesn't seem to be any Menu bar or Save option.

    thanks
     
  8. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    By default, OTLPE saves the file in the C:\ folder, or in the root directory Windows is installed, usually C:\.

    Assuming Windows is installed in the C:\ drive:
    • Copy the entire contents of the Quote Box below to Notepad.
    • Name the file as Query.bat
    • Change the Save as Type to All Files
    • and Save it in the Flash drive. For Safety reasons, please do not save or run this file in a working computer, but rather save it directly to the flash drive.
    While in the Reatogo desktop, navigate to the Flash drive and double click on the Query.bat. If all goes well a Log.txt will be saved in the F:\ of your flash drive folder. Post its contents of that file in your next reply
     
  9. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    Here are the contents of Log.txt:

    Volume in drive C is Main Drive
    Volume Serial Number is 9C7B-DC12
    Directory of C:\
    03/10/2007 04:24 AM <DIR> AOL Instant Messenger
    03/13/2007 01:57 PM 10,920 aolconnfix.exe
    03/13/2007 01:57 PM 1,039 aolconnfix.txt
    03/10/2007 04:25 AM <DIR> aolextras
    05/07/2007 03:58 PM <DIR> ATI
    08/07/2009 07:40 PM <DIR> bb7cade3e2ff750bf52d11d8
    03/12/2007 05:04 AM 276 Bryce Lightning Uninstall.log
    03/12/2007 04:56 AM 252 Bryce Uninstall.log
    12/27/2008 04:56 AM <DIR> cmdcons
    08/04/2004 03:00 AM 260,272 cmldr
    12/27/2008 05:18 AM 32,694 ComboFix.txt
    11/22/2008 04:16 PM <DIR> Documents and Settings
    08/10/2009 06:01 PM <DIR> DVDVideoSoft
    04/02/2010 04:52 PM <DIR> HJT
    05/10/2009 02:03 AM <DIR> htdocs
    02/05/2007 02:00 AM <DIR> Inetpub
    02/17/2010 04:38 PM 233 Install.log
    03/10/2007 04:24 AM <DIR> MAV
    05/07/2007 03:38 PM 5,379 mmcInst.log
    06/27/2008 05:54 PM <DIR> MySQL InnoDB Datafiles
    08/18/2008 03:26 AM <DIR> Perl
    03/29/2007 11:44 PM <DIR> php5
    04/03/2010 05:14 AM <DIR> Program Files
    12/27/2008 05:18 AM <DIR> Qoobox
    07/24/2007 02:56 AM <DIR> Results
    10/31/2005 11:56 AM 700,416 StubInstaller.exe
    03/19/2008 12:10 PM <DIR> Temp
    06/19/2009 11:56 PM 3,958,718,464 THE_AIR_I_BREATHE.ISO
    04/03/2010 05:28 AM <DIR> WINDOWS
    02/02/2007 08:58 PM <DIR> WUTemp
    10 File(s) 3,959,729,945 bytes
    20 Dir(s) 107,076,485,120 bytes free
     
  10. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    How many times you ran the scan? Any errors during the scan? Does a text file opens at the end of the scan?

    I would retry.
     
  11. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    There are files missing in the C:\ drive. You have a Secondary Hard Drive. Would both contain an Operating System? Which drive you boot from? Is the Secondary Hard drive present in the Reatogo environment?

    OTLPE uses the Boot.ini file to establish its environment. That file is missing in the C:\ drive. Perhaps we are barking at the wrong tree.

    Please advise.
     
  12. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    I've run the scan at least 4 or 5 times. It appears to scan correctly.
    As it is scanning, at the bottom of the window, the status bar shows
    files and folders that are being scanned.
    Everything looks okay, no errors reported during or after scan.
    No text file opens at the end of the scan, no OTL.txt file.
    I scanned once again. no luck.

    One bit of information - Long ago, when I had a computer tech put my computer together, he assigned my Main drive as I:. When starting the Reatogo-X-Go desktop, it shows the Main drive as C:
    Currently, on C: drive I see all the normal folders/directories, as shown in the LOG.txt file, Program Files, Window, etc. Don't know if this matters.

    What to do? Where do you think the OTL.txt file is hiding?
     
  13. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Can you see the Secondary drive while in the Reatogo environment?
     
  14. stardanz1

    stardanz1 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    39
    Yes, I can see D: drive
     
  15. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Is the OTL.txt and the Boot.ini files in the D:\ folder?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/914599

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice