Inactive Windows Recovery Virus

Status
Not open for further replies.
S

sissa

Good Day!

I have the Windows Recovery Virus. Right after it hit, I had 7 Hard Drive Failure errors pop up and this note "The system has detected a problem with one or more installed IDE / SATA hard disks". Avira alerted me of blocking files. Must have been 10 or more.

I read your thread https://www.techspot.com/vb/topic166248.html but unfortunately after I had shut the machine down Great thread btw. B4 I shut down the computer I ran Malwarebytes and found 4 infected but the Hard Drive Failure box would not let me handle the results on Malwarebytes and I didn't want to click on the error box to close it..not sure if that was the right thing to do or not. I couldn't get Avira to run. All the progams appeared to be gone and no desktop icons. I had to do a search to locate Malwarebytes on my computer.

After I shutdown, I made a Avira Rescue disk and booted the machine up. It ran and found 10,000 plus detections, 0 Suspicious files and 90 Alerts. I saved the log and rebooted. I was not able to view the log.

When asked how I want to boot, I selected normally. It starts to load Windows and then stop restarts again. When I attempt to log into Safe Mode, the files start to load and it stops and restarts. I'm stuck now.

Toshiba laptop Media Center Addition XP

Thanks for your help!
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================================================

Let's see, if we can look at your computer booting from an external source.

Please download OTLPE (filesize 120,9 MB)

  • When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.
  • Reboot your system using the boot CD you just created.
    • Note : If you do not know how to set your computer to boot from CD follow the steps HERE
  • Your system should now display a REATOGO-X-PE desktop.
  • Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.
  • Double-click on the OTLPE icon.
  • When asked Do you wish to load the remote registry, select Yes
  • When asked Do you wish to load remote user profile(s) for scanning, select Yes
  • Ensure the box Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the OTL.txt file in your reply.
 
Thanks for your prompt response.

I have a question before I get started on your instructions.

You say:

>Your system should now display a REATOGO-X-PE desktop.

and

Double-click on the OTLPE icon. <

Will the OTLPE icon also be on my desktop at the point?

BTW, I am working on a different computer because the infected one will not complete the startup process.
 
Hi Broni,

I haven't been able to burn the CD you mentioned but someone will bring me a copy this weekend and I'll run it then.

In the mean time I did have a Bitdefender Rescue CD here and ran that. I'm not sure it actually ran the virus scan but it did let me take a look at my hard drive. My files all seem to be there.

When I remove the CD and try to boot the laptop it still goes into a loop-- that starts to boot, then in a few seconds flashes and goes back to the screen to ask how I want to start windows. Does the same for Safe Mode. If I don't press the off button it continues to repeat this loop over and over.

If you can't move us forward without a log you requested, I'll be back with that when my friend brings me the CD you asked me to burn this weekend.

Thanks again!
 
Yes, I definitely want you to use OTLPE CD, so I have a chance to see what's going on there.
 
Status
Not open for further replies.

Similar threads

M
Virus warning popup
Replies
1
Views
542
Mark Fuller
M
D
Avira update is causing Windows PCs to freeze up, no fix in sight
Replies
0
Views
205
DragonSlayer101
D
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back