Test your skill and impress me with this one...

[JonTom]

Hello meglamb

nope, I can boot it without a disk, but from a disk is the only way that I could run that scan

Aha, I see what you mean now. Runnng the scan from a disk is fine - all we need to do now is locate the log that would have been produced after the scan completed.

If you ran DDS, the log should open directly after the scan, allowing you to save them to your desktop.

For OTL, the logs produced can be found by navigating to C:\OTL

If you are unable to locate the DDS log you may have to run the scan again, but if you ran OTL please navigate to C:\OTL and try to locate the logs that would have been saved there.


If you are able to locate the required logs, burn them to disk. If the infection interferes with the burn let me know and we will can try something else.

 

[meglamb]

Yes - I've got the scan located, but when I go to burn a disk in safe mode, the computer tells me that my hard drives are disabled.

I'm going to owe you some cocktails after this nonsense.

 

[JonTom]

Hello maglamb

Do you have the option to boot into Safe Mode with Networking?

See if you can, and then try to connect to the net to post the logs from the infected machine.

If it does not work out let me know

 

[meglamb]

something bad happened.. I tried to restart in safe mode and it says

mbr error
operating system not found

 

[meglamb]

welp. I'ma throw in the towel on this one. I appreciate all of your help and patience!

 

[JonTom]

Hello meglamb

The outlook does not look good I'm afraid :sad:

Two quick questions for you:

Are you still able to boot into Normal Mode or do you get an error message?

When you tried to boot into safe Mode (at the point where you selected Safe Mode from the Advanced Options Menu), did you see an option to select "Last Known Good Configuration"?

 

[meglamb]

any time I try to reboot unless I put a disk in -

and I think the right before it happened, I was rebooting it and it asked if I wanted to continue the restart without doing something I can't really remember.

so, I bet that was what did it. bah.

 

[JonTom]

Hello meglamb

I am going to assume that you do not have the option to select Last Known good Configuration at this time.

HP machines usually have an option to restore the machine back to the original factory settings.

This can usually be achieved in one of two ways; either through the use of the recovery partition that is sometimes installed on HP machines (designated D drive), or through the use of a set of HP recovery disks.

When you first got your machine did it come with a set of (or did you manually create) a set of HP recovery disks?

 

[JonTom]

Hello meglamb

Lets give this a try:

1. xPUD
   
   We will need a USB stick and access to an uninfected machine.
   
   We need to prepare the USB stick. It is not absolutely essential that it is formatted, but it may help if it is:
   
   • Insert your USB drive ino the uninfected machine.
   • Click on Start > My Computer > right click your USB drive > choose Format > Quick format.
   
   Next
   
   • Download both http://sourceforge.net/projects/une...stom/unetbootin-xpud-windows-387.exe/download and http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of the uninfected machine.
   • Make sure you have the formatted USB stick in the uninfected system.
   • Double click on the unetbootin-xpud-windows-387.exe that you just downloaded.
   • Press Run and then OK.
   • Select the DiskImage option then click the browse button located on the right side of the textbox field.
   • Browse to and select the xpud-0.9.2.iso file you downloaded.
   • Verify the correct drive letter is selected for your USB device then click OK.
   • It will install a little bootable OS on your USB device
   • After it has completed do not choose to reboot the clean computer, simply close the installer.
   
   
   Please note:
   
   • If you need to create a bootable CD using xPUD (rather than a USB stick), you may download the ISO image found here and burn it to a CD.
   
   
   Next
   
   • Use the clean computer to download dumpit from the following link: http://noahdfear.net/downloads/dumpit
   • Once dumpit is downloaded save it to the USB stick.
   
   Next
   
   • Take the USB to the infected computer and boot with it.
   • The computer must be set to boot from the USB (as soon as BIOS is loaded tap F12 and choose to boot from the USB drive).
   • A Welcome to xPUD screen will appear.
   • Press File.
   • Expand mnt.
   • sda1,2...usually corresponds to your HDD.
   • sdb1 is likely your USB drive.
   • Click on the folder that represents your USB drive (sdb1 ?).
   • Confirm that you see dumpit that you downloaded there.
   • Double click on dumpit.
   • Once completed, a file called mbr.zip will be saved to the USB drive.
   • Take the USB drive back to the uninfected system and attach the mbr.zip in your next reply.

 

[JonTom]

Due to lack of reply this thread is now closed.