I have been trying to remove this virus with all the suggestions from the threads on this forum. I was able to boot with OTLPE burned on a CD but it will not show Drive C or the windows folder to scan. Need suggestions. I loaded FRST on a USB Stik. I ran a scan but not sure it worked.
Cyber Crimes Virus
- Thread starter nossnakeeyes
- Start date
Here is the log.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-05-2013
Ran by SYSTEM on 02-05-2013 14:00:23
Running from D:\
WIN_XP (X86) OS Language: English(US)
Boot Mode: RecoveryAttention: Could not load system hive.
Attention: System hive is missing.
==================== Registry (Whitelisted) ==================
Attention: Software hive is missing.
ATTENTION: Software hive is not loaded.
BootExecute:
========================== Services (Whitelisted) =================
==================== Drivers (Whitelisted) ====================
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
==================== One Month Modified Files and Folders ========
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: <===== ATTENTION!
HKLM\...\exefile\DefaultIcon: <===== ATTENTION!
HKLM\...\exefile\open\command: <===== ATTENTION!
==================== Restore Points (XP) =====================
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 1791.11 MB
Available physical RAM: 1577.86 MB
Total Pagefile: 1623.27 MB
Available Pagefile: 1557.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 2002.24 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive d: (LEXAR) (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32
Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 233 GB 32 KB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y Partition 233 GB Healthy
=========================================================
============================== MBR & Partition Table ==================
====================================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 09AB09AB)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
====================================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: AE32AE32)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-05-2013
Ran by SYSTEM on 02-05-2013 14:00:23
Running from D:\
WIN_XP (X86) OS Language: English(US)
Boot Mode: RecoveryAttention: Could not load system hive.
Attention: System hive is missing.
==================== Registry (Whitelisted) ==================
Attention: Software hive is missing.
ATTENTION: Software hive is not loaded.
BootExecute:
========================== Services (Whitelisted) =================
==================== Drivers (Whitelisted) ====================
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
==================== One Month Modified Files and Folders ========
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: <===== ATTENTION!
HKLM\...\exefile\DefaultIcon: <===== ATTENTION!
HKLM\...\exefile\open\command: <===== ATTENTION!
==================== Restore Points (XP) =====================
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 1791.11 MB
Available physical RAM: 1577.86 MB
Total Pagefile: 1623.27 MB
Available Pagefile: 1557.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 2002.24 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive d: (LEXAR) (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32
Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 233 GB 32 KB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y Partition 233 GB Healthy
=========================================================
============================== MBR & Partition Table ==================
====================================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 09AB09AB)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
====================================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: AE32AE32)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)
==================== End Of Log ============================
Fiery
Level 1
- Jan 11, 2011
- 2,007
Is this a laptop or desktop?
Your harddrive isn't even showing on these scans.. that doesn't look too good. Try burning a Kaspersky Rescue Disk by following the instructions here: http://malwaretips.com/Announcement-Computer-won-t-boot-up-Hard-to-remove-malware-Learn-how-to-create-and-use-a-Kaspersky-Rescue-Disk
In it, you can backup any important files on your PC using an USB if it detects your harddrive.
Also, do you have the XP Installation CD available?
Your harddrive isn't even showing on these scans.. that doesn't look too good. Try burning a Kaspersky Rescue Disk by following the instructions here: http://malwaretips.com/Announcement-Computer-won-t-boot-up-Hard-to-remove-malware-Learn-how-to-create-and-use-a-Kaspersky-Rescue-Disk
In it, you can backup any important files on your PC using an USB if it detects your harddrive.
Also, do you have the XP Installation CD available?
This is a desktop. I do have the XP CD.
My pc will not load windows anymore. It gets stuck on the safe mode screen. I wonder if my hard drive failed after all the restarts?
I will work on the kaspersky disk tomorrow.
My pc will not load windows anymore. It gets stuck on the safe mode screen. I wonder if my hard drive failed after all the restarts?
I will work on the kaspersky disk tomorrow.
Similar threads
- Locked
-
- Locked
