Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: zman111 on January 15, 2012, 02:36:49 PM
-
I had the consrv.dll virus on one of my machines and deleted it (without knowing windows would crash /not boot)now my computer wont boot, it stalls on trying to start windows, I have tried setup repair from the cd, and on hard drive but it still wont start.
What can I do to get at the registry from outside of windows? or Get this machine working again?
-
Essexboy is notified. .......and will hjelp You When he arrive
-
Hi there I will need you to create a bootable disc using the following programme
- Download OTLPENet.exe (http://oldtimer.geekstogo.com/OTLPENet.exe) to your desktop
- Download the attached scan.txt to a USB drive
- Ensure that you have a blank CD in the drive
- Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
- Reboot the infected system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps here (http://www.hiren.info/pages/bios-boot-cdrom)
- As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
- Your system should now display a Reatogo desktop.Note : as you are running from CD it is not exactly speedy
- Double-click on the OTLPE icon.
- Select the Windows folder of the infected drive if it asks for a location
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start
- Drag and drop this attached scan.txt into the Custom scans and fixes box, or double click the scan box
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive if you do not have internet connection on this system
- Right click the file and select send to : select the USB drive.
- Confirm that it has copied to the USB drive by selecting it
- You can backup any files that you wish from this OS
- Please post the contents of the C:\OTL.txt file in your reply.
-
Finished, here is the result.
(is this it? or should I leave REATOGO on still)
-
Leave Reatogo on please. You have saved the log as unicode and not ansi
Could you resave as ansi - I can see the problem and I will see if I can resolve it but it is hard to interpret
-
OK I think I have deciphered it
Download the attached fix.txt
Copy to the usb drive
From the Reatogo desktop run OTL
Press run fix
A dialogue will appear requesting the fix.txt location
Select fix.txt on the usb
Press run fix again
Once the run has completed reboot to normal windows
-
still not working proporly. windows wants to repair still- attempting to repair using windows repair
-
Could you resave the log as ansi please - I can view it in unicode but the format is wrong and I do not want to do any more until I can see exactly what is what
In the logs thread there are instructions on how to save as ansi http://forum.avast.com/index.php?topic=53253.0
-
there- I belive i have it in the correct coding now
-
OK lets try again, I will also be resetting the TCPIP stack as well on this and reconfirming the proper registry entry
Same again download fix.txt to a USB
Run OTL
Press run fix
Select fix.txt
Press run fix
Does windows say what it is trying to repair ?
-
no
-
still not working, gonna try the fix again.
-
I think i may be getting somewhere. It tried to boot windows before it asked to do a system repair.
gonna repair off of the windows 7 disk and report back when its done.
edit- not just progress major progress! I have regained access to the factory backup image
-
OK failing that I will do a full registry change for that key as opposed to the value section
-
no luck with the repair
-
Essexboy logs out around midnight UK time....he will be back tomorrow ;)
-
Could you run this fresh scan.txt please as I want to confirm that the registry change stuck
-
Ill have it up by about 4:00 pm central time, I have school during the day
-
here is the proper scan results- I made sure it was in the right programming language this time.
-
OK it took - at what stage does windows get to before it locks ?
-
It crashes before the login screen.- Right after its done loading and the greenish bluish screen should come up it just starts loading the Bios screen again.
-
Are you able to achieve safe mode ?
-
I am not sure- I am at school and will try safe mode when I get home
-
I Cant even boot into safe mode- I cant find the safe mode start anywhere
-
I Cant even boot into safe mode- I cant find the safe mode start anywhere
What do you mean "can't find"? You reboot and "tap" the F8 key so to display the Windows boot menu and choose "Safe Mode". Or maybe I misunderstood ???
-
When I go into the boot options No forms of safe mode shows.
-
When I go into the boot options No forms of safe mode shows.
Do you have a PS2 keyboard or USB keyboard ???
You can not get into Safe Mode with a USB keyboard.
See:
http://www.techsupportalert.com/content/how-get-safe-mode-windows-xpvista7.htm
-
Its a laptop keyboard- Id have to open the case to find out
-
On a laptop then you should be able to easily get into Safe Mode by following my previous post.
-
You can not get into Safe Mode with a USB keyboard.
He should be able to access Safe Mode from USB keyboard as long as BIOS set up properly - see below.
If you're absolutely set on using a USB keyboard, ensure that "USB Legacy support" or "USB Keyboard Support" is enabled in the BIOS. Without it, Windows requires a driver to be installed in order to make use of a USB keyboard.
-
Start the computer press and hold F8 does that bring up the safe mode menuu
-
When I go into the boot options No forms of safe mode shows.
Sorry, I'm still confused. Windows boot menu should be displayed when you press F8.
Now, in some cases, the BIOS is not configured correctly so to recognise the keyboard, so the F8 is also not recognised.
But if you are using a laptop, then here we are not talking about the BIOS problem. I can only think about the "Fx" or "Fn", which sets the specific key of your laptop to be recognised as "F8", instead of something else (as when the "Fn" key is not active).
The "Fn" key locks the function of the keys to be F1...F8...F12, as with the "Caps lock", "Num lock", "Scroll Lock" and alike.
-
Its a laptop keyboard- Id have to open the case to find out
Sounds like your using an external keyboard? Unplug it and use laptop keyboard F8 key to get into WIN 7 boot screen while PC is booting. Then select safe mode with or without networking - your choice.
-
Got safe mode to try and boot, it didn't work- Now moving data off and prepping to nuke the hard drive.
-
Sounds like the best bet. You can use OTLPE to copy the data
-
all off, scanned for piggybacking viruses, (thank you avast) and prepped for tactical nuclear strike- if the factory reset does not work then Ill just stash the whole system indfinately.
thanks Essexboy for trying to help a fellow tech with a problem
-
Do a repair install, did you get this from LA Noire update? Happened to me.
-
found a fix without nuking hard drive- just reinstalled windows. (is it safe to delete the old install?) I dont know where it came from- its not my laptop but its a friends.
-
Yes delete the old install once all appears to be OK and the data is transfered
-
Ok
Thanks for all the help I would Never have gotten as far as I did without help from you guys here
-
Our pleasure