WiredWX Hobby Weather ToolsLog in

 


descriptionPossible virus  EmptyPossible virus

more_horiz
Hello-
I have a friend's laptop that their nephew was downloading pirated movies on their laptop and "apparently" acquired a virus since the computer does not have any spyware or antivirus software installed. Now the laptop shows briefly (i.e. a few milliseconds) the Toshiba splash screen then immediately a completely black screen with "Password =" in the top left portion of the screen. Appears to be a bios password prompt, but a bios password has never been set on this computer. As password attempts are made, a notation below "not certified" appears. At the third incorrect attempt, the computer shuts down.

Now, the tricky part is that F8, F10, F2, Del or any other combo is ineffective and cannot bypass this password. According to the nephew he thinks it's a trojan virus of some sort. I tried using Hiren's bootcd, but even after restart the "password =" prompt appears before the CD-rom boots. Any ideas or is this laptop toast?

Keith

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
UPDATE: So I have the password. The nephew set a BIOS password to the computer so who knows why he doesn't want anyone on this computer. The password was accepted with a message "Certified", but now the computer just stays on this screen. Does not continue the boot process or Windows splash screen. Hiren's BootCD is not loading. The only action seen is the hard drive LED light is constantly blinking/working. Where to go from here?

Thanks in advance!
Keith Long

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
Hi,

Do you have access to another machine that can burn CD's?

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
yep, i can burn cd's on my own desktop or laptop. what do i need to burn?

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
Hi,


We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.
  • Place a blank CD-R disc in to your CD burning drive.
  • Download OTLPEStd.exe and double-click on it to burn to a CD using ISO Burner.
  • Reboot your system using the boot CD you just created.

    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to Non-Microsoft
    • Press Run Scan to start the scan.
    • When finished, the file will be saved in drive C:\_OTL\MovedFiles
    • Copy this file to your USB drive if you do not have internet connection on this system
    • Please post the contents of the OTL.txt file in your reply.

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
no luck with the boot cd. computer will not boot past the bios password screen after entering the correct password. tried to enter bios, but del, f8, f2, etc does not work. so who knows what the boot sequence is but the boot cd will not load. i think this computer may be toast. any other ideas?

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
Can you remove the CMOS battery? That will reset the bios password.

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
i could remove the CMOS battery, but have been avoiding this procedure b/c with this model (Toshiba Tecra) you have to remove the case to access the battery. Unfortunately it's not accessed via a panel like most laptops. I may just have the nephew take the computer to someone else b/c I don't want to do damage to it. If it were mine it would be a different story. Thanks for the help though!!! :smile2:

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
No problem. Let us know if you decide to remove the cmos battery. I'm not sure that will give you the desired result but it's worth a try

descriptionPossible virus  EmptyRe: Possible virus

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum