Rescue-cd

As a way of background seriously infected Dell Workstation running XP, current status appears to be infected with winlogon32.exe problen. Computer turns on in normal or safe mode. Current scenario user is prompted at Windows logon screen to login, attempts and the system immediately logs them off.

Downloaded rescue-cd as a precursor to installing defender and now when attempting run scan, Scanner crashes with no error.

Any suggestions would be greatly appreciated

Thanks

Find more posts tagged with

Comments

unknown

Hello,

I believe that the issue you encounter is because the Rescue CD is not able to recognize your harddrive partitions so can't mount them for scanning.

Try to follow the instructions below on how to use the Rescue CD:

[how to START USING THE RESCUE CD]

. Insert the BitDefender Rescue CD into your CD drive and restart your computer; Select any options required to start (boot) from the CD (this procedure is slightly different depending on your motherboard manufacturer - for more information you have to check the motherboard product manual);

. Make sure that the network cable is plugged and the system is connected to the internet;

. Choose to "Start knoppix" when you are presented with the boot menu (if you do not choose within 30 seconds the computer will continue booting normally);

. The loading process will commence and text will scroll on the screen; During this time the environment is loaded and BitDefender will perform a signature update; If the process seems to hang more than 10 minutes reboot the computer and try again.

. BitDefender will start scanning the content of the computer as soon as the Knoppix is loaded; The results will be displayed when the scan is completed.

NOTE: In case your computer partitions are not mounted automatically after the boot process finishes, you will have to mount them manually from command line. Usually, for an IDE HDD the logical link should point to a block device node named hda (hdb, hdc, etc.) in /dev directory, depending on the controller and jumper settings (for example, an IDE HDD from the primary controller with jumper set to slave should be seen as /dev/hdb). A Serial ATA HDD should appear as /dev/sda (/dev/sdb, /dev/sdc, etc). Mounted partitions may be viewed from a terminal window - right click on the desktop and select the option Terminal (as root) - with the command: mount. In case that, for some reason, Windows partitions haven't been mounted, you may want to view and mount them from a Terminal (as root) by typing:

fdisk -l

mount /dev/hda1 /media/hda1

Please confirm that the issue has been resolved.

Regards,