Booting from USB freezes?

SidVicious

New Member
Messages
7
Hi. My name is Sidney, I'm a technician for Staples.

I have a customer with a pc that has an abundance of viruses, and to remove them, I boot into a program located on a flash drive.

However, when I boot into the flash drive on this pc, it loads the program, and then freezes. Nothing moves, no key pressing will make a difference.

I've ran SFC and CHKDSK, which had located some corrupted files, but failed to fix the issue.

Any ideas would be appreciated; I'm running dry. :/

I'll gladly provide any extra details on the machine that might help.

Thanks in advanced,
Sidney.
 

My Computer

System One

  • OS
    win 8
a pc that has an abundance of viruses

Hi Sidney,

Quite honestly, your statement above tells me you are destined to spend more hours trying to remove these viruses, than the owner may be willing to pay. Moreover, since many of the nasty ones usually leave significant remnant damage behind, the repairs of same could take even longer than the virus removals themselves. Now, combined with the fact that you are also finding CHKDSK errors leads me to believe there are also hardware issues involved. I don't see a single fix point for all your issues here but I would definitely recommend a clean install to the customer immediately with the caveat that the hard drive may have issues as well. I hope Staples is not charging by the 1/2 hour because I don't think I could afford to pay that bill! Anyway, as my user names implies, that's just my2cents! Good luck.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel G2020
    Motherboard
    ASRock B75M-DGS R2.0
    Memory
    8GBs @ 1333 MHz
    Hard Drives
    Samsung 840 EVO
    PSU
    400w
    Internet Speed
    57/11
Noooot quite.

a pc that has an abundance of viruses

Hi Sidney,

Quite honestly, your statement above tells me you are destined to spend more hours trying to remove these viruses, than the owner may be willing to pay. Moreover, since many of the nasty ones usually leave significant remnant damage behind, the repairs of same could take even longer than the virus removals themselves..


I should have left this information out of my initial post, perhaps. They have already paid for the virus removal, and I don't forsee it being difficult, it's a pretty common service for the store.

The issue mainly is just that when booting from the USB, the pc freezes. It's a fairly new pc, so if avoidable, let's stray away from the clean install, since they did already pay for a different service.

Does this help any?
 

My Computer

System One

  • OS
    win 8
It one of the Viruses is SIREFEF, it will prevent your AV suite from running. That's why it is called the "Zero-Access Trojan", it blocks all kinds of AV and it does it via Windows Defender. You cannot run the EXEs and you cannot install the programs.

You can try Eset's Sirefef Removal tool first, it will bypass Sirefef:

How do I remove Sirefef (ZeroAccess) trojan? - ESET Knowledgebase

Run that, then try your Suite. Let me know what happens.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
Does this help any?

Yes, I guess so. Anyway, I'll leave you to work directly with the other forum member who responded.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel G2020
    Motherboard
    ASRock B75M-DGS R2.0
    Memory
    8GBs @ 1333 MHz
    Hard Drives
    Samsung 840 EVO
    PSU
    400w
    Internet Speed
    57/11
Also, does the system Boot at all, I'd like to see the List of Startup Programs, this may also be blocked- Open a Command Prompt and try to run MSCONFIG. See if it runs. Also take a Screenshot of the Task Manager "Startup" row.

Try CCleaner, see if you can get to the MSCONFIG stuff that way.

M2C: He wants to avoid deleting everything on the Drive if he cam, I can understand that. But he also has to understand, that sometimes, it is virtually impossible to get it ALL out. If you can get the main Sirefef body out, then you can get the rest of the cack out of the system.

Also, I would try to copy the files from the Flash Drive, onto a different Flash Drive. You may have to try several different flash drives until you can find one that works.

Are these your personal AV proggies or what Staples gives you? If it is the latter, then you have to bring the USB drive to them, it's their dog. Otherwise, if this is your Suite, you will have to re-create it so it works on this system.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
It one of the Viruses is SIREFEF, it will prevent your AV suite from running. That's why it is called the "Zero-Access Trojan", it blocks all kinds of AV and it does it via Windows Defender. You cannot run the EXEs and you cannot install the programs.

You can try Eset's Sirefef Removal tool first, it will bypass Sirefef:

How do I remove Sirefef (ZeroAccess) trojan? - ESET Knowledgebase

Run that, then try your Suite. Let me know what happens.

I ran it, and it said there was no threat found, and that Win32/Sirefef.EV wasn't found in my system.
 

My Computer

System One

  • OS
    win 8
Well, that's good news. You have to run the tool from within the affected OS, you can't do it from another OS, like for instance Mini-XP or some other Boot device that will allow you access to the hard drive. It's because it has to read the registry.

The Flash Drive may simply not work in this system, that's why I always keep a Flash Drive with the same Boot Loader on a couple of different Flash Drives. It sounds like yours is choking on initialization. one thing you may try is just leave it sit for about five to ten minutes, and see if it eventually continues. I've had to do that as well, on one of my laptops, it would eventually boot.

You can also try disconnecting any Optical drives and extra HDD's and then see if it boots to the Flash Drive.

Finally, even if it did not find Sirefef, download TDSSKILLER and Malwarebytes Anti-Rootkit and GMER, if all of those come up clean then you can run any good AV program on the machine and clear out the Virii.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel G2020
    Motherboard
    ASRock B75M-DGS R2.0
    Memory
    8GBs @ 1333 MHz
    Hard Drives
    Samsung 840 EVO
    PSU
    400w
    Internet Speed
    57/11
Is there any way to tell if it's a virus or a configuration issue? I don't want to install a ton of antivirus onto a customer's computer for it not to fix anything.
 

My Computer

System One

  • OS
    win 8
I have a customer with a pc that has an abundance of viruses, and to remove them, I boot into a program located on a flash drive.

Is the program signed by Microsoft & using WinPE4 to boot?
 

My Computer

System One

  • OS
    ME, XP,Vista,Win7,Win8,Win8.1
    Computer type
    PC/Desktop
    Other Info
    Notebooks x 3

    Desktops x 5

    Towers x 4
The program is from Staples. that's all I know about who made it.

I think the computer itself isn't freezing though, but rather the keyboard and mouse stop working, so it looks like once it boots into the program, the usb ports for the perph. devices stops working?

How would I get the keyboard and mouse to work?
 

My Computer

System One

  • OS
    win 8
And it still locks up during USB Boot. Is it the Staples Program, or every other USB Boot device as well, how did you boot WinPE, disk or USB? Try to convert it to a Flash Drive, stick it in and see if it boots.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
^Easy Tech Toolbox for WinPE.

I've run every hardware/system config/settings scan I can think of, with no problems back.

WinPE = XP

WinPE2 = Vista

WinPE3 = Windows 7

WinPE4 = Windows 8
 

My Computer

System One

  • OS
    ME, XP,Vista,Win7,Win8,Win8.1
    Computer type
    PC/Desktop
    Other Info
    Notebooks x 3

    Desktops x 5

    Towers x 4

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
It is on a flash drive. Several. I have tried many of them, loaded with the program. It is Windows 8. These details are in the first post??

I'm not sure who I'm supposed to ask about this. I feel lost. :/ Microsoft wouldn't help me if their future depended on it.
 

My Computer

System One

  • OS
    win 8
I have a customer with a pc that has an abundance of viruses, and to remove them, I boot into a program located on a flash drive.

Is the program signed by Microsoft & using WinPE4 to boot?

Who is the manufacturer of the program?
 

My Computer

System One

  • OS
    ME, XP,Vista,Win7,Win8,Win8.1
    Computer type
    PC/Desktop
    Other Info
    Notebooks x 3

    Desktops x 5

    Towers x 4
Like I said, some Flash Drives choke when booting.

For the time being, you can use the free version of Malwarebytes, run a full scan and take note of what it finds. Run the other rootkit checkers I mentioned as well. You will have to find a good AV program and run it on the infected OS.

Did they give you the Flash Drive to work on this at home, or at the store? Like I said, it's Staple's Dog, proprietary, and I cant see why it is locking up unless I can get a copy of it somewhere. And that is the problem immediately, you cannot remove a lot of viruses unless you run the AV program right on the effected system from within it's own OS, it will not find certain virii any other way. All the USB tool will find are the Virus Bodies, but none of the installers that are in the system.

Look for TARMA INSTALLER in the System, it will be in Appdata/Local Low, maybe in the other Appdata folders as well. You have to go through all User folders with an Appdata structure to find it all, as well as the Program Files and Program Data folders. And with 64 bit Windows 8, there are a LOT of folders.
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
Back
Top