UBCD4Win Forums: Newbie questions: Vista, Burning, Slipstream - UBCD4Win Forums

Jump to content

  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

Newbie questions: Vista, Burning, Slipstream

#1 User is offline   Stevec Icon

  • Newbie
  • Pip
    • Group: Members
    • Posts: 10
    • Joined: 10-January 08

    Post icon  Posted 10 January 2008 - 03:15 AM

    I am a screaming newbie to this process :blush:(but an old hand programmer/developer). I was sent here on the recommendation of a far more experienced person who would happily clean up my daughter's XP SP2 system (raging spool32.exe virus/malware), but I'm at a remote site. So, I have these problems and questions...

    1. Looks like building the CD for XP is ok on a Vista machine, so I charged ahead. Please tell me if this is not a good idea based on the additional questions.

    2. I have an XP SP1 cd from a 5-year-old Gateway system. Do I need to slipstream (whatever that means) SP2 so my boot CD will work on the problem SP2 machine?

    2a. It would be REALLY nice if somewhere on this site, someone would explain what slipstream means. Wikipedia is no help. Reading the Slipstream page on this website is confusing (probably because I can't find a definition of what it really is.)

    2b. To slipstream the XP SP1 CD to SP2, do I need to run the process on my good old XP SP2 system?

    3: Burning... I know the How To Build instructions said, "-"Burn to CD", an excellent option, please use this unless you have an other preferred ISO burning application." But does that mean I need to stick a blank CD into the drive before I start? The guy recommending this site said I'd need a good CD Burner -- I have Roxio, he said that was ok. But what do I copy to the CD... everything in the BartPE folder (590 MB), or the UBCD4WinBuilder.iso (587 MB)?

    4. I know this is long... If you're still reading, do you care to comment on the build warnings and errors:
    4a: Warning: building from an OEM version of Windows can mean trouble...
    4b: Warning: creating filesystem that does not conform to ISO-9660
    4c: Warning: Creating ISO-9660: 1999 (version 2) filesystem.
    4d: Warning: ISO-9660 filenames longer than 31 may cause buffer overflows in the OS.
    4e: Test Unit Ready command failed, exception 8, status 0, text 'CStarBurn_ScsiTransportSPTI::ExecuteCDB(): Command failed.

    Thanks for any and all help! I'll really appreciate any help at all.

    This post has been edited by Stevec: 10 January 2008 - 03:16 AM

    0

    #2 User is offline   DigiWiz Icon

    • Member
    • PipPipPipPipPip
      • Group: Banned
      • Posts: 644
      • Joined: 02-June 04

      Posted 10 January 2008 - 05:00 AM

      View PostStevec, on Jan 10 2008, 03:15 AM, said:

      2. I have an XP SP1 cd from a 5-year-old Gateway system. Do I need to slipstream (whatever that means) SP2 so my boot CD will work on the problem SP2 machine?


      Too tired to answer all your questions, but you do NOT need to slipstream to sp2. In fact, though I only upgraded my own system to sp2 out of upgrading necessity, using sp2 to build PE disks adds about 20MB or so to the build, and virtually no advantages. SP2 was almost totally a "security update" - and I generally don't trust Microsoft for ANY security issues ;)

      Briefly: "slipstreaming" is simply a method whereby, you can turn a so-called XP sp1a into XP sp2 by using a number of various applications available which will perform the necessary file updates for you. The process is easy and pretty much automatic - I just personally prefer to use a somewhat leaner method to build my PE discs.

      DW

      :)
      0

      #3 User is offline   LittlBUGer Icon

      • Main Mirror/Here Since Beginning
      • PipPipPipPipPipPipPip
        • Group: Members
        • Posts: 4,698
        • Joined: 27-May 04
        • Location:MT, USA
        • Interests:Computers and stuff...<br /><br />:-)

        Post icon  Posted 10 January 2008 - 10:02 AM

        Though DigiWiz is mostly right, contrary to what he said, most of us here at the UBCD4Win forums actually recommend that you slipstream to SP2 and use a XP SP2 CD to build the UBCD4Win CD. It seems to have less issues otherwise. As for your other questions...

        1.) It 'should' work fine though you need Admin rights and Vista is sometimes a pain with that.

        2.) It's not required to slipstream to make it work on a SP2 system, but I think I answered the rest above.

        2.a.) Adding to what DW said, slipstreaming is just the process of adding all of the updated files from SP2 into a SP1 CD/build, so that CD/build is then SP2 as well.

        2.b.) No, that's not required.

        3.) You need to burn the .iso as an image. Ask if you need help with that.

        4.) The warnings are fine but the 4e. line error is not. I would suggest trying to build the CD in Safe Mode and then continue from there.

        Let us know if you need anything else. :)



        "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." - Albert Einstein
        "Computers are really strange - first everything works fine, then something goes terribly wrong and nothing works, and then - like a thunderbolt from a clear sky, everything is back to normal again. It's like nothing ever happened. Like the computer were female." - Unknown
        "Some people say that I must be a terrible person, but it's not true. I have the heart of a young boy. In a jar on my desk." - Stephen King
        "If there is anything the nonconformist hates worse than a conformist, it's another nonconformist who doesn't conform to the prevailing standard of nonconformity." - Bill Vaughan
        "Microsoft Windows [n.]: A thirty-two bit extension and GUI shell to a sixteen bit patch to an eight bit operating system originally coded for a four bit microprocessor and sold by a two-bit company that can't stand one bit of competition." - Unknown
        "When a newly married couple smiles, everyone knows why. When a ten-year married couple smiles, everyone wonders why." - Unknown
        0

        #4 User is offline   rdsok Icon

        • rdsok
        • PipPipPipPipPipPipPipPip
          • Group: Admin
          • Posts: 6,039
          • Joined: 02-October 05
          • Gender:Male
          • Location:Norman, Ok. USA

          Posted 10 January 2008 - 12:12 PM

          In addition on the #3 question... if you plan to create a bootable CD... obviously you have to place a blank CD in the drive...
          Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
          0

          #5 User is offline   ben_mott Icon

          • Regular Member
          • PipPipPip
            • Group: Members
            • Posts: 200
            • Joined: 07-May 07

            Posted 10 January 2008 - 05:03 PM

            hello Again,

            here is very useful information:
            Slipstreamed Windows XP CD Using SP2

            http://www.theelderg...ed_xpsp2_cd.htm

            Burning the Windows XP/SP2 Slipstreamed CD
            NERO Burning ROM 6-SE
            http://www.theelderg...sp2_cd_nero.htm

            Ben
            :D
            0

            #6 User is offline   Stevec Icon

            • Newbie
            • Pip
              • Group: Members
              • Posts: 10
              • Joined: 10-January 08

              Posted 11 January 2008 - 05:24 PM

              Thanks everyone for replying. Here's and update, and another question...

              I successfully created my UBCD from the .iso image using Roxio Easy Media Creator 9. The steps were as follows:
              File, New Project, Copy, Burn an image. Then browse to find C:\ubcd4win\UBCD4WinBuilder.iso, insert a blank CD, then click Continue. It burned the CD in less than 10 minutes.

              I did not slipstream SP2, since it sounds like the boot cd with SP1 is good enough.

              I was able to start the infected computer in Safe Mode using the UBCD4Win.

              I skipped the Network setup/connect step... was that a mistake?

              I ran SpyBotSD.exe, and it found a number (82) of Internet Explorer explorer type of Malware. I had SpyBot remove those, and then restarted the computer from the hard drive.

              Unfortunately, the virus infection is still there. It is Qdrpack11 -- I can see it start up and then disappear in the Task Manager. After it disappears, it fires up multiple copies of spool32.exe. The number of copies (dozens) continues to grow and memory used continues to increase, until I pull the plug on the computer.

              Is there something on the UBCD that can find and clean up that virus? Any suggestions are welcome.

              Thanks so much for all your helpful replies :excl:

              This post has been edited by Stevec: 11 January 2008 - 05:31 PM

              0

              #7 User is offline   LittlBUGer Icon

              • Main Mirror/Here Since Beginning
              • PipPipPipPipPipPipPip
                • Group: Members
                • Posts: 4,698
                • Joined: 27-May 04
                • Location:MT, USA
                • Interests:Computers and stuff...<br /><br />:-)

                Post icon  Posted 11 January 2008 - 05:38 PM

                Did you say that you started the computer into Safe Mode and then ran the UBCD4Win from there? That's not right, you need to boot the PC from the CD if you didn't already do so.

                Once in the CD, don't use Spybot for viruses. Spybot is for malware/spyware infections and it's not the best at that. Use something like AV Personal or something else in the Anti-Virus Tools section. You should actually try running a few different anti-spyware/anti-virus programs to try to get everything as no single product can get everything. :)

                This post has been edited by LittlBUGer: 11 January 2008 - 05:38 PM




                "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." - Albert Einstein
                "Computers are really strange - first everything works fine, then something goes terribly wrong and nothing works, and then - like a thunderbolt from a clear sky, everything is back to normal again. It's like nothing ever happened. Like the computer were female." - Unknown
                "Some people say that I must be a terrible person, but it's not true. I have the heart of a young boy. In a jar on my desk." - Stephen King
                "If there is anything the nonconformist hates worse than a conformist, it's another nonconformist who doesn't conform to the prevailing standard of nonconformity." - Bill Vaughan
                "Microsoft Windows [n.]: A thirty-two bit extension and GUI shell to a sixteen bit patch to an eight bit operating system originally coded for a four bit microprocessor and sold by a two-bit company that can't stand one bit of competition." - Unknown
                "When a newly married couple smiles, everyone knows why. When a ten-year married couple smiles, everyone wonders why." - Unknown
                0

                #8 User is offline   rdsok Icon

                • rdsok
                • PipPipPipPipPipPipPipPip
                  • Group: Admin
                  • Posts: 6,039
                  • Joined: 02-October 05
                  • Gender:Male
                  • Location:Norman, Ok. USA

                  Posted 11 January 2008 - 05:48 PM

                  Just an FYI that is completely unrelated to the issue at hand...


                  Note.... to avoid confusion on what you are refering too..

                  UBCD - is a DOS based boot CD with utils to repair / recover computers

                  UBCD4Win - is a Windows based boot CD to also repair / recover computers and also can include UBCD with it...


                  So when talking about UBCD4Win please don't call it UBCD since that is another project
                  Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
                  0

                  #9 User is offline   DigiWiz Icon

                  • Member
                  • PipPipPipPipPip
                    • Group: Banned
                    • Posts: 644
                    • Joined: 02-June 04

                    Posted 11 January 2008 - 06:48 PM

                    Sounds like you're not booting properly - your PE disc needs to be in the drive, then reboot/restart, so the UBCD4Win will boot, and not your normal OS. If you have a Dell, some models require intervention by pressing F10 during initial boot to bring up a menu to allow booting from the CD.

                    Now that that's out of the way, Google shows that Spybot ought to handle this fine. Notice the universal location for this file is:

                    C:\Program Files\QdrPack\QdrPack11.exe

                    So let Spybot do it's work from within PE, and have it delete nasty entries/files. Then, as a double-check, use an explorer clone, and navigate to C:\Program Files\QdrPack\QdrPack11.exe to see if it's been deleted. If not, you can always delete it manually. This one looks simple as pie (famous last words).

                    DW

                    :)
                    0

                    #10 User is offline   Stevec Icon

                    • Newbie
                    • Pip
                      • Group: Members
                      • Posts: 10
                      • Joined: 10-January 08

                      Posted 11 January 2008 - 07:48 PM

                      View PostLittlBUGer, on Jan 11 2008, 02:38 PM, said:

                      Did you say that you started the computer into Safe Mode and then ran the UBCD4Win from there? That's not right, you need to boot the PC from the CD if you didn't already do so.


                      AAAugh! I TOLD you I was a screamin newbie. I am not sure whether it booted from the UBCD4Win or not. I'll re-try it tonight. I sure thought it was booting from the CD -- it took forever and the CD drive was clicking away for several minutes.

                      When the computer first starts, a couple of lines flash on the screen for half a second, and they probably give a hint about booting from the CD drive. I'll pay closer attention and see what happens.

                      DigiWiz, what does the "PE" in PE disk mean?

                      And will a DOS command window be sufficient to navigate to C:\Program Files\QdrPack\ to DELete the QdrPack11.exe file?

                      ...and thanks again for all the help. I'll report back.
                      0

                      #11 User is offline   rdsok Icon

                      • rdsok
                      • PipPipPipPipPipPipPipPip
                        • Group: Admin
                        • Posts: 6,039
                        • Joined: 02-October 05
                        • Gender:Male
                        • Location:Norman, Ok. USA

                        Posted 11 January 2008 - 08:29 PM

                        View PostStevec, on Jan 11 2008, 06:48 PM, said:

                        DigiWiz, what does the "PE" in PE disk mean?


                        I'm not DW but... PE is short for Preinstall Enviroment... to read more about how it started etc.. see http://www.nu2.nu/pebuilder/

                        View PostStevec, on Jan 11 2008, 06:48 PM, said:

                        And will a DOS command window be sufficient to navigate to C:\Program Files\QdrPack\ to DELete the QdrPack11.exe file?


                        Possibly but its unlikely... if malware were that easy to clean and get rid of it wouldn't be the problem it is now. So if you want the best chance of success... don't look for an easy way out... do a through job and run the antivirus and antispyware scans if you want to properly ensure your system is cleaned up. Even then there is a chance that you've got a real tough one and something might get past so don't chance it.
                        Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
                        0

                        #12 User is offline   Stevec Icon

                        • Newbie
                        • Pip
                          • Group: Members
                          • Posts: 10
                          • Joined: 10-January 08

                          Posted 12 January 2008 - 03:35 AM

                          Ok... It DID boot from the UBCD4Win. If there is a bootable CD in the drive, it checks that first. First thing I see is an Ultimate Boot CD picture, then a menu from the CD. I chose "Launch the Ultimate Boot CD for Windows". Three minutes later, I see the Windows XP Pro screen for a few seconds. At 5 minutes, I get the "Pre-Shell=ubcd4win" where I click the "Start Shell" button (NOT using expert mode). I Declined the "Do you want to start network support now?"

                          So I think the work I did last night with SpyBot was fine, only it didn't find the qdrpack11 stuff (I see there are actually three related directories in C:\Program Files -- QdrDrive, QdrModule and QdrPack)

                          I started AV Personal, it found 80 infected files
                          PurityScan
                          DR/Agent.VV.2
                          DIAL/90112
                          TR/Crypt.ULPM.Gen (Desktophijack.B)
                          HEUR/Malware
                          SPR/AdTool.MyWebSearch.AU

                          Unfortunately, the Qdr... folders are still there in C:\Program Files.

                          I found this recommendation to remove it:

                          Quote

                          # Download SmitfraudFix.exe
                          # Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
                          # Double-click SmitfraudFix.exe
                          ...etc.


                          After reboot using Hard Drive, at least there is only copy of spool32.exe running.
                          But I am getting occasional spontaneous Internet Explorer windows: "Internet Speed Monitor" and "Registry Cleaner" invitations, and a search screen for "popunder.paypopup.com"

                          My original advisor said that, after running SpyBot and an antivirus cleaner, I should download, install and run SuperAntiSpyware, so I plan to do that next ...tomorrow night.

                          Comments and more suggestions are always welcome.

                          This post has been edited by Stevec: 12 January 2008 - 04:10 AM

                          0

                          #13 User is offline   Joshua Icon

                          • Development Team
                          • PipPipPipPipPipPip
                            • Group: Moderator & Development
                            • Posts: 1,814
                            • Joined: 20-September 04
                            • Gender:Male
                            • Location:Germany, 32839 Steinheim
                            • Interests:Computer, Bikes, and many others

                            Posted 12 January 2008 - 03:54 AM

                            View PostStevec, on Jan 12 2008, 09:35 AM, said:

                            What should I try?

                            To be sure to have a clean system,
                            i would save the data files to a extern usb drive, and reinstall the system. :surrender:

                            Joshua
                            my plugin homepage:
                            <a href="http://www.drowaelder.de/winpe/PEIndex.htm" target="_blank">http://www.drowaelder.de/winpe/PEIndex.htm</a>
                            0

                            #14 User is offline   rdsok Icon

                            • rdsok
                            • PipPipPipPipPipPipPipPip
                              • Group: Admin
                              • Posts: 6,039
                              • Joined: 02-October 05
                              • Gender:Male
                              • Location:Norman, Ok. USA

                              Posted 12 January 2008 - 04:28 AM

                              SuperAntispyware is already included on the latest UBCD4Win... but it can't hurt to also run it directly on your system.
                              Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
                              0

                              #15 User is offline   SteelTrepid Icon

                              • Administrator
                              • PipPipPipPipPipPipPipPip
                                • Group: Admin
                                • Posts: 6,191
                                • Joined: 27-April 04
                                • Gender:Male
                                • Location:Ohio

                                Posted 12 January 2008 - 09:00 PM

                                Since I've been using our CD (UBCD4Win) a lot more to remove spyware for a few years now at a local computer shop, I can tell you that you should be able to clean up that system. I do it almost everyday!!
                                However I feel you are expecting one or two tools to fix your computer for you. It doesn't work that way! You are making several mistakes.

                                Quick disclaimer though, you can possibly damage your system and make it unbootable. If you are unsure about removing a file, then you need to do some quick research by searching for the file name in question using Google. If you can, I really suggest you connect an external device via USB to back up your data before starting the removal. Make sure you connect it before starting to boot your computer with UBCD4Win.

                                Here is what I usually do and have had excellent success with customer's computers. As a quick note, I had a system where Kaspersky AV found 886 files earlier this week! Normally if any of the scanners I use find more than 500 bad things I think my chances are pretty bad at getting that system backup and running good. However after all was said and done, that laptop runs like a champ again!!

                                1. Connect your device for data backups and boot UBCD4Win. Backup data first.
                                2. When asked if you want to start network support, start it. Unless you just built your UBCD4Win a few days ago. I have a mixture of UBCD4Win's floating around the shop I work at so sometimes I have one that is more than a month old so I normally update all tools before running them.
                                3. Run a few AntiVirus tools such as Avira and AVG. Kaspersky is my personal favorite and I normally only run that. However if Kaspersky finds a lot then I'll run Avira or AVG AV.
                                4. Run almost ALL AntiSpyware tools. I always run at least Asquared, AdAware, SpyBot, and SuperAntiSpyware.
                                5. Run EzPCFix. It's a very powerful and helpful tool, but it requires you to understand and know what you are looking at. Luckily I chatted with Tom over a year ago and he explained a few things to me and I followed the documentation on his site for it.
                                6. I normally follow up by booting the computer in Safe Mode then, installing A-squared, AdAware, SpyBot, and SuperAntiSpyware, update them and run them all again. I also run msconfig because there are usually start up items that no longer exist and Windows will complain about it at every boot up.

                                There are a few other things that I do and really any cleanup like this requires a person to really know what they are doing.

                                One other suggestion for you, make sure you use one of the file explorers in the project to ensure that at least the 3 folders you mentioned are gone. Normally Kaspersky finds those infections you mention (I see that one all the time) for me and deletes the files out of the folders for me. I'm not sure if any of the other tools will do that for you or not, evidently some won't since you report SpyBot didn't!

                                Good luck!!
                                "I play Russian roulette everyday, a man's sport, with a bullet called life"

                                "My cause is noble, my power is pure"
                                0

                                • (2 Pages)
                                • +
                                • 1
                                • 2
                                • You cannot start a new topic
                                • You cannot reply to this topic

                                1 User(s) are reading this topic
                                0 members, 1 guests, 0 anonymous users