Results 1 to 12 of 12
  1. #1
    New Lounger
    Join Date
    Jul 2010
    Location
    Albany, GA, USA
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have customer that got a lot of viruses on his computer and I am tring to remove them. After alot of tries I finally got superantispyware to run from my flash drive, had to stop process of all *tssd* files that were loading. The spyware program found alot of trojans and removed them. The internet would not work and I did not know about going into internet options and disabling proxy. I the ran cc cleaner and tried to repair registery. Got the IE to come up but would not go online. did a search and found a fix it now file at microsofts site and downloaded it to flash and started computer in safe mode and tried to run program. The program started up and started doing things and all of a sudden I got the registery_error blue screen and anything I try will not work. I have tried reloading windows with disk and get to the point were you touch F8 and then blue screen. Can anyone help me?

  2. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Potential options:
    1 Dump hard drive and charge customer for new drive plus reinstall labor. (my preference)
    2 Temporarilly replace hard drive with spare, reinstall os, then place sick drive on another sata port. Pull important customer data off drive. Ascertain if boot sector virus present, deal with infection accordingly if present. If drive found to be salvageable, reinstall customer drive and os.
    3 Boot with dos disk, run chkdsk r on drive, then proceed to number 4.
    4 Format the entire drive, preferably from a dos boot disk.
    5 If drive not bootable under any circumstances, proceed to step 1.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  3. #3
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,794
    Thanks
    117
    Thanked 798 Times in 719 Posts
    One other possibility. Boot to safe mode and check to see if there is a restore point prior to the date of the infection.

    Jerry

  4. #4
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Safe Mode would be helpful if you could actually get to it.
    I think your best option would be to install it on another [test] machine as a secondary drive and attempt to troubleshoot it from there.
    At least try and make it bootable and, or pull data off it that the customer may need.

    More information would be helpful too.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  5. #5
    New Lounger
    Join Date
    Jul 2010
    Location
    Albany, GA, USA
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I cannot get into safe mode. I have tried to boot to c: prompt from safe mode screen but get save blue screen. I have not tried dos from floppey yet, have to get usb floppy first, it was at home, I will try that on monday. I have pulled info that I think they need from disk with a sata to usb cable. I can get into drive that way,should I format disk and try to delete partian and use WD repair disk to repair drive, it is a wd 250gig drive? Or should I just use floppy and use the wd repair disk and try to repair drive,repair and/or write all 0's to drive and try to partian and format and create a new boot drive?
    Any other thoughts or suggestion will be greatly apprecited. Thank for the help, I guessed that what you told me was what some one would come back with and suggest, I was hoping that there was another way to so I could save all the info and not have to reload. They have some programs that are not available no more and you can't just save data and reload, no program to reload with, it is an old grocery program and the company went at of business,but has a great load and save item feature, which they are use to.

  6. #6
    New Lounger
    Join Date
    Jul 2010
    Location
    Albany, GA, USA
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    5 STAR
    Can I repair the registery so that drive will boot when connected to another computer. I am a little fuzzy on procedures when working in this field of repair. My thoughts was to replace drive and start up new, but bosses don't see it that way.

  7. #7
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    South of the North Pole
    Posts
    919
    Thanks
    0
    Thanked 0 Times in 0 Posts
    If I were going to try and save everything, I would use UBCD4Win disc to replace the munged registry with a previous one. All things equal (don't know what the Microsoft fix may have done) that should get it to boot again, though the viruses will probably be back as well, but, it would give you another shot at cleaning them up without damaging system files. Unless of course the previous cleanup completely removed some system files, in which case you'd also want to run a repair install (with an XP SP3 install disc).

    If you were able to subsequently get everything back and I.E. was still not operational there are a couple of reset points that almost always get it going again, but success there would be predicated on the successful use of another browser like FF or Chrome.

  8. #8
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    For a repair and rebuild of XP without loosing user data, I would recommend:
    Langa Letter: XP's No-Reformat, Nondestructive Total-Rebuild Option


    Fred Langa shows you how to completely rebuild, repair, or refresh an existing XP installation without losing data, and without having to reinstall user software, reformat, or otherwise destructively alter the setup.
    But, like Byron says, you'll still have the infection(s) to deal with. I would also recommend a more specialized approach to malware/virus/rootkit detection and removal by going to one of the specialized forums;
    http://www.landzdown.com/index.php/board26.0.html
    http://www.geekstogo.com/forum/forums.html
    http://www.geekstogo.com/forum/OTL-T...t-t277391.html
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  9. #9
    New Lounger
    Join Date
    Jul 2010
    Location
    Albany, GA, USA
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Clint
    The Fred Langa letter you mention will not work for me. I can get to the part where you press F8 to continue and then I get the Blue screen.

  10. #10
    5 Star Lounger
    Join Date
    Dec 2003
    Location
    Burrton, KS, USA
    Posts
    833
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Are your customers not wanting to pay for a new drive? It sounds like you will not get that drive bootable without a total reformat. You state that you already have the data off of the drive. I would try to do a full format and then reinstall. You need to be sure and wipe ALL partitions and overwrite the MBR before you format that drive.

    I cannot understand why you are blue screening at the first F8 (accepting the license) as near as I remember you have not touched the hard drive yet.....?

    If your customer is paying you by the hour, they would be far ahead letting you purchase a new drive and install fresh from there.

  11. #11
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Quote Originally Posted by George h Brown View Post
    Clint
    The Fred Langa letter you mention will not work for me. I can get to the part where you press F8 to continue and then I get the Blue screen.

    Apologies, my mistake.
    CLiNT

    Was a potential option, if you were able to get the drive to boot again after using the UBCD4Win disk.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  12. #12
    New Lounger
    Join Date
    Jul 2010
    Location
    Albany, GA, USA
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Mercyh;
    You just have to understand the people I work for. I am suppose to be able to work miracles. I gave up on drive whenever I so 156 trojans found, but I have to try and do what I can. I screwed up somewhere I guess and that is why I am getting the registry error. I do appreciate all the help and advice offered.

    Byron
    I tried to load the upcd4win and got errors creating the image ( it is from a dell oem cd) something about the registry, tried the fix suggested in there faq's, did not work. Not even sure I can use program any more, tried to uninstall and the i386 folder want go away. I have a full xpsp2pro disk that I am going to try. The computer has sp3 and the dell disk is sp3. Also had 4 errors creating image.

    As you all have said to much time trying to fix, going to wipe drive clean and start over, they can only be pissed for awhile and find someone else next time to fix there problems.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •