• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Need help with virus damaged XP Pro

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
A

Athlon Mark

Member
Joined
Nov 30, 2005
Location
North Carolina
Let me first admit that I'm no expert at this type of stuff.....

Someone brought me a computer that was horribly infected with malware,trojans, and viruses. So bad that I could not access msconfig, Norton Antirus, Malbytes, or pretty much anything else on their system--- not even in Safe Mode.

At a loss, I pulled the hard drive and installed as a slave in my computer (that I knew was well protected). I cleaned it, and removed 32 various nastys including Cryptor virus, FakeAlert.KW, Generic13.JJK, Win32/Heur, SHeurZ.ALQB, Small.AU, and FakeAlert.KT.

Then the bad news--- when I reinstalled the drive, none of the USB ports would work. Unfortunately, it is a Dell Vostro with no PS/2 ports for a keyboard or mouse. Thus, I had no access to the system. In frustration, I gave up and reinstalled Windows XP Pro Service Pack 2 from their OEM disk.

Unfortunately, the problems persist. Now Windows will boot up, but I get a
STOP: 0x0000008E

0000129A - Address 890D48EC base at 890D4000
Click to expand...
which from my understanding means something is crapped out in the registry. It will log in while in Safe mode, and then crash before I can do anything.

How can I get this aggravating thing up and running? The guy doesn't want me to wipe the drive if possible, as his Palm Pilot info is stored on it. Help!
 
Last edited:
I can log into safe mode, and then I immediately get the 60 second warning that Windows is shutting down.

Don't know if it helps any, but the message that pops up (not in Safe Mode) is:
Windows must now restart because DCOM Server Process Launcher service terminated unexpectedly.
Click to expand...

Any help would be greatly appreciated!
 
The best advice I can give you would be to re-slave the drive get all the data you need off the drive then format it and install XP Pro clean. Get all the newest drivers and update the bios and let him enjoy.
 
Thanks for the responses guys. Meanwhile, I read (and found out it works) that I can stop the auto shutdown by pulling up a quick Command box and typing "shutdown/a".

After I killed the countdown, I started Malbytes (I had installed it previously on this computer). Its running a complete scan, and has thus far found four new infections. Apparently some of these buggars are regenerating themselves, maybe a Restore file somewhere.

I've got my doubts it will fix everything, but what do I have to loose but time?
 
Sounds like you got the same virus I got last year - it's a devil.

If so, you can not get rid of it without a complete reformat of the drive. You should try the latest version of Microsoft's malicious software removal tool, but the trapdoor trojan virus I had would not allow me to surf to Microsoft's site. I've read that the MS malicious code removal tool will kill all instances of this, but can't attest to it - last year, it would not handle this bugger, even after I got the removal tool, and ran it.

It hid in a part of the disk area that users are not allowed in - even Administrators, and there is no way to remove that last instance of it, that I could find. So it just keeps bringing in other malware, and also replicating it's own self, anywhere it can.

This was on an XP Pro system, which had AVG anti-viral protection. I had it scanned and "cleaned" by several "anti-virus cleaners", (free on the net), but none of them could get that last little instance.

Good luck.
 
My advice is to get either ERD Commander (if you can find it) or BartPE (search for Bart on the web) make your self a bootable cd or pen drive and do all your work external from the infected drive.

Putting the drive in a clean system will allow the virus to migrate to the new system infecting it.

With either of the above back up the data and then WIPE the drive, you can get free or shareware drive wipe programs that will kill the virus for good.

Then reinstall XP, install the anit viris, trojan, spyware, malware programs before putting the data back on the drive. After you get the data on the drive scan it again to insure you didn't reintroduce the virus from the data, if you did wipe the device you used to store the data, don't take a chance on it getting to another computer.

As a tech and system admin the company I worked for would 'quarinteen' any infected drives until they were wiped - seems that sometime in the past (before I was hired) someone slaved a drive to a server and the company lost a lot of data...

A Best Practice

MHO...
 
gsrcrxsi said:
no he means to hook the drive into another computer like he did the first time.
Click to expand...

Why would that help at all? It's like saying ok, say you were sick and you said, let me put a new suite on, That'll cure me.

Adak said:
Sounds like you got the same virus I got last year - it's a devil.
Click to expand...
lol
If so, you can not get rid of it without a complete reformat of the drive. You should try the latest version of Microsoft's malicious software removal tool, but the trapdoor trojan virus I had would not allow me to surf to Microsoft's site. I've read that the MS malicious code removal tool will kill all instances of this, but can't attest to it - last year, it would not handle this bugger, even after I got the removal tool, and ran it.

It hid in a part of the disk area that users are not allowed in - even Administrators, and there is no way to remove that last instance of it, that I could find. So it just keeps bringing in other malware, and also replicating it's own self, anywhere it can.

This was on an XP Pro system, which had AVG anti-viral protection. I had it scanned and "cleaned" by several "anti-virus cleaners", (free on the net), but none of them could get that last little instance.

Good luck.
Click to expand...

No offense Adak but Microsoft is not the place I would go to for internet security. Example of a reason why would be I read a virus that could by pass their firewall. I know all virusses can but that just proves my point even more on top of the fact that they're not a security company example to that is they don't make an anti-virus program. Personally I'd go with Norton but any other company the purly deciates themselves to internet security would work.
 
You must log in or register to reply here.

Similar threads

A
Really need help - cannot boot from USB to reinstall windows + more
Replies
9
Views
427
magellan
magellan
F
Hey guys been a while. need some slight help!
Replies
15
Views
881
ForgottenUSA
F
ptm
New 13700k build - need help please
Replies
3
Views
1K
ptm
ptm
Max0r
SSD system area rewrite death (no wear levelling there)-- is that a thing?
Replies
12
Views
1K
Max0r
Max0r
T
Need help setting up my new mesh network
Replies
2
Views
752
David
David
Back