Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Log in screen Loop.


  • Please log in to reply

#1
nogbad

nogbad

    New Member

  • Member
  • Pip
  • 2 posts
I took on helping a colleague sort out his infected laptop. I ran spyware doctor, trojan remover and then avast. It was looking a lot better until I did a boot time scan with avast. it found infections in all the system 32 files.
Now heres where I did something really stupid Doh!!!!
I clicked on move all :to chest, which it did.

Now when i start up the computer I get a log on screen. as soon as i log on, the desktop flashes up briefly then i get saving settings and end up back at the log on screen. it wont let me log in as administrator and it behaves the same way in safe mode.

i kind of suspect that I shouldn't have moved all those files, but as i cant log on, dont know how to move them back.

Any help would be greatly appreciated.
the PC's running xp home which didnt come with an xp cd. i do have an xp pro cd.

thanks :)
  • 0

Advertisements


#2
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hi nogbad...

The following is a technique to perform a system restore operation using recovery console. I do not think the XP Pro disk will work, but you might give it a try. If you are unable to start the Recovery Console using the Pro disk, use the option for RC.ISO.

If you have your Windows XP disk
  • Insert your Windows XP disk into your computer and reboot
  • Make sure the PC is set to run from the CD as the primary boot device.
    NOTE: You do this by setting your PC to boot to the CD-ROM in BIOS (enter bios by pressing f1, f2 or del key during memory count up, then search for boot order, and set the CD as the first boot device)
  • When the PC boots, it will boot from the CD...after the first several screens load, you will be given a choice to choose R for Recovery Console. You will be asked to log in.
    NOTE: For Windows XP Home, there is not password, just hit ENTER. For Windows XP pro, ask whomever set up the machine what password they used.
When you see the Recovery console C:\WINDOWS prompt continue to section 3 ("System Restore")

If you DO NOT have your Windows XP disk
  • Download RC.ISO from Here.
  • Now burn this ISO image to a CD and boot your computer with it.
    NOTE: Keep in mind that this is different than burning a file to a CD-ROM. If you do not know how to burn an ISO image, then download CDBurnerXP Pro to another Windows machine and install it. Then go Here for instructions for burning the ISO image
  • Once the CD is created, place it in the defunct computer
  • Then reboot your broken PC with that CD in the CD-ROM drive.
  • Make sure the PC is set to run from the CD as the primary boot device.
    NOTE: You do this by setting your PC to boot to the CD-ROM in BIOS (enter bios by pressing f1, f2 or del key during memory count up, then search for boot order, and set the CD as the first boot device)
  • When the PC boots, it will boot from the CD...after the first several screens load, you will be given a choice to choose R for Recovery Console. You will be asked to log in.
    NOTE: For Windows XP Home, there is not password, just hit ENTER. For Windows XP pro, ask whomever set up the machine what password they used.
System Restore
  • When you get to the recovery console Type

    CD \

  • Press Enter
  • Type

    cd system~1\_resto~1

  • Press Enter
  • Type

    dir

  • Press Enter
After you press enter you will see a list of folders (like rp1, rp2) If the list of restore points has more than one page then press the Enter key untill you reach the end of the list
  • Type

    cd rp {number of the second to last folder in the list}

    Note: Example: cd rp9, if rp9 is the second to the last restore point where the last restore point no. is 10
  • Press Enter
  • Type

    cd snapshot

  • Press Enter
  • Type

    copy _registry_machine_system c:\windows\system32\config\system

  • Press Enter
  • Type

    copy _registry_machine_software c:\windows\system32\config\software

  • Press Enter
  • Type

    Exit

  • Press Enter
Your PC will reboot.

If you get an access denied error when doing the above, then do the following at the recovery console:
  • Type

    CD \

  • Press Enter
  • Type

    cd windows\system32\config

  • Press Enter
  • Type

    ren system system.bak

  • Press Enter
  • Type

    Exit

  • Press Enter
Your PC will reboot, go back into the Recovery Console and start from the beginning

If you still cannot get access in anyway to your installation in the recovery console then your SAM database files are corrupt. There is no way you can restore these with the recovery console. You may need to do a fresh install.

If you are successful with this, you will have restored to an earlier time...complete with the infections...please visit our Malware Forum and let the experts there assist you with the cleanup process.

wannabe1
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP