Hi nogbad...
The following is a technique to perform a system restore operation using recovery console. I do not think the XP Pro disk will work, but you might give it a try. If you are unable to start the Recovery Console using the Pro disk, use the option for RC.ISO.
If you have your Windows XP disk- Insert your Windows XP disk into your computer and reboot
- Make sure the PC is set to run from the CD as the primary boot device.
NOTE: You do this by setting your PC to boot to the CD-ROM in BIOS (enter bios by pressing f1, f2 or del key during memory count up, then search for boot order, and set the CD as the first boot device) - When the PC boots, it will boot from the CD...after the first several screens load, you will be given a choice to choose R for Recovery Console. You will be asked to log in.
NOTE: For Windows XP Home, there is not password, just hit ENTER. For Windows XP pro, ask whomever set up the machine what password they used.
When you see the Recovery console
C:\WINDOWS prompt continue to section 3 ("System Restore")
If you DO NOT have your Windows XP disk- Download RC.ISO from Here.
- Now burn this ISO image to a CD and boot your computer with it.
NOTE: Keep in mind that this is different than burning a file to a CD-ROM. If you do not know how to burn an ISO image, then download CDBurnerXP Pro to another Windows machine and install it. Then go Here for instructions for burning the ISO image - Once the CD is created, place it in the defunct computer
- Then reboot your broken PC with that CD in the CD-ROM drive.
- Make sure the PC is set to run from the CD as the primary boot device.
NOTE: You do this by setting your PC to boot to the CD-ROM in BIOS (enter bios by pressing f1, f2 or del key during memory count up, then search for boot order, and set the CD as the first boot device) - When the PC boots, it will boot from the CD...after the first several screens load, you will be given a choice to choose R for Recovery Console. You will be asked to log in.
NOTE: For Windows XP Home, there is not password, just hit ENTER. For Windows XP pro, ask whomever set up the machine what password they used.
System Restore- When you get to the recovery console Type
CD \
- Press Enter
- Type
cd system~1\_resto~1
- Press Enter
- Type
dir
- Press Enter
After you press enter you will see a list of folders (like rp1, rp2) If the list of restore points has more than one page then press the Enter key untill you reach the end of the list- Type
cd rp {number of the second to last folder in the list}
Note: Example: cd rp9, if rp9 is the second to the last restore point where the last restore point no. is 10 - Press Enter
- Type
cd snapshot
- Press Enter
- Type
copy _registry_machine_system c:\windows\system32\config\system
- Press Enter
- Type
copy _registry_machine_software c:\windows\system32\config\software
- Press Enter
- Type
Exit
- Press Enter
Your PC will reboot.
If you get an access denied error when doing the above, then do the following at the recovery console:
Your PC will reboot, go back into the Recovery Console and start from the beginning
If you still cannot get access in anyway to your installation in the recovery console then your SAM database files are corrupt. There is no way you can restore these with the recovery console. You may need to do a fresh install.
If you are successful with this, you will have restored to an earlier time...complete with the infections...please visit our
Malware Forum and let the experts there assist you with the cleanup process.
wannabe1