Ok Lets try a manual restore follow the instructions below. If you have any problems let me know.
This fix will only work if you had system restore enabled before the problems started. You will have to do a Repair Installation if you had disabled system restore. See link at end.
Get your computer to boot from cd and then boot from your xp disk.
1. Press R for "to repair a windows installation using Recovery Console"
2. Type in number for windows installation you want to log onto - is usually 1 > press enter
3. Enter the administrator password.
4. Change to configuration folder type: cd c:\system32\config
5. Backup your configuration by typing the following to rename the files: (don't type the word "type" or : press enter after each
type: ren default default.bak
type: ren sam sam.bak
type: ren system system.bak
type: ren software software.bak
type: ren security security.bak
6. Type cd\ or c:\
7. Type cd "system volume information" (you must include punctuation marks)
8. Type DIR
9. Change the directory into the restore folder that will have a long name similar to the to the following:_restore{987E0331-0f01-427.......
Type cd _restore{987E0331-0f01-427......} (don't forget the space in between the cd and the underscore)
10. Type DIR
11. Select the rp directory with the latest date before you had problems- e.g. rp214
Type cd rp214
12. Type cd snapshot
13. Copy and rename the files to the system32/config folder by typing the following:
type: copy _REGISTRY_USER_.DEFAULT c:\windows\system32\config\default
type: copy _REGISTRY_MACHINE_SAM c:\windows\system32\config\sam
type: copy _REGISTRY_MACHINE_SECURITY c:\windows\system32\config\security
type: copy _REGISTRY_MACHINE_SOFTWARE c:\windows\system32\config\software
type: copy _REGISTRY_MACHINE_SYSTEM c:\windows\system32\config\system
14. Type EXIT
If you do not have access to "system volume information" then from step 6 do the following:
7. cd c:\windows\repair
8. Copy and rename the files to the system32/config folder by typing the following:
type: copy DEFAULT c:\windows\system32\config\default
type: copy SAM c:\windows\system32\config\sam
type: copy SECURITY c:\windows\system32\config\security
type: copy SOFTWARE c:\windows\system32\config\software
type: copy SYSTEM c:\windows\system32\config\system
If you had to do the windows repair thing post back because we will have to do a few more things even though your computer now starts.
One other thing did this start before or after you removed the malware.
Edited by what_the, 02 April 2008 - 04:55 PM.