I started a topic at the AVAST! forum, but essexboy recommended I try here.
Here's my original post:
I had a really nasty trojan/virus/malware infection that I fixed, using the Avira Recovery disk, Malwarebytes, and Avast! Free.
Avast is the only antivirus installed on my system.
I got everything almost back to normal, but I had a browser hijacker that I couldn't get rid of. I decided just to be safe, I'd run a boot scan. When it found the first bad file, I chose "3" which I believed was the option to "move to the chest" for this one item. It appeared to continue to apply that choice to later infected files. This was first thing in the morning, and I needed to get to work. I left the boot scan running, thinking it would take most of the day.
When I get home, my computer is in a reboot loop (with a brief bluescreen after the windows XP logo screen....too fast to read).
Clearly some vital system files were infected, but I didn't realize that when I started the scan. Over the weekend, I tried doing Recovery Console (have an HP with a recovery drive, a m7690n Media Center PC http://reviews.cnet....-32165927.html) and "bootcfg /Rebuild", but that seems to have messed it up worse, perhaps because I didn't type the OS name correct? I typed XP instead of "Microsoft Windows XP Media Center Edition". Now when I choose (windows) Recovery Console, that causes it to bluescreen too, with a STOP error.
I definitely want to save this installation of windows, not reformat or do a destructive recovery. I've read about using a XP disk to do a repair install, but my PC did not come with a disc, plus I'm updated through SP3. I've also read about BartPE, but again, unfortunately the only XP disk I own is a vanilla "no SP" copy, which you cannot slipstream SP3 with (or so I've read).
Is there some kind of boot disc or other way to get into Avast's "chest" and restore these files that were removed? I was so close to getting my PC exactly how I wanted it and I totally jacked myself by using a tool I didn't fully understand. I could bootscan myself in the buttocks! Edit: I should point out that I already couldn't get into Safe Mode, because it hangs at "Mup.sys"........ and that System Restore was turned off, because (they say) trojans can hide in there and not be removed.
The rest of the thread is here: http://forum.avast.c...p?topic=56736.0
Other developments:
- I can't boot recovery console (on my recovery drive), after incorrectly trying to do "bootcfg /rebuild" 2x (now it thinks I have 4 different installations, including Recovery Console) ...oh wait, I did say that above!
- I can't do Last known good configuration" (nothing happens)
- When I put in a (vanilla "No SP") copy of XP, to try to boot recovery console, I get the infamous 7B STOP error (BSOD)
- Apparently my pc (below) has a RAID with 2 250gb HDDs, and no expansion room, so I can't even get in there to backup my data (no place to copy it to).
- TestDisk works fine for copying and seeing the missing files, but I don't know what to tell it to do.
- I still have a boot sector virus, because the text when starting up is multicolored and misspelled.
Essentially, I have a computer that won't boot, and a C: partition that can't be read by anything but TestDisk (running off a thumb drive, operating with a Reatogo boot disk). Not to mention what to do when I can even get back into the C: partition, considering Avast borked my OS....but essexboy was going to try to help me with that, until I found out I couldn't get into C with Reatogo.
Please read my thread @ Avast if you'd be so kind, because I'm sure I'm forgetting something here. Naturally, I truly appreciate any assistance you can offer.
Edit: I'm going to run TestDisk on BOTH drives and post the log, as soon as I can get all the cables plugged back into it (went out and bought a new HDD only to discover there's no place to stick it).
Edit: TestDisk log attached below. ....I hope I did it right.
Attached Files
-
testdisk.txt 35.7KB
298 downloads
Edited by Billkwando, 14 March 2010 - 04:27 PM.
Sign In
Create Account
