Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware Threat [Solved]


  • This topic is locked This topic is locked

#46
lordoxford

lordoxford

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
I used both of the keyfinders. Both brought up the same key which didn't concur with the three remaining groups on the Microsoft sticker on the base.
I didn't pay them their 100 quid - they locked me out quite effectively!
Your boot CD enabled me to get all the files off (remember - linux failed to mount partition D)
I downloaded some hot code which purported to contain the character string used by MS engineers to boot any XP but, under regedit, I coudn't find the locatiion in the registry containing the target string to be replaced. It had a name like "OOBTX" in an unlikely location. Was I accessing your registry or mine, having booted from your CD?
  • 0

Advertisements


#47
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi lordoxford,

At this point, it is best just to restore your computer. I think the malware may have messed up your XP license key. If you have MS Office or any other expensive software installed, you should make sure you have the license key for that software in order to reinstall them before beginning this process. The instructions below show you how to use the hidden recovery partition on your computer. I believe Windows should already be activated if you use option one below. I would try that before using the recovery CD's. It says that any data on D:/ should be safe, but I would have that backed up as well, just in case (along with all the other drives). When you restore your data to the fresh install, make sure you only copy pictures, documents, music, etc. and no executables or dll's or the like.

If the system can not boot, you can restore it from the WinPE environment. The system starts from the hidden partition on the hard drive. To begin the restoration, press Alt + F10 (PC Tower) or F10 (laptop) to boot the PC when the ACER logo appears. This will start the system from the hidden partition the hard drive and you access its main page. The restoration will be on partition C:. The partition D: (ACERDATA) will not be formatted, and therefore documents will not be deleted but it is always prudent to think about making a backup of your most important documents.
Note: You will be asked to enter the password before the System Restore starts. If you enter the wrong password three times, the computer will restart into the operating system.

You must enter the password to access the main page of the hidden partition. The main page of the hidden partition provides three options to restore the system:
1 - Restore the system to factory default settings: Select this option and then enter the password. The utility will restore the system from the image of the factory default settings on the hidden partition on the hard drive. When prompted, confirm the system restore. A message will warn you that you will lose all data on the disc. The utility then restores the system to its original state.
2 - Restore the system from backup user: Select this option and then enter the password. The utility restores the system from the image of the user on the second partition on the hard disk. When prompted, confirm the system restore. A message will warn you that you will lose all data on the partition. The utility then restores the system to safeguard the most recent user.
3 - Restore the system from the CD / DVD: When this option is selected, insert the first disc of the backup in the optical drive. Confirm System Restore when prompted. A message will warn you that you will lose all data on the partition. The utility will restore the system from the backup image on CD / DVD. Insert the other disks when prompted.


Note: If you are trying to restore the system to its factory default settings stored on CDs / DVDs, Acer eRecovery Management prompts you to insert disc 2 to start.


Let me know how it goes.
  • 0

#48
lordoxford

lordoxford

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
Fed up with the whole business I shoved the three Acer CDs in about mid-day today and restored the factory state.
My "Files" on the 1TB drive are not pictures and tunes; there are at least a thousand .EXE and .BAT files and I cannot do without them.
Is there not a technique called "Sandbox" for running suspect code? How do I do this, please?
lox.
  • 0

#49
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
If you need to transfer exe or batch files, I would just scan them with you anti-virus before running them. If you need extra assurance on one, you can upload it to VirusTotal.

Do you need any more assistance before we close this thread?
  • 0

#50
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP