• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Need help!!! Tried getting rid of some spyware/malware etc. Now cant boot.

L

leigh6

Diamond Member
Hi all,

Trying to get rid of Spyware/malware etc. on a friend of a friends computer. He had run it for 18 months with no anti virus or anything.

Emachines t2682
celeron 2.6
Win XP Home

I installed anit vir, spybot, adaware, spyware blaster,

Still was totally infected. Installed service pack 2. Ran the software again. On the last boot up I now get the following.

Windows could not start because the following file is missing or corrupt:
WINDOWS\system32\config\SYSTEM

You can attempt to repair this file by starting Windoes Setup using the original Setup CD-ROM.
Select 'r' at the first screen to start repair

I put the recovery cd in and it says all files will be lost if I run it. Just wondering if this is the only way to fix this

Thanks, Leigh
 
Software or Operating Forum might have been a better place for this. Check the consolidated spyware, malware etc al thread for general information.

I haven't had experience of this myself but perhaps going into safe mode if you can and doign a variety of things you might get it back.

If not and you need the data consider connecting the drive upto someone else's working PC and get the data off - however make sure you have all the anti-virus and trojan software ready (that includes ewido and a-squared). You perhaps then even remove the trojans etc specifically and fix the system up

However, ultimately, if you've had a serious infection the only way I'd feel clean of it & feel like I had a proper running system again would be to reformat - after salvaging the data needed.
 
Originally posted by: Diasper
Software or Operating Forum might have been a better place for this. Check the consolidated spyware, malware etc al thread for general information.

I haven't had experience of this myself but perhaps going into safe mode if you can and doign a variety of things you might get it back.

If not and you need the data consider connecting the drive upto someone else's working PC and get the data off - however make sure you have all the anti-virus and trojan software ready (that includes ewido and a-squared). You perhaps then even remove the trojans etc specifically and fix the system up

However, ultimately, if you've had a serious infection the only way I'd feel clean of it & feel like I had a proper running system again would be to reformat - after salvaging the data needed.
Click to expand...

this will be the easiet way, believe me. i spent hours on the problem i dealt with for my friend who used a computer like your friend..... 🙁
 
Best and easiest solution:

Physically take the hard drive out, put the drive in your computer, copy everything to your hard drive. Reformat.
 
Originally posted by: leigh6
Windows could not start because the following file is missing or corrupt:
WINDOWS\system32\config\SYSTEM

Thanks, Leigh
Click to expand...

easy way to fix this... windows keeps backups of that file in the C:\WINDOWS\repair folder. go to a command prompt, and type 2 commands,

1. cd \windows\system32\config

2. copy \windows\repair\system

problem solved, gg, hf

BFonnes

edit: trust me... this works... I did Gateway tech support and did this all the time. Just hope you saw this b4 you reformatted like these dolts told you to, i.e. Please don't post if you don't have a real solution. reread your post, btw, if you can't get into any mode, then use a boot disk with any version of windows/dos on it. Then, use the above commands. And next time, don't reformat anytime you don't know the answer, bad techs do that and tell you to do that.
 
bad techs... oh that's harsh. There comes a point where after spending more than an hour on something that it's clearly quicker to just reformat and be done with it.

I bet that even if it did get working again, that the spyware and all that other crap didn't go anywhere. So in the end, with all that spyware and crap, it usually is better to reformat.
 
Originally posted by: V00D00
bad techs... oh that's harsh. There comes a point where after spending more than an hour on something that it's clearly quicker to just reformat and be done with it.

I bet that even if it did get working again, that the spyware and all that other crap didn't go anywhere. So in the end, with all that spyware and crap, it usually is better to reformat.
Click to expand...

it doesn't take an hour to start -> run -> type msconfig -> startup tab -> click disable all -> click ok -> restart, then run hijackthis and spyware blaster.

edit: more info about spyware removal

BFonnes

edit: I said bad tech, cause reformatting sucks, and you don't have to do any work as a tech to tell someone to reformat. A "good" tech would take the time to find a solution other than one that sucks, and take into consideration that for the customer "reformatting sucks." A "good" tech if he doesn't know the answer wouldn't tell them a solution just because they don't know the correct answer. Sometimes, I don't know is a better answer. You never know when you might screw it up worse.
 
Originally posted by: V00D00

I bet that even if it did get working again, that the spyware and all that other crap didn't go anywhere. So in the end, with all that spyware and crap, it usually is better to reformat.
Click to expand...

You can reinstall windows onto the same drive in a different folder... No references to spyware/adware in the new registry. Obviously, there are no references to the old windows folder in the new registry. No deleting your thesis necessary. No waiting for your 80 GB in music to copy to another hard drive, then copy back. You can edit the boot.ini through msconfig (change the timer on selecting your OS) or notepad to remove any references to the old copy.
 
Had a similar problem, check this thread http://forums.anandtech.com/messageview...atid=32&threadid=1628308&enterthread=y

Basically tried a ton of different things from google searches

What worked for me was to install a new copy of windows in a different folder "c:\windows2" so it wouldn't overwrite everything. This enabled me to get into WinXp and as a result I had access to my old windows directory. This allowed me to follow through with the steps on http://support.microsoft.com/default.aspx?scid=kb;EN-US;307545
 
Originally posted by: bfonnes
Originally posted by: leigh6
Windows could not start because the following file is missing or corrupt:
WINDOWS\system32\config\SYSTEM

Thanks, Leigh
Click to expand...

easy way to fix this... windows keeps backups of that file in the C:\WINDOWS\repair folder. go to a command prompt, and type 2 commands,

1. cd \windows\system32\config

2. copy \windows\repair\system
Click to expand...

good info, bob1234, but my solution is still the easiest, and the quickest, and you may not have done it before, but it works. It takes 5 minutes or less if you know what you are doing. Plus, I already suggested installing windows to a different folder if you read my posts...

BFonnes
 
Originally posted by: V00D00
bad techs... oh that's harsh. There comes a point where after spending more than an hour on something that it's clearly quicker to just reformat and be done with it.

I bet that even if it did get working again, that the spyware and all that other crap didn't go anywhere. So in the end, with all that spyware and crap, it usually is better to reformat.
Click to expand...

It depends on how thoroughly you've made the PC your home. 🙂 Tweaking, installing all sorts of little utilities, organizing things just right, etc. The PC I just gutted (college time soon) had a Windows install that was approaching 2 years old. My mom's PC's installation is almost 4 years old, and it still is doing just fine.
Format and reinstall, for me, is more of a last resort. But it does depend on how bad the damage is.
 
Originally posted by: Nocturnal
Do a chkdsk /r.
Click to expand...

maybe this is what i did when i had a similar problem, then i could get into safe mode and start cleaning stuff up.....can't find my old thread...
 
Hi bfonees.

When I typed in cd\windows\system32\config
invalid directory

When I typed in windows\repair\system

File not found

When I typed chkdsk/r

Invalid switch- /r

I am using the recovery cd from emachines. I do not have a windows home disc.

 
do you have a windows xp pro disc? that may have the same files that you need on it, but somebody else can verify this...
 
Once you get this fixed...a good way to prevent spyware is to use FireFox/Opera (alternative browsers) instead of Internet Explorer.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top