|
|||||||
 |
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
09-30-2009, 03:55 PM
|
#1 |
|
Saved by grace
Join Date: Sep 2002
Location: Indiana
Posts: 1,397
|
Need Serious Help
Hi, my pastor's work and home PC were infested with trojans, but there are further issues which is why I am posting here. On the work one we installed ccleaner and malwarebytes, scanned and cleaned in safe mode, cleared system restore and did again. It seems to be fine except that trying to clean the registry might be jamming it up (it finds tons of issues and doesn't seem to progress. However, at least it seems to be working.
The home one is a different problem. It would sometimes freeze upon boot, but sometimes would give us some time to do things. It would not install malwarebytes from the CD I burned, the hard drive (after copying it there) or from the CD using install new program from the control panel. It just stops and goes no further from what we saw. We did some cleaning with Ccleaner (including registry) and now it crashes not too long when booting both in and out of safe mode. It gets to a blue screen and says something including "A problem has been detected and windows has been shut down to prevent damage to your computer. The problem seems to be caused by the following file Win32K.sys:2 Page_fault_In_nopage_areg (sorry I am not sure of this line, I wrote too fast and didn't get it down good.) It is a Dell Dimension 4600 is probably a few years old and has XP Pro. I thought I might try to restore the registry but I can do it fast enough upon booting. I even tried booting from the last good configuration. What can I do? There is data we would like to save and I can transfer if need be (but don't want to mess up the computer it is going to.) Thanks. |
|
|
|
09-30-2009, 03:59 PM
|
#2 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,791
|
That error is quite often due to ram or hard drive issues. If the diagnostic partition is still intact, you can run diagnostics by pressing F12 immediately on startup.
|
|
|
|
09-30-2009, 04:08 PM
|
#3 |
|
Saved by grace
Join Date: Sep 2002
Location: Indiana
Posts: 1,397
|
Thanks.
I didn't mention it, but I removed the memory and plugged it back in. I did do Dell Diagnostics (the quick version) and it found nothing wrong, but we didn't have time to do the longer version. We can try that and see what it comes up with, but if that fails what would be the next step? Last edited by quartet-man; 09-30-2009 at 06:17 PM. Reason: Typo |
|
|
|
|
09-30-2009, 04:34 PM
|
#4 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,791
|
Pull the drive, rescue the files, and then do a clean reload.
|
|
|
|
|
09-30-2009, 06:16 PM
|
#5 |
|
Saved by grace
Join Date: Sep 2002
Location: Indiana
Posts: 1,397
|
Thanks. Hopefully we will have more to go on tomorrow.
I take it in that case we should nuke and pave, or is there a restore partition? (since it is a Dell.) Last edited by quartet-man; 09-30-2009 at 06:20 PM. Reason: Add question |
|
|
|
|
09-30-2009, 06:50 PM
|
#6 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,791
|
Dells built after 7/2004 have a restore partition - accessed by pressing Ctrl+F11 immediately on startup. I don't remember how the earlier models were set up.
|
|
|
|
|
09-30-2009, 08:34 PM
|
#7 |
|
Member (10 bit)
Join Date: Dec 2000
Location: Phoenix, AZ
Posts: 664
|
I would think it's a good idea, after putting the drive into another machine, to virus and malware scan the drive BEFORE copying files out of it. So any bad stuff does not come back. That would be my action plan at least. Although if you think the drive might be getting flaky you might want to get things off first, before it gets worse. Then scan the folders where you copied to.
|
|
|
|
|
10-01-2009, 11:42 AM
|
#8 |
|
Saved by grace
Join Date: Sep 2002
Location: Indiana
Posts: 1,397
|
I agree about the Malware scan. What I thought I might do is put the files on an old, seldom used WIN98SE donated computer that I wouldn't mind messing up or putting Malwarebytes on his laptop and scanning the files. However, if I do that what are the odds of infecting the computer since they will be connected?
Thanks to both of you for the help. I will try to keep you posted. |
|
|
|
|
10-01-2009, 12:41 PM
|
#9 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,791
|
If you use a USB adapter, and HOTPLUG the drive into a system that has resident antivirus/antimalware already running, the odds of any problems are just about nil.
|
|
|
|
|
10-01-2009, 01:10 PM
|
#10 |
|
Member (10 bit)
Join Date: Dec 2000
Location: Phoenix, AZ
Posts: 664
|
If you have connected as a secondary drive, meaning any other than the boot drive, the odds of anything executing without the user trying to run it are very low. I would say zero, but there may be some things that can fire off scripts somehow. Nothing will be in the registry or the root, and you would not be executing any files by double-clicking or anything like that. Even copying them is safe as far as I know.
But the point I was making was to get scanned the files that are to go back on the original system. So that none of the bad stuff gets reinstalled. Your plan sounds good. The part I'm not sure about is if Malwarebytes or an anti-virus ( you didn't name any anti-virus ) will run on win98. GLC's approach would be bulletproof, if you have the resources to go that way. |
|
|
|
|
10-01-2009, 07:32 PM
|
#11 |
|
Saved by grace
Join Date: Sep 2002
Location: Indiana
Posts: 1,397
|
Yeah, we should be able to use his laptop with XP. I was just thinking the old win98SE was more expendable .
|
|
|
|
|
10-01-2009, 09:24 PM
|
#12 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,791
|
98SE would not be able to read a NTFS drive. Use a XP machine.
|
|
|
|
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
