Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Reformat infected XP with Virut, Rootkit, Rogue and other nasty bugs


  • Please log in to reply
11 replies to this topic

#1 alfasf

alfasf

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 06 August 2009 - 05:02 AM

Hello BC staff

I was referred here by another BC staff, DocSatan, for your help on this particular issue. My Gateway MX6426 laptop got infected with Rootkit, Virut, and Rogue virus. After an extensive support of his part, we resolved to reformat hard drive and reinstall XP.

Due to level of infection laptop is, on Safe Mode I get a "System Shutdown Error" which shuts down and restart every 60 sec. Also in Normal Mode, it hijacked desktop by an "Active Desktop Recovery", and when it finishes loading I received a blue screen large message error to shut down system because of some erros or somethig alike. In summary, I cannot run laptop normally in either mode because of this.

That was a little introduction of the current condition of my laptop.

Back on reformatting...I am not literate in the process of reformartting and reinstalltion, which I need your help with s step-by-step guidance.

Before to proceed, it is necessary to point out I don't have Windows installation CD that came with laptop-I am not sure if it did since I got this laptop used. However, I still have Windows Registration Key for this laptop which is located on a sticker on the bottom of the laptop. Can I reregister with this key that belongs to this laptop after cleaning hard drive? I can't afford to spend $100-200 on another windows XP software.


Factors to consider for this:

* OS doesnt run normally due to infection (see description above of message)

* No installation disks.

*At this moment, I am writing all this on my non-infected desktop with Internet access.


Here some system information for laptop taken from DDS log and the other from Gateway support.
DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 18:22:47.60 on Mon 08/03/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.342 [GMT -7:00]


GateWay MX6426


And this is my previous thread with another BC staff about the infection with logs included, in case you need more information.

BleepingComputer previous thread


In advance, I really thank you for all your help.

Please ask me for further information needed.

P.S. Please do not close thread if I don't reply immediately. I need to take some rest for not sleeping trying to fix this :thumbsup: :flowers:

Edited by alfasf, 06 August 2009 - 05:06 AM.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,550 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:08 AM

Posted 06 August 2009 - 08:22 AM

Have you contacted Gateway for copies of recovery/restore CDs?

Louis

#3 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:08 PM

Posted 06 August 2009 - 09:25 AM

http://support.gateway.com/s/Mobile/Q106/SonicC/8511264.pdf

This manual was all I could find from Gateway

The section about recovering from the hard drive specifies you have to use their recovery disk, you will need to order them
Chewy

No. Try not. Do... or do not. There is no try.

#4 alfasf

alfasf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 06 August 2009 - 11:03 AM

Ok thank you both for your answers, give me some time to read Gateway manual and follow their instruction so I will let let you know later.

Have you contacted Gateway for copies of recovery/restore CDs?

Louis


Yes, I had contacted them in the past. Gateway Support asks me to purchas recovery/restore CDs, which is not my option.

Edited by alfasf, 06 August 2009 - 11:03 AM.


#5 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:08 PM

Posted 06 August 2009 - 12:09 PM

Considering that virut may have infected your recovery partition and the manual indicates it requires a recovery cd to reinstall then you need to contact Gateway. Tell them you will need to completely wipe your hard drive and order the appropriate disks.

This is the best option by far.
Chewy

No. Try not. Do... or do not. There is no try.

#6 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:12:08 PM

Posted 07 August 2009 - 04:17 AM

Hey Guys,

Just wanted to provide the Links I used for investigating alfasf's Laptop (Gateway MX6426):Good Luck! :thumbsup:

Doc.

#7 alfasf

alfasf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 07 August 2009 - 12:42 PM

Thank you to all for your help.

At this moment, I am studying the steps for reformatting. I don't want to make a false step.

I'll be posting tomorrow or the day after tomorrow to let you know how it went.

#8 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:08 PM

Posted 07 August 2009 - 03:50 PM

Please keep us posted, there's some confusion regarding the gateway directions, might be worth calling them.
Chewy

No. Try not. Do... or do not. There is no try.

#9 alfasf

alfasf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 08 August 2009 - 11:38 PM

OK here i am back.

Updates...well, I screwed up my laptop :thumbsup: The condition of the laptop is the following:

1. It does not have an operating system.

2. A message saying "NTLDR is missing" when I turn on laptop.

Here's what I did

1. I got a burn Windows XP Pro installation CD...I was thinking to use this installation CD, and re-register my license key.

2. I followed gateway pfd instructions by pressing F11, formatted hard drive. But when it comes to booting from hard drive, it shuts down at some point and don't complete installation.

I am completely lost and desesperate now.

P.S. DocSatan thank you for tracking my situation and providing the links, those were really helpful at some level. As you see, I am real desperate :flowers:

#10 alfasf

alfasf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 09 August 2009 - 02:39 AM

Ok when I press R on the bootable installation CD for the Recovery Console-I don't know what it is for, the following prompt comes out

Microsoft Windows Xp ™ Recovery Console

The Recovery Console provides system repair and recovery functionality.

Type EXIT to quit the Recovery Console and restart the computer.

1: D:\MiniNT

Which Windows intallation would you like to log onto
<To cancel, press ENTER>?

#11 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:08 PM

Posted 09 August 2009 - 07:24 AM

However, I still have Windows Registration Key for this laptop which is located on a sticker on the bottom of the laptop.


Does that sticker say XP home oem?

The key must match the CD and vice versa

When someone brings me an XP laptop and I have to replace the hard drive, my xp home oem disk will work with their numbers, laptop drivers are very hard to configure. The factory disks or the ones you were supposed to burn are the easiest option.
Chewy

No. Try not. Do... or do not. There is no try.

#12 alfasf

alfasf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 10 August 2009 - 08:18 PM

People here i am back again. Since I didnt see progress on my problem, I finally decided to purchase recovery disk from links you guys provided.

Thank you all for your support, I have problems on the recovery disk I let you know.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users