Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How Do I Restore Computer To Original State


  • Please log in to reply
5 replies to this topic

#1 finalact4

finalact4

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 04 March 2006 - 11:43 PM

Good day -

I'm fairly new to this site - hello to you - and would like to solicit your expertise. I am not computer savvy - not because I am incapable of understanding - but because while I was a working professional I relied on the talents of the corporate IT department for any computer related issues. Now that I am a stay-at-home mom and screenwriter I have finally - painfully - come to the conclusion that I must dedicate some serious time to understanding the functioning capabilities of my computer. Okay, I know, blah, blah, blah...

Here is the issue.

A while back I downloaded the XP Service Pack II (who knew you couldn't trust Microsoft) and it caused some type of corruption to my computer (not to mention those nasty spyware buggers). After 15 hours on the phone with Dell, Microsoft, and my cable guy, we were able to get my computer in working order. The Dell representative stated that the corruption would invariably raise it's ugly head time and again and that the only answer would be to wipe out the hard drive and install XP all over again.

That was the first incident. And since that download, and several system restores back to previous states later, a disc clean up, a system defrag, and continual scan by Ad-Aware and Norton Internet Security/Virus protection, I still have an extremely sluggish system that locks up constantly. I have "(not responding)" several times a day from any number of applications and every night at shut down a pop up window shows that "ccAPP.exe" is having some sort of problem. The original corruption attacked the "Sytem 32" applications. I don't know what it does, but I suspect it does a lot.

Every single time I open the "Task Manager" my CPU usage jumps to 100%. I've got anywhere from 54 to 72 processes running, and I've no clue what they are and which could possibly be non-essential. I've got "Stuff" that automatically runs at start up and I'm so fearful of causing even more damage that I don't feel confident enough to remove them from the desktop or even if that is what's recommended.

My Norton wouldn't start up today (it did after two reboots), and for the first time - in who knows how long - when I opened my scriptwriting software the computer could actually keep up with my keystrokes. As a writer it's beneficial to put black to white as quickly as the thoughts arrive, and I'm sure you can appreciate the frustration when you've got a 5 sec delay before you even see the words appear on the page.

I realize that this is all of my own doing and that I should have taken better care with something as important as my computer (1 1/2 years old). I am a writer and a mother and all my work is on my hard drive, all my pictures of my daughter's four years is on this computer. I have begun the process of backing everything up. I'm not sure how I will get my Outlook files back into their proper place... perhaps I can e-mail the files to my Gmail account?

Long story short... I want to know how (and what) I should do to save software and files onto cds, how I take my system down to its original state, how to reinstall XP Home, and reload all the software "Stuff" again.

I am working on a Dell Inspirion 1150. I have XP Home edition. Applications that I have downloaded include: Gmail installer, Yahoo! Messenger, Google Toolbar (I also have MSN and Yahoo! toolbars too and do not know how to rid myself of them), Picasa2, Final Draft downloaded update, Norton Internet/Anti-virus downloaded software (I don't have the disc, I purchased it online from Symantec), Itunes(2), Adobe Reader 7.0, Ad-Aware, Internet Explorer, a few other files and photos.

Somehow it doesn't seem that this should all total 12 GB of hard space.

Yes, I know, I'm a wreck!

Oh, is it okay to delete these icons off the desktop, will I still be able to access them through the "Start" button?

Is there a way to stop programs from automatically launching at start up?

I will be printing my "Help" files for XP and my computer tomorrow and will read word-for-word every last page. When this is all said and done, you'll not hear from me again.

Sorry for the lengthy post. I didn't know what you could possibly need. My apologies for the lack of appropriate terminology. I understand that "Stuff" isn't exactly ideal.

Thank you all in advance for you assistance.

FA4

Edited by finalact4, 04 March 2006 - 11:44 PM.

FA4

Who's your daddy now? -- Mrs. Smith

BC AdBot (Login to Remove)

 


#2 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:09:04 AM

Posted 05 March 2006 - 12:06 AM

First of all, installing SP2 on a system running XP is not what caused your problems. It is a CRITICAL UPDATE and absolutely necessary for your computer to have to prevent its being attacked by malware through exploits the service pacs patch, and for prevention of allowing miscreants using the weaknesses in your unpatched computer to infect others.

It was more than likely installing it on an infected system that may have caused the problems you are experiencing if not the malware residing on the system itself.

Backing up now, while necessary to preserve your data, can be problematic. You may just backup viruses, etc as part of the backup and restore it to the computer after it has been disinfected.

By the way, unless $ is a significant problem, backing up on an external USB hard drive made just for that purpose (which can be set to do incremental backups automatically) is far better and more foolproof than backing up on cds. You can get such a drive for less than $100, depending on how large you need it to be including the Dantz Retrospect software to accomplish backing up intervals scheduled and set by you.

Back to your problem:

If you are even moderately computer literate the best thing to do would be to disinfect your system rather than reload it if the data you have on it is important and hasn't yet been backed up.

I assume you have regularly updated your anti-virus program's virus definitions and run a recent scan? If not, do so immediately using safe mode to run the scan.

Startup programs can be stopped, but unless you know what you're doing you may disable the av program, the firewall or critical system processes.

The following is an ap that makes it easier to regulate the startups than the Windows utility, msconfig.
Download and install Startup Inspector here:
http://www.windowsstartup.com/

Be very careful what you disable.

The next step would be to run Adaware after updating it again.

Then download, install, update and run Spybot Search and Destroy, enabling "Teatimer" when you install it. Allow it to "Immunize" your system and then run a scan with it, set to fix what it finds.

Then posting Hijack This log in our HJT forum would be in order.

Please read the pinned post in our “HijackThis” forum, here
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
Carefully read and follow all directions explicitly.

Following instructions run a log, and post it in following HJT forum,
at this link
http://www.bleepingcomputer.com/forums/posthjtlog.html

Do not as yet attempt to fix anything by yourself using Hijack This as even what may seem to be a small mistake can render your operating system completely inoperable.
Some files when in one folder may be fine while in another may be malware.


A member of our HJT Team will analyze your log, make recommendations and offer assistance.

It may take a period of time to get a response to the log you posted because the members of our HJT Team are kept very busy.
Please be patient as this team is manned by volunteers. They will help you as soon as possible.

NOTE
Once you have posted your HJT log, please DO NOT make any additional posts in the HJT forum thread you created until you get a response from a member of our HJT expert team.

The first criteria they have when looking for logs that need replies are posts showing 0 replies. If you make an additional post, it will show as having 1 reply.
A team member, looking to see if a reply has been made might well assume another HJT Team member is already assisting you and might not open the thread to respond.

So, make your post and wait for a response from a team member.

After your system is disinfected, then reinstall SP2 asap!

Edited by Enthusiast, 05 March 2006 - 12:13 AM.


#3 phantazy

phantazy

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Location:London UK
  • Local time:03:04 PM

Posted 05 March 2006 - 01:01 AM

If you re-install after backing up, it is worth noting you will lose ready access to 'My Documents' and all installed programs, such as 'Microsoft Office' etc. What I do is keep a folder called 'Exe files' which handle my downloaded small programs, AV, Firewall, registry cleaners, general utilities, and save them to cd disc. Large Applications, like graphic drivers, and video editing have their own cd's anyway. Having the exe files is useful, because you can install for example your chosen firewall prior to going on the net, to re-download updates. This helps as you are immediately vulnerable with a fresh install prior to obtaining these. Your 'My documents' folder will remain, if you don't wipe clean and re-format, but will be under your previous user name. XP will not allow you to use the same name twice. Depending on how many programs you have installed this will obviously take some time to re-instate once you have a fresh XP installation, it's usually about five hours for mine. Once your machine is working properly the way you require, I recommend a back-up program, called Erunt. This backs up your system state, and can be programmed for incremental back-ups, say weekly. This ensures that should you have a problem in the future you can revert to a perfect copy of how and when the system was ok. I have found this better than using windows back-up facility, or 'System Restore'. I hope this helps.

#4 finalact4

finalact4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 05 March 2006 - 09:28 PM

Thank you both for your replies.

To date I have completed the following...

Spybot search and destroy download, install and update. I didn't run it yet because I was waiting to run Norton in safe mode.

Windows startup Inspector has been downloaded and run. It did help my computer charge and at various times the CPU% was as low as 9%, which is great. It still has something in the background that kicks in every several minutes and causes the percentage to leap to 100% - distressing still.

Now, when I started up in safe mode and went to run Norton Internet/Anti-virus software it returned a pop-up window that said, "The Norton Anti-virus options are corrupt or missing please reinstall Norton anti virus." A second error window pop'd up as well, "Norton anti spam unable to run in safe mode." As well as stating that in safe mode there are limited capabilities and there was also a runtime error - what ever that is.

The Norton error pop up included a link - that you assume will fix the problem - and it only leads to their support site and doesn't provide any insight as to what exactly you should do to proceed to reinstall. My questions are... do I need to uninstall first? There isn't any "Help Topic" on that nor is there any uninstall options to the software. All you can do is turn it off - best as I can tell.

Of course the customer service department is only open 8-6pm and as I recall that's only on weekdays. They have the worst customer service of any company I have dealt with professionally and personally. I would not recommend their product. I have long suspected that this problem with Norton had occurred at installation. It always comes back saying it's working fine and it hasn't found a single problem with my computer.

Can I just reinstall over the Norton I have running on my system? It also looks like Symantec (Norton) won't help me unless I purchase a service agreement, which is so irritating because a company should well stand behind their product. I only just purchased the 2006 in November 2005.

I'm going to run spybot tonight. I will also carefully read the "Hijackthis" post.

Now, when you say, "It may take some time," before an HJT team member can help, are we talking weeks? or days? I'd just like to have an idea. I'm kind of anal. A freak really. :thumbsup:

If you have any other suggestions please comment.

Thank you again for your assistance.

FA4

Edited by finalact4, 05 March 2006 - 09:32 PM.

FA4

Who's your daddy now? -- Mrs. Smith

#5 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:09:04 AM

Posted 05 March 2006 - 10:18 PM

It still has something in the background that kicks in every several minutes and causes the percentage to leap to 100% - distressing still.


Windows itself will use all the processor capacity for services it runs when the computer is idle, called "system idle process". It is natural, NORMAL and necessary for the operation of your computer.

Norton, especially the Norton bundles of multiple programs are many times problematic for many computers and are themselves resource hogs. Anti-spam doesn't run in safe mode because you aren't going to deal with email in safe mode - you aren't connected to the internet, so you do not need or want it running there.

If you are not "very computer savy" do not mess with deleting things and stopping processes or you may mess your computer up beyond repair.

Your best bet is to post a HJT log following the instructions on the links I gave you and following the exact instructions given on the page linked.

The volunteers in the HJT forums are kept very busy and it takes a considerable amount of time to analyze a log, consult about it with other HJT experts and formulate a plan of attack to remove the malware the HJT log shows in your computer.

The logs are taken on a first come first served basis and each takes whatever time it takes, so there's no way of guaranteeing how fast they can get to a specific log, but once they get to yours they will give it as much attention as it needs just like they did for the one preceding it. It is the best available method to rid your computer of an infection other than reformatting and installing the op system which takes a considerable amount of time in itself and significant expertise considering you then have to reinstall everything else, remake connections, etc.

Edited by Enthusiast, 05 March 2006 - 10:33 PM.


#6 finalact4

finalact4
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 05 March 2006 - 10:50 PM

Enthusiast -

Thank you for the considerable time you have contributed on my behalf, I appreciate your assistance. With the windows inspector I was able to easily discern some processes that I never use: AOL, Viewfinder as well as a few others. I did not touch anything that I even remotely questioned. Thank you for your concern that I not mess my computer up further.

Yes, that makes perfect sense about the anti-spam. Of course it wouldn't work.

I just spent 25 minutes trying to get on a live chat with Symantec to troubleshoot the problems and wouldn't you know, there are no agents available, "Try back later," this after they tout that they are available 24/7.

Through using windows inspector that the problem I have with ccApp has to do with Symantec. I've got no good news today.

I will continue with the steps you suggested, culminating with sending the HJT log to the HJT team.

Thanks again,
FA4
FA4

Who's your daddy now? -- Mrs. Smith




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users