DESPERATE for Help - Computer crash

by kf

Posted: 15 years ago 19 replies

INTERNET MARKETING

I'm at a local library with the clock ticking - I have one hour of use. It's 12:38 here - and I have about 45 minutes.

My system has crashed. Here's the background:

I've been trying to remove malware for the last few days. Had run various scans, etc. Have been waiting on someone to help me with a HiJack This Log.

And then last night, this: an auto update of wp service pack 3. Install stopped halfway and I got error message: access denied. It then un-installed.

This morning, I got only the following message (and same message when I tried safe mode):
STOP: C0000218 {Registry File Failure} System can't load hive (file

:
\systemroot\system32\config\software
or its log or alternate. It is corrupt, absent or not writable.
Beginning dump of physical memory
Physical memory dump complete
Contact system admin... etc.

I do have the windows CD. I also have a full back-up image (Acronis and Maxtor HD) from 2 weeks ago.

I need to know how to proceed from here. I don't want to risk losing the information that I have on the back-up image. I'm not sure if the system is clean enough to start a re-install.

Should I re-install windows and then work on restoring with acronis?

Please -- any help, links, suggestions you can give me would be so much appreciated.

Thank you.

#computer #crash #desperate

howudoin

15 years ago

This morning, I got only the following message (and same message when I tried safe mode):
STOP: C0000218 {Registry File Failure} System can't load hive (file

:
systemrootsystem32configsoftware
or its log or alternate. It is corrupt, absent or not writable.
Beginning dump of physical memory
Physical memory dump complete
Contact system admin... etc.

I'm not an expert with this........But are you getting this message on a blue screen?

If yes, then I guess you have to do a full Windows Reinstall (From the CD) instead of using the Back-up image.

Also, turn OFF the auto-Update feature of WIN XP after doing this reinstallation. It is known to give several problems and you can do the update MANUALLY (By just doing it once a WEEK)

Bhupinder

Thanks
1 reply

{{ DiscussionBoard.errors[635753].message }}

askloz

15 years ago

Originally Posted by howudoin

I'm not an expert with this........But are you getting this message on a blue screen?

If yes, then I guess you have to do a full Windows Reinstall (From the CD) instead of using the Back-up image.

No you don't have to do a re-install.

he just needs to reboot, and he'll be fine.

if he removed the mailware, then he'll be ok.

in regards to the update that caused the problem, he's better off going to MScommunity forums and seeking help there by identifying the error number for a fix

Thanks

Signature

HEADS UP - EVEN NEWER -->> 27 Dollar FX Systems - Ultimate Golden Cross - FX Signal Book

{{ DiscussionBoard.errors[635852].message }}

kf 15 years ago

Okay. Thanks Bhupinder. Yes, it's against the blue screen.

I just changed to auto-update as a result of the malware removal advice given ...

The question remains though ... is the system wiped 'clean' now. If I'm going to re-install I want to be sure I'm starting with a clean slate so the malware is gone, too.

Color me: Sitting at the library hitting refresh on this thread.
- Thanks
Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton
{{ DiscussionBoard.errors[635763].message }}
lrjd 15 years ago

What OS are you using?
- Thanks
Signature
{{ DiscussionBoard.errors[635764].message }}
Adaptive 15 years ago

I recommend you use a friend's computer to download knoppix and burn a CD. Also, borrow an external usb hard drive or buy one at an office supply store.

You'll then boot your computer from this CD.
Knoppix is a version of Linux that includes file recovery tools that work with Windows files.

You can use these tools to copy your documents to an external hard drive.

Once that is done you can then reinstall Windows if needed.

Knoppix is a lifesaver for Windows file recovery, because it boots from CD and it doesn't matter if Windows won't start. Best of all it's free.

Regards,
Allen
- Thanks
{{ DiscussionBoard.errors[635791].message }}
kf 15 years ago

Allen, Thank you. Golden.

OS - Windows XP Home
- Thanks
Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton
{{ DiscussionBoard.errors[635796].message }}
howudoin 15 years ago

The question remains though ... is the system wiped 'clean' now. If I'm going to re-install I want to be sure I'm starting with a clean slate so the malware is gone, too.

If you reinstall the OS from CD, You will start from a clean slate...Also, Don't use the Image Backup.

Bhupinder
- [ 1 ] Thanks
- 1 reply
{{ DiscussionBoard.errors[635799].message }}
- kf 15 years ago
  
  Originally Posted by howudoin
  
  If you reinstall the OS from CD, You will start from a clean slate...Also, Don't use the Image Backup.
  
  Bhupinder
  
  Bhupinder. Thanks. That's clear.
  
  Is there a specific reason to *not* use the Image Backup?
  
  Looks like I will try the Knoppix route to recover files and then re-install.
  
  Open to other ideas. Anyone use Acronis?
  
  Thanks
  
  Signature
  
  Those who stand for nothing, fall for anything. ~ Alexander Hamilton
  
  {{ DiscussionBoard.errors[635804].message }}
kf 15 years ago

Allen - By USB hard drive you mean a thumb drive - or actual HD? How large am I looking for? I have several on hand.
- Thanks
Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton
{{ DiscussionBoard.errors[635800].message }}
Adaptive 15 years ago

Once you have backed up your data files, the next step will be to ask at both Knoppix sites and Windows sites for help with "can't load hive." This is a Windows registry file error. It might be possible to delete, fix or replace the problem registry file; doing this might or might not mean you have to reinstall your Windows applications software. But get your own files off first!

Either USB hard drive or thumb drive should work fine, the more free space the better. Otherwise you will need to copy a few files, put them on a working computer, then copy a few more files, etc. Bucket brigade service is easier when you have a bigger bucket.

Regards,
Allen

P.S. voice of experience here... a co-worker at a previous job used Knoppix to get files off a crashed Windows machine.
- [ 1 ] Thanks
{{ DiscussionBoard.errors[635805].message }}
anth.elias 15 years ago

If you do have your Windows disk and your license key, then you should do reinstall. (BUT ONLY IF YOU KNOW FOR SURE YOU HAVE YOU IMPORTANT FILES BACKUPED AND YOU CAN RESTORE THEM TO YOUR NEWLY REINSTALLED WINDOWS.) But I'm surprised that you we need to go that far, there are a lot of powerful adware/spyware removers out there, Malwarebytes being one of the best. None the less when you insert you Windows disk in you should get a message saying that you have windows installed already, and you should see an option to reinstall and you want the full reinstall. Once you have reinstalled Windows 30-50 minutes depending on your system go out and get all you updates another 30-40 minutes if not more, than restore you backup files.
- Thanks
Signature
Laptop Repair Omaha Ne |computer repair Omaha Ne |computer repair Bellevue Ne |laptop repair Bellevue Ne |desktop repairs Bellevue Ne | Bellevue Ne Computer Repair |
{{ DiscussionBoard.errors[635825].message }}

howudoin

15 years ago

I recommend you use a friend's computer to download knoppix and burn a CD. Also, borrow an external usb hard drive or buy one at an office supply store.

You'll then boot your computer from this CD.
Knoppix is a version of Linux that includes file recovery tools that work with Windows files.

Kf...I don't know you experience level of working with computers but anything related to Linux is bound to be technical, So I'll suggest if you're a complete "Just get By" attitude with Linux then don't go this path.

Instead do a reinstall, but before doing that Upload an antivirus software, (I use Kaspersky, you can get a trial copy from their website) into your (External) USB Drive

Once the reinstall is done then DON"T open any of your Drives (C,D, E...) but rather Go straight to your USB Drive and install the Kaspersky antivirus. After that do a FULL system scan, this is because by reinstalling only the malware in your C drive will be removed but NOT from other drives. But by running a full system SCAN, your other drives will also be taken care of.

Make sure you do this Scan BEFORE you enter any of the other drives.
Do tell us how it went through

Bhupinder

[ 1 ] Thanks

{{ DiscussionBoard.errors[635827].message }}

15 years ago

Malware was mal/behav-160. Spy sweeper caught it but couldn't quarantine it. I scanned with malwarebytes, superantispy (something, spyblaster. Did online scans w Trend Micro, Kapersky, Eset. Spy sweeper was still coming up with the malware on a full scan.

I've been in Computer h*ll since Friday.

I have 7 minutes. Thank you all for your help and advice. I'll try to get back to this thread in a few hours. (Still here for a few minutes...)

Thanks
1 reply

Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton

{{ DiscussionBoard.errors[635840].message }}

askloz

15 years ago

do me a favor..

find the name of the malware, and I'll guide you from there to completely remove it manually

Originally Posted by kf

Thanks
1 reply

Signature

HEADS UP - EVEN NEWER -->> 27 Dollar FX Systems - Ultimate Golden Cross - FX Signal Book

{{ DiscussionBoard.errors[635856].message }}

15 years ago

Originally Posted by askloz

do me a favor..

find the name of the malware, and I'll guide you from there to completely remove it manually

askloz - the malware is mal/behav-160. see post up one or two, for all scans i have done. i have to go now. my time is up on this system - i got a 15 min. extension but i can get back here in a few hours.

Thanks
1 reply

Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton

{{ DiscussionBoard.errors[635875].message }}

askloz

15 years ago

you time is up on this system? huh?

how can that be?

find the location of the malware, it should tell you where it is.

let me know what the name of the program is, that's what I asked for last time, the malware program name, it has an executable, and folder where it resides.

Thanks
1 reply

Signature

HEADS UP - EVEN NEWER -->> 27 Dollar FX Systems - Ultimate Golden Cross - FX Signal Book

{{ DiscussionBoard.errors[635886].message }}

15 years ago

My time is up b/c my computer is inoperable ... and I'm at the public library. I'm back now for an hour. Apparently I can only log on twice/day ... for an hour each time. So I'm here now ...

I don't know where the malware is. If I did, I could have gotten rid of it.

Please see my post above --- I have scanned with every top-rated and recommended program available. I have spent HOURS scanning since Friday.

NONE of them find this malware --- and say I have a clean system.

The only program finding it is my anti-virus Spy Sweeper --- and it keeps finding it (during full sweep, not quick sweep), despite scans/fixes by other programs and giving me message 'Quarantine Failed'. So after all the other scans (see previous post for details), which say my system is clean, Spy Sweeper is still showing this malware.

Malware is called: Mal/Behav-160.

Meanwhile, I cannot get on my computer. The OP states that clearly. I can't get on. Even in safe mode, I only get as far as the message that I have quoted above.

I appreciate your offer for help, but do you understand that I can't just go in and take out the malware b/c I can no longer operate or access my system.

Originally Posted by askloz

Thanks
1 reply

Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton

{{ DiscussionBoard.errors[636420].message }}

jsb1022 15 years ago

Go download Hiren's Boot CD. Simply Google Hirens Boot disk and you 'll find it.

This CD has tons of tools. Boot up with it and browse the menus. It even has programs that will allow you to get your data off the drive. This tool save my life many times - even a few weeks ago on my work laptop.
- [ 1 ] Thanks
{{ DiscussionBoard.errors[636452].message }}

kf 15 years ago

Here is my thought for how to go forward. I'd appreciate feedback on this:

- Do a restore using Acronis - it's a full image of my system - that *should* restore my system and give me access to all my files

- Back up only my data files

- Wipe the system

- Re-install following Bhupinder's instructions above, loading virus before opening drives.

If there's a better option, bring it on. My thought on this is, applying my full-image restore, will give me a chance to save things before it is wiped clean w the re-install.

Clearly... my knowledge of hardware and software leaves much to be desired .. and I appreciate your help and patience with my questions.
- Thanks
Signature

Those who stand for nothing, fall for anything. ~ Alexander Hamilton
{{ DiscussionBoard.errors[636440].message }}

DESPERATE for Help - Computer crash

Trending Topics

How did you turn it all around?

Any thoughts on golf's latest phenom...Scottie Scheffler??

What's the Best IM-Related Skill to Learn Today That Can Help in the Future?

best high quality crypto traffic.

Some interesting stats about brand comms