Go Back    Forum > Featured > General Discussion

Reply
 
LinkBack Thread Tools
  #1  
06-28-2014, 05:44 PM
alleng1usa alleng1usa is offline
Premium Member
 
Join Date: Jan 2014
Location: florida, usa
Posts: 31
Thanked 0 Times in 0 Posts
I'm trying to help a elderly neighbor whose HP Notebook got infected with Agent4 Ransom ware virus. She does not have a recovery set made from the Recovery Partition of the hard drive and its possible that those files may also be infected or become infected if she tries to do a recovery to original as new.

The boot/bcd is infected and I was not able to clean it. Also now it will not boot into Windows and says to run the recovery set from original disk which does not come with many manufactures computers or laptops.

I tried using my daughters Vista recovery set but it is not the right version, she has Vista 32 bit so I can't use that.

So I need either a Windows Vista Home Premium 64 bit Rescue disk (dvd ISO) or a HP Pavilion dv9723cl recovery set disks (takes 3 disks to make a recovery set).

Can anyone help me?

I do not need to install only to repair the system which from what I understand is all a rescue set is needed for. It will let me boot and use the sfc scannow tool to repair the boot files that are infected so it will boot again.

If the Rescue Set does not work than I will need a Recovery Disk set too recover to original factory shipped as new. The recovery set would be on a HP Pavilion dv9723cl Notebook PC which is the model number for her laptop as purchased.

So if anyone can help me out it would be greatly appreciated. I have spent a week on this trying to clean it and now that it will not boot into Windows these are my only two choices. Once in I can try to do a full recovery to install as new and hope it does not get infected from the corrupt bcd (boot command directory). If that happens then a Recovery Set from the same model will be needed.

The last resort would be for her to contact HP and buy a Recovery Set if they have them since she would have to have the same to do a complete repair to her laptop. If HP does not have them then she will have to decide what she wants to do to get her Notebook up and running.

Thanks, I'll check back later.
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Ads / Sponsors
 
Join Date: ∞
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
  #2  
06-28-2014, 07:20 PM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 374 Times in 341 Posts
I have a Vista Business disc from the MSDN, but I don't remember if it is x86 (32-bit), x64 (64-bit), or both.

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
  #3  
06-28-2014, 08:46 PM
NJRoadfan NJRoadfan is offline
Premium Member
 
Join Date: Sep 2010
Posts: 1,155
Thanked 357 Times in 293 Posts
MSDN ISOs are just 32-bit or 64-bit.

Digital River & Microsoft officially made retail ISOs available of Windows for download, but the links aren't working.

I don't see any publicly available links of Vista with SP2 integrated. For that you need to seek out a MSDN/Technet copy. Note that since this ISO is of a retail copy of Windows, it will NOT include system specific drivers or any bundled software the machine might have come with.

Activation with OEM copies is usually done using SLIC 2.0 (a special marker in the BIOS). This is usually done with an OEM certificate and a special product key. I won't go into the details here though. You should be able to install and activate with the product key found on the CoA on the bottom of the laptop.
Reply With Quote
  #4  
06-28-2014, 08:52 PM
volksjager volksjager is offline
Free Member
 
Join Date: Nov 2011
Posts: 1,027
Thanked 212 Times in 190 Posts
plenty on the torrent sites-
i would put 7 on it instead though
Reply With Quote
  #5  
06-28-2014, 09:14 PM
alleng1usa alleng1usa is offline
Premium Member
 
Join Date: Jan 2014
Location: florida, usa
Posts: 31
Thanked 0 Times in 0 Posts
Hi NJRoadfan...

I don't want too install it. The rescue disk ISO does not install, it only allows one to fix a install that will not boot to the OS.
It basically from what I understand has the boot files like the recovery partition uses to start a Windows environment and also has the recovery console which allows you to run the sfc scannow file to check and repair windows start up issues. It checks files and replaces bad files.

It's like a start up disk use to be for Win 98SE or a start up disk for Windows XP. However, unlike XP that has a boot.ini file to load the OS it uses a new format with a boot manager called BCD which tells it what to mount and where it is found. Its way above me and I did do some very serious searches to see if I could find any rescue disks.

Microsoft did have a link for a set at one time, but no longer link to it. I did find one site but I don't do online purchases as I have told you.

I don't know if HP still has any Recovery Disks Sets still for her Notebook for as shipped new so unless someone knows someone with the model I listed above she will not have a working laptop. If I can get the ISO rescue disk I can at least repair start up, but I should be able to make her a recovery set from her laptop. The only question is whether or not the corrupted virus boot\bcd file will reinfect the files when it runs the Create Disk Recovery Set and once created running a Restore to as Shipped from the Recovery Partition will reinfect the system when its installing it.

That's the other reason that I would like to at least make a set from her laptop and if the reinstall is infected then I can try using the recovery set I made. If that is also infected than I would need the original Recovery Set from HP or someone who also has the exact same make and model. They all came with the same software for that model. That is why they say another set from a different model will not work.

Like I mentioned my daughters set would not let me run the repair since hers is a different model and the OS's are differein. Hers is 32 bit and my neighbors is 64 bit.

Thanks for the offer though. I think that's it for me tonight. I have spent so many hours trying to clean it up I'm worn out. In fact I didn't getup this morning til 10:30 am and I'm feeling kind of tired right now.

Catch you later and again thanks for the offer.
Reply With Quote
  #6  
07-04-2014, 12:03 AM
alleng1usa alleng1usa is offline
Premium Member
 
Join Date: Jan 2014
Location: florida, usa
Posts: 31
Thanked 0 Times in 0 Posts
Well I thought I should give a update so here goes.

I was able to access the Recovery Partition through the boot process since HP and other PC Manufactures put a boot option on the screen listing what key to boot from the recovery partition. I took it back to her house and told her that the only thing I could do would be to run the Recovery and hope that it wasn't infected as well since the BCD and bootmgr files showed the same date as the infected files on her main boot drive showed in Windows.

So I start the recovery and get the info from her to enter to complete the install process. Now to be perfectly honest I really didn't think there still wouldn't be problems, but I hoped there wasn't.

After the install completed I attempted to connect to the internet. Vista is a totally different animal than 98 SE, Win 2000 Pro or XP and either there is corruption from an infected install or I just cannot get the internet set up right.

Connected to her phone\cable modem it shows Local and Local Access and Internet. There is clearly a Internet Connection since Windows was able to run automatic updates, however when you check the properties it shows IPv4 Enabled while IPv6 shows Limited.

When you would open Internet it would start to load AOL then redirect to a HP URL. While still showing the AOL page it would give an error message and then you get the dreaded Windows page about unable to display garbage. So I tried everything I know that I used with the other OS's above and none of it worked. Still had the same properties as what I started with.

At that point I had her call her ISP here in Central FL and I explained to the persons (two or three calls) what was going on. They were unable to help but said they would send someone out the next day to check her modem. They were not able to tell me what settings I needed to use since it appears to be a configuration setting though I'm not sure.

So now its the next day and before he due I try to make a Recovery Set for her and it seemed to take forever for the HP Program to Create the Files. It hung at 50% for what seemed a long time then it finally started the process to burn to DVD.

So I insert the first disk and it starts the process of collecting the files to burn, then it starts to write the files to disk which after writing its suppose to then verify before asking for the next disk. It the disk fails the verify it ask for another disk and restarts the first disk burn. At 38% the burn hung so now I do not know if the disk is bad, is the recovery set files corrupt or has her burner gone bad. So I stopped the process after two more disks failed at 38% and the program informed me that it would start the process where it left off next time its run.

A little after that the ISP guy showed up and I showed him what was happening. I explained what had all occurred and he told us all he was there to do was check the modem and see if he could connect off his work notebook or whatever it was. He checked the modem with a hard reset since I was unable to do that. I unplugged it however the type they use has a battery inside it so if the cable goes out she still has her phone. So he opened the modem and did a hard reset. After the reset completed he connected his up and using the modem instead of the wireless his also has he connected with no problems opening different web pages.

He said he was not allowed to touch the computer and if she wanted he could have a pc tech come out which cost $75 dollars. She said told him no and when he left I told her I would try to see if I could fix this issue.

So more research online and after many hours said to hell with it all and ran the Recovery again to start all over. So today I sat in the kitchen from 9 am until 12 pm installing another hopefully clean install. From 12 pm until almost 5 pm I was running Windows Update after which I than checked to see if I could run the Recovery Manager Program again. And yes it did start up only starting from where I cancelled it before doing this new install. So I put a new blank DVD in and start the burn. Failure.....

Tried one more with the same results failing at 38%. So now I have it down to a corrupted file set or a bad burner.

To check I took a data dvd I burned and tried to copy it over to a folder I made. It copied with no problems from her burner and it was a full dvd 4.2gb's, 4 folders and 12 files. Now I try to burn those files to a dvd and this time the burn process stops at 40% so it looks like the burn part is bad which does not make sense since it read them off a dvd to copy to the hard drive to use as a test on the burner.

I then tried to use my daughters drive, but it would not work. I didn't want to play with the cover plates since hers would not firmly seat in the case slot. The front panel cover is shaped differently than the one on my neighbors so it would not insert far enough to fully seat and the screw tab that secures it to the case I had to remove since it was off center while hers was in the center.

At this point I called it quits for the day. So that's about it and I still do not know if the network connection problem is a corrupted install file issue or just a configuration setting. And I still do not know if she gets another burner and the recovery set can be finished is it corrupted from the trojan she had.

If I can get the connection working that would be great than I could tell her that she needs to get a Recovery Set from HP to be sure that she has a good set to reinstall with if needed. Otherwise she will need to get a new dvd burner and up with possibly another bad install from a corrupted set.

So if anyone knows the correct setting to use for full internet access instead of limited on the IPv6 Protocol for wired connection on Vista Home Premium 32 bit. Yes it shows 32 bit on the info page somewhere, I'm just too weary right now to remember. And thanks in advance. I'll read a few threads and then I need to relax a little before hitting the sack.

Quick Note:
I was logged in and had to relog in for some reason when I tried to update my original post. Just wanted too let you know.
Reply With Quote
  #7  
07-04-2014, 07:00 AM
volksjager volksjager is offline
Free Member
 
Join Date: Nov 2011
Posts: 1,027
Thanked 212 Times in 190 Posts
if you got her laptop to boot , why not just back up her personal files
then do a nuke and pave and a clean new install of 7?
a fresh clean install of 7 would be a good upgrade
plus you can 86 all the garbageware that comes with those canned computers.
Reply With Quote
The following users thank volksjager for this useful post: alleng1usa (07-05-2014)
  #8  
07-05-2014, 06:49 PM
alleng1usa alleng1usa is offline
Premium Member
 
Join Date: Jan 2014
Location: florida, usa
Posts: 31
Thanked 0 Times in 0 Posts
Hi volksjager...

Well that would be a good idea but it was given to her by her daughter to use when her Dell went belly up. Also I don't think she has the money to do an upgrade to Windows 7. It is strange though that the read on the burner works and reads all the way to allow me to copy a couple of movies to the drive, however it will not complete a recovery set burn past 38% with its CD Creator the Recovery program uses, nor will it burn past 40% using the burning software on the laptop. It has Cyber Link Power to Go.

I believe the burner portion of the drive is going bad and I don't think she wants to spend the money for another one.

I uninstalled the Norton Internet Security software and the AIM 6 software. I ran all updates and still had no luck so I shut it down and did some research on the inter tubes as one idiot Senator said once.

It appears that Vista updates way differently than XP does. For some reason it would not install SP 1 though it kept showing up to be installed and every time it would say it installed successfully even though it did not. I finally download both SP 1\SP 2 along with the Norton Removal Tool to be sure everything uninstalled. I also downloaded IE 9 since after all the updates I did it still had IE 7 on it.

I installed SP 1 manually and this time the install took. Then there was another 67 updates which 4 failed. Those that installed did not show back up so when I reran the update it pulled the 4 that failed and finally installed them. Finally when I did the next update it had to update the windows updater before checking for other updates. The next check showed SP 2 so I installed that. After that one on the next check it found another 112 updates being 406mb's. Went ahead and installed and 4 failed on that one. Reran updates and the 4 showed up, installed them this time with no problems. Rechecked and found 5 more plus one optional. Installed them and on recheck it found nothing.

I now have it running Disk De-fragment and whens it done I'm shutting it down for the night. Tomorrow I will see if I can use IE Explorer and if I have any problems I will install Firefox on it. The problem is she uses the Yahoo Search which is part of the HP Software package which shows up on the taskbar on the bottom of the screen as well as in the HP Adviser Program as well as in the Internet Explorer bar on the top of the window.

Right now I just want to get this running so she can get back on line and not have it sitting here getting in my hair. I still have to install her anti virus she uses which is AVG Free and Malware Antimalware Bytes. I know for Malware she needs to be able to access her email at AOL to get the link to download the program. I don't know about AVG but right now she can not access her email.

Like I said she's 80 years old and has bad eye sight. In fact she had a doctors appointment this past Monday to get a shot in her eye so she can drive when she has to. She said she gets a shot every 5 to 8 weeks. Man I'm glad that I don't have to have something like that. Imagine getting a needle stuck in your eye\s.

I do think that the set on the drive that was in the process of being made may have been corrupted but there's no way to truly know. She needs to but a Recovery Set from HP so she has it. And if the drive crashes she will have it to re install to factory. However, I think I would tell her not to install any of the HP software, but that may also be the only way to make a set for emergency. I'm just going to tell her to tell HP that the set got corrupted so they will send her another set at whatever the cost is.

Anyway thanks for the idea. Like I said I just want too get this thing out of the house and out of my hair right now. I spent way too many hours with it already.

If you know anyone running Vista 32 Bit could you find out what there network settings are. What configuration there using to open up the IPv6 which shows limited while the IPv4 shows Internet. For some reason its not able to see the Server both directly connected to the modem-computer and connected to the modem-router-computer. It's set for auto DHCP but its not pulling an IP on the IPv6.

Got to run now. I'll check back when I can and update everyone.

Have a great weekend. Stay safe and watch the fireworks which will be going on for the next couple of days.
Reply With Quote
  #9  
07-05-2014, 06:58 PM
volksjager volksjager is offline
Free Member
 
Join Date: Nov 2011
Posts: 1,027
Thanked 212 Times in 190 Posts
make sure you are using good blanks - Mitsubishi-Verbatim or JVC/Yudens
also make sure to install CCleaner and run the registry cleaner several time.
for anti-virus just run MSE
you can download windows 7 free on any torrent site if you want to try it
Reply With Quote
The following users thank volksjager for this useful post: alleng1usa (07-09-2014)
  #10  
07-09-2014, 12:35 PM
alleng1usa alleng1usa is offline
Premium Member
 
Join Date: Jan 2014
Location: florida, usa
Posts: 31
Thanked 0 Times in 0 Posts
Hey volksjager...

I did do a complete install and the problem was Windows was not updating properly. I got all the updates on and did finally get it to connect to the internet after that.

I then took it back to her house and installed both the AVG and Malware Anti Malwarebytes. Reset her updates to Auto and adjusted her display while also using the zoom to increase the view to 125% which allows her to see and read what's on the page.

The dvd blanks I was using are Verbatim and I have had no problem with them at all on my two pc's so I do not believe that the disks were the problem with burning the recovery set. So either the burner is going bad or both burning programs (the one used to create the recovery set or the Power To Go) were corrupted by the virus when the recovery program was run to install to factory condition.

It's out of my hair now and I do not want to get involved again. I made suggestions too her and if she chooses not to follow them then I don't want to have her call me again if she gets the same ransom-ware installed on it.

Now its time for a nap. I guess old age is creeping up on me since I seem to need a afternoon nap more often now than before.

Later and thanks for the reply.
Reply With Quote
  #11  
07-09-2014, 12:55 PM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 374 Times in 341 Posts
I moved my parents to Xubuntu Linux two years ago, because of all the malware they would get.

At least twice a year, their computers would get infected, and I'd have to fix it. This went on for at least 5 years, and every time I got more aggravated. They'd click on strange email attachments even when told not to ("but it looked like something important"), and would somehow find themselves on odd sites.

Since moving them to Xubuntu, there's been no issues. They can:
- check email (Thunderbird)
- browse the web (Firefox)
- use office software for spreadsheets and typing letters (Libre Office).

That's all they need it for.

If special Windows-only software was needed (example: Adobe InDesign, or a favorite game), I'd use a non-online VirtualBox for that one program.

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
The following users thank kpmedia for this useful post: alleng1usa (10-03-2014)
Reply




Tags
vista home premium help

Similar Threads
Thread Thread Starter Forum Replies Last Post
ATI AIW in Vista! It is possible, and with ATI MMC + VirtualDub! lordsmurf General Discussion 4 05-25-2013 03:19 AM
Editing with Windows Vista 64? Steve(MS) Edit Video, Audio 2 06-26-2010 02:10 AM
Ulead DVD Workshop 2 and Vista? admin Author, Make Menus, Slideshows, Burn 7 10-04-2009 09:51 AM
Paragon Rescue Kit 9 admin Computers 0 03-19-2009 08:56 AM
Capture Card Suggestions with Vista 64 bit cgcarter Capture, Record, Transfer 6 12-28-2008 01:03 AM

Thread Tools



 
All times are GMT -5. The time now is 11:15 AM