"JeffFurbs" (jefffurbs)
06/18/2014 at 22:08 • Filed to: None
0
45|
"JeffFurbs" (jefffurbs)
06/18/2014 at 22:08 • Filed to: None | 0
| 45 |
First off no this is not my computer and yes I've talked to my buddy about upgrading. Ok got that out of the way. Backstory time.
So I've been doing IT for two years now. I used XP when I was younger then jumped to OSX. When I started my IT career I jumped straight to Win 7. All my troubleshooting has been with that so XP, while not entirely lost on me, is not my strong suit. So has anyone ever seen this "shutdown" option in XP?
The computer was ravaged by Trojans, and by my own personal mistake has been made nearly unusable ( I accidentally pulled the HDD while it was still on and then I modified some permissions making even installing drivers impossible).
Well before I start rambling, thankfully my dad (who has been doing IT since long before I was born) had an XP disc so I can reinstall until my buddy can buy a decent computer. Regardless, I thought this was rather amusing.
I definitely need to be a lot more careful next time. I figured this would be a throw on my dock situation where I could clean the viruses, check some files, then put back on the XP machine. Well a combination of things has made that very difficult. I have spent 6 hours alone on it today trying to get it stable. I hate reinstalling OS's with a passion and feel that there is almost always a fix. I'm often wrong, but I've also often learned a lot in the process.
Nibby
> JeffFurbs
06/18/2014 at 22:11 |
|
Keep that shit updated! http://www.zdnet.com/registry-hack-…
>:D
I still have XP on my T42. It works fine.
ly2v8-Brian
> JeffFurbs
06/18/2014 at 22:14 |
|
This'll turn her off.
Drakkon- Most Glorious and Upright Person of Genius
> JeffFurbs
06/18/2014 at 22:18 |
|
With XP, reinstalling the OS is very very often the answer. How big is this disk? Do you have a smaller disk that you can put a clean XP onto? (let's say a 125GB spare disk you've got) and load a fresh version on there. Then his existing disk with his irreplaceable Danish Leather & Food porn , data can exist as drive D next to that new drive C. You still need to kill the viruses, but it sounds like you know what you are doing there. But 'saving' XP rather than a fresh install is a fool's errand, in my opinion.
macanamera
> JeffFurbs
06/18/2014 at 22:20 |
|
Is this your computer? Have you thought about upgrading?
|
JeffFurbs
> macanamera
06/18/2014 at 22:22 |
|
Hahaha no it is not (check this first sentence). I am trying to get my friend to upgrade. Money is the problem for him, and his hardware may run Win 7 but not well at all
|
JeffFurbs
> ly2v8-Brian
06/18/2014 at 22:22 |
|
Fantastic hahaha. I should've known
|
macanamera
> JeffFurbs
06/18/2014 at 22:26 |
|
Right so that was actually a joke, because I asked exactly what you were trying to disclaim in the first sentence....sorry, I've been drinking.
wiffleballtony
> JeffFurbs
06/18/2014 at 22:26 |
|
As much as I hate to say it but that looks seriously borked. I can't ever remember seeing something to turn off mother nature. Feels like the OS itself is corrupted.
|
JeffFurbs
> Drakkon- Most Glorious and Upright Person of Genius
06/18/2014 at 22:27 |
|
Ugh... I always feel so defeated with re-installing. But I know you are definitely right. At this point it is more of a "just to see if I can" task. I should have mentioned it's an old Dell laptop. So yes that would've been a lot easier to do that way! I like your thinking. I cleaned the viruses/malware and backed up his data to my computer. So tomorrow after I get the XP disk, I'm wiping his computer and copying the data over. Got to love technology. I am pretty well known in my office for the fool's errands haha
lone_liberal
> JeffFurbs
06/18/2014 at 22:28 |
|
You learn in IT that though it might bruise your ego to give up, most of the time it's easier and quicker just to reinstall Windows. I haven't dealt with XP for a few years so I don't have a quick answer other than to backup data, wipe and reinstall.
The Transporter
> JeffFurbs
06/18/2014 at 22:29 |
|
Well, there's your problem right there. A little dab of penguin should clear that up.
In all seriousness, if I were doing it, I'd take some rather drastic measures here. Remove the hdd and install it in an external case. Copy all pertinent user data to another computer, preferably one that doesn't run on something made by Microsoft. That should help stymie the transfer of any viruses off of that Typhoid Mary of a computer.
After that's done, reformat the hdd. Doing this on a non Windows computer should permanently remove any viruses on the disk. Next, take the XP install disk and throw it at your friend as punishment for not upgrading to literally anything else. There's no excuse when Linux is free. If he's still adamant about continuing to use XP, throw it at him again. Keep repeating until he gives in, the disk breaks, or you get tired.
|
JeffFurbs
> Nibby
06/18/2014 at 22:29 |
|
No kitten? He needs a new laptop at some point regardless (it doesn't even run XP terribly well), but that is really good to know. I'm gonna put that one in the tool bag!
Thanks Nibbly!
|
JeffFurbs
> macanamera
06/18/2014 at 22:30 |
|
Hahahah no worries. This ramble that I called a post was motivated mostly by some beer. Cheers!
|
JeffFurbs
> lone_liberal
06/18/2014 at 22:31 |
|
Totally true. It still doesn't make it any easier haha. Ill be giving up tomorrow and re-installing
|
Drakkon- Most Glorious and Upright Person of Genius
> ly2v8-Brian
06/18/2014 at 22:32 |
|
This guy hates his own species.
|
macanamera
> JeffFurbs
06/18/2014 at 22:33 |
|
Cheers, mate. Tried Sierra Nevada Summerfest out tonight for the first time. Very crisp, not a lot of flavor. Did the job, though.
|
Drakkon- Most Glorious and Upright Person of Genius
> JeffFurbs
06/18/2014 at 22:33 |
|
Better to be know for a fool's errand than Danish Leather and Food porn.
|
JeffFurbs
> wiffleballtony
06/18/2014 at 22:34 |
|
Much agreed... The OS is definitely corrupted. The registry itself I think is the most borked. A lot of permissions got damaged (either by my own fault, or the virus, or both) so re-install here I come
|
lone_liberal
> JeffFurbs
06/18/2014 at 22:34 |
|
It's a lot less painful in a professional setting where you have images or restore disks to make it much easier to reinstall so I understand your pain.
JGrabowMSt
> JeffFurbs
06/18/2014 at 22:36 |
|
well, as an IT pro myself, try a few different discs, and see if you can do a repair install. It will replace the core windows files while retaining the programs and some general settings and your data. The option is not available on all discs, so try several and see what works. You will have to reactivate I believe, but thats the least of your problems in a situation like this.
If its XP Pro, you can upgrade to Vista Business. Dont enter a key. Upgrade to 7 Pro, and enter a key then. Itll take a few hours to complete, but you wont need to worry about your settings or programs. Just make sure you upgrade all drivers when the vista upgrade is finished, otherwise you risk seeing a "0xDA" BSOD, which is incompatible drivers. Once you get that BSOD, it is the kiss of death. Make backups often, and be very careful.
|
JeffFurbs
> macanamera
06/18/2014 at 22:36 |
|
No shit? I didn't know they did a summer. My favorite summer has been shipyard's, not wild on the flavor but just good. I'm gonna be on the lookout for Sierra Nevada now. Thanks!
For me tonight was a VT beer I just found. It's called Shed brewery Mountain Ale. Its a Brown Ale. Tastes a lot like Smutty's but a little more flavorful
|
JeffFurbs
> JGrabowMSt
06/18/2014 at 22:40 |
|
Thanks!
I'm hoping a repair will help when I can get my hands on an XP disc. I did an SFC scan and that didn't help so the repair is a last ditch before the re-install.
That's really good to know about that BSOD. I know that laptop will support Vista but I don't know if it can handle Win 7. I haven't checked that yet. So Vista would be the next step if XP doesn't pan out (Vista...ugh. enough said).
Thanks for the input!
|
JeffFurbs
> Drakkon- Most Glorious and Upright Person of Genius
06/18/2014 at 22:41 |
|
Not a wiser word was spoken tonight
|
JeffFurbs
> lone_liberal
06/18/2014 at 22:42 |
|
Hahaha which sucks because I don't have this stuff at work. I have Win 7 and above there. So this will be painful!
vorspringing
> JeffFurbs
06/18/2014 at 22:42 |
|
That's basically proof that the registry is still a cesspit (the shutdown text is a configurable registry setting.) Get whatever data you can off it and do a low level format on the drive before you reinstall.
|
JeffFurbs
> The Transporter
06/18/2014 at 22:46 |
|
Hahahaha nice. I will not pick OS sides here tonight. I love my Mac and I love my Win 8. I have had very little experience with Linux though besides a few live CD's I've used here and there. My goal someday is to be comfortable with it.
But anyways. already backed everything up using my dock and cleaned the viruses. Now I just need to get an XP disc to throw at him hahah
HideyoshiJP
> JeffFurbs
06/18/2014 at 22:48 |
|
My friend had his PC named "The Internet" (definitely not NetBIOS compliant). He shut down the internet every night. :(
I hate screwing up and reinstalling, but things are so nice and clean after you do. I'm fortunately a good user (I'm also a sysadmin), so I usually only have to reinstall once per Windows version per PC, unless storage controllers are changed out, of course.
I may or may not have hand-edited the system registry to fix a botched full disk encryption suite before it encrypted the disk. I may or may not have used offline nt registry editor & password reset to do it. It may or may not have taken an hour longer than a reimage would...
|
macanamera
> JeffFurbs
06/18/2014 at 22:50 |
|
Try that Sierra Nevada. I'm sure it would be great on a super hot day in the sun, it's very crisp.
As for shipyard, don't know where to get it around here. Had it before though, sounds familiar.
mcseanerson
> JeffFurbs
06/18/2014 at 22:55 |
|
This is accurate. I've never seen that option on XP btw.
|
JGrabowMSt
> JeffFurbs
06/18/2014 at 22:56 |
|
Look up how to revert the registry, and see if you can revert back to an older registry state.
also try running combofix and seeing if that helps you, if you can log in normally, you should be able to run it fine. XP is a PITA about fixing these days. If you need any XP iso images, I can see if I can make any available for you to grab. No keys, but I should have a few unique different XP discs lying around I can toss into my skydrive for a day or two.
|
The Transporter
> JeffFurbs
06/18/2014 at 23:20 |
|
I have one that you could use if you need it.
mattoverdrive
> JeffFurbs
06/19/2014 at 00:12 |
|
I've been in IT for about 15 years now, word of advice: if it takes more than an hour to fix a desktop you're better off to wipe it and reimage. You'll never be able to get it back to the same functionality as a fresh install. I know you don't have an image for your buddy's box, but in those 6 hours you could have had windows installed and probably fully patched.
|
mattoverdrive
> JeffFurbs
06/19/2014 at 00:19 |
|
Win 7 runs more efficiently than Vista. If it'll run vista it'll probably run 7. I want to say Win 8 is supposed to be even more efficient still, but I hate that OS with a passion.
|
JeffFurbs
> mattoverdrive
06/19/2014 at 07:28 |
|
Well I should rephrase that. It had a vista oem sticker on it. So I am assuming it'll run it. I just don't know if it has the memory to run it.
I've come to really enjoy win 8 (more so 8.1), it is a very light OS. Install time takes less than 15 minutes, and boot times are real quick on an i3 with 4 gigs of ram
|
JeffFurbs
> mattoverdrive
06/19/2014 at 07:29 |
|
Absolutely true. I was more in it for the fun. I really had nothing else going on last night and I enjoy the challenge. Plus it helps me to learn things along the way.
I will say you are right about a fresh install and fully patched as long as I had at least XP with SP1 included hahah
|
JeffFurbs
> JGrabowMSt
06/19/2014 at 07:31 |
|
I'll do that! I haven't used combofix before but I've heard good things.
Thanks I appreciate it! My pops has got me covered though. He's got a disk for me
|
JeffFurbs
> HideyoshiJP
06/19/2014 at 07:35 |
|
Haha that's awesome.
Being a sysadmin helps, isn't that part of the training haha?
No way! i would've tried to do the same thing. Much more rewarding that way. Now if you could find a way to fix a drive after it's already encrypted by a virus (ugh if only) then you'd be on to something.
What did you use for the offline registry editor and password reset?
|
JeffFurbs
> mcseanerson
06/19/2014 at 07:35 |
|
Fan-fucking-tastic!
Tstanisch
> JeffFurbs
06/19/2014 at 07:36 |
|
That would be the shutdown button, if you know the file system and/or how to edit certain files, you can actually change how they are displayed. More than likely not a virus, just thought it be cool to change it. I had mine say "Activate Virus" for awhile.
|
JeffFurbs
> vorspringing
06/19/2014 at 07:36 |
|
No kidding? Good to know. And yup that's the next step haha
|
mcseanerson
> JeffFurbs
06/19/2014 at 07:42 |
|
If this is older hardware and he doesn't have any essential windows applications he absolutely has to have try migrating him to ubuntu. When Vista came out and I had a vista laptop I hated it so much I started dual booting. After going a month without going into windows I realized ubuntu would boot faster if I just got rid of windows. Didn't use windows on that computer for 2 years and I could not have been happier with it. That hardware was just too slow for windows.
|
JeffFurbs
> Tstanisch
06/19/2014 at 07:52 |
|
Haha yes I know it's the shutdown button. I'm pretty sure it was a virus because he'd have no idea how to change something like that.
|
HideyoshiJP
> JeffFurbs
06/19/2014 at 08:18 |
|
I downloaded an iso from http://pogostick.net/~pnh/ntpasswd/
I think it's part of the Hiren's BootCD , too, if you're into those sorts of multi-tool isos.
It's cli driven, so you'll need to be fairly familiar with the registry structure going in, but the password reset part is pretty easy.
|
JeffFurbs
> HideyoshiJP
06/19/2014 at 08:21 |
|
Oh yea! I have actually used Hiren's. I think I tried the password reset for fun on a win 7 machine at work but ended up having to re-image because it destroyed our admin account. Never needed to try it in XP though
|
Tstanisch
> JeffFurbs
06/19/2014 at 12:22 |
|
far enough...stupid viruses with meaningless purposes.