Inactive Malware? Error windows pop up on desktop when booting up. 8-step results

Status
Not open for further replies.
When the blue screen error occurs, there is some text message there.
I need to know, what it says.
 
Tried to boot with the Windows XP Pro CD. The windows Xp Setup screen comes up, it loads a bunch of files, then gives the message "Windows setup is starting windows" - then it crashes in about 10 seconds.

The blue error screen reads

"A problem has been detected and windows has been shut down to prevent damage to your computer.

If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again, follow these steps:

Check for viruses on your computer. Remove any newly installed hard drives or hard drive controllers. Check your hard drive to make sure it is properly configured and terminated. Run CHKDSK /F to check for hard drive corruption, and then restart your computer.

Technical information:

***STOP: 0x0000007B (0xF7A89524,0xC0000034,0x00000000,0x00000000) "
 
I am able to access the Windows Recovery Console if I boot up without any CD. If I can access it, can I try steps 1-14 as you described?
 
Go back to instructions from my reply #18, but this time don't use any CD.

Restart computer
When you reboot you will see an option to boot into the Recovery Console or the normal Windows installation.
You have to use the up/down arrows to choose the Recovery Console. Then press Enter but you only have 2 seconds by default.

Then, continue from step 3 in my reply #18.
 
On step 9, I get an "Access is denied" message, so I follow your instructions, and when I enter "ren system system.bak", I get a message saying "A directory or file with the name system.bak already exists."
 
Rename it to system.old.
You can use "old" substitute, if "bak" is already taken.
 
OK, I got through to step 14, then tried to reboot normally, and it wouldn't. I got an error (not a blue screen) that said

"Windows could not start because the following file is missing or corrupt:
\WINDOWS\SYSTEM32\CONFIG\SYSTEM
You can attempt to repair this file by starting Windows Setup using the original CD-ROM. Select 'r' at the first screen to start repair"

I followed to your next step, redid steps 4-14, using the following command at step 13
"copy _registry_machine_software c:\windows\system32\config\software "

It still wouldn't boot up, and gave me the same error, so I tried steps 4-14 using a different restore point. This time, while still in Windows Recovery Console, after I entered the "copy_registry_machine..." command, I get an error that says

"The command is not recognized Type HELP for a list of supported commands"
 
OK, my fault, I wasn't entering that final command properly. I was missing the space between the 'copy' and the '_' in this command

copy _registry_machine_system c:\windows\system32\config\system

, so I wasn't copying anything

I entered the command properly, and got the message that 1 file was copied, which I didn't get before.

Tried to reboot, and it wouldn't, so I tried to go back into the windows recovery console. This time, at step 9, I got "access denied" again, so I went to windows\system32\config and tried the following command again "ren system system.bak " Once again, I got the message that "a directory or file with the name system.bak already exists" I tried it again with "system.old" but got the same error message. What now?
 
You can try any three letter extension in lieu of "bak", or "old". "abc" will do.
 
Yeah, that's the problem here.
As i said before, we may have some other issues involved.

Try this.
Put Windows XP CD in.
Turn computer off.
Wait few minutes.
Start it and see, if you can boot to Windows CD.
 
nope, still crashes, blue screen.

Is this computer pretty much finished now, or is it worth taking it in somewhere to have it looked at?
 
That would be probably the best option.
I suspect, there are some issues, which go beyond malware removal forum scope.

They'll probably have to to remove hard drive and check it first.
Maybe something else, but that surely can't be checked online.

We tried.
Sorry about that :)
 
Status
Not open for further replies.
Back