My friend came to me with a computer that he had just installed the newest version of avg 8.0 (or 8.5?) and it said the computer was infected with pepatch.ao. He couldn't do anything with it because everything he did popped up saying infected. I have used avg free 7.5 on ubcd4win to remove pepatch.ao. It said several files were infected including lsass.exe, winlogon.exe, and svchost.exe. I believe avg deleted these files and maybe more, this is from my memory. There were more than 3 infections but some of them were the same file.
The computer will no longer boot up to the desktop, even in safe mode. It gets to the agp.sys driver (not the correct file name but the one after mup.sys) and reboots.
Can I replace these files and have a bootable system? If so, are they all located in C:\windows\system32?
This is a friends computer and he has a lot of software he uses that he doesn't have the cd's for. It is an HP with a recovery partition, so I know I can do a system repair (from the recovery partition) and have his data files saved, but not his software. I have tried system restore (with erd commander 2007) to the last restore point and that still didn't fix it.
I believe it is updated to service pack 3, but I am not sure, it could be 2.
Thanks for any help,
Mike
The computer will no longer boot up to the desktop, even in safe mode. It gets to the agp.sys driver (not the correct file name but the one after mup.sys) and reboots.
Can I replace these files and have a bootable system? If so, are they all located in C:\windows\system32?
This is a friends computer and he has a lot of software he uses that he doesn't have the cd's for. It is an HP with a recovery partition, so I know I can do a system repair (from the recovery partition) and have his data files saved, but not his software. I have tried system restore (with erd commander 2007) to the last restore point and that still didn't fix it.
I believe it is updated to service pack 3, but I am not sure, it could be 2.
Thanks for any help,
Mike