f13.net

I volunteered to help some friends of my family out after they horked their computer up.  They were alerted to the problem by their ISP sending them a message they were mass mailing spam/viruses.

So, I figured I'd run the standard Crap Cleaner, Spyware S&D, new AV software routine.  However, after doing an initial cleaning in Safe Mode, (and finding 65 viruses) the computer still will not boot into regular Windows.  After the Windows XP "status bar" screen the monitor goes blank and the monitor light blinks like it's not plugged in, then the comp just hangs as the HD intermittently spins.  And as an added bonus, even in Safe Mode with Networking I can't connect to the web because of what appears to be corrupted WINSOCK stuff.

These old timers have data in their My Docs they want saved, so a format at this point is probably out.  I tried to stick a 1 gig flash drive in and copy their My Docs to back it up, but the comp doesn't see the drive in Safe Mode.


Lame question I know but: Does using a WinXP system restore point cause you to lose your pics and crap?  (I've never used it I just format if it gets that bad)  I have a fix for corrupted WINSOCK stuff, but if I can't get the machine to boot into Windows it doesn't look good. 

Any ideas, and anyone know what exactly using System Restore does?  Anyway other way to grab that data?  Is ol' Bessy heading for the glue factory?

Thanks.

My n00b response would be:

Pull the old HDD out.  Get another HDD, install windows. 
Install and update virus program/spyware/etc, as well as Windows.
Shut down.
Connect old HDD, hoping that updated virus scanner/spyware will nuke whatever it is. 
Drag and drop to new HDD. 
Wipe/format old HDD.   

Someone else can probably offer a better suggestion.  (See my thread about my adventures in building a new PC for my 'puter competence level.).

I take it you cannot burn a CD or something to get their documents off?

Heh. I reinstalled windows after deleting Every single EXE and DLL on my spare drive. That seemed to fix it. And yes, I deleted all of them while it was virus infected. I think I got lucky.

Well, lo and behold, the 1 gig flash drive the guy gave me had about 80% of his data on it from an old comp (the horked comped is a recent upgrade).  So that's good enough foe me.  I've got his data backed up on my machine now and have formatted the USB stick to maybe use as a boot device.  Running that process down now.

The situation now is I'd like to avoid totally reinstalling WinXP on this machine because I didn't put the thing together, their step son did.  It was built by him and it's a little SFF case type deal.  I'm afraid if I go to formatting I may not have all the required mobo drivers and such to get it up and running.

So - screw the data I got it backed up.  If the machine won't get past the WinXP status bar phase before blanking/hanging...what next?  Pocket USB drive with XP files to boot and clean?  No choice but to format?  Any strategies welcome.

Search for, download, and run LSPFix to fix the Winsock problem.

System Restore shouldn't hoink your document data. Also, viruses will hide in your system restore. So it could be just restoring the viruses every time you try a regular boot. What I had to do on the machine I fixed was disable System Restore in Safe Mode to get rid of all the viruses.

You can re-install XP over your existing copy and that might fix it. You can also do a repair off the XP CD.

If you can boot through safe mode I'd say you should be able to fix it so it boots normally without a reinstall. The only reason you REALLY wouldn't want to reinstall is if you don't have an XP CD (like if it's a Dell).

You can Start|Run MSCONFIG in safe mode and turn off everything that launchs at startup.

There also may be an option on the screen where you select Safe Mode where you can view a log of the regular bootup. Maybe you can see where it's hanging.

You will need to reformat the drive and reinstall Windows. You might even want to wipe out the partitions and repartition as well. There's just too much bad stuff on there now that a reinstall won't necessarily get rid of it all.

Taking the drive out and putting it in another machine to copy the files off will probably be the most reliable way to get whatever remaining files you need off of it. However there's a chance you might somehow mess up the other machine by doing that.

Cool, thanks for the replies guys.