A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows ME » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Out of Scope Help Needed.



 
 
Thread Tools Display Modes
  #1  
Old June 16th 09, 01:25 PM posted to microsoft.public.windowsme.general
Job
External Usenet User
 
Posts: 45
Default Out of Scope Help Needed.

Although this is an ME newsgroup I would appreciate you
helping me resolve
a problem with my daughter's XP Pro machine. Several days
ago her system was
infected with "System Security 2009" bad guy. An attempt
to do a System
Restore to the previous day was unsuccessful. The Restore
process would get to
the "Confirm Restore Point Selection" window but go no
further.

Subsequently, using corrective actions found via Google, I
have removed any
files that I could find related to "System Security" and ran
MalWareBytes.
Since the infection seems to keep her Avira AntiVirus from
running I also ran
Trend Micro's online scan.

To make a long story short her computer is still messed up.
We can't access
the internet while in Normal Mode, her Avira is not working,
her System Restore
will not go past the "Confirm Restore Point Selection"
window in neither the
Normal nor Safe Mode, and as the topper she does not have
any recovery discs
of any kind.

Is there a method whereas I can force the System Restore to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.


  #2  
Old June 16th 09, 01:53 PM posted to microsoft.public.windowsme.general
Ben Myers[_4_]
External Usenet User
 
Posts: 60
Default Out of Scope Help Needed.

"Job" wrote in message ...
Although this is an ME newsgroup I would appreciate you
helping me resolve
a problem with my daughter's XP Pro machine. Several days
ago her system was
infected with "System Security 2009" bad guy. An attempt
to do a System
Restore to the previous day was unsuccessful. The Restore
process would get to
the "Confirm Restore Point Selection" window but go no
further.

snip

See if this applies to you.

http://support.microsoft.com/kb/267176

Ben
  #3  
Old June 16th 09, 05:56 PM posted to microsoft.public.windowsme.general
Job
External Usenet User
 
Posts: 45
Default Out of Scope Help Needed.

No it does not apply Ben. I have no problem accessing the
buttons. Thanks for your response.

"Ben Myers" wrote in
message ...
"Job" wrote in message
...
Although this is an ME newsgroup I would appreciate you
helping me resolve
a problem with my daughter's XP Pro machine. Several days
ago her system was
infected with "System Security 2009" bad guy. An attempt
to do a System
Restore to the previous day was unsuccessful. The Restore
process would get to
the "Confirm Restore Point Selection" window but go no
further.

snip

See if this applies to you.

http://support.microsoft.com/kb/267176

Ben


  #4  
Old June 17th 09, 01:59 AM posted to microsoft.public.windowsme.general
webster72n
External Usenet User
 
Posts: 1,526
Default Out of Scope Help Needed.


Job,
if no one here should answer your question, it would be best to go to the
appropriate newsgroup,
microsoft.public.windowsxp.general.
The workings of SR may be slightly different, or there are other issues,
unbeknown to me and they will be better able to help you.

Harry.



"Job" wrote in message
...
Although this is an ME newsgroup I would appreciate you
helping me resolve
a problem with my daughter's XP Pro machine. Several days
ago her system was
infected with "System Security 2009" bad guy. An attempt
to do a System
Restore to the previous day was unsuccessful. The Restore
process would get to
the "Confirm Restore Point Selection" window but go no
further.

Subsequently, using corrective actions found via Google, I
have removed any
files that I could find related to "System Security" and ran
MalWareBytes.
Since the infection seems to keep her Avira AntiVirus from
running I also ran
Trend Micro's online scan.

To make a long story short her computer is still messed up.
We can't access
the internet while in Normal Mode, her Avira is not working,
her System Restore
will not go past the "Confirm Restore Point Selection"
window in neither the
Normal nor Safe Mode, and as the topper she does not have
any recovery discs
of any kind.

Is there a method whereas I can force the System Restore to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.


  #5  
Old June 17th 09, 02:37 AM posted to microsoft.public.windowsme.general
webster72n
External Usenet User
 
Posts: 1,526
Default Out of Scope Help Needed.

I was thinking of either Mike, Noel or Shane, but if none of them does
answer, it still would be best to go there, although it is your decision.
Good luck and some,

Harry.


"Job" wrote in message
...
I understand where you're coming from Harry but if the
expertise in this group (ala Mike M or Noah for instance)
can't answer my question I seriously doubt the XP group can.

Thanks for your response.


"webster72n" wrote in message
...

Job,
if no one here should answer your question, it would be best
to go to the
appropriate newsgroup,
microsoft.public.windowsxp.general.
The workings of SR may be slightly different, or there are
other issues,
unbeknown to me and they will be better able to help you.

Harry.



"Job" wrote in message
...
Although this is an ME newsgroup I would appreciate you
helping me resolve
a problem with my daughter's XP Pro machine. Several days
ago her system was
infected with "System Security 2009" bad guy. An attempt
to do a System
Restore to the previous day was unsuccessful. The Restore
process would get to
the "Confirm Restore Point Selection" window but go no
further.

Subsequently, using corrective actions found via Google, I
have removed any
files that I could find related to "System Security" and

ran
MalWareBytes.
Since the infection seems to keep her Avira AntiVirus from
running I also ran
Trend Micro's online scan.

To make a long story short her computer is still messed

up.
We can't access
the internet while in Normal Mode, her Avira is not

working,
her System Restore
will not go past the "Confirm Restore Point Selection"
window in neither the
Normal nor Safe Mode, and as the topper she does not have
any recovery discs
of any kind.

Is there a method whereas I can force the System Restore

to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.




  #6  
Old June 17th 09, 03:20 AM posted to microsoft.public.windowsme.general
Job
External Usenet User
 
Posts: 45
Default Out of Scope Help Needed.

I understand where you're coming from Harry but if the
expertise in this group (ala Mike M or Noah for instance)
can't answer my question I seriously doubt the XP group can.

Thanks for your response.


"webster72n" wrote in message
...

Job,
if no one here should answer your question, it would be best
to go to the
appropriate newsgroup,
microsoft.public.windowsxp.general.
The workings of SR may be slightly different, or there are
other issues,
unbeknown to me and they will be better able to help you.

Harry.



"Job" wrote in message
...
Although this is an ME newsgroup I would appreciate you
helping me resolve
a problem with my daughter's XP Pro machine. Several days
ago her system was
infected with "System Security 2009" bad guy. An attempt
to do a System
Restore to the previous day was unsuccessful. The Restore
process would get to
the "Confirm Restore Point Selection" window but go no
further.

Subsequently, using corrective actions found via Google, I
have removed any
files that I could find related to "System Security" and

ran
MalWareBytes.
Since the infection seems to keep her Avira AntiVirus from
running I also ran
Trend Micro's online scan.

To make a long story short her computer is still messed

up.
We can't access
the internet while in Normal Mode, her Avira is not

working,
her System Restore
will not go past the "Confirm Restore Point Selection"
window in neither the
Normal nor Safe Mode, and as the topper she does not have
any recovery discs
of any kind.

Is there a method whereas I can force the System Restore

to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.




  #7  
Old June 18th 09, 08:09 AM posted to microsoft.public.windowsme.general
Shane[_8_]
External Usenet User
 
Posts: 53
Default Out of Scope Help Needed.


Is there a method whereas I can force the System Restore to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.


Try this:

"To start System Restore using the Command prompt, follow these steps:

1. Restart your computer, and then press and hold F8 during the initial
startup to start your computer in safe mode with a Command prompt.
2. Use the arrow keys to select the Safe mode with a Command prompt
option.
3. If you are prompted to select an operating system, use the arrow keys
to select the appropriate operating system for your computer, and then press
ENTER.
4. Log on as an administrator or with an account that has administrator
credentials.
5. At the command prompt, type %systemroot%\system32\restore\rstrui.exe,
and then press ENTER.
6. Follow the instructions that appear on the screen to restore your
computer to a functional state."

If that doesn't work, then I'd say, offhand, no. Either the infection is
still present and still stopping it, or necessary file(s) have been
corrupted or deleted and that is stopping it.

Most of my time is spent in XP Pro, and I could use a regularly updated
BartPE cd (with NOD32, Trend Micro Sysclean, Stinger, McAfee Virusscan and
Spybot S&D on there, not to mention Firefox and a host of other goodies such
as Nero and Drive Image), the same on a USB stick; full image backups that
run daily; and ERUNT which runs first boot every day and saves up to 7
previous registry backups. It would be nice to know if your daughter's
machine had as much as a hidden partition containing the Windows files that
damaged or missing system files could be restored from. If she doesn't have
even that then options are pretty limited. Without a CD she can't run the
'Recovery Console' - though it is next to useless for most stuff anyway -
unless it has previously been installed to the HD (which it obviously
hasn't).

You personally couldn't burn a BartPE disc/stick without XP or Server2003 -
but if you had a fast broadband connection you could be supplied with much
of this stuff - e.g. a BartPE ISO (~450MB) though I expect various license
agreements say not to. Not that having one at this stage guarantees
anything, but you would be able to manipulate the installation without
booting the HD.

You can also acquire XP itself (just not the necessary key) via Bittorrent,
the veracity of which can be confirmed by checking the checksums, for
running
SFC /scannow with, for example, or for doing a repair reinstallation (if she
doesn't have a hidden partition containing the necessary backup system
files).

Shane




  #8  
Old June 19th 09, 05:58 AM posted to microsoft.public.windowsme.general
Job
External Usenet User
 
Posts: 45
Default Out of Scope Help Needed.

Hi Shane. Good to hear from you and thanks for the
suggestions. I don't think my daughter's computer has a
partition but I will check when I get back to her home this
coming weekend. I will also try your
"%systemroot%\system32\restore\rstrui.exe" prompt.

I read about BartPE at http://www.nu2.nu/pebuilder/ and that
looks worthwhile to try when I'm at her computer. I can
access the Internet in Safe Mode and might be able to
download the BartPE Installer via her DSL. I will give you
an update afterwards.

Hope your medical conditions have improved over the past
year.

P.S. I seem to recall reading somewhere that XP install
files are contained in something like i386. Does that ring
any bell for you?

Jim


"Shane" wrote in message
...

Is there a method whereas I can force the System Restore

to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.


Try this:

"To start System Restore using the Command prompt, follow
these steps:

1. Restart your computer, and then press and hold F8
during the initial
startup to start your computer in safe mode with a Command
prompt.
2. Use the arrow keys to select the Safe mode with a
Command prompt
option.
3. If you are prompted to select an operating system, use
the arrow keys
to select the appropriate operating system for your
computer, and then press
ENTER.
4. Log on as an administrator or with an account that has
administrator
credentials.
5. At the command prompt, type
%systemroot%\system32\restore\rstrui.exe,
and then press ENTER.
6. Follow the instructions that appear on the screen to
restore your
computer to a functional state."

If that doesn't work, then I'd say, offhand, no. Either the
infection is
still present and still stopping it, or necessary file(s)
have been
corrupted or deleted and that is stopping it.

Most of my time is spent in XP Pro, and I could use a
regularly updated
BartPE cd (with NOD32, Trend Micro Sysclean, Stinger, McAfee
Virusscan and
Spybot S&D on there, not to mention Firefox and a host of
other goodies such
as Nero and Drive Image), the same on a USB stick; full
image backups that
run daily; and ERUNT which runs first boot every day and
saves up to 7
previous registry backups. It would be nice to know if your
daughter's
machine had as much as a hidden partition containing the
Windows files that
damaged or missing system files could be restored from. If
she doesn't have
even that then options are pretty limited. Without a CD she
can't run the
'Recovery Console' - though it is next to useless for most
stuff anyway -
unless it has previously been installed to the HD (which it
obviously
hasn't).

You personally couldn't burn a BartPE disc/stick without XP
or Server2003 -
but if you had a fast broadband connection you could be
supplied with much
of this stuff - e.g. a BartPE ISO (~450MB) though I expect
various license
agreements say not to. Not that having one at this stage
guarantees
anything, but you would be able to manipulate the
installation without
booting the HD.

You can also acquire XP itself (just not the necessary key)
via Bittorrent,
the veracity of which can be confirmed by checking the
checksums, for
running
SFC /scannow with, for example, or for doing a repair
reinstallation (if she
doesn't have a hidden partition containing the necessary
backup system
files).

Shane





  #9  
Old June 19th 09, 08:20 AM posted to microsoft.public.windowsme.general
Shane[_8_]
External Usenet User
 
Posts: 53
Default Out of Scope Help Needed.

Hi Jim,

Yes, the i386 folder is where the XP installation files are held. If there
is one either in the root of any drive or in the Windows folder, that is
almost certainly it. Other installations sometimes put files into an i386
folder so basically it comes down to whether there are thousands of files,
or not, in it (mine has about 6000 files and folders). It is still possible
that some may be missing; hopefully they won't be! Of course, a hidden
partition is more likely to contain pristine copies than a folder the
malware can see (though a sufficiently sophisticated piece of malware could
see that, too, much as a partition manager can).

Physically I am much improved, thank you! Mostly through losing weight
gained first from quitting smoking, and added to by consequences of my
accident. Now I have shed over 3st and in a sense it is like regaining one's
youth! Quite amazing. Of course, every time I shave I lose about 10 years.
Combine the two and I could almost pass for a teenager! :-)

Oh, concerning the BartPE - you need the installation files for XP, to build
it - which is why I suggest the .iso (which, essentially, I would be
prepared to supply you with). On the other hand the Ultimate Boot CD does, I
believe, come complete, though I have never used it. That may well be your
better option.

Right, I'll check back from time to time. By which time I'll have had a
coffee...and I'll be able to remember how that statement ends.

Shane


"Job" wrote in message
...
Hi Shane. Good to hear from you and thanks for the
suggestions. I don't think my daughter's computer has a
partition but I will check when I get back to her home this
coming weekend. I will also try your
"%systemroot%\system32\restore\rstrui.exe" prompt.

I read about BartPE at http://www.nu2.nu/pebuilder/ and that
looks worthwhile to try when I'm at her computer. I can
access the Internet in Safe Mode and might be able to
download the BartPE Installer via her DSL. I will give you
an update afterwards.

Hope your medical conditions have improved over the past
year.

P.S. I seem to recall reading somewhere that XP install
files are contained in something like i386. Does that ring
any bell for you?

Jim


"Shane" wrote in message
...

Is there a method whereas I can force the System Restore

to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.


Try this:

"To start System Restore using the Command prompt, follow
these steps:

1. Restart your computer, and then press and hold F8
during the initial
startup to start your computer in safe mode with a Command
prompt.
2. Use the arrow keys to select the Safe mode with a
Command prompt
option.
3. If you are prompted to select an operating system, use
the arrow keys
to select the appropriate operating system for your
computer, and then press
ENTER.
4. Log on as an administrator or with an account that has
administrator
credentials.
5. At the command prompt, type
%systemroot%\system32\restore\rstrui.exe,
and then press ENTER.
6. Follow the instructions that appear on the screen to
restore your
computer to a functional state."

If that doesn't work, then I'd say, offhand, no. Either the
infection is
still present and still stopping it, or necessary file(s)
have been
corrupted or deleted and that is stopping it.

Most of my time is spent in XP Pro, and I could use a
regularly updated
BartPE cd (with NOD32, Trend Micro Sysclean, Stinger, McAfee
Virusscan and
Spybot S&D on there, not to mention Firefox and a host of
other goodies such
as Nero and Drive Image), the same on a USB stick; full
image backups that
run daily; and ERUNT which runs first boot every day and
saves up to 7
previous registry backups. It would be nice to know if your
daughter's
machine had as much as a hidden partition containing the
Windows files that
damaged or missing system files could be restored from. If
she doesn't have
even that then options are pretty limited. Without a CD she
can't run the
'Recovery Console' - though it is next to useless for most
stuff anyway -
unless it has previously been installed to the HD (which it
obviously
hasn't).

You personally couldn't burn a BartPE disc/stick without XP
or Server2003 -
but if you had a fast broadband connection you could be
supplied with much
of this stuff - e.g. a BartPE ISO (~450MB) though I expect
various license
agreements say not to. Not that having one at this stage
guarantees
anything, but you would be able to manipulate the
installation without
booting the HD.

You can also acquire XP itself (just not the necessary key)
via Bittorrent,
the veracity of which can be confirmed by checking the
checksums, for
running
SFC /scannow with, for example, or for doing a repair
reinstallation (if she
doesn't have a hidden partition containing the necessary
backup system
files).

Shane






  #10  
Old June 20th 09, 09:58 PM posted to microsoft.public.windowsme.general
Noel Paton[_3_]
External Usenet User
 
Posts: 229
Default Out of Scope Help Needed.

.....Late to the party (again!!))......

ok - What we have here is a fairly common scenario, which is, unfortunately,
best dealt with not in newsgroups, but in 1:1 help sessions on a proper
forum for spyware problems.

As Harry (I think?) has already said, you should post your original data to
the Windows XP groups, and there they will give you up-to-date links to
appropriate forums.
Alternatively, go direct to Bleeping Computer, and read the instructions
there on how to post log to the spyware forums (fora?) , then follow those
instructions, and see what they say.
One of the problems with some of these nasties is that the leopard changes
spots every week - and the resulting mess may be something that no-one
recognises at first glance.

If you need detailed assistance, please feel free to mail me direct (but be
aware that IT MAY TAKE ME A FEW DAYS TO RESPOND, DUE TO OTHER COMMITMENTS) -
didn't mean to shout, but I'll let it stand, as a friend is seriously ill
(no-one known to the groups, BTW), and I have to deal with that before the
fun of NG interactions

All the Best


--
Noel Paton
CrashFixPC

Nil Carborundum Illegitemi
www.crashfixpc.co.uk
"Job" wrote in message
...
Hi Shane. Good to hear from you and thanks for the
suggestions. I don't think my daughter's computer has a
partition but I will check when I get back to her home this
coming weekend. I will also try your
"%systemroot%\system32\restore\rstrui.exe" prompt.

I read about BartPE at http://www.nu2.nu/pebuilder/ and that
looks worthwhile to try when I'm at her computer. I can
access the Internet in Safe Mode and might be able to
download the BartPE Installer via her DSL. I will give you
an update afterwards.

Hope your medical conditions have improved over the past
year.

P.S. I seem to recall reading somewhere that XP install
files are contained in something like i386. Does that ring
any bell for you?

Jim


"Shane" wrote in message
...

Is there a method whereas I can force the System Restore

to
proceed past the
"Confirm Restore Point Selection" window and complete its
process?

Thank you.


Try this:

"To start System Restore using the Command prompt, follow
these steps:

1. Restart your computer, and then press and hold F8
during the initial
startup to start your computer in safe mode with a Command
prompt.
2. Use the arrow keys to select the Safe mode with a
Command prompt
option.
3. If you are prompted to select an operating system, use
the arrow keys
to select the appropriate operating system for your
computer, and then press
ENTER.
4. Log on as an administrator or with an account that has
administrator
credentials.
5. At the command prompt, type
%systemroot%\system32\restore\rstrui.exe,
and then press ENTER.
6. Follow the instructions that appear on the screen to
restore your
computer to a functional state."

If that doesn't work, then I'd say, offhand, no. Either the
infection is
still present and still stopping it, or necessary file(s)
have been
corrupted or deleted and that is stopping it.

Most of my time is spent in XP Pro, and I could use a
regularly updated
BartPE cd (with NOD32, Trend Micro Sysclean, Stinger, McAfee
Virusscan and
Spybot S&D on there, not to mention Firefox and a host of
other goodies such
as Nero and Drive Image), the same on a USB stick; full
image backups that
run daily; and ERUNT which runs first boot every day and
saves up to 7
previous registry backups. It would be nice to know if your
daughter's
machine had as much as a hidden partition containing the
Windows files that
damaged or missing system files could be restored from. If
she doesn't have
even that then options are pretty limited. Without a CD she
can't run the
'Recovery Console' - though it is next to useless for most
stuff anyway -
unless it has previously been installed to the HD (which it
obviously
hasn't).

You personally couldn't burn a BartPE disc/stick without XP
or Server2003 -
but if you had a fast broadband connection you could be
supplied with much
of this stuff - e.g. a BartPE ISO (~450MB) though I expect
various license
agreements say not to. Not that having one at this stage
guarantees
anything, but you would be able to manipulate the
installation without
booting the HD.

You can also acquire XP itself (just not the necessary key)
via Bittorrent,
the veracity of which can be confirmed by checking the
checksums, for
running
SFC /scannow with, for example, or for doing a repair
reinstallation (if she
doesn't have a hidden partition containing the necessary
backup system
files).

Shane






 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
just what i needed xztheericzx General 2 November 12th 07 04:06 AM
Help needed please vee Improving Performance 4 September 28th 05 12:34 PM
Help needed please Leslie Software & Applications 3 September 22nd 04 01:49 AM
Help needed please Jack General 3 July 24th 04 04:20 PM
need to change the dhcp scope in my Internet Connection Sharing setup Gerry Voras Networking 2 June 24th 04 02:01 AM


All times are GMT +1. The time now is 02:58 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.