Latest toolkit for virus identification.
- Thread starter Fuzz
- Start date
)
BIOS Passwords are a little bit difficult. Depending on the BIOS you can use Dogberts Blog to get the password using his toolkit.
Look here
http://dogber1.blogspot.com/2009/05/table-of-reverse-engineered-bios.html
AS for the recovery console this is the password for the Administrator account - you can use tools on Hiren (10.5 or earlier) to remove the password.
Look here
http://dogber1.blogspot.com/2009/05/table-of-reverse-engineered-bios.html
AS for the recovery console this is the password for the Administrator account - you can use tools on Hiren (10.5 or earlier) to remove the password.
OK, reset the Admin passwords with Hiren, that was fairly hassle free.
The Bios password reset with a simple Bios config reset on the mainboard.
Took the drive out and scanned and deleted the 17 infections found, confirmed on a resacan and a post scan from a different tool.
Stuck it back in his machine
Rebuilt the ntldr and ntdetect.com files
Rebuilt the boot.ini file
Been working on this since the OP...
Still NTLDR Missing
Could this be anything to do with the fact I have a XP Professional CD where as his O/S is XP Media center edition.
Help I need to go to bed.
The Bios password reset with a simple Bios config reset on the mainboard.
Took the drive out and scanned and deleted the 17 infections found, confirmed on a resacan and a post scan from a different tool.
Stuck it back in his machine
Rebuilt the ntldr and ntdetect.com files
Rebuilt the boot.ini file
Been working on this since the OP...
Still NTLDR Missing
Could this be anything to do with the fact I have a XP Professional CD where as his O/S is XP Media center edition.
Help I need to go to bed.
Last edited:
Hard to tell to be honest.
The bootcfg program went smoothly and confirmed files were rebuilt.
In his machine if I "dir" c: it comes up with pages of stuff I don't recognise. No folders as such.
With it in my machine I have two locked folders I can't access and one documents and settings folder (which contains all his stuff), that's it.
Very odd.
Beginning to think it's wiped itself clean somehow! :-/
The bootcfg program went smoothly and confirmed files were rebuilt.
In his machine if I "dir" c: it comes up with pages of stuff I don't recognise. No folders as such.
With it in my machine I have two locked folders I can't access and one documents and settings folder (which contains all his stuff), that's it.
Very odd.
Beginning to think it's wiped itself clean somehow! :-/
You'll be able to take ownership of those locked files and then add yourself to the permissions, but if you've got his documents and settings folder it's probably all the important stuff anyway.
I'd reinstall, but then I reinstall most of these types of jobs.
I'd reinstall, but then I reinstall most of these types of jobs.
He seems to think I have all the files he wanted to keep, so that's a start.
Used recuva to scare him into seeing what I could unearth. Lol what has been seen cannot be unseen etc etc..
Spent some time finding an iso of media centre ed on torrents (hopefully not full of viruses, but will be a damn site more workable than what I have now, even if it is.
Currently formatting his drive and it'll have to wait a few days before i can get back to it, as I'm off to supper club on Tuesday night!
Ahh the joys of fixing pc's
Used recuva to scare him into seeing what I could unearth. Lol what has been seen cannot be unseen etc etc..
Spent some time finding an iso of media centre ed on torrents (hopefully not full of viruses, but will be a damn site more workable than what I have now, even if it is.
Currently formatting his drive and it'll have to wait a few days before i can get back to it, as I'm off to supper club on Tuesday night!
Ahh the joys of fixing pc's