PDA

View Full Version : Trying to fix Win XP Home mess w/NTFS write access (long)



frugalyankee
02-08-2005, 07:42 PM
<sigh>I am not an IT expert, but because I know how to use adaware, spybot and hijackthis the neighbors think I am god and can fix their pcs.
The long story....nice but clueless neighbors are running Win XP Home (no SP 1 or 2) on a Compaq Presario 5310, say they had viruses and/or spyware and when the bad stuff got deleted on reboot they could no longer log in. You could get to log in screen, enter password, then you would see the wallpaper for a moment, then you would get logged off ("saving your settings"). I asked them for any and all CDs, and all they tried to give me was some CD-RWs still in the package. They said MAYBE the CDs that came with the PC were out in the barn.

So I get to work, try safe mode, same thing. Safe mode with command prompt, all same thing. Last known good configuration, same thing. I get the six floppies from MS site, get to recovery console. But w/o CD I cannot repair or do very much. I have online chats w/Compaq/HP tech support. They say I can do a repair from a retail Win XP CD (Which I do not have and am not about to buy). So from recovery console I copy the "repair" system file and rename the current system file in windows/system32/config folder system.bak (found this in http://www.kellys-korner-xp.com/xp_sys32.htm). Surprise! It was then I found out that it was OEM software, and now things were REALLY messed up. Instead of the XP login screen I got a popup with a lsass.exe error (password is incorrect bla bla, never even get a chance to enter a password) and it goes into infinite shutdown/boot loop. My guess is that they had the sasser worm and now it is back in full force (not really my fault), or the registry hive is messed up (my fault) or both. The recovery console is inaccessible because now it is no longer accepting the (default) blank admin password. By now I have scared up a WIN XP Pro retail cd and supposedly can do a setup from the WIN XP boot floppies. 'Repair' is not an option because for some reason the previous installation of windows is not being seen.

So...all I want to do is rename the $#&@*# "system.bak" file BACK to "system" so that MAYBE I can get to the recovery console and MAYBE get the repair option. So I need write access to the NTFS partition and eventually stumble across Knoppix and Insert and captive NTFS but am not sure what I am doing.

Oh and after I got the Knoppix CD I thought "goody, now that I cannot connect the machine to the net, I'll just get the nice tech support people at HP/Compaq to do a remote fix". Yeah, right. They don't do remote fixes.

At this point I would like to say that whatever happens I am DONE with Microsoft. I have found their software to be an insult to my intelligence before, but this has got to be the worst garbage that people have spent good $$ on that I have ever seen. I mean really, if the sasser worm messes up the password structure and you need a password to do ANYTHING then you are toast. And you cannot use ANY CD it has to be the same type, it can't even be from another Presario model. I disliked HP products before but I cannot believe they got involved with something this crappy.

I suppose I could just wipe the $%^#$ Win XP OS, leave their files and programs and give them the CD and be done with it. But if I know them they will want the Win XP.

Any advice before I go home and REALLY mess my friend's PC up would be appreciated.
And thanks for letting me rant. :evil:

mmaki
02-09-2005, 02:00 AM
My experience with Windows "Repair" is it sucks. You'll spend hours trying to fix it. Your best bet is to save their data files either by booting and loading Knoppix to RAM so you can burn their files to CD or copy them to some other box over network. Then get them to buy a Windows XP CD if that is what they want.

frugalyankee
02-09-2005, 03:48 AM
Thanks mmaki. You are probably right. I just hate to give up. I was not able to get captive-ntfs to work using either the 2.4 or experimental 2.6 kernels on the beta 3.7 Knoppix, so I downloaded and burned the Insert v1.2.17. Unfortunately I cannot figure out how to get to captive-ntfs once insert boots. Now my friend says he has an expert to look at it. I just feel bad that I might have messed it up worse than it was.