Re: Fixing broken XP install on XPS machine

---

• From: Ben Myers <ben_myers@xxxxxxxxxxx>
• Date: Thu, 05 Mar 2009 09:45:36 -0500

---

Mike S. wrote:

My nephew asked me to look at his XP-MCE XPS machine after a "friend of a friend who's an IT tech" messed with it after an apparent virus attack.

As he describes, the problems started when he tried to play an downloaded
video and WMP (apparently) requested permission to download a new codec;
followed by his Trend Micro virus alarm going off. His "friend of a
friend" apparently removed said virus (he doesn't remember which) but the
machine (which DOES boot and run) has been very unstable since.

He has a ton of music and video files on it, and I suggested that he back
them all up on an external HD (which he did, after I booted the system
from a Live CD for safety).

So then we were faced with either a wipe and full reinstall, or something more conservative.

Some symptoms are as follows (besides general crashes and instability):

1. The NTFS file system on the C: drive seems to be messed up. When the
system boots, the pre-desktop screen displays a text message saying that
AUTOCHK is not available for disk type RAW. Running Norton Disk Doctor
from a Live CD, it complains that neither NTFS boot sector is readable
(how, then can the system boot and run?)

2. The system freezes if you try to open a command window or any console
application (for instance, chkdsk). So I ran chkdsk from the Live CD.
Astonishingly if finds very little wrong, exexpt for some unallocated
space which it fixes. Also ran the quick test with the Western Digital
diagnostic, and it found nothing wrong.

3. His antivirus cannot connect to the Internet to do a signature file
update, although web browsers, his torrent client, etc still hum merrily
along transferring stuff back and forth.

We decided to first try a conservative strategy, doing a repair install
using his Dell XP-MCE install DVD. The install proceeded to completion,
but only clicking through some errors I've never seen before:

1. Prompt to locate the Intel storage driver (dialog box was pointing to a
non-existent folder). I manually navigated to the Dell drivers folder on
the C: drive and it carried on.

2. Error while calling mscoree.dll (isn't this a .NET component?)

3. A huge string of errors related to some "get version" function of a
system DLL.


On first reboot, the AUTOCHK error is still there. DOS prompt and chkdsk
now run, and finds lots of errors in the volume map which are supposedly
fixed. Antivirus still cannot connect, but other programs have access.

It was getting late so I told him to reinstall his antivirus and see if it
updates, run another virus scan, and check for general stability before
deciding whether to wipe the machine clean.

Does this scenario suggest anything in particular?

From everything described, it would seem like the system may still have evidence of a virus, which is keeping the AV software from updating itself. But I would not rule out a hardware problem, notably the hard drive. Run WD's extended diagnostic test. Also download and run HDA2 to examine the SMART attributes to see if any sectors have been relocated and also to look at the general health of the drive.

You might also run Trend's on-line virus scan.

"1. The NTFS file system on the C: drive seems to be messed up. When the system boots, the pre-desktop screen displays a text message saying that AUTOCHK is not available for disk type RAW. Running Norton Disk Doctor from a Live CD, it complains that neither NTFS boot sector is readable (how, then can the system boot and run?)" Right! I don't think I would trust any of this. These may well be symptoms caused by a virus or worm.

Because your nephew has backed up all the videos and music (and the backup is 100% readable, right?), it might be simpler to start all over reloading Windows.

And your nephew needs to give his "friend of a friend who's an IT tech" a swift kick in the ass for causing all this anguish. Some "IT tech"! Gives the rest of us a bad name... Ben Myers
.

---

• Follow-Ups:
  • Re: Fixing broken XP install on XPS machine
    • From: Mike S.

• References:
  • Fixing broken XP install on XPS machine
    • From: Mike S.

• Prev by Date: Re: Re:Update...
• Next by Date: Re: How in God's name do I open a Dim3000??
• Previous by thread: Fixing broken XP install on XPS machine
• Next by thread: Re: Fixing broken XP install on XPS machine
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Fixing broken XP install on XPS machine ... friend who's an IT tech" messed with it after an apparent virus attack. ... system boots, the pre-desktop screen displays a text message saying that ... We decided to first try a conservative strategy, doing a repair install ... (alt.sys.pc-clone.dell) Fixing broken XP install on XPS machine ... friend who's an IT tech" messed with it after an apparent virus attack. ... system boots, the pre-desktop screen displays a text message saying that ... (alt.sys.pc-clone.dell) Re: Fixing broken XP install on XPS machine ... friend who's an IT tech" messed with it after an apparent virus attack. ... system boots, the pre-desktop screen displays a text message saying that ... We decided to first try a conservative strategy, doing a repair install ... (alt.sys.pc-clone.dell) Re: Just when you think youd seen it all..... ... I had a system from a friend that had almost 200 ... virus infections not counting the spyware, ... E-mail from a relative and click on the virus attachment. ... (alt.sys.pc-clone.dell) Re: Anti-Anti-Virus Software ... > Me and my friend were trying to set up our laptop so that it could play ... > some mpeg file I made to memorialize someone. ... > Mo did not care, after all, he has never had a virus in his life. ... > way to get you to spend money on anti-virus software, ... (microsoft.public.windowsxp.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)