Jump to content

Virii Infected Laptop: How To Recover Data On Win2


ChiroGeek
 Share

Recommended Posts

Hi all,

 

I've got a good for ya:

 

My bone-head brother-in-law has let viri and trojans run amuck in his lap top for nearly 6 month.

 

Yesterday, he finally brought it too me for repair. Usually I can clean-up and salvage things before wiping the mess clean and reinstalling the OS. This time, I believe he's went to far.

 

The system is so corrupt that I'm unable to boot up to Windows 2000 pro. I tried booting in via safe mode, going to the 'last working configuration, but no luck. I also re-wrote the MBR.

 

At first the error message read that the ntoskrnl.exe was missing or corrupt.

 

So, I made a boot-up CD (there is no floppy drive in this laptop) and 'injected' the ntoskrnl.exe into the bootimage with winimage.

 

I was able to naviagate in DOS to the system32 folder and replace the destroyed ntoskrnl.exe file with a new version.

 

Unfortunately, it still won't boot up and says to replace/load the .dlls for the kernal for they are corrupt. This is going to be impossible since boot CDs only hold 2.88mb of data and I have no clue as to what files this system needs.

 

He really needs some of the information (especially a bunch of pictures and .docs) but I'm out of ideas how to retrieve it.

 

I'm scared to hook this up to my home network for fear that it will infect my home network.

 

I suppose I could reinstall the OS but choose NOT to overwrite the existing windows folder, although this trick doesn't always seem to work.

 

Any Ideas? (other than a data recovery service)

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...