Link to home
Start Free TrialLog in
Avatar of bbrunning
bbrunningFlag for United States of America

asked on

Spyware curruption. Now C Drive is RAW and cannot chkdsk or Defrag without recovery console.

I picked up 2 computers today which had some spyware on it. Removed the spyware, but when I attempted to run defrag it cannot start. I also looked in disk management and the hard drives are not listed. The services for these are running correctly. I set chkdsk on reboot and I get the error, the type of file system is raw and it won't check. I booted from a WInXP disc I have and chkdsk worked just fine. Both computers ran chkdsk but when rebooted the same problem occurred. I've never actually seen this happen before. I attempted a repair install on one of the machines and it gets the error: Device installer error, Windows could not load the installer for Net.
Avatar of alainbryden
alainbryden
Flag of Canada image
You should use the recovery console again and let windows repair the registry using system restore. The worst that happens then is that the spyware you removed gets put back on, but then you can always take it off again, just more carefully this time ;)

C:Windows\System32\Restore\rstrui.exe
Avatar of bbrunning
bbrunning
Flag of United States of America image

ASKER

System restore is the last thing to use with a machine that's been infect. It was disabled as well before removing this.
Avatar of alainbryden
alainbryden
Flag of Canada image
Not for spyware. Spyware can easily be removed without damaging the system. It's likely that something you did accidentally while removing it caused the corruption and so system restore would have been your best option. It certainly couldn't get you in any worse a situation than when you first took the computer into your care. If you disabled system restore then you will either need to use a tool to rebuild the registry on the computer or reinstall the operating system. There are some linux based boot CD's that can attempt to repair windows XP registries. I suggest searching for one that suits your situation.
Avatar of bbrunning
bbrunning
Flag of United States of America image

ASKER

Let me rephrase my original post. Virus/Spyware/Malware. It was infected from some crap they downloaded from limewire. It had multiple problems. Virii...does indeed have effects that corrupt the system once infected. I have seen spyware/malware do the same in the past with other systems. Removing them tears them from the system and, yes, does mess it up more in some cases. This is happening on 2 systems which were infected with the same files. I have mainly been working on the first system this whole time but took a look at the second one. It has the same problem (ie File system is RAW when attempting to run chkdsk). Most programs will not even open but windows boots just fine, that's why I was trying to figure out what would cause it to show up as raw. There is no encryption in place as well.
Avatar of bbrunning
bbrunning
Flag of United States of America image

ASKER

malwarebytes and combofix were the only 2 antispyare programs files I've run. Acted the same before as after.
ASKER CERTIFIED SOLUTION
Avatar of bbrunning
bbrunning
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of alainbryden
alainbryden
Flag of Canada image
Sorry you couldn't find a more agreeable solution.

--
Alain