Folks,
We could use some good suggestions from anyone that has them. Our company was hit with probably the nastiest virus I have ever seen in all the years I've worked in IT (2016 version of the Quakbot). We have over 1000 Windows XP machines that we can't upgrade due to instrumentation they're connected to. Out of that 1000 computers I would say about 800 of them have had all the files in the C:\Windows\System32\Drivers folder deleted. Without having to reinstall all the computers we are wondering if anyone has any suggestions on how we can repair these PC's without having to redo each one and then configure the instrument software.
- We tried doing a system restore and that didn't work
- We also didn't have any luck with running Windows Repair.
- we tried booting to Hiren's boot CD and copying the files from a working Windows XP machine and that worked for a very small handful but we started running into too many that it didn't work for so we stopped. Are we missing something here that we need to do first? This would be the quickest method to getting these computers back online.
The errors that we get are while it's loading it stops on the DOS loading screen and says Missing c:\windows\system32\drivers\PCI.sys. If you copy that file over it stops on the next one (example C:\windows\system32\mups.sys)
We have been able to start cleaning off the virus but instrument computers are extremely difficult to reinstall and setup so we would be ever so grateful if anyone has any suggestions.
We could use some good suggestions from anyone that has them. Our company was hit with probably the nastiest virus I have ever seen in all the years I've worked in IT (2016 version of the Quakbot). We have over 1000 Windows XP machines that we can't upgrade due to instrumentation they're connected to. Out of that 1000 computers I would say about 800 of them have had all the files in the C:\Windows\System32\Drivers folder deleted. Without having to reinstall all the computers we are wondering if anyone has any suggestions on how we can repair these PC's without having to redo each one and then configure the instrument software.
- We tried doing a system restore and that didn't work
- We also didn't have any luck with running Windows Repair.
- we tried booting to Hiren's boot CD and copying the files from a working Windows XP machine and that worked for a very small handful but we started running into too many that it didn't work for so we stopped. Are we missing something here that we need to do first? This would be the quickest method to getting these computers back online.
The errors that we get are while it's loading it stops on the DOS loading screen and says Missing c:\windows\system32\drivers\PCI.sys. If you copy that file over it stops on the next one (example C:\windows\system32\mups.sys)
We have been able to start cleaning off the virus but instrument computers are extremely difficult to reinstall and setup so we would be ever so grateful if anyone has any suggestions.
