Saturday, January 3, 2015

SharePoint Server 2013 client machine is infected with CTB locker virus.

Issue: System Restore failed while restoring Windows 8.1 after infected by Virus.

Background: My windows 8.1 client machine for SharePoint server 2013 was infected by a Virus called CTB locker virus.

My machine was very slow and when I tried to do anything such as open the SharePoint sites form 8.1 client machine.

I was not sure how my client was infected, AV virus was installed and fully updated. *Still it’s a point of question, will come it later, right now let’s discus about the restore issue, that how did I recovered my machine.

All system and configuration files were fully decrypted and damaged.  

Every time you tried to restart the machine, all the Memory was occupied by an unknown program i.e. Eamnraem Vireti Dtudaa 2021. (Not sure what it was).

In all I can my machine was totally screwed and even after all possible way of removing the machine to remove the software I had only one choice to restore it from last known system restore.

My fate, was not good though, both my system restore was damaged and thrown below error:


System Restore dialed to extract the file. The restore point was damaged or was deleted during restore  

Another error message from another restore point was:

System Restore failed while copying the registry from restore point.
An unspecified error occurred during System Restore, (0x80070571).


I did tried to remove the virus using the malware bytes and some other online software, but there was no go.

Updated Antivirus and then scan with that, but Virus has infected AV also.

Tried to boot the machine in safe mode and then tried restore, same issue.

Tried to recover the machine form 'Repair your Computer’ no luck.

Tried luck with the steps given in the, no luck.

By reading in some forums online, I found, Automatic Updates will delete all Restore Points (which means that you cannot go back if the update goes bad . . .). Perhaps one of those updates corrupted our restore points.

Which is anyways was very disappointing.

The above forum has also outlined restoring registry manually, which I did not prefer.
Tried running Run sfc /scannow and chkdsk /f /r as outlined in the here: 


Finally I gave up and had to rebuild my machine to the current version with fresh install from Windows 8.1 set-up.

You can also install from any previous system image if you have one.

My machine is working like a charm now.

On the recovering you files and stopping this virus to spread, my research s still ongoing. I will keep you posted on the findings.

If you have any suggestions to prevent this from future, please drop comments in the comment box below.

Applied to: Windows 8.1, SharePoint server 2013.

Thursday, January 1, 2015

The user profile service failed the logon. The profile cannot be loaded in Windows Server 2012.

Issue: The user profile service failed the logon. The profile cannot be loaded in Windows Server 2012.

Background: All of sudden when I was trying to log in to my Windows Server 2012 with My Admin account, I get issue with the error message saying.

Error: The user profile service failed the logon. The profile cannot be loaded.

I tried various solutions from the new such as creating new account and copy over the stuff to new account.

Or Go into the Advanced Security Settings (right click on folder > properties > security > ) for the C:\Users\Default folder and checking the box to "Replace all child object permission with inheritable permissions from this object"

One of the KB article for MS says that User Profile Service may start to fail if you install April 2014 updates for Windows 8.1 or Server 2014.

However, in my case this was not the issue.

I looked for another KB, from which 3rd method does worked for me.

Removing SID and recreating the account again.

Please let me know if you have any issues following this.

Products Applied to:

·         Windows 8.1
·         Windows Server 2012.


snow flakes

blogger widgets Blogspot Tutorial


Related Posts Plugin for WordPress, Blogger...