HELP! - A virus has stopped the PC from booting

  • Thread starter Thread starter M Skabialka
  • Start date Start date
M

M Skabialka

A friend at home was at a web-site and Sophos anti-virus popped up that a
virus had just showed up. She ran Sophos but it froze trying to remove it.
When she tried to reboot it wouldn't boot, and when she tried to boot to
safe mode it asked which drive to use; she chose the right one (she has
three) and it got so far in booting then froze again. I haven't seen the
machine yet, but will this weekend.

Are there any anti-virus programs that can be installed on a floppy or CD to
run a scan on this Windows XP Home machine?

Or some other way of getting rid of this virus which she doen't know the
name of?

Please help!
Thanks,
Mich
 
Many viruses are designed to fatally corrupt and destroy the
operating system. You can always remove the virus file,
but the damage caused by the execution of the malicious
virus code has already been done. Try the following:

How to Perform a Windows XP Repair Install
http://www.michaelstevenstech.com/XPrepairinstall.htm

If the "Repair Install" is unsuccessful, then you need to
start from scratch and perform a "Clean Install".

Clean Install Windows XP
http://www.michaelstevenstech.com/cleanxpinstall.html

--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/

-------------------------------------------------------------------------------------------

:

| A friend at home was at a web-site and Sophos anti-virus popped up that a
| virus had just showed up. She ran Sophos but it froze trying to remove it.
| When she tried to reboot it wouldn't boot, and when she tried to boot to
| safe mode it asked which drive to use; she chose the right one (she has
| three) and it got so far in booting then froze again. I haven't seen the
| machine yet, but will this weekend.
|
| Are there any anti-virus programs that can be installed on a floppy or CD to
| run a scan on this Windows XP Home machine?
|
| Or some other way of getting rid of this virus which she doen't know the
| name of?
|
| Please help!
| Thanks,
| Mich
 
M Skabialka said:
A friend at home was at a web-site and Sophos anti-virus popped up that a
virus had just showed up. She ran Sophos but it froze trying to remove it.
When she tried to reboot it wouldn't boot, and when she tried to boot to
safe mode it asked which drive to use; she chose the right one (she has
three) and it got so far in booting then froze again. I haven't seen the
machine yet, but will this weekend.

Are there any anti-virus programs that can be installed on a floppy or CD
to run a scan on this Windows XP Home machine?

Or some other way of getting rid of this virus which she doen't know the
name of?

Please help!
Thanks,
Mich
Click to expand...

When I run into that, I take the hard drive out of the non-booting computer
and connect it via USB to my test machine that clean and well-protected. I
run the scans from there.

However, that doesn't guarantee that the drive will be bootable afterward,
and it doesn't get rid of all virus traces, since some things hide in the
registry and aren't accessible to the AV software unless the user is logged
on.

And, if files got deleted or corrupted, just removing the virus doesn't
repair the damage done.

And last, it could be a complete coincidence that the computer died while
removing a virus. You could very well be looking at a hardware problem.

As far as booting from floppy or CD, the Norton AV disks are usually
bootable, but then you're only dealing with definitions from when the
software was released, so that's usually not sufficient. You could make
something like a BartPE disk and include spyware and AV software, if you
know how to do that. But really, connected the hard drive to a working unit
is often the easiest thing to do.
 
From: "M Skabialka" <[email protected]>

| A friend at home was at a web-site and Sophos anti-virus popped up that a
| virus had just showed up. She ran Sophos but it froze trying to remove it.
| When she tried to reboot it wouldn't boot, and when she tried to boot to
| safe mode it asked which drive to use; she chose the right one (she has
| three) and it got so far in booting then froze again. I haven't seen the
| machine yet, but will this weekend.
|
| Are there any anti-virus programs that can be installed on a floppy or CD to
| run a scan on this Windows XP Home machine?
|
| Or some other way of getting rid of this virus which she doen't know the
| name of?
|
| Please help!
| Thanks,
| Mich
|

There are anti virus News Groups specifically for this type of discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
 
M Skabialka said:
A friend at home was at a web-site and Sophos anti-virus popped up that a
virus had just showed up. She ran Sophos but it froze trying to remove it.
When she tried to reboot it wouldn't boot, and when she tried to boot to
safe mode it asked which drive to use; she chose the right one (she has
three) and it got so far in booting then froze again. I haven't seen the
machine yet, but will this weekend.

Are there any anti-virus programs that can be installed on a floppy or CD
to run a scan on this Windows XP Home machine?

Or some other way of getting rid of this virus which she doen't know the
name of?

Please help!
Thanks,
Mich
Click to expand...
Norton Antivirus will boot from the CD and perform a scan as you describe.

Bobby
 
I put the drive in another PC and ran Anti-virus and spyware software on it
but that didn't clean the registry as far as I can tell, so, after hours of
doing a Windows repair install, then running multiple anti-virus and
anti-spyware programs (which removed a lot of trojans, etc), the next time
we booted it would not show a logon screen. We tried once more with the
same result so did it one last time, and instead of running the anti-
programs, recovered data and information she wanted to keep and wiped out
the drive and started a fresh install. We still have no idea what the site
was that dumped all these trojans, etc, tanked Sophos, Microsoft AntiSpyware
and Spybot all within a few seconds, would not allow starting in safe mode,
and stopped a logon screen from showing.

She should have a clean system for now.
Thanks for your help.
Mich
 
From: "M Skabialka" <[email protected]>

| I put the drive in another PC and ran Anti-virus and spyware software on it
| but that didn't clean the registry as far as I can tell, so, after hours of
| doing a Windows repair install, then running multiple anti-virus and
| anti-spyware programs (which removed a lot of trojans, etc), the next time
| we booted it would not show a logon screen. We tried once more with the
| same result so did it one last time, and instead of running the anti-
| programs, recovered data and information she wanted to keep and wiped out
| the drive and started a fresh install. We still have no idea what the site
| was that dumped all these trojans, etc, tanked Sophos, Microsoft AntiSpyware
| and Spybot all within a few seconds, would not allow starting in safe mode,
| and stopped a logon screen from showing.
|
| She should have a clean system for now.
| Thanks for your help.
| Mich

Duh !

If you use a surrogate PC to scan another's system's hard disk then the Registry of the
surrogate system will be scanned and NOT the affected drive !

Using a surrogate PC is only good for removing infected files using anti malware
applications. Once the malware laiden files are removed, you have to place the drive back
in the system and boot from it and scan the system using anti malware software and THEN the
Registry will be scanned and needed keys removed.

Now if you scanned the hard disk properly you will have a log of what files were removed and
what infectors were found. Then it can be determined what side effects each would have and
you lack of a login screen. Maybe Winlogin.exe was replaced. Which is a side effect of a
SpyBot worm or MyDoom

W32/Spybot.worm.lz -- http://vil.nai.com/vil/content/v_100549.htm
W32/Mydoom.bv@MM -- http://vil.nai.com/vil/content/v_135474.htm



Next time if you have a problem with malware, post in an anti malware News Group for the
*best* assistance for your problem.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
alt.privacy.spyware
 
Duh !
Once the malware laiden files are removed, you have to place the drive
back
in the system and boot from it and scan the system using anti malware
software and THEN the
Registry will be scanned and needed keys removed.
Click to expand...

That is what we tried. We cleaned it from another machine and we did get a
list of quite a few trojans and executables which were cleaned, then put it
back into the first machine. It still would not boot into safe mode at all,
ignoring the repeated F8 requests, and in normal mode there was no logon
option. That is why we did the Windows repair option, which worked for one
boot only.

Thank-you for your repair sites and newsgroup names. However, sometimes
when you go to someone's house on the weekend to fix their problems, you
don't have the tools that you would have at home or from work!

Thanks,
Mich
 
What make and model was the computer?

--


Regards.

Gerry

~~~~~~~~~~~~~~~~~~~~~~~~
FCA

Stourport, Worcs, England
Enquire, plan and execute.
~~~~~~~~~~~~~~~~~~~~~~~~
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Anti-Virus interference 9
XP intermittant boot on portable 4
windows xp sp2 loads desktop then freezes 2
Boot sector virus 8
Unable to access Hard Drive 1
Un-joining a dual boot system 1
Monitor went BLACK on Desktop, but not Laptop ? 3
Laptop no boot: txtsetup.sif corrupt or missing 1

Back
Top