Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

WINDOWS XP WILL NOT START, SUSPECTED WIN32/VIRUT


  • Please log in to reply

#1
alexkershawftw

alexkershawftw

    Member

  • Member
  • PipPip
  • 26 posts
I recently got infected by the win32/virut virus and used an avg scan to attempt to get rid of it.

After this didn't seem to help, I used Dr Web (I think that's what it's called) and ran a complete scan and there were a lot of win32/virut and so it healed them all. Then, I restarted my computer.

Now, I use Windows XP Professional, and although I can boot my computer up, when I try to log in I only see my background, my cursor and I can get the task manager up.

This happens on both my account (Alex) and on the Guest account (Guest) and also happens on both Administrator and Alex in Safe Mode, Safe Mode with Networking and Safe Mode with Command Prompt (I think that's what it's called). However, in Safe Mode with Command Prompt, the Command Prompt screen also comes up.

Also, I don't have my Windows XP CD.

Please could somebody help me out with this?

Thanks a lot in advance :)

EDIT:

Until somebody replies, I'm going to put the things I try and the results below here: (the ideas are from a similar thread I'm reading through)

I have logged into Safe Mode with Command Prompt. The background is black with 'Safe Mode' in all 4 corners, and I can only see my cursor, no desktop, toolbar, or anthing else. However, I can get the task manager up. Command Prompt is also open.

Clicking 'New Task' and typing "explorer.exe" and pressing enter comes up with the following message: "Windows cannot find 'explorer.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search."

Clicking 'New Task' and typing "regedit" and pressing enter comes up with the following message: "Windows cannot find 'regedit'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search."

Clicking 'New Task' and typing "regedt32.exe" and pressing enter does not come up with any message, but it does not open either.

Clicking 'New Task' and typing "C:\windows" and pressing enter comes up with a window called 'Open With'. Underneath the title, it says "Choose the program you want to use to open this file:' Underneath that, it says "File: windows". Then it has a list of recommended Programs to open it with, and then has an 'Browse' button. Unfortunately, on the thread I am using for ideas, the person with a similar problem did not get this window when he typed "C:\windows" into 'New Task' so I don't know what to do from here. I closed this window.

Clicking 'New Task' and typing "cmd" and pressing enter brings up a window called "C:\WINDOWS\system32\cmd.exe". I closed this window as I already have 'cmd.exe' open, as I am in Safe Mode with Command Prompt.

Typing "%systemroot%\system32\restore\rstrui.exe" into Command Prompt after 'C:\Documents and Settings\Administrator' and pressing enter makes the following message appear: "'C:\WINDOWS\system32\restore\rstrui.exe' is not recognised as an internal or external command,
operable program or batch file." Then, there is another prompt called "C:\Documents and Settings\Administrator>".

Typing "explorer.exe" into Command Prompt after 'C:\Documents and Settings\Administrator' and pressing enter makes the following message appear: "'explorer.exe' is not recognised as an internal or external command,
operable program or batch file." Then, there is another prompt called "C:\Documents and Settings\Administrator>".

Typing "regedit.exe" into Command Prompt after 'C:\Documents and Settings\Administrator' and pressing enter makes the following message appear: "'regedit.exe' is not recognised as an internal or external command,
operable program or batch file." Then, there is another prompt called "C:\Documents and Settings\Administrator>".

Typing "control" into Command Prompt after 'C:\Documents and Settings\Administrator' and pressing enter makes the following message appear: "'control' is not recognised as an internal or external command,
operable program or batch file." Then, there is another prompt called "C:\Documents and Settings\Administrator>".

Typing "appwiz.cpl" into Command Prompt after 'C:\Documents and Settings\Administrator' and pressing enter makes the following message appear: "'appwiz.cpl' is not recognised as an internal or external command,
operable program or batch file." Then, there is another prompt called "C:\Documents and Settings\Administrator>".

And now the other thread ran out of ideas... but the conversation over there gets pretty technical and hard to understand. I can't really follow it but he's saving his files. I don't have many super important files on my hard drive but I do have some moderately important ones and I would like to save them.

Please walk me through the steps; firstly any last ways to get my PC working... and if all hope is lost, please tell me what I have to do after that. Would I have to buy a new computer? I'm not a computer genious but I have moderate experience... I will understand most of what you say but try not to use too much technical jargon.

Once again, thanks in advance... I appreciate all the work you guys do here.

Edited by alexkershawftw, 21 June 2009 - 04:04 PM.

  • 0

Advertisements


#2
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts

I recently got infected by the win32/virut virus and used an avg scan to attempt to get rid of it.


Virut type if infection is NOT curable. Your only option is full format, and Windows reinstall.
  • 0

#3
cbarnard

cbarnard

    Member

  • Member
  • PipPipPip
  • 755 posts
Is your current XP pro OS the one that was infected?

If it is you have stated that you ran AVG to take care of the threat...

But If you are correct and your computer was infected with Virut. To my knowledge that is an "untreatable virus" But I'm not an expert I would advise you to go to this forum here when\if you have gone through there post a new topic in the malware forum and one of our experts will be along with you...

Good luck

Cbarnard


And now that I posted this I see that Broni has confirmed my suspicion... If there is any question as to what virus you had I would go through the forum... If you are 100% sure it is Virut then I would do a fresh install...

Edited by cbarnard, 21 June 2009 - 04:37 PM.

  • 0

#4
alexkershawftw

alexkershawftw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Broni

It is not untreatable... it is just hard to do.

I have seen a number of threads with Virut and they have been cured. I don't mean this in a bad way, but by posting you've pretty much ruined my chances of having this thread seen by somebody could actually fix this... as people seem to only post on threads with 0 posts.

So could you please actually try and help? Or if not, get somebody who thinks they can help? I have seen Essexboy remove Virut a few times and I'm sure some other 'geeks' could do it.

Please don't give up on me now... besides, I don't have my Windows XP CD.

If there is no way to heal it (after we have actually tried), could you tell me if it is possible to save any of my files from being deleted? And walk me through what I would have to do to re-format the disk, save my files, etc...

Edited by alexkershawftw, 21 June 2009 - 04:51 PM.

  • 0

#5
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
This is actually not the proper forum to discuss this issue.

I suggest that you start a new topic in the Malware Removal and Spyware Removal area.

Before you start a new topic click on this link --> Malware and Spyware Cleaning Guide, Please read before starting a new topic. This will give you a few preparations to make, as well as instruction for posting your OTListIt2 log.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).
  • 0

#6
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
You are wrong, Virut is untreatable. To fix it would be irresponsible on our part, it would result in your PC being wrecked like it is now from trying to fix it.



Please ignore Cbarnards suggestion, and listen to Broni. You need to format your PC, the damage has already been done.


There is no point going to the malware forum, we will just tell you to format.
  • 0

#7
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
Thank you :)
By directing him to malware forum, I simply wanted to avoid discussing malware subject in not related forum.
  • 0

#8
alexkershawftw

alexkershawftw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
So is there any way to save my files when reformatting? I have never done it before.

Broni, I can't do any of the stuff mentioned in that guide because I cannot log into my profile, as explained in the first post of my thread.

Rors, here is proof that Virus can be healed - http://www.geekstogo...-....html&st=30 ... I understand that thread is originally about Heur but they discover that there is also Virut and they heal it...

EDIT:

I put this in this forum because the main thread is about that fact that I cannot log into my profile... I figured that the people in this forum would be more likely to be able to get me into my profile than in the malware forum. Then, I figured that after I got into my profile, the people in the malware forum would be more likely to be able to get rid of the virus.

EDIT2:

I do accept that the damage has been done and I have to reformat, but as this is my first time doing this I need to know some things:

1) I don't need a new PC, correct?
2) I don't have my Windows XP CD... do I have to buy a new one?
3) Do I have to buy anything other than a Windows XP CD?
4) Is there any way I can save any of my files?
5) How does one reformat their disk?
6) How does one reinstall Windows?

Edited by alexkershawftw, 21 June 2009 - 05:02 PM.

  • 0

#9
edge2022

edge2022

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,117 posts
You can get your files back by using a distro of Linux to copy files from your harddrive to an external one. Click on Backup Files Without Windows in my sig for detailed instructions with Ubuntu Linux.

Virut is deadly and you will have to reformat.
  • 0

#10
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
Whatever you backup, make sure you DO NOT touch up any of following types of files:
.exe, .scr .htm .html .xml .zip .rar .asp, .php
  • 0

Advertisements


#11
cbarnard

cbarnard

    Member

  • Member
  • PipPipPip
  • 755 posts
Rorschach112

I wasn't sure if he was 100% sure if he had Virut. I don't know the S\S of the infection... I didn't want to tell him to reformat if he was wrong about his infection... I was trying to play it safe. If infact he was 100% sure he had Virut then yes a reformat is in order(only based from what I know talking to Malware experts) I just didn't want to give only one option... Sorry for any confusion I made...

Cbarnard

  • 0

#12
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
As for reinstall....
Do you have Recovery CD?
If not, you may have recovery partition. What computer brand, and model is it?
  • 0

#13
alexkershawftw

alexkershawftw

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
edge - thank you, sounds interesting. So I just download it from that link using the computer I'm on now. However, then, do I HAVE to burn it to a CD? I don't have any blank CDs... could I not just run it off my USB pen? I could probably find a rewritable CD somewhere but I'd prefer to just use my USB.

Also, I don't have an external hard drive, but the files I want are probably small enough to fit on my USB pen, so could I just use the linux thing to get my files onto the pen, and then when I reformat my disk, I can put them back onto the computer?

Thanks for your help.
  • 0

#14
edge2022

edge2022

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,117 posts
Thank you Broni, I forgot about that. If you backup files with those extensions, you have the chance of getting reinfected.
  • 0

#15
edge2022

edge2022

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,117 posts

could I not just run it off my USB pen? I could probably find a rewritable CD somewhere but I'd prefer to just use my USB.


You can also run Linux of an USB drive.
http://www.pendrivel...nstall-windows/
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP