Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 380
  • Last Modified:

Broken Windows XP after virus removal

Hi!

I have a Dell laptop that had no AV software installed. I could see right away that it was infected with various types of viruses/spyware and used AVG and AdAware in safe mode to remove them. After the scans I am able to boot to normal and safe mode but Windows does not load after login. The screen just remains blank - in safe mode it's just a black screen XP version at the top, and in normal mode, it just shows a blank screen with the desktop background.

All I seem to be able to do is ALT+CRTL+DEL to shutdown, restart or logoff.

XP Repair Install doesn't seem to be an option. I am able to get into the recovery console though and have already tried chkdsk.

Is there anything else I can try before a clean re-install ?
0
Julian Matz
Asked:
Julian Matz
  • 10
  • 6
  • 4
  • +3
5 Solutions
 
Lunda_ConstructionCommented:
Are you able to get to System Restore?  
Right Click My Computer go to properties, then System Restore tab.??
0
 
Julian MatzAuthor Commented:
No, it's just a blank screen. No start-menu or desktop icons. Unless there's a keyboard shortcut I could try. Or maybe a keyboard shortcut for cmd.exe?
0
 
Lunda_ConstructionCommented:
If you are able to boot in safe mode, go to the Start menu, all programs, Accessories, then System tools, then System restore.  Try restoring to an earlier date.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Julian MatzAuthor Commented:
I am in safe mode now but there's no start menu. Literally just a blank screen. Kb shortcut for start menu or help and all that doesn't do anything either.
0
 
Julian MatzAuthor Commented:
It's not forzen either. Applications and processes are running - I can see them with the Task Manager. I just amn't able to do anything.
0
 
Lunda_ConstructionCommented:
Do you have any support through Dell?  There is a keyboard shortcut on some Dell products that will restore your computer to purchase date if you have not reformatted your drive yet.  

Other than that, I would try and slave out your drive and copy any files that might be important then reformat.  
0
 
flubbsterCommented:
In safe mode, go to task manager
click on "new task"
type the following:

explorer.exe
hit return

Did your desktop come back??

btw.. I would not suggest trying to do a system restore, even if you are able, unless you are absolutely certain that any restore point you pick will be virus free. remember, restore makes backlups of yiour system... if you are/were infected, so will the be the backups.
0
 
Lunda_ConstructionCommented:
When you ran Chkdsk, did you use the /R switch?  If not, try booting to the CD then use the console to run chkdsk /R on the C drive.
0
 
Julian MatzAuthor Commented:
It says Windows cannot find explorer.exe. I can use it though to open cmd.exe
0
 
Julian MatzAuthor Commented:
Yes, I used the /R switch and apparently it did repair some files/sectors.
0
 
Julian MatzAuthor Commented:
It looks like explorer.exe is missing from the WINDOWS directory... I guess if that's the case then a lot of other files may be missing also and it's probably best to do a clean re-install......
0
 
Lunda_ConstructionCommented:
Before reinstalling, if you have important files, pictures, etc. pull out the drive and see if you can slave it to a known working computer to grab your files.  If not able to slave it, they do sell USB external casings for your current drive so you can try that way.  Cost is approx. $30.   This is a very handy tool in cases like these.

0
 
Julian MatzAuthor Commented:
Regedit.exe also seems to be missing.
0
 
Julian MatzAuthor Commented:
I should be able to backup the files alright. I have a USB adapter that connects 2.5" IDE drives to USB.
0
 
Lunda_ConstructionCommented:
just make sure if you do copy files from the old to the new reformatted drive you scan for viruses right away.   Preferabbly before you copy the files back.
0
 
CompdrTroyCommented:
Provided you have the OS disk try running sfc.exe (System File Checker) from the task manager.  If that fails attempt a windows repair.  Either of those options should replace those missing system files.
0
 
CompdrTroyCommented:
My apologies but I forgot to mention you need to enter a descriptor to tell it when to scan.
To do in right in windows use /scannow, but I prefer to do it on reboot /scanboot.  If you open command prompt, and then enter sfc.exe it will display the options for you, as another option.
0
 
CompdrTroyCommented:
Ok. Last post, and again I apologize for the multiple posts I should have had it correct the first time.  /SCANBOOT will scan the files at every boot, (It takes a long time!) /SCANONCE is the command you want. It will execute on reboot only once.
0
 
Julian MatzAuthor Commented:
Thanks CompdrTroy. In normal mode I cannot use CMD.exe because of:

cmd.exe - Application Error

The instruction at "0x00960664" referenced memory at "0x00960664". The memory could not be "written". (Click on OK to terminate the program, CANCEL to debug).

SFC.exe won't work in safe mode because the RPC service is unavailable.
0
 
CompdrTroyCommented:
Ok, I should have seen that comming considering all thats missing.  If you can get your hands on an UBCD4WIN cd you can use the registry tool "registry restore" to restore to a system restore point. It's a free tool but it takes a bit of work to create one, so the easiest would be to find an iso.
0
 
flubbsterCommented:
If you really want to od a system restore, the easiest way at this point is to download erd commander. It will boot to a windows environment and give you access to the system restore function. Get it here:

http://www.fullandfree.info/software/erd-commander-2005/

It will ask for a password when you unrar it. The password is the name of the website, like so:

www.fullandfree.info

Make sure your cd is set as first boot device. Burn the iso image to a cd and boot it. DO NOT just copy the iso to the cd. Select system restore.
0
 
techmazaCommented:
my suggestion is recover ur data in ur system drive by using liveCD like Slax or Linspire or by using Hiren Boot Cd and reinstall xp again.

0
 
Julian MatzAuthor Commented:
Thanks. I used an IDE->USB adapter to backup the important files and used an XP-disk to format and do a full re-install. Thanks again for all the help!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 10
  • 6
  • 4
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now