Solved

Broken Windows XP after virus removal

Posted on 2009-04-03
24
368 Views
Last Modified: 2012-05-06
Hi!

I have a Dell laptop that had no AV software installed. I could see right away that it was infected with various types of viruses/spyware and used AVG and AdAware in safe mode to remove them. After the scans I am able to boot to normal and safe mode but Windows does not load after login. The screen just remains blank - in safe mode it's just a black screen XP version at the top, and in normal mode, it just shows a blank screen with the desktop background.

All I seem to be able to do is ALT+CRTL+DEL to shutdown, restart or logoff.

XP Repair Install doesn't seem to be an option. I am able to get into the recovery console though and have already tried chkdsk.

Is there anything else I can try before a clean re-install ?
0
Comment
Question by:Julian Matz
  • 10
  • 6
  • 4
  • +3
24 Comments
 
LVL 6

Expert Comment

by:Lunda_Construction
ID: 24062782
Are you able to get to System Restore?  
Right Click My Computer go to properties, then System Restore tab.??
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24062883
No, it's just a blank screen. No start-menu or desktop icons. Unless there's a keyboard shortcut I could try. Or maybe a keyboard shortcut for cmd.exe?
0
 
LVL 6

Expert Comment

by:Lunda_Construction
ID: 24062885
If you are able to boot in safe mode, go to the Start menu, all programs, Accessories, then System tools, then System restore.  Try restoring to an earlier date.
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24062903
I am in safe mode now but there's no start menu. Literally just a blank screen. Kb shortcut for start menu or help and all that doesn't do anything either.
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24062918
It's not forzen either. Applications and processes are running - I can see them with the Task Manager. I just amn't able to do anything.
0
 
LVL 6

Accepted Solution

by:
Lunda_Construction earned 300 total points
ID: 24062933
Do you have any support through Dell?  There is a keyboard shortcut on some Dell products that will restore your computer to purchase date if you have not reformatted your drive yet.  

Other than that, I would try and slave out your drive and copy any files that might be important then reformat.  
0
 
LVL 30

Assisted Solution

by:flubbster
flubbster earned 100 total points
ID: 24062957
In safe mode, go to task manager
click on "new task"
type the following:

explorer.exe
hit return

Did your desktop come back??

btw.. I would not suggest trying to do a system restore, even if you are able, unless you are absolutely certain that any restore point you pick will be virus free. remember, restore makes backlups of yiour system... if you are/were infected, so will the be the backups.
0
 
LVL 6

Expert Comment

by:Lunda_Construction
ID: 24062968
When you ran Chkdsk, did you use the /R switch?  If not, try booting to the CD then use the console to run chkdsk /R on the C drive.
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24062977
It says Windows cannot find explorer.exe. I can use it though to open cmd.exe
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24062989
Yes, I used the /R switch and apparently it did repair some files/sectors.
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24063021
It looks like explorer.exe is missing from the WINDOWS directory... I guess if that's the case then a lot of other files may be missing also and it's probably best to do a clean re-install......
0
 
LVL 22

Expert Comment

by:orangutang
ID: 24063030
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 6

Assisted Solution

by:Lunda_Construction
Lunda_Construction earned 300 total points
ID: 24063069
Before reinstalling, if you have important files, pictures, etc. pull out the drive and see if you can slave it to a known working computer to grab your files.  If not able to slave it, they do sell USB external casings for your current drive so you can try that way.  Cost is approx. $30.   This is a very handy tool in cases like these.

0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24063071
Regedit.exe also seems to be missing.
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24063079
I should be able to backup the files alright. I have a USB adapter that connects 2.5" IDE drives to USB.
0
 
LVL 6

Assisted Solution

by:Lunda_Construction
Lunda_Construction earned 300 total points
ID: 24063114
just make sure if you do copy files from the old to the new reformatted drive you scan for viruses right away.   Preferabbly before you copy the files back.
0
 

Expert Comment

by:CompdrTroy
ID: 24063666
Provided you have the OS disk try running sfc.exe (System File Checker) from the task manager.  If that fails attempt a windows repair.  Either of those options should replace those missing system files.
0
 

Expert Comment

by:CompdrTroy
ID: 24063740
My apologies but I forgot to mention you need to enter a descriptor to tell it when to scan.
To do in right in windows use /scannow, but I prefer to do it on reboot /scanboot.  If you open command prompt, and then enter sfc.exe it will display the options for you, as another option.
0
 

Assisted Solution

by:CompdrTroy
CompdrTroy earned 100 total points
ID: 24063774
Ok. Last post, and again I apologize for the multiple posts I should have had it correct the first time.  /SCANBOOT will scan the files at every boot, (It takes a long time!) /SCANONCE is the command you want. It will execute on reboot only once.
0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24063912
Thanks CompdrTroy. In normal mode I cannot use CMD.exe because of:

cmd.exe - Application Error

The instruction at "0x00960664" referenced memory at "0x00960664". The memory could not be "written". (Click on OK to terminate the program, CANCEL to debug).

SFC.exe won't work in safe mode because the RPC service is unavailable.
0
 

Expert Comment

by:CompdrTroy
ID: 24064031
Ok, I should have seen that comming considering all thats missing.  If you can get your hands on an UBCD4WIN cd you can use the registry tool "registry restore" to restore to a system restore point. It's a free tool but it takes a bit of work to create one, so the easiest would be to find an iso.
0
 
LVL 30

Expert Comment

by:flubbster
ID: 24065321
If you really want to od a system restore, the easiest way at this point is to download erd commander. It will boot to a windows environment and give you access to the system restore function. Get it here:

http://www.fullandfree.info/software/erd-commander-2005/

It will ask for a password when you unrar it. The password is the name of the website, like so:

www.fullandfree.info

Make sure your cd is set as first boot device. Burn the iso image to a cd and boot it. DO NOT just copy the iso to the cd. Select system restore.
0
 
LVL 3

Expert Comment

by:techmaza
ID: 24067053
my suggestion is recover ur data in ur system drive by using liveCD like Slax or Linspire or by using Hiren Boot Cd and reinstall xp again.

0
 
LVL 21

Author Comment

by:Julian Matz
ID: 24180170
Thanks. I used an IDE->USB adapter to backup the important files and used an XP-disk to format and do a full re-install. Thanks again for all the help!
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Most of the time we are in fix when all of sudden our systems behave weirdly.  Such problems cost time and effort... so it's best to take some preventive actions so that we can avoid such issues or overcome such problems more easily. Preventive M…
Are you unable to synchronize your OST (Offline Storage Table) file with Microsoft Exchange Server? Is your OST file exceeding 2 GB size limit? In Microsoft Outlook 2002 and earlier versions, there is a 2 GB size limit for the OST file. If the file …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now