Jump to content
cotti

crash after trojans detected windows xp won't start

Recommended Posts

About two weeks ago running superspyware a red box in the lower right screen, indicating many trojans with little horse icons and such. I answered questions in order to remove all , and the system said it needed to restart. Since then all I get is a nice picture of grass and a mouse. I was able to bring up the task manager. Was able to bring up supperspyware,updated and ran again several times but cannot get desktop or run explorer.exe, or Iexplore.

I then tried reinstall xp home edition sp2 as an update same screen resulted.

All my files seem intact can open word and other programs like solitaire but only thru task manager.

Can someone help??

Don

I am on a separate machine now.

Share this post


Link to post
Share on other sites

Hi Don ,

Open a Run box and type "cmd" without quotes.

Then in the cmd prompt type "sfc /scannow" without quotes.

Hit Enter and let it run.

Then restart the computer.

Share this post


Link to post
Share on other sites

I followed you instructions and a dos box appeared under c:\windows\system32\cmd.exe

I entered the statement you gave and it ran a program for about a half-hour the CD ran a lot checking back and forth with the hard drive.

After the window closed I restarted.

Unfortunately the results were the same.

Also between while waiting for your reply I reran Superspyware again and ran a "complete scan" it then brought up like 300 Trojans and placed them in a quarantine file.

When this all started I could not find the original dell load CD so I used the one from this machine. When loading it said I had a newer version of xp sp3 and if I wanted to revert back to sp2. I said yes. The second time I attempted an update reload it asked for a software key which after calling dell is not supplied with original disk. I used "jelly bean??" to get the key from this machine and used it for all later attempts. Didn’t know if this is important. By the way the sp3 update files are still in the machine I am trying to resurrect.

Any additional advice appreciated…

Don

Share this post


Link to post
Share on other sites

There's no reason for it to even touch your CD drive, unless you have a disc inside, if so what disc ?

Don't know why you reverted back to SP2 from SP3 that was a mistake, but the SP3 should come back through a Windows update, failing that, you can download it directly from the MS website.

I take it 'jellybean' is the Magic Jellybean PK finder, although the PK should be on a sticker on your machine.

It may be worth trying a chkdsk, for this bring up a Run box as before and type the cmd as before.

Next type "chkdsk /f" without quotes.

It may ask to be run the next time you restart the machine, select Y = yes.

Restart the machine and let it run, you should see a screen saying something like.....

.....computer is checking disc for errors press any key to abort.

Don't touch it, just let it do its thing.

And make sure there is nothing in the Disc drive or any peripheral drives (externals) attached.

Share this post


Link to post
Share on other sites

There's no reason for it to even touch your CD drive, unless you have a disc inside, if so what disc ?

Sorry I left the dell operation system dick in the CD.

Don't know why you reverted back to SP2 from SP3 that was a mistake, but the SP3 should come back through a Windows update, failing that, you can download it directly from the MS website.

I realized this a mistake just after I hit the go ahead and are really you sure button.(bad joke)

I take it 'jellybean' is the Magic Jellybean PK finder, although the PK should be on a sticker on your machine.

Correct and I just found the stickers under paper not moved for years(??). By the way the jellybean 25 character CD number is not the same as the 25-character product key on this machine, although all these machines bought directly from dell. We never loaded them from disk.

It may be worth trying a chkdsk, for this bring up a Run box as before and type the cmd as before.

Next type "chkdsk /f" without quotes.

Did this as instructed. Came back with checking file system on c:

The type of file is NTFS.

Chkdsk is verifying files (stage 1 of 3)

Verification complete

Chkdsk is verifying files (stage2 of 3)

Chkdsk is verifying indexes 2 of 30

Chkdsk is verifyingsecurity descriptions 3 of 3)

Verifying USN journal

The security verification is100% completed.

Sorry, then the screen flashed with what looked like an old msdos Chkdsk info screen then the system rebooted.

It may ask to be run the next time you restart the machine, select Y = yes.

Oops forgot it did ask when I first ran the chkdsk it said disk is NTFS and chkdsk would run on reboot

Restart the machine and let it run, you should see a screen saying something like.....

.....computer is checking disc for errors press any key to abort.

This did not happen just the blue doslike screen counting percentages.

Unfortunately the results were the same.Grass blue skies and a white arrow, help...

Don the depressed.

Share this post


Link to post
Share on other sites

No safe mode is the same as normal only with a black screen background.

Also safe mode adds administrator to the names normally listed.

I tried to open explorer and got a restore screen with two calendars

It said I had no previous restores to go to.

Don

Share this post


Link to post
Share on other sites

I would copy any data I need and re-install the OS, something is definitely amiss in your present system, possibly a nasty virus/rootkit or maybe too much damage has been done to the registry.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×