Computer Got Virus, Now Won't Boot Up

Last week, my computer picked up a virus. This has happened before and I went through my normal steps to get rid of it (running clean-up programs, removing files, etc). As part of that clean-up process, I had to restart the computer. After restarting a couple of times over a couple of hours, the computer stopped booting up.

Now, when I turn on the computer, it starts up like it is going to load, but won't actually load. I've tried in regular mode, in safe mode, in last good configuration mode. Right now, I tried safe mode again. It gets as far as loading a black screen with the words "safe mode" in each corner...but that's it.

I'm running Windows XP, and if an actual Windows disk/CD came with my computer, I can't find it. I've never made a backup startup disk (which i know is a mistake, but in the past I've been able to clean up these problems).

I need to use my computer, and any help you can give me to get it back working would be much appreciated.

Thank you

 

g,day specialkman

if you could give some details of what brand and model your computer is this may help as some computers like dell and hp have a recovery partition on the hard drive.this is sometimes the method used on pc's that are brought with windows already package on the pc.

 

here's the info about my computer...
Dell Dimension E510
Intel® Pentium® 4 Processor 630 w/HT Technology (3.0GHz,800FSB), Microsoft® Windows® XP Media Center 2005 Edition

I couldn't use the microsoft support link for fixing the registry because i don't have the windows disk, and that was part of the first set of instructions. if there's another way to use those instructions without the disk, please let me know

 

There is no guarantee that this will fix your problem, but it is not a bad place to start.

There are a number of ways to perform those steps/achieve the same outcome. Choose one ...
1. Can you connect the hard drive to another computer, either internally or in an external USB enclosure? (Best, easiest,quickest ... if you can manage it!)
2. You can use a Linux LIVE CD: Do you have one handy? OR a boot disk like UBCD or UBCD4Win or something similar. (100 to 700MB download)
3. You can download the XP Recovery Console (only 7MB).
4. You can use a Vista or Windows7 installation disk to boot to a command prompt. Do you have one of these?
5. Can you borrow an XP installation disk?

Which option is going to be the easiest to get started with for you? (Being an OEM and Dell ... either of the first two options would be the safest way to go, to avoid the possibility of the Microsoft WARNING coming into play!)

 

i have a laptop that runs windows vista...i dont know how that factors into it. im also not 100% sure i can connect the 2 computers. but i'm willing to try whatever needs to be done to fix this.

as for your other suggestions...i dont have a linux live cd, i dont have a vista cd (i feel like one should have come with my laptop, but i cant find it), and if there's a way to download something and fix this, i'm all ears.

 

I base these comments on your info supplied ....

This is one option you have:
Download the XP Recovery Console (7MB)
http://www.thecomputerparamedic.com/files/rc.iso

Burn the .iso image to CD: The CD will be bootable. Boot from the CD to access the XP Recovery Console.
Follow the directions in Article ID: 307545 ...
How to recover from a corrupted registry that prevents Windows XP from starting
http://support.microsoft.com/default.aspx?scid=kb;en-us;307545&sd=tech
-------------------------------

The following option I would recommend:

Download and burn to CD, either ...
Linux Mint 7 (700MB: This is beautiful!)
http://www.linuxmint.com/download.php

OR ...
Puppy Linux (105MB)
http://www.puppylinux.org/

Boot from the Linux CD and load the OS Live (in memory only).
Basically you need to perform just a part of step 1 and then step 3 in the MS instructions: It is pretty much a simple file renaming and copy/paste of 5 files, and is very easy. Using these Linux versions ... especially Mint 7 ... is very similar to using Windows OS to do the same thing.

 

alright...i downloaded the xp recovery console file and burned it onto a cd. i put it in the computer and booted it up. when it got to the screen where it usually stops, this message popped up (this is a new one)...

taskkill.exe - unable to locate component
this application has failed to start because framedyn.dll was not found. re-installing the application may fix this problem

so, i restarted...and, this time, there was no message.

 

It sounds as though your computer is not booting to the CD.

Is your computer set to boot to a CD?

Enter the BIOS and ensure that in "boot order" that the CD-ROM is set to boot before the hard drive.

When it boots to the CD you will get the opportunity to "press R for Recovery Console" .... and end up looking at a command prompt ...
C:\WINDOWS>

Edit: You could test the CD ... that it is bootable .... in the laptop, if necessary. But it is more likely a problem with the boot order in the Dell.

 

ok, so that was an issue. but i went into bios and changed the order so the cd drive booted first. i restarted the computer...but it still started normally and took me to the same blue screen i've been looking at and then did nothing. it doesnt seem like its running the cd. i even tried burning the program onto a second disk...and still nothing.

 

Did you burn the image correctly?

How to burn/write a CD-DVD image (ISO file):
http://www.bleepingcomputer.com/tutorials/tutorial114.html

 

i clicked on the link you posted. saved it to my computer. burned it onto a cd. then took it to the desktop. so, unless i needed to do something else, it should be fine.

i just tried again with another cd (i burned another new one). this time, it goes to the page that says welcome, but stops there (it used to go past that to the blue screen and the startup sound). now i just have a welcome screen and an arrow cursor

 

An .iso file is an image (an image of a CD or DVD) that needs to be burned as such to the CD. Try with ImgBurn if you are having trouble with your normal burning software.

You cannot simply burn the file to a CD: It will not boot that way.

 

wow...i learned something new today. thank you.

i used imgburn and it worked. i hit "r" to go to the recovery console. now i'm looking at the c:\ ... i tried following the directions on the link (article id 307545). but its not working. i typed "md tmp" and it says "access is denied". i tried the following line "copy c:...." and got the same access is denied message.

 

It looks like we need to take this one step at a time: We seem to be stumbling at each new step.

But you have done well so far, and we have the Recovery Console working.
You said: "i'm looking at the c:\ ..."
Are you looking at "C:\WINDOWS>" ?
When you type in .... does it look like this ... with a space between md and tmp ?

C:\WINDOWS\md tmp

and then press the ENTER key.
---------------------
I will fire up a Recovery Console and see if I can help you along the way.

 

sorry, i'm not the most computer literate. but usually i follow directions well.

my prompt is just c:\> ... no windows

 

Now that throws me!

Please type in "dir" so the command looks like this ...
C:\>dir
and press the ENTER key.

This will display a list of the contents of the C: directory. Is the "WINDOWS" directory listed?

You can use the ENTER key to scroll down the list slowly ..
or the SPACE BAR to scroll quickly.

 

well, if that threw you, this isnt going to help much.

i typed "dir". and this is what i got...

Directory of C:\

An error occured during directory enumeration.

 

You are right about that!

Try this ...
At the C:\> prompt type "cd C:\WINDOWS" so that it looks like this
C:\>cd C:\WINDOWS

(fyi: cd = change directory)

(Please do not ever type in the quotation marks that I use ... unless advised otherwise)

 

ok...typed that...and i got...

The path or file specified is not valid.

 

What do you know/remember about your system?

Is the operating system on C: drive?
Is the directory WINDOWS on the C: drive?

Apparently not from the results we have got so far ... ???

 

yeah, it should be. i mean, ive had the computer for roughly 4 years, and never did anything major to it. so everything should be where it was originally. im pretty sure the c: is where everything was, so windows would be there.

 

I am not going to query that you have followed the directions: I assume that you have.

I am going to abort this attempted resurrection by a simple registry fix here, being suspicious of a more complex underlying problem.

Give me 5 minutes or so ...

 

ok...thank you for all your help so far. it is much appreciated. i'll wait patiently for your next advice

 

I am thinking the following ...
The first thing that you should do is to check that your hard drive is not failing.
Download the diagnostic utility from the hard drive manufacturer's website to create a bootable floppy or CD. Boot with it, and run the short/quick test and then the long/extended test, and check the S.M.A.R.T. attributes. If the hard drive tests show no problems with the hard drive, then it is safe to proceed with more work to rectify the problem with the Windows system.

Firstly, you need to find the brand name of your hard drive. You will find this info on the label of the hard drive (most likely you will have to remove the hard drive from the box to read the label). You will also find sufficient info to identify the drive (the model number) by looking in the BIOS Setup Menu. You might then have to GOOGLE the model number to establish the manufacturer.

Hard Drive Diagnostics Tools and Utilities
http://www.tacktech.com/display.cfm?ttid=287

 

i'm running a maxtor hard drive, so i downloaded the iso file for maxtor drives. it booted and took me to the page where is says scanning for drives. it either hasnt found any or has stopped working...and either way, i'm sure that's not a good thing. i think im just going to call it a night and try again in the morning.

i really appreciate all your help and hopefully tomorrow, things might look a little better.

 

Hopefully, this is what you are attempting to use ...

Download SeaTools for DOS now!
http://www.seagate.com/www/en-us/support/downloads/seatools

 

Checking the hard drive will take you a little time, and meanwhile, it is getting late here, so I will post the next step for you.

If there is NO PROBLEM AT ALL with the hard drive ...
Load the Recovery Console and at the command prompt, type in the following
chkdsk /f
(that's a space after chkdsk)
and press the ENTER key. Allow this to run and finish.
If there are any errors found, repeat the "chkdsk /f" until there are no more errors found.
Then type "exit" and press ENTER to restart your system
Does your system start normally now?

FYI: "chkdsk /f" will attempt to repair any file system errors.
-----------------------------------------------

If any problem with the hard drive shows up during the test of the hard drive ....
DjLizard's Data Recovery Guide
http://wiki.lunarsoft.net/wiki/Data_Recovery

Proceed to the ddrescue section to clone your failing hard drive to a new one.

Good luck.

 

alright...im back and hopefully this will get fixed tonight. i'm running seagate for dos right now...the long test. and we'll go from there...

 

ok, i ran seatools for dos...both the short and long test...and both passed with no problems. so i then rebooted with the windows xp recovery console.

again, i just got the c:> prompt.

i typed exactly what you said... chkdsk /f
and the message i got was..."The parameter is not valid. Try /? for help."

on a whim, i just typed chkdsk...and the message was "The volume appears to contain one or more unrecoverable problems."

So...I dont know what that means...

 

Sorry... my mistake ... we are in the Recovery Console now ... and that should be ...
chkdsk /p

Try that please

 

ok, i typed p instead of f.

and i got the other message..."The volume appears to contain one or more unrecoverable problems."

 

Test this for me please ...

Start the system normally and allow it to load as far as it will go.
Press Ctrl+Shift+Esc
Does the Task Manager window appear or do you get a message ... ?

If nothing, try the same thing attempting to start in Safe Mode, please.

Let me know the result.

 

when i let it start normally, it got to the blue screen...then the taskkill.exe message popped up. i hit ok to get that off the screen...then i hit ctrl+shift+esc...and a message popped up that said "Task Manager has been disabled by your administrator"

then i started in safe mode...it went to the black screen with safe mode in the corner...i hit ctrl+shift+esc...and got the same message, "Task Manager has been disabled by your administrator"

 

When you attempted to use Safe Mode, did you have the opportunity to Log in to the Administrator account?
Did you log in to the Admin account or your own account?

If you did not do so, please try again, logging into the Admin account.

 

i logged into my own account the first time around.

this time, i clicked on administrator. it went to the black screen with the words "safe mode" in each corner. i hit ctrl+shift+esc...and this time task manager loaded.

i'm sure you need some info from this, so i'll just give you everything i can.

there are no applications running.
there are a handful of processes running - taskmgr.exe, WRSSSDK.exe, svchost.exe (3 times), lsass.exe, services.exe, winlogon.exe, csrss.exe, smss.exe, System, System Idle Process SYSTEM

 

A glimmer of hope ... in an otherwise very grey world!!!

On the Applications tab, at the bottom, click on "New Task".
In the dialog box that opens, type "cmd" and press ENTER key.
A black window will open with a command prompt.
Type in chkdsk /f and press ENTER key.

Does chkdsk (all 3 stages) run to completion?
If there are any errors, please repeat "chkdsk /f" ... and repeat until NO errors are found.

Fingers crossed XXX

 

thank goodness for a glimmer of hope

i typed cmd into the box...and got the black box with the prompt.

when i typed chkdsk /f, i got a long message

"The type of the file system is NTFS
Cannot lock current drive
Chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? <Y/N>"

i didnt answer the last question yet...

 

Thank goodness for that!!! Type Y for YES!
Then type "exit" to close
Restart your system and chkdsk should run when the system re-starts.
So far, so good!

 

do i restart in safe mode or normal? if safe mode, administrator or my account?

 

When you attempt to re-start the computer, chkdsk will run automatically without any input from you.

When chkdsk has completed, it will attempt to re-start the system normally, again without any input from you.

 

well...

i hit yes, typed exit, and restarted.

it loaded all the way to the blue screen...but once again, nothing happened.

 

I should not be surprised: This has become a familiar pattern.

Please test this for me ...

Get to the Task Manager again, and this time when you click on "New Task", type the following
explorer.exe
and then press ENTER key.

What happens? Everything back to "normal", or am I hoping for too much?

The Task Manager in Windows XP
http://vlaurie.com/computers2/Articles/taskman.htm

 

alright, so i rebooted in safe mode and clicked on administrator...that allowed me to get to task manager.

i typed in explorer.exe...and got this message..."Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item"

 

Right: That was too much to hope for. I am going to have to be content with one small success tonight: You can access the Task Manager!

I am going to have to put out an SOS for help from anybody else who may have a clue as to what to do next, at this stage.
I am getting too tired to continue with this tonight .... my brain has just about come to a full stop.
HELP WANTED HERE, PLEASE !!!

 

i was just about to say the same thing. hopefully someone can come up with something to help out this problem. or, after a good nights rest, you've got something else i can try.

thank you again. i really appreciate all the help.

 

You are most welcome.

I have a full weekend coming up, but hopefully I will have a little energy to spend some time with you on Sat &/or Sun evenings.

Best of luck. Will catch up with you later ....

 

Just a last thought to leave with you for the evening ...

I have come across this message a couple of times before and considered that it meant the end of the road for the hard drive: Time to recover your data and buy a new hard drive. That would probably be the obvious conclusion to draw in this case, too.

However, I am inclined to think otherwise in this case (and not only because SeaTools indicated a PASS on its test). It seems to me that this is more likely strictly a malware-instigated, software problem, and not a hardware problem at all.

 

hmm...so if that's the case, can it be reversed/fixed? the hard drive is there and the tests say its fine. but it just wont load one (or more) startup files. that's at least my understanding of it.

like i said a couple days ago, i have a laptop with windows vista. is there a way to connect the 2 computers and transfer those files? or not, since it would be going from vista to xp? just trying to think of some options.

i'm open to trying whatever. i feel like we've made some progress...and that's leaps and bounds ahead of a computer that doesn't work at all. so if you, or anyone else, has any ideas, i'm willing to try them out.