Thread: Help!!!! I HAVE A VIRUS

    Help!!!! I HAVE A VIRUS

    we have contracted a virus on windows xp called w32.somthing and it has somehow(i think) attacked the boot loaders... how can we get rid of this without starting windows??? if i get a boot disk can we do it in dos??? the only other option is to reformat the harddrive and there is a lot of valuble info on there... Please Help!!!!!!
    If you have an antivirus program with a bootable CD, use that. Or you can borrow one from a friend. But be sure to get updated virus definitions on a floppy or another CD if you can, otherwise the virus may be too new. But if you can't find a bootable antivirus disk or CD, you're pretty much SOL, unless it will start in Safe mode.
    If Windows will run in safe mode, then start it up. Once the system is running, open up the task manager (CTRL+ALT+DEL and hit the appropriate button) and take a look at the processes tab. Then determine which process is the virus, take a note of the file name. Shut the process down and then delete the offending file. Next, check to see if any new programs have been placed in the registry key HKLM/Software/Microsoft/Windows/Currentversion/Run. If the program appears there, delete the entry. This should stop the virus from loading at boot time. But if other files have been infected, you need to clean them as well. As for finding other files which may be infected, you need a virus scanner. Norton AntiVirus is usually considered the best, but you gotta buy it. I'm sure other ppl on this board can recommend a good free one.
    Well I would sat Striek is right. A good free one by the way is AVG http://www.grisoft.com. If you know what the file that runs is you could maybe boot into dos and delete it. If you know what the virus is I could maybe tell you or you could look it up on the symanetic site. There may also be some boot removal tools available. Youll have to check up on thanks. Good luck.
    Ok... How do you know it is a Virus. To my recolection there are not that many Boot Loader attacking Viruses out there I could be wrong.

    Now consdering that it is a Virus or you just screwed up your BootLoader. Take your Windows Xp start up disk and put it in your CD drive and start your computer. The disk will fix the BootLoader but it will also give yo the option to move your old data.

    Oh, and to my knowledge I have been looking for it, and have not seen it, and haven't read anything about it, there is no Safe mode in Xp.

    The reason is because DoS is not a Vital part of the OS. Before it was attached and part of the OS, now it is a Separate entity working with in. Xp.

    I hope that helps let me know if you got anythin else.


    Zack Ji. I would do what they said. Also, have you tried your current AV programs, unless if has corrupted the pattern files as well.

    Oh, and to my knowledge I have been looking for it, and have not seen it, and haven't read anything about it, there is no Safe mode in Xp.

    I have XP home and if u you press F5 while in the bios screen it will give you a boot menu and if you boot from your master hd a screen will come up with the option of booting into safe mode or regular

    Oh, and to my knowledge I have been looking for it, and have not seen it, and haven't read anything about it, there is no Safe mode in Xp.

    From Windows XP Home Help Menue:

    To start the computer in safe mode
    You should print these instructions before continuing. They will not be available after you shut your computer down in step 2.
    Click Start, click Shut Down, and then, in the drop-down list, click Shut down.
    In the Shut Down Windows dialog box, click Restart, and then click OK.
    When you see the message Please select the operating system to start, press F8.
    Use the arrow keys to highlight the appropriate safe mode option, and then press ENTER.
    If you have a dual-boot or multiple-boot system, choose the installation that you need to access using the arrow keys, and then press ENTER.

    In safe mode, you have access to only basic files and drivers (mouse, monitor, keyboard, mass storage, base video, default system services, and no network connections). You can choose the Safe Mode with Networking option, which loads all of the above files and drivers and the essential services and drivers to start networking, or you can choose the Safe Mode with Command Prompt option, which is exactly the same as safe mode except that a command prompt is started instead of the graphical user interface. You can also choose Last Known Good Configuration, which starts your computer using the registry information that was saved at the last shutdown.
    Safe mode helps you diagnose problems. If a symptom does not reappear when you start in safe mode, you can eliminate the default settings and minimum device drivers as possible causes. If a newly added device or a changed driver is causing problems, you can use safe mode to remove the device or reverse the change.
    There are circumstances where safe mode will not be able to help you, such as when Windows system files that are required to start the system are corrupted or damaged. In this case, the Recovery Console may help you.
    NUM LOCK must be off before the arrow keys on the numeric keypad will function.
    All good options, another way of doing it is throwing the drive as a slave into another computer, and saving those files to a cd or another hard drive. Then do a low level format on the infected drive and set up windows all over again. Be sure to do a scan on the files before you transfer them to your newly clensed system.

    Sometimes I have found that this is the best way, especially since windows seems to run a little nicer after a nice clean install. Think of it as a computer enema, things just need to be clensed every once in a while.


