So i had a virus i removed it theres one left in the boot secter i think and i load the screen the warning pops up theres a virus and its logs off and i try to log on and it repetivly does the same thing over again. What do i do? Its Xp Pro and i cna only get passed logg on to this user account and this it kicks me off within 5 seconds
Virus in boot sector
- Thread starter Zilliak
- Start date
- Status
TheConqueror
Posts: 18 +0
You can try two things here . If you are experienced with computers boot from outside of the OS using something like Hirens boot disk , all in one boot disk , or UBCD (Ultimate boot disk) when you download whichever you choose they will come integrated with AV so choose the most recent version of the disk as you will need the latest virus definitions some will give you the option to update them as you use them. Now if this at all seems to complicated use this method take out the hard drive and use Hdd to usb cable plug into a working computer and scan the hard drive witht he external computers AV this is the easiest method try both and if you have any questions feel free to ask let me know if this helps. XD
Mugsy
Posts: 772 +203
Simple effective way to delete most virii.
(Addendum: If Windows is crashing, try Safe Mode).
First, if you don't already have a copy, install "HiJack This" (versions prior to 2.0 work best for this), free software that shows you EVERYTHING that installs when you startup Windows.
Look for programs that you can't easily identify.. often with meaningless filenames like "sjxckw.dll" (I just made that up, so don't look for it). If this is one of those viruses that re-install themselves every time you delete them, then there is AT LEAST ONE MORE such program in there (usually only two) that goes with it. Don't bother using HiJack to delete them, because it will not be able to delete the one that is "currently running". These viruses are installed as "Processes" that load so early in the boot process, no Antivirus program can load soon enough to delete them. You can delete one, but the other will simply put the deleted file back.
Write down the names of these mystery programs (including path. Usually "C:\Windows\system32\") and reboot using the XP Installation CD.
After the drivers load, the first menu includes "R for Recovery Console". This gives you a DOS-like cli where you can make some system level changes.
It should detect your Windows installation as "1) Windows". Select it and enter your Admin password when prompted.
Change to the folder where the suspect files reside (if you are unfamiliar with DOS, simply type "CD" (Change Directory) followed by the path to the suspect files (ex: cd \Windows\System32).
Make sure the files you wish to delete are there by doing a DIR ("directory"). The "*" (asterisk) is a wildcard:
ex: dir "sj*.*"
If the file is found, RENAME it with with the REN command (only delete it if once you are POSITIVE it is safe to do so):
ex: ren "sjxckw.dll" "sjxckw.dxx"
Type QUIT to exit the Recovery Console and reboot. If the virus is gone, you can safely go back into the folder from Windows and delete them.
This simple procedure works better than just about anything else. Great for getting rid of troublesome reappearing Adware as well.
Let us know what happens.
After having more than my share of trouble with viruses (virii?) that keep coming back after removal, I've found an effective two-step method that usually does the trick.
(Addendum: If Windows is crashing, try Safe Mode).
First, if you don't already have a copy, install "HiJack This" (versions prior to 2.0 work best for this), free software that shows you EVERYTHING that installs when you startup Windows.
Look for programs that you can't easily identify.. often with meaningless filenames like "sjxckw.dll" (I just made that up, so don't look for it). If this is one of those viruses that re-install themselves every time you delete them, then there is AT LEAST ONE MORE such program in there (usually only two) that goes with it. Don't bother using HiJack to delete them, because it will not be able to delete the one that is "currently running". These viruses are installed as "Processes" that load so early in the boot process, no Antivirus program can load soon enough to delete them. You can delete one, but the other will simply put the deleted file back.
Write down the names of these mystery programs (including path. Usually "C:\Windows\system32\") and reboot using the XP Installation CD.
After the drivers load, the first menu includes "R for Recovery Console". This gives you a DOS-like cli where you can make some system level changes.
It should detect your Windows installation as "1) Windows". Select it and enter your Admin password when prompted.
Change to the folder where the suspect files reside (if you are unfamiliar with DOS, simply type "CD" (Change Directory) followed by the path to the suspect files (ex: cd \Windows\System32).
Make sure the files you wish to delete are there by doing a DIR ("directory"). The "*" (asterisk) is a wildcard:
ex: dir "sj*.*"
If the file is found, RENAME it with with the REN command (only delete it if once you are POSITIVE it is safe to do so):
ex: ren "sjxckw.dll" "sjxckw.dxx"
Type QUIT to exit the Recovery Console and reboot. If the virus is gone, you can safely go back into the folder from Windows and delete them.
This simple procedure works better than just about anything else. Great for getting rid of troublesome reappearing Adware as well.
Let us know what happens.
haha well guess what fellas this virus is the ultimate virus there isnt even a removal for it yet my Highschool just called in homeland security, this virus also was found in the pentagon about 3 months ago, pretty insane i removed it, one of the exe's is mom.exe but thats not the whole virus the other part of it is unknown and there trying multiple way to remove it, it originated from china, and once again no official way to remove it.
Well if it is unfixable we are wasting our time.
So instead of talking about it lets do something!
As Mugsy said try Safe mode, specifically Safe Mode with Networking.
If you can get there log back here and do the below.
Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).
Most importantly update MalwareBytes and SuperAntiSptware!
Mike
So instead of talking about it lets do something!
As Mugsy said try Safe mode, specifically Safe Mode with Networking.
If you can get there log back here and do the below.
Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).
Most importantly update MalwareBytes and SuperAntiSptware!
Mike
- Status
Latest posts
-
Tesla is laying off 10% of global workforce amid declining sales and production cuts- captaincranky replied
-
Logitech thinks the computer mouse needs an AI upgrade- FaTaL replied
-
New Affordable AMD B650 Motherboard Roundup- Starfals replied
-
PlayStation 5 Pro will be bigger, faster, and better using the same CPU
- anastrophe replied
-
How to play PS1 Doom on PC (and why you might want to)- amghwk replied
