Tom's Guide | Tom's Hardware | Tom's Games
![]() |
![]() |
![]() |
I discovered that I have the W32.Weird Virus which has disabled my system. When get the login section of Windows, upon completion of entering my Username and password it shuts down and goes back to the Login menu. I am only able to access my system using a win 98 dos boot disk since the 4 disk 2000 disk doesn't give me access to dos. I tried using Symantec's solution and even located the name of the hidden virus file. I cannot use attrib to unhide it. Is it possible to run attrib from the floppy disk and unhide it so I may continue to delete it? One more question. If I delete the Wininit.ini and Wininit.bak file. Will this cause further problems upon reboot or has anyone used this procedure. Any help would be greatly appreciated. Thanks!

try the erd disks from trend micro, instructions and download site
trend micro PE_Weird removal info;
On Windows 2000
Restart your computer.Press the F8 key, when you see the Starting Windows bar at the bottom of the screen.
Choose the Safe Mode option from the Windows 2000 Advanced Options Menu then press Enter.
Once in Safe Mode, click Start>Run, type COMMAND then press Enter.
In any local drive (e.g. C:\), create a folder named "Folder" in the root directory. Enter the following:
CD\
MD Folder
Insert an ERD disk, then enter:
A:
Copy the ERD files into C:\Folder. Type:
COPY *.* C:\Folder
Repeat the copy process for all Emergency Rescue Disks.
Go to C:\Folder by entering:
C:
CD Folder
Run the ERD clean procedure. Enter:
PCSCAN.EXEAlternative Removal Procedure
Copy an uninfected EXPLORER.exe to a diskette (You may get this file from another machine that has the same operating system as the infected machine). To do this:Insert a DOS boot disk or Windows startup disk in the clean system.
Go to the Windows directory by typing this command after the command prompt, then press Enter:
cd Windows
To copy the uninfected EXPLORER.EXE, type this command after the command prompt and then press enter:
copy C:\Explorer.exe A:\Explorer.exe
To transfer the clean copy of EXPLORER.exe into your machine, do the following:Insert the DOS boot disk or Windows startup disk used earlier.
Go to the Windows directory. Type this command after the command prompt and then press Enter:
cd Windows
To copy the uninfected Explorer.exe type this command after the command prompt, then press enter:
copy A:\Explorer.exe
This message will then appear:
Overwrite Explorer.exe (Yes/No/All)?Type Y, then press Enter.
Restart your computer.

Thanks, I ended up using multiple ideas. I had to go into create a DOS DISK with ATTRIB on it since my dos was corrupted as well. Using Attrib, I took the virus out of hiding and deleted it. I also did what you printed above. Used the win 2000 boot disk to repair the files and was able to get into windows. I ran norton antivirus and repaired over 800 infected files. I had to go in manually to delete about 800 false ***.Rbo files that the virus created. Almost all my ***.EXE files were deleted or corrupted. I even tried an EXE fixer that didn't work. I now get "********* is not a valid win32 application for nearly everything. I managed to re-install most of my software but still get errors and difficulties with many of them like my ATI All in wonder software. Norton doesn't even work. I can't reinstall it. Solution in progress....I decided to save my important documents and start from scratch. I have been meaning to order a new hard drive any way. I also bought a current 2003 anti-virus software. Thanks for the help.
Mike

![]() |
![]() |
![]() |

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |