Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Problem-computer Disabled


  • Please log in to reply
20 replies to this topic

#1 starfish77

starfish77

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 09 July 2008 - 10:50 AM

My issue seems to be similar to the posting - Infected With "warning Spyware Detected On Your Computer" submitted by kevinjm which was resolved by miekiemoes. THe big difference is that my machine now comes up with error messages that take the computer into a blue, DOS-era looking screen and then continually re-boot. As a result, I have had to log into this forum from a different computer. My laptop is disabled, and I would greatly appreciate some help with this!

Edited by Orange Blossom, 09 July 2008 - 04:53 PM.
Move to more appropriate forum. ~ OB


BC AdBot (Login to Remove)

 


m

#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:45 PM

Posted 09 July 2008 - 04:59 PM

I always recommend running chkdsk from the Recovery Console as a first step to resolving boot problems.

Insert the Windows XP CD into the CD drive, and then restart the computer. Click to select any options that are required to start the computer from the CD drive if you are prompted. When the "Welcome to Setup" screen appears, press R to start the Recovery Console. If you have a dual-boot or multiple-boot computer, select the installation that you must access from the Recovery Console. When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.

Type: chkdsk /r

It's important to have a space before the "/".

To exit the Recovery Console and restart the computer, type exit at the command prompt, and then press ENTER.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 10 July 2008 - 02:44 PM

THis laptop came pre-loaded with XP and I don't have a Windows XP CD.

#4 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 10 July 2008 - 02:52 PM

Here are the disks I have:
Dell Reinstallation CD - Microsoft Windows XP professional Including Service Pack 1a
Dell Device Drivers & Diagnostics and Utilities

#5 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 10 July 2008 - 04:12 PM

Dell Reinstallation disk appears to be working. I managed to navigate to the Administrator password. Tried just pressing Enter; no go. Tried it again, then tried a dozen or so passwords I've used in the past. Did not work. I literally just opened this disk out of shrink wrap. How would I find a password? I don't suppose you can help with this.

Tried "Enter" option instead of R. Took me to screen asking if I wanted to R for repair again or Esc to continue installing. I selected R this time and it is doing something.

Appears it just re-installed Windows XP. Looks like Dell has a glitch in its disk choices, since I specifically said to Repair, not reinstall. I'll be curious to see what happened to my data.

#6 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:45 AM

Posted 10 July 2008 - 05:11 PM

Malware is capable of hijacking the administrative login with windows xp, of course dell might have set one itself

The default password is blank, if that does not work and dell did not set one then you are still locked out after a repair

Make sure Dell didn't set one

Edited by DaChew, 10 July 2008 - 05:11 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#7 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 10 July 2008 - 09:41 PM

I figured out the password. I am running the c:\chkdsk /r. 52% done. I've got some other stuff I can do while it is finishing, but what are next steps after exiting?

#8 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 10 July 2008 - 11:18 PM

It finished. You there? I'm at the C:\ prompt. Results of chkdsk don't look unusual. I have not typed "exit". NExt steps? Thanks! BTW, I like the Star Wars reference.

#9 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:45 PM

Posted 10 July 2008 - 11:27 PM

Type "exit" and see if the computer will now boot into Windows.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#10 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 11 July 2008 - 12:12 AM

Done. Machine booted up with same sysmtoms described in other post I referenced.

Now getting error message that appears to be related to "Malware Protector 2008" which I did not install and is probably something bad in itself. lphceefj0eldr.exe has encountered a problem and needs to close. MSFT error wanting to send info. I said no.

It is now Repairing Windows Live Messenger...

#11 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 11 July 2008 - 12:19 AM

Webroot is running. Something was trying to write a Key - probably the Windows Live MEssenger, but I said "no" via Webroot and it backed out Repair.

I seem to be stable now with the Warning Spyware still covering my desktop. Disk looks like it is working.

I'm going to run Webroot Spy Sweeper with AntiVirus 5.5 (got some good reviews) while awaiting your advice. Thanks!

Edited by starfish77, 11 July 2008 - 12:33 AM.


#12 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:45 AM

Posted 11 July 2008 - 07:25 AM

Running windows as a repair disk should be considered a temporary reprieve, the malware, if given a chance, can take control back, hosing windows again. I usually keep the computer off the internet and try to have an assortment of tools to scan and disinfect with immediately.

Even then you don't know you are clean, sometimes the only thing you accomplish is getting the computer working well enough to back up critical data before you end up doing a clean install.
Chewy

No. Try not. Do... or do not. There is no try.

#13 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 11 July 2008 - 09:18 AM

OK - I will back up data to a CD now. THis is not a primary computer so if I need to wipe it clean I can. Spy Sweeper found several things, but I could not get online to pay for the "fix" capability. Probably doesn't matter if I'm wiping it clean, but re-installing all software will be time consuming. Best approach?

#14 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:45 AM

Posted 11 July 2008 - 09:29 AM

Back up your data, then give MBAM a shot

http://www.bleepingcomputer.com/forums/ind...st&p=876163


for disinfection and immunization of usb drives used to load fixes

http://www.bleepingcomputer.com/forums/ind...mp;#entry798468

there's no magic bullet or easy out with a bad infection, a clean install is often less trouble and quicker
Chewy

No. Try not. Do... or do not. There is no try.

#15 starfish77

starfish77
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:45 AM

Posted 11 July 2008 - 09:47 AM

I have my data on a CD.
Just so I'm clear, I cannot access the internet with the infected computer and I don't understand "MBAM".




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users