Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Xp Malware Issue


  • Please log in to reply
7 replies to this topic

#1 rvfc721

rvfc721

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 18 August 2008 - 02:08 PM

Hello All,

First time poster here....I'd like to think I'm somewhat knowledgeable regarding my computer, but not this time. Apparently I've inherited a nice problem on my HP Laptop running XP. When the computer boots up in windows I see the "Virus Alert" in the taskbar but shortly after it boots up, the desktop goes blank. I've tried going to the last known restore point as well as running the repair CD which didn't help. I can boot up in safe mode however the desktop still goes blank. I can pull up the task manager and have managed to get online to download some possible anti spyware programs but Safe Mode won't allow me to install a program which makes no sense to me. I can't install it when I boot up regularly....I'm sure I'm missing some other things the computer does but I'm hoping someone can help me out here. I'd hate to have to reformat.....yes, slap my wrist for not backing up.

Thanks.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,277 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:56 AM

Posted 18 August 2008 - 02:21 PM

Even with no Desktop, Task Manager will usually be functional and programs can still be opened so the Desktop may be able to be restored.

Go to the "Processes" tab and find the entry for "Explorer.exe" (Windows Explorer). Highlight it and click the "End Process" button. It may not respond immediately since there can be a delay (wait) for hung processes to end. Once Explorer.exe has been unloaded, click the "Applications" tab and then the "New Task" button. Enter explorer.exe and click "OK". If it's not listed in processes, then try to start it as a New Task.

If attempts to start Explorer.exe do not work, then just follow the instructions for using the New Task button to run the MBAM setup (installation) file directly from the usb stick so it installs on your PC in normal mode.

Open Task Manager, click the File menu and select New Task (Runů) or click the Applications Tab and select "New Task" at the bottom. Browse to the location of mbam-setup.exe, double-click on it and then press "Ok" to start the install.

After installation, MBAM should open ready for use. If not, launch Task Manager again, click the Applications Tab and select "New Task" at the bottom. Browse to the location of mbam.exe (it should be in C:\Program Files\Malwarebytes Anti-Malware), double-click on it and then press "Ok" to launch the program. Perform a Quick Scan in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.

Malwarebytes Anti-Malware Instructions (with screenshots)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 rvfc721

rvfc721
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 18 August 2008 - 02:54 PM

Thanks...I'm at work now and will try this as soon as I can and will post the log on this thread.

I appreciate it.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,277 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:56 AM

Posted 18 August 2008 - 04:45 PM

Not a problem. Good luck.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 rvfc721

rvfc721
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 26 August 2008 - 04:37 PM

Ok, so I realized after reading your reply that when I try to launch task manager in regular boot up mode, the malware or whatever it is won't allow me too. It says "Your administrator has disabled task manager" or something along those lines. Any suggestions on where to go from there?

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,277 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:56 AM

Posted 26 August 2008 - 06:27 PM

Scanning in safe or normal mode will work but removal functions are not as powerful in safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, it loses some effectiveness for detection & removal when used in safe mode because the program includes a driver which does not work in safe mode. For optimal removal, normal mode is recommended. If you cannot use normal mode, then perform your scan in safe mode using Task Manager since you say it works in that mode. After reboot, click the Logs tab and copy/paste the contents of the new report in your next reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 rvfc721

rvfc721
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 26 August 2008 - 09:47 PM

Even in safe mode when I launch explorer.exe I only get about 10 seconds or less before the desktop disappears. This is even in safe mode! The other problem with safe mode is it tells me I can't install programs in safe mode when I try to in the 10 seconds that I have to do it!

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,277 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:56 AM

Posted 27 August 2008 - 06:34 AM

I know you tried to use a restore point already but have you tried using System Restore from a command prompt in Safe Mode? You may not return to a clean state but you may be able to return to a useable desktop from which to work from.

If that does not work and you cannot bootup in normal or safe mode properly, then your options are limited. You can try doing a Repair Install. However, the better course of action would be to reformat and reinstall the OS. Some types of malware can result in a system so badly damaged that a Repair Install may NOT help!. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Starting over by wiping your drive, reformatting, and performing a clean install of the OS removes everything and is the safest action. Please read:

"When should I re-format? How should I reinstall?"
"Help: I Got Hacked. Now What Do I Do?"
"Where to draw the line? When to recommend a format and reinstall?"
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users