Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? Cannot do anything


  • Please log in to reply
3 replies to this topic

#1 radarman

radarman

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 20 February 2009 - 10:25 AM

Hello,
I am trying to fix a friend's Toshiba laptop. It indicates that spyware2009 (SWP2009 and sysguard.exe) are running and I have terminated them. However, there is no Internet access as all network processes are manual and not running. No Network icons but the cable and wireless hardware are listed in the hardware tab. I cannot turn the processes on. I have tried registering the dll (netshell etc.) by the command interface and no luck. I cannot do a system restore because it keeps telling me that I cannot and to reboot. I have tried safe mode. No luck. I have tried to put some files on the laptop's desktop (MalwareBytes etc.) to check for spyware/viruses but the laptop sees the flash drive or CD files, but I cannot move or copy them to the desktop. The owner is trying to find the original XP Home CD for a repair installation, but having no luck. The computer is basically "crippled". Should I remove the HD and slave it to another PC and run all the normal spyware/virus checks?

Thank you.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:38 PM

Posted 20 February 2009 - 03:07 PM

If you cannot use the Internet,you will need access to another computer that has a connection.
From there save mbam-setup.exe to a flash,usb,jump drive or CD. Now transfer it to the infected machine, then install and run the program.
If you cannot transfer to or install on the infected machine, try running the setup (installation) file directly from the flash drive or CD by double-clicking on mbam-setup.exe so it will install on the hard drive.

Manually Downloading Updates:
Manually download them from HERE and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 radarman

radarman
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 20 February 2009 - 04:34 PM

Thank you boopme. When I did put it on a flash drive and a CD, explore would see the files but I could not copy or move them from the flash/CD to the infected computer. Also, when I did run mbam from the flash drive, it started go through the motions but during the installation, it aborted because of something. I don't recall what it was and I will try it when I get home.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:38 PM

Posted 20 February 2009 - 06:26 PM

OK, that's no fun. Let's see if we can do this.
We need to run HJT.
Please follow this guide. go and do steps 6 and 7 ,, Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.

Let me know it it went OK !
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users