Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tskmanager, regedit, safemode, disabled.


  • Please log in to reply
9 replies to this topic

#1 Evicos

Evicos

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 24 May 2011 - 12:50 AM

Hello

Oh boy, my first time posting here well here goes:

Computer affected:
Runs WinXP
1gb RAM
1.66ghz INTEL proc
Built in savage graphic card

Problems:
1) Taskmanager disabled by administrator
2) Regedit disabled by admninistrator
3) Cmd prompt disabled by administrator
4) Safe Mode gives blue screen
5) Programs don't want to run for more than 20s
6) Cannot install programs
7) Cannot install from USB
8) Can not use other browser than Explorer
Insert random RANT!

My first look was that this was going to be a hard one, all the logical solutions was out of reach. Even using an USB to use DrWeb! and Avast! failed since they would not install. Checking on all the available options to start the computer in safemode failed since it would give a bluescreen. Codes of bluescreen was 0xF8954528 which i cannot find in the windows supportforum.

There is a constant stream of information to the internet from the affected computer so i disconected it and tried to restart it again, did not work
I started the computer with safemode command mode and still same BSOD error.

My attempts to fix these problems:
Tried installing avast several times, furthest i got was about 60s into the installation, using an USB to transfer the files since i seem to not be able to detect the computer on the network anymore (this was before i disconnected the cable)
Going to try a DrWeb run alittle later, would be happy for any ansswers regarding tips on this?
In my many years of fixing computers and reading with you guys on this forum i have never seen such a disaster computer!

//Sincerely
Evicos

BC AdBot (Login to Remove)

 


#2 WillShattuck

WillShattuck

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:52 PM

Posted 24 May 2011 - 01:41 AM

Hi Evicos,

Welcome to Bleeping Computer. I'm sorry that you had to actually post because you have a problem.

I am not a registered helper here, but just a kind soul who wants to help. Please take my advice with caution and evaluate whether it should be used in your situation or not.

It sounds like you definitely have some Spy(Mal)ware installed on your computer. I didn't see any mention that you were able to run Malwarebytes, or SuperAntispyware. Have you tried installing and running either of those programs?

I have found, in instances where Safe Mode doesn't work, that you may need to boot off of a boot cd like UBCD4WIN. This boot cd will boot you in to a Windows Like environment and enable you to run some programs from within that environment. Please only use programs you have used before and are comfortable with using. You can run SuperAntispyware from this CD. If you have a working network connection you can also get updates.

One suggestion would be to download the Portable version of SuperAntispyware to a USB stick, and then boot from the UBCD4WIN CD with the USB stick connected. That way you don't have to be on the Internet to update as the Portable Version of SAS currently has the most up-to-date Definitions. (I just used it on a computer I am currently working on).

I hope this can help you.

Again, please evaluate this information for it's appropriateness for your situation.

Thanks,
Will

#3 Evicos

Evicos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 24 May 2011 - 02:09 AM

Hello Wil

Sorry if my first post sounded like i was unwilling to post on this forum. I have just been here many years and i know how many posts come in that have not read up even the slightest on whats around this massive forum. With that said.

..

I will try that idea, was thinking around the same line because I had an old external harddrive with a windows partition on it. But this seems like it's a much smoother solution.

SuperAntiSpyWare runs without installing or can be installed directly to the USB?

And also i had a second issue coming from that computer. I used the USB on that computer to transfer the DrWeb! and the Avast! installfiles and the USB got filled with virus, even added a autorun.inf file that tried to infect my main computer coming back to it... thankfully Avast! saw it and managed to block it. Would not have been so fun to have ended up with that monstervirus on my maincomputer would it >(

I thank you kindly for your added info to my problem, and hopefully this would add to the assistance on this matter!

//
Evicos

#4 WillShattuck

WillShattuck

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:52 PM

Posted 24 May 2011 - 03:00 AM

I will try that idea, was thinking around the same line because I had an old external harddrive with a windows partition on it. But this seems like it's a much smoother solution.

SuperAntiSpyWare runs without installing or can be installed directly to the USB?


The portable version of SuperAntiSpyware runs without installing.


And also i had a second issue coming from that computer. I used the USB on that computer to transfer the DrWeb! and the Avast! installfiles and the USB got filled with virus, even added a autorun.inf file that tried to infect my main computer coming back to it... thankfully Avast! saw it and managed to block it. Would not have been so fun to have ended up with that monstervirus on my maincomputer would it >(

I thank you kindly for your added info to my problem, and hopefully this would add to the assistance on this matter!

//
Evicos



It does sound like your computer is heavily infected. I would make sure that any future USB devices put in to that computer in its current state have everything marked as READ ONLY so it will hopefully prevent another infection.

Will

#5 Evicos

Evicos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 24 May 2011 - 09:47 AM

Further Update:

/start rant

Day 1, hour 5.
Still Virusfighting, about 5 hours into the fight now and getting critically low on supplies... have to get something to drink soon or i will be out cold.

All tries have proved to be in vain, the thing just can't die!

/End Rant

Hey Again Wil, nice of you to keep up with me! Well the idea proved it's point, i cannot install anything from the USB. Running SuperAnti worked for about 1min but did not find any problems.

/Format (?)

ML out for now.

#6 WillShattuck

WillShattuck

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:52 PM

Posted 24 May 2011 - 02:39 PM

Hi Evicos,

Wow, a stubborn one. At this point you have a few options available. I'll let decide which is best for your situation.

1. Boot from a boot CD of some sort and run Antivirus and Antispyware
2. Continue trying to get software to run in the infected environment.
3. Take it to someone in town.
4. See if you can get someone who is more qualified than I here on BC to help you out. You might need to create a new thread since I have replied here.

I'm trying to get in to the Malware Removal Training here, but the slots are few. :)

Sorry I wasn't able to help much.

Will

#7 Evicos

Evicos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 26 May 2011 - 10:56 PM

Hey Everyone!

Update day 3. Still the bastard won't give in!

----===={NUKE}====----

1. Boot from a boot CD of some sort and run Antivirus and Antispyware
See (2

2. Continue trying to get software to run in the infected environment.
Got some luck on Superantispyware portable, but not enough to actually help, it resets the virus but does enable regedit, not long enough to edit. but i managed to see taskmanager for a few seconds.

3. Take it to someone in town.
I am more than qualified to beat this virus myself, besides it
s much more fun to try and solve it then giving it up to someone who just will @format

4. See if you can get someone who is more qualified than I here on BC to help you out. You might need to create a new thread since I have replied here.
Hoping to see some more people involved on this, many minds usually give good results.

And WillShattuck you have been awfully helpful! Don't let your hopes down on getting a spot for Malware Removal Training :)

//Evi out for now

#8 jdbaker82

jdbaker82

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 26 May 2011 - 11:18 PM

Get a hard drive enclosure or hard drive sata dock and hook the infected hard drive up to a clean machine and run scans on it (MalwareBytes and Microsoft Security Essentials) should do the trick.

Edited by jdbaker82, 26 May 2011 - 11:19 PM.


#9 Mooseby

Mooseby

  • Members
  • 276 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 27 May 2011 - 10:10 AM

Evicos Welcome to BC!

I suggest you place a post here as your thread is three days old.
http://www.bleepingcomputer.com/forums/topic393863.html

Best of luck!

#10 Evicos

Evicos
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:52 PM

Posted 28 May 2011 - 03:41 AM

Hello Mooseby

I finally managed to get a full Superanti scan done, this would allow me at least to start install for avast. Once that was up it started to get manageable again. Moved to a malwarebyte scan, went ahead and manually cleaned the computer from "potentially unwanted stuff". Then i went ahead and finished the scan by running a DrWeb! which ultimatly made the virus/spyware/malware combo go away.

Hopefully at least!

I Thank the community for helping out and until next time i get into "deep" bleep, i will return to lurking you guys!

p.s Mooseby I Would like to do that, but the link is red to me. And also my computer has been cleaned up now!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users