Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP Pro, multiple viruses, no internet explorer, access denied when trying to install display drivers


  • Please log in to reply
13 replies to this topic

#1 Simplyme16

Simplyme16

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 09:29 AM

Good morning.

I have a computer system that has had multiple viruses over the past 6 months. It seems like everytime I clean it, another virus pops up, almost always of the fake anti-virus variety.

This week I was called into the users office, and found the system in a loop. Starting Windows XP, then rebooting. After trying multiple times to get into safe mode, or boot normally, or anything I resorted to using the Windows XP cd and repairing the XP installation. This at least allowed me to boot into Windows again, but there are still issues.

I can not get into Internet Explorer, clicking on the icon results in "Internet Explorer has encountered a problen and needs to close. We are sorry for the inconvenience."

The display drivers are not installed, and any attempt to install them results in an error stating that access is denied. Looking at the serupapi log, i can see that access is being denied when trying to do anything with igfxcui in the registry. If I browse to that location in regedit, i can not see the properties because I don't have access to it. (I am logged in as the administrator by the way).

I have installed Google Chrome as a way to get online with this sytem, and have had sporadic instances where I am being redirected to the wrong website after clicking a link in Google.

I have scanned the system with MBAM, SuperAntiSpyware, and AVG without any luck.

I have been working on running the Windows Updates, bringing it up to SP3, etc. There are still issues with this system, and I have run out of ideas. The last thing I want to to, obviously, is wipe and start over so here I am hoping that someone with far more experience than I will be able to help me out!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:49 AM

Posted 05 June 2011 - 11:06 AM

Hello,I moved this to Am I Infected from XP. Lets do these nesxt and see.

For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.

Click the Connections tab and click the LAN settings option.

Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.

Now check if the internet is working again.


OR
Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.



Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

RKill....

Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 11:40 AM

Hi Boopme,

Thanks for helping me out with this.

I checked the proxy settings, and there was nothing set up in there. I am able to access the internet on Chrome, but IE will not open at all. At one point in time I tried to install a newer version, and it would not allow me to do that. I also uninstalled and reinstalled IE with no luck.

RKill ran fine, and closed the following file C:\WINDOWS\system32\verclsid.exe

MBAM installed updates and ran, the log is attached below.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6775

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512

6/5/2011 12:38:59 PM
mbam-log-2011-06-05 (12-38-59).txt

Scan type: Quick scan
Objects scanned: 233653
Time elapsed: 13 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Please let me know if you have any other suggestions/instructions for me.

Thanks again!

#4 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 12:06 PM

After reboot into normal mode, MBAM still found nothing. (Log below)


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6775

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6/5/2011 1:05:10 PM
mbam-log-2011-06-05 (13-05-09).txt

Scan type: Quick scan
Objects scanned: 234062
Time elapsed: 15 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#5 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 01:30 PM

I should also mention that, although I am showing no infection, I am still unable to use IE or install display drivers.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:49 AM

Posted 05 June 2011 - 03:46 PM

Try resetting IE to it's defaukts.

Go here L@@K Then Click the FIX IT button.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 04:27 PM

No luck...

"This Microsoft Fix-It does not apply to your operating system or application version."

I tried it the manual way with no luck either.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:49 AM

Posted 05 June 2011 - 04:33 PM

I see we are still at IE 6
Let's try Dial A Fix
We need to repair some of windows' internal registration settings
  • Please download Dial-A-Fix from one of the following mirrors:
  • Extract the zip file to your desktop.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.Posted Image
  • Exit/Close Dial-A-Fix

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 04:53 PM

I downloaded and extracted the file. When it opened up it warned of possible policy conflicts, so I used the dial a fix to remove the conflict. Then I ran through as instructed, no errors, but I'm still locked out of IE and can not update the display driver.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:49 AM

Posted 05 June 2011 - 07:20 PM

Have you tried to install IE 6 or 7?
http://www.microsoft.com/downloads/en/details.aspx?familyid=1e1550cb-5e5d-48f5-b02b-20b602228de6&displaylang=en
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 08:07 PM

Yes, I have tried to install IE7 with no luck. If I choose the option to install updates and Microsoft antimalware, it gives me an error that it couldn't install the updates. If I don't choose that option, it appears to install, but now when I click on the IE icon nothing happens at all. No error, but also no IE window.

I still can't update the display driver either. I think there's a registry key that's not allowing me to update these things, but i don't know anything about that, so it's just a guess.

Anyhow, thanks for your help with this... sorry that the system is being so uncooperative.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:49 AM

Posted 05 June 2011 - 08:33 PM

Not a problem ,but I think I need you to start a topic in XP up top about the IE and driver issue. It's not malware now and they are better in XP than I and can help you figure the issue here and they will be quicker with it than I.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Simplyme16

Simplyme16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 05 June 2011 - 09:25 PM

Fair enough. Thanks again for all of your help today, I'll set up a new topic tomorrow.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:49 AM

Posted 05 June 2011 - 09:38 PM

You're welcome, Sorry we did not get it all here. I know that they know what I don't about XP. :)

Edited by boopme, 05 June 2011 - 09:39 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users