Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Restricted Behavior!


  • Please log in to reply
7 replies to this topic

#1 Netghost56

Netghost56

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:58 AM

Posted 31 October 2013 - 09:39 AM

This one has me pulling out my hair!

 

Client brought in a PC with Vista 32. They had installed Office 2010 Beta (Click-to-Run) and couldn't uninstall it or install the full version which they later purchased. They also suspected a virus. - The have 5 user accounts, 2 children- with Parental Controls enabled.

 

System is a Compaq SR5233WM with Vista 32 SP 1.

 

I did a full AV workthrough with ADWcleaner, JRT, Rkill, MBAM, even Combofix. They had MSE installed but at first it wouldn't complete an update. Finally got an update and did a Full scan overnight, with no issues.

 

MBAM did find a Trojan.Downloader, but it had been on the system since 2010.

 

This is where I'm getting frustrated:

 

*The time/date was set to 2003. I don't know yet if the CMOS battery is bad, but I can't change the time OR date. When I select "Change Time/Date" from the clock window the cursor blinks but thats all. I managed to change the time/date in BIOS.

 

*The resolution is set to 800x600 and all windows take up the whole screen. I hit "Personalize" then "Display Settings" and the cursor just blinks, the Display menu doesn't load.

 

*There were a ton of programs running at Startup, so I entered "msconfig" in the Run box. I get a UAC, click Ok, and MSCONFIG never loads. I had to use AutoRuns to make the necessary changes.

 

*I tried opening Task Manager to stop the processes from running, as the system seemed slow (only 1Gb RAM). I opened Task Manager, right clicked on the processes, selected "End Process" (tried every alternative too) and the cursor blinks but doesn't end or close the program/process.

 

*When opening Notepad, if you type anything in the text box, the program won't let you close unless you save the file first. I don't use Vista- is this normal behavior? I had to delete the text in order to close the program!

 

 

This Vista OS seems to be possessed (Happy Halloween!) I keep thinking it might be the Parental Controls but I'm using the Admin (parent's) account.

 

I've run SFC twice and it found corruption in the system files.

 

I've considered doing a Repair install but the Compaq Recovery Manager has a Factory Reinstall only option, and I know that if I use a Vista disc it will disable access to the Recovery drive.

 

 

What is causing all this?

 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:58 AM

Posted 31 October 2013 - 09:45 AM

Replacing the CMOS batter seems like a good place to start.  IME, failing CMOS batteries produce unexpected effects in Windows, most of which relate to hardware components and their proper functioning.

 

Louis



#3 Netghost56

Netghost56
  • Topic Starter

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:58 AM

Posted 31 October 2013 - 09:49 AM

Alright, I'll give it a shot.



#4 Netghost56

Netghost56
  • Topic Starter

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:58 AM

Posted 31 October 2013 - 10:03 AM

It didn't fix the issues.

 

I managed to uninstall Office Beta with Revo so that I could remove the registry keys, in case that messes with the Full install later.

 

Currently running SP 2, will see what that does.

 

Something else I didn't mention: When I initially loaded the AV apps with my thumbdrive, there was a lag everytime I selected something in my USB in Windows Explorer. In other words, the USB was fully scanned EVERYTIME I clicked on something. I can't remember seeing that happen before in other Vista systems.



#5 petewills

petewills

  • Members
  • 1,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, UK
  • Local time:06:58 AM

Posted 31 October 2013 - 12:25 PM

Is it possible to perform a non-destructive recovery.



#6 Netghost56

Netghost56
  • Topic Starter

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:58 AM

Posted 31 October 2013 - 12:38 PM

How's that?



#7 petewills

petewills

  • Members
  • 1,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, UK
  • Local time:06:58 AM

Posted 31 October 2013 - 12:41 PM

1. Reboot, and repeatedly press F10 at the HP logo until the recovery screen appears. 
2. When the recovery screen appears, press "Next" and then "Yes" to perform a non-destructive recovery (all data saved). After the recovery is finished, the laptop will reboot. (Hopefully).

Edited by petewills , 31 October 2013 - 12:41 PM.


#8 Netghost56

Netghost56
  • Topic Starter

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:58 AM

Posted 31 October 2013 - 04:15 PM

This isn't a laptop, it's a desktop system.

 

And the Recovery screen has Factory Image recovery with backup option, or System Restore.

 

I'm doing Startup Repair, just in case.

 

But I don't see an option for Repair install.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users