The Original Batman said:
I am trying to repair a machine for a couple of the kids next door. While I
am no novice, this one has me pulling out hair. I can run almost NOTHING!
IE runs - but gets a zillion "scan your drive for problems" pop-ups. I am
afraid to place the machine into my network for fear of migration. Have
tried most of the suggestions found here and on many other web sites - all
to no avail. tried running spybot, etc etc - all nothing. Can't run
smitfraud cleaner or any other reg file - "Task Manager not available b/c
it was turned off by admin - NOT... I am really p.o'd on this one and my
brain is now officially fried. Please help if ou can - the kids are wanting
their computer and I have had it for 3 weeks now. I am sending this from my
laptop.
Thanx to all who try
Update your anti-virus protection and scan your system. Remove the drive
from the other machine and connect it to your system via USB adapter or
case. Locate all the temp and browser cache folders for every account,
empty them, and then empty the recycle bin. Much of the malware is
probably living in these folders. Now, scan that drive for malware; if you
scan first it will take much longer, as there will be thousands more files
to examine.
If you can't do this from your system, download and burn a Linux boot disk,
even the Ubuntu CD, boot with that, and do the file manipulation from the
Linux desktop. Viruses won't be able to load or affect the Linux files
running from CD.
Take a look through the drive for files that are suspicious; for example,
brand-new files with odd names in places they shouldn't be, like the
System32 folder. Either delete or move these files to another location
outside ththe path, so that references to them will be invalid. Scan it
again with another A/V app, such as the online Housecall scanner from
TrendMicro. Look through the Program Files folder, including subfolders
of Common Files, for any malware names. Rename those folders - just add an
X to the start of the name, so you can find them easily later if it turns
out you're mistaken.
Put the drive back and start it in Safe Mode. Load another account, such
as the Administrator, and run SmitFraud and other tools from there. Check
the registry Run entries, and also the Startup folders for each account.
Set msconfig so the system boots only in Safe Mode, and go into every other
account. Go through the msconfig and the registries in each one and
verify that there are no malware loaders.
Worst comes to worst, follow the directions here - you can adapt them to
booting from the Linix disk, with the drive attached to the other system,
and do all the registry backups and copies in one go. This procedure will
set the registry back to a point where no installed apps will be
recognised - but hopefully, neither will any malware, and the system will
start.
http://support.microsoft.com/kb/307545
Reattach to an internet connection, rerun IE and go to the Housecall site,
and rescan the system. Then, try System Restore.
And googling the precise error message you get when Task Manager fails may
get you further suggestions.
HTH
-pk
