HELP......LOADS OF PROBLEMS!!

A

AndyManchesta

First you need to find out exactly whats causing you
problems and what damage this may have caused to your
system.

I advise running a scan at trend micro's housecall and
also running the damage clean up engine to repair and
remove any worms or trojans found.Copy & Paste the
addresses ive given into your address bar,

Your system restore needs turning off,if its corrupt then
there's a good chance the trojan has saved itself inside
the restore files to make removing it difficult

So first steps are:

Turn off system restore (Start>Right click my computer
then properties> then system restore>turn off and click
apply)

Then run a online scan at trends housecall if you have a
fast connection speed if not then skip :

http://uk.trendmicro-
europe.com/consumer/products/housecall_launch.php

If you have problems using trends housecall then heres
some others you can use :


http://www.pandasoftware.com/activescan/com/activescan_pri
ncipal.htm

http://www.bitdefender.com/scan/licence.php

http://www.ravantivirus.com/scan/

www.symantec.com/cgi-bin/securitycheck.cgi

http://us.mcafee.com/root/mfs/default.asp

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx




Then download and run this damage clean up tool from trend

http://www.trendmicro.com/ftp/products/tsc/tsc.zip


These should identify what the trojans are then dealing
with them gets alot easier once we know the names.

Next run as many of these as you can as they all look for
different things and can help you clean up your system :

Ad-Aware

http://www.majorgeeks.com/downloadget.php?
id=506&file=11&evp=8dbaff7daca8f4b55bf695220993fc0f


Spybot................Install, do the search for updates
now and get any updates,

http://www.majorgeeks.com/downloadget.php?
id=2471&file=11&evp=2470f9bfb0cc682334ff8c4459556118

SpywareBlaster...Install, click Download Latest
Protection Updates, Check for Updates, and then Enable
All Protection. It does a great job of blocking known
vulnerabilities as well as known malicious websites.

http://majorgeeks.com/download2859.html


CWShredder......No installation required! Just unzip it
to a folder.

http://cwshredder.net/bin/CWShredder.exe


Run all products mentioned then once they have all done
their jobs and removed any scumware then use the Ccleaner
to remove all temp and unused files,Just run it on the
defalt setting


Ccleaner (Removes temp & unused files from your pc)

http://www.ccleaner.com/ccdownload.asp

If you have any problems let me know and id help where i
can,Theres alot of programs we can use like Microworlds
escan and hijack this etc.. but the above are alot easier
to start with and may solve all your problems without the
need to use the others but let us know how you get on

Good Luck

Andy
 
G

Guest

Thanks...but I can't access System Restore. Message
received earlier told me that it had been changed by Group
policy and that I need to contacy my Domain Administrator!
Any advice?
 
A

AndyManchesta

Are you a Administrator or do you have a guest account on
the pc you use.What OS do you use (Win98,2000,XP etc..)

You could try accessing the system restore in safe mode
(Reboot and tap F8 untill you see the option for safe
mode)


To run System Restore in safe mode


To access the System Restore Wizard, click Start, and
then click Help and Support.

Click Performance and Maintenance,

click Using System Restore to undo changes, and then
click Run the System Restore Wizard.


You must be a member of the computer administrator group
on your computer to access the System Restore Wizard or
change System Restore settings.

There are three methods that you can use to access System
Restore.

You can access the System Restore Wizard through the
Start menu.

To access the System Restore Wizard, click Start, point
to All Programs, point to Accessories, point to System
Tools, and then click System Restore.


You can access System Restore through Control Panel. To
open the System Restore Wizard, click Start, click
Control Panel, and then click Performance and Maintenance.
(or System), click System Restore.


You can access System Restore through Help and Support
Center. To access the System Restore Wizard, click Start,
and then click Help and Support. Click Performance and
Maintenance, click Using System Restore to undo changes,
and then click Run the System Restore Wizard.


But you need to be using a Admin account for these,Ive
only ever used admin accounts so not sure why you are
getting the error message hopefully the MVP's could
advise you better if the above doesnt work

If you have a Admin account make sure it still is a admin
account by pressing start then control panel then user
accounts and check it's still set as a admin account plus
make sure there isnt any other accounts set up here.
Typically there should be your own admin account and a
guest account which is switched off,plus asp.net if you
have downloaded net framework and any other users you
have added but no others

You need to switch system restore off if the restore
points are not working and you cannot access it as there
may be malware hiding in the restore files as these are
protected by windows so online scanners and removers
cannot remove them from this area.try it again and check
your account status then reply if you still have problems
and i'll try help more if i can

Andy
 
G

Guest

Hi,
I am an administrator but sadly I seem to have lost all
access to System Restore.
Since these problems started, I cannot open any file or
program,including Help and Support.They all flash briefly
on the screen and then disappear.
On Control panel under System/System properties I do not
have a System Restore facility, and when I click on System
Restore under Accessories/System Tools from the Start
menu,a window pops up briefly and then straightaway
disappears.Once or twice the window has stayed on screen
long enough for me to read 'System Restore has been
changed by Group policy...contact your Domain
Administrator'.
I have also tried to boot my computer in safe mode, but it
doesn't seem to work.....goes straight through to a normal
Windows boot.
Help!!!
 
A

Andre Da Costa

Are you on a corporate network, regardless you are an Administrator, it
could mean you are a local Admin on the PC. If you are on a corporate
network you would have to contact your Domain Admin.
 
A

AndyManchesta

Andre's advise might help you with this Its not
something i know alot about and havent seen that error
message before so maybe it is because you are on a
corporate network if thats the case then you should
contact them if you can.You should still run the removal
programs and check the system files to make sure its not
a problem on your side but not sure what else you can do
to get round this



get your windows disk and insert it into the drive and
then goto start>run and type

SFC /SCANNOW

And press enter with the windows disk in


(System File Checker)

Remember the space after SFC

To replace missing or corrupt files


With you saying you cannot use safe mode for XP try this
If you are on a corporate network then you may not need
to go this way if you can contact them to fix your
problems


Go to start then run and type

msconfig

Go to the Boot.ini tab and choose Safeboot,put a tick
next to it and then press ok to reboot

when you are finished in safe mode follow the above
stepsd and uncheck safeboot and press ok again

It will be best if you could download the remover while
in normal mode then run them when you are in safe mode
but you cannot access intenet in safe mode so these need
to be downloaded before trying to get in safe mode.

For Win98 and WinMe

Goto start and run and msconfig

In the System Configuration Utility, click "Advanced."

In the Advanced Troubleshooting Settings dialog box,
check Enable Startup Menu, Click OK. Click OK again when
the System Configuration Utility reappears.

When you are finished with troubleshooting in Safe mode
repeat steps but uncheck "Enable Start-up Menu." and
press ok

Either that or use the F8 button on rebooting



Then run the programs i mentioned in the original
post,trends online scanner,trends damage clean
up,spybot,adaware and cwshredder then see if the problems
persist and reply if they do with anything that was found
plus the windows version you are running

For the trend online scanner this will have to be done in
normal mode but the rest can be run in safe mode if you
can get there


Thanks Andy
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Spyware that ... kills and delete MSAntiSpyware !!! 3
Please Help! Virus? Avast, Firefox, Windows update quit working 4
HELP......LOADS OF PROBLEMS!! 1
Can't Get Rid of FlashTracker 1
Defender: error 0x8050800c during scan 51
Can't get rid of pop-ups, please help 2
xp dos(command) problem NTVDM 2
SearchMiracle.EliteBar Browser Plug-in not removed by tool 4

Top