Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus infected, computer reboots auto, cant open many programs even hi


  • This topic is locked This topic is locked

#1
rich06

rich06

    Member

  • Member
  • PipPip
  • 59 posts
Hi, Im new to the site and need help. My computer has been infected with viruses for months and i cant seem to fend them off. I have several free virus removers; adaware and spyware doctor. By the time adaware gets half way through scanning my computer freezes or reboots! i downloaded hijack this, but cannot open it as well as spyware doctor. I cant even remove the fake virus removers "anti virus pro" and "malware alarm" because i "am restricted" and need to contact my system administrator. Same with even trying to get into properties. Thanks in advance for your help.
Rich
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello rich06

Welcome to G2Go. :)
=====================
Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As", in FF it's "Save Link As") to download Silent Runners.
  • Save it to the desktop.
  • Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
  • You will receive a prompt:
    • Do you want to skip supplementary searches?
      click NO
  • If you receive an error just click OK and double-click it to run it again - sometimes it won't run as it's supposed to the first time but will in subsequent runs.
  • You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
  • Once you receive the prompt All Done!, open the text file on the desktop, copy that entire log, and paste it here.
*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.
  • 0

#3
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
hi.. before i get to that, i have an even greater problem on my hands. My computer will not even start up, as when i click the owners profile to log in my computer gives me message "DRTYERH GNHVTYRT P\(.....) runtime error '5' invalid procedure call or argument" message and is stuck with my monitors backround saying "warning spyware detected on computer" please download spyware removers. i tried to run in safe mode but only the black screen comes up.... im obviously on another computer... now im really stuck.. i can get into the command promt, and other recovery modes. also tried to use a last known good config. but still the same. where do i start?
  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts

as when i click the owners profile to log in my computer gives me message "DRTYERH GNHVTYRT P\(.....) runtime error '5' invalid procedure call or argument" message and is stuck with my monitors backround saying "warning spyware detected on computer" please download spyware removers.

Do you have a n Xp cd?

Or do you know if you have the recovery Console installed or not?

You can also try to when you see the desktop hit ctrl+alt+delete all at once on your keyboard to bring up task manager.
Then go to the top where it says File > then New Task > Run then type in Explorer.exe then hit ok.

See if that gets you the icons back.

Also let me know about the other questions that I asked above.
  • 0

#5
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
i do not have the xp cd but im almost sure i have the recovery console installed.. btw i tried the ctrl alt del b4. no response.. not even "thinking" about it
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts

not even "thinking" about it

No problem I knew it wouldn't happen the easy way :)

I am going to attempt to have you manually retore a backup of the registry thrtough the Recovery Console.
If you have any restore points this should get you up and running.
===========================================
Boot into Recovery Console and log on to the current installation.

When you get to the Recovery Console prompt, type cd \ and press "Enter".

Type cd system~1\_resto~1 and press "Enter"

Type dir and press "Enter".

After you press enter you will see a list of folders (like rp1, rp2) If the list of restore points has more than one page then press the "Enter" key until you reach the end of the list

Type cd rp {number of the second to last folder in the list} and press "Enter".
Note: Example: cd rp9 if the last restore point is rp10

Type cd snapshot and press "Enter".

Type copy _registry_machine_system c:\windows\system32\config\system and press "Enter".

Type copy _registry_machine_software c:\windows\system32\config\software and press "Enter".

Type exit and press "Enter".

Your PC will reboot.

=======================

If you get an access denied error when doing the above, then do the following at the recovery console:

Type cd \ and press "Enter".

Type cd windows\system32\config and press "Enter".

Type ren system system.bak and press "Enter".

Type exit and press "Enter".

Your PC will reboot, go back into the Recovery Console and start from the beginning.
==========================================================
Let me know how it goes.
  • 0

#7
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
sorry but i want to make sure im following you.. once it starts to boot up i go to the recovery option.. after that it tells me to pick one of three windows installations i would like to log onto d:\miniNT D:\I386 and C:\WINDOWS.. am i in the right thing? i assume windows is the correct option.
  • 0

#8
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Yes C:\Windows is correct.
  • 0

#9
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
we've run into another big wall.. and i dont think that even u will be able to help.. when i go to c:\windows i need to enter "the system administration password." the thing is, this computer is several years old and i was not the one who bought and installed everything. My older brother has no idea what it would be, nor my father. THis is why i now handle everything. so unless you have a password encryption bypass or another way. (thats not the xp cd), i feel that im pretty screwed.

to note: it wasnt until recently that my computer was not allowing me to do such things as open my properties, or add/remove programs in the control panel. It has been telling me to contact my system administrator, and that i am restricted. could this be one of the many viruses on my computer? sorry for the trouble.. WWGD??
  • 0

#10
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
WHen you see that hit Enter unless you have a password.

It is by default blank.
  • 0

Advertisements


#11
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
when i type cd system~1\_resto~1 and hit enter it says access denied.. i continued on and entered "dir". got list of restore points. these seem to be files, not folders. the second to last is 2/21/08 754 -a------ 23040 winhtdo.exe therefore i should type "cd winhtdo.exe23040"? it says cannot find file or directory specified or basically im an idiot and am entering it wrong. lol.
  • 0

#12
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
If you get an access denied error when doing it, then do the following at the recovery console: (ex. C:\Windows)

Type cd \ and press "Enter".

Type cd windows\system32\config and press "Enter".

Type ren system system.bak and press "Enter".

Type exit and press "Enter".

Your PC will reboot, go back into the Recovery Console and start from the beginning.
=======================

When you get to the Recovery Console prompt, type cd \ and press "Enter".

Type cd system~1\_resto~1 and press "Enter"

Type dir and press "Enter".

After you press enter you will see a list of folders (like rp1, rp2) If the list of restore points has more than one page then press the "Enter" key until you reach the end of the list

Type cd rp {number of the second to last folder in the list} and press "Enter".
Note: Example: cd rp9 if the last restore point is rp10

Type cd snapshot and press "Enter".

Type copy _registry_machine_system c:\windows\system32\config\system and press "Enter".

Type copy _registry_machine_software c:\windows\system32\config\software and press "Enter".

Type exit and press "Enter".

Your PC will reboot.
===================

Then see if you can run Hijackthis or the Silent Runners program.
  • 0

#13
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
ok. i did all that. when i get to the end it gives me an option. overwrite software? (YEs\no\all)
do i just type exit or i assume i type a for all first
  • 0

#14
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
type exit
  • 0

#15
rich06

rich06

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
it cant be exit cuz i can only type one letter..... i typed just the e and hit enter and god a "blue screen problem detected and windows shut down to prevent damage"
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP