Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I am unable to run any malware tools


  • Please log in to reply

#1
Les Cohen

Les Cohen

    New Member

  • Member
  • Pip
  • 2 posts
Help please... I am trying to fix a friend's system. It's a Compaq Mini (so no CD drive).

For the last few days when she logs on to Windows (XP Home edition) she gets multiple messages along the lines of "*** failed to start because themed32.dll cannot be found".
After pressing OK on these, just the desktop backround is left, no icons, and CTRL ALT DEL gives the same error message, so no route to task manager.

I have tried Safe Mode, and the same happens, only without the background.

I can get into safe Mode with Command Prompt, but anything else I try from there (eg start .) comes up against the same error.

I have downloaded the malware tools found here, and put them onto a pen-drive, but cannot find a way of running them on the Compaq.

Does anyone have any suggestions that do not involve losing everything on the machine?
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,711 posts
  • MVP
On the good PC: Install Autorun Eater v2.4.
http://oldmcdonald.w...orun-eater-v24/

This will keep the infection from spreading back to the good PC via the USB drive.

In Command Prompt:

%systemroot%\system32\restore\rstrui.exe

or usually

\windows\system32\restore\rstrui.exe

then hit Enter. If System Restore comes up, choose one from a week or two ago and see if that works.

If not:

In Command Prompt, type msconfig and hit Enter. If it comes up, under Startup uncheck everything APPLY, under Services, first Hide Microsoft Services then uncheck everything. Apply and reboot. See if you can get into normal mode now.

If not, back into Command Prompt and try regedit.exe and hit Enter. Do you get the registry editor?

If not try:

cd \windows
copy regedit.exe regedit.com
regedit.com

Do you get the registry Editor now?

If not try:

cd \

(The prompt should show that you are in c:\. You may already be there when it opens. Just want to make sure.)

dir /a

If it finds a file called autorun.inf delete it as follows:

attrib -r -h -s autorun.inf

del autorun.inf

If it finds any files that end in .exe rename them as follows. Say it finds recycle.exe then:

attrib -r -h -s recycle.exe

ren recycle.exe recycle.bad

to run things from the pen drive you need to know what drive letter it gets when it gets plugged in. You can try D:

d:
(does it find it? if so then)

dir

(Is it the pen drive? If not try E: or F: ... Assuming you find it and you have OLT.exe on the drive:)

copy otl.exe c:\

c:

cd \

otl.exe

If it runs then it will create a log in c:\OTL.txt and c:\extras.txt

copy c:\otl.txt d:\

copy c:\extras.txt d:\

You should now have the logs on your pen drive.

If it won't run then try downloading the otl.scr version from
http://oldtimer.geekstogo.com/OTL.scr

and try again. Modify the copy command to say:

copy otl.scr c:\

c:

cd \

otl.scr

Ron

Edited by RKinner, 19 June 2010 - 09:41 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP