unknown virus

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Solved Re: unknown virus

Post by mhimmer14 on 18th January 2009, 1:23 am

It looks great from what I can tell! My desktop stopped dissapearing and it seems to be back to normal. Thank you sooooo much! I really appreciate all your help. Should I keep all of the files I downloaded on my desktop for a while just incase or can I delete them?

mhimmer14
Novice
Novice

Posts Posts : 18
Joined Joined : 2009-01-15
OS OS : windows XP
Points Points : 28870
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 18th January 2009, 1:25 am

Delete them please.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 18th January 2009, 1:29 am

Hello.
There's a few things we need to clean up before you go.
First, do this.

You are running Adobe Reader version 7.
Go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

  • Adobe Reader 7

Then download and install version 9 from here:
[You must be registered and logged in to see this link.]


  • Now open a new notepad file.
  • Input this into the notepad file:

    regedit /e peek1.txt "HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Policies"
    regedit /e peek2.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies"
    regedit /e peek3.txt "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies"
    type peek1.txt >> look.txt
    type peek2.txt >> look.txt
    type peek3.txt >> look.txt
    del peek*.txt
    start notepad look.txt

  • Save this as look.bat, save it to your desktop.
  • Double click look.bat to run it.
  • Copy and paste the report back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mhimmer14 on 18th January 2009, 2:18 am

so I did remove the Adobe Reader 7 and then it restarted but when it started back up it goes to a login page and is making me enter a password to get into my account. I've never done this and don't know what the password could be. I've tried all the passwords I could think of including admin and just entering but nothing works. I tried restarting it and nothing changes. So I can't get past the page and don't know what to do???

mhimmer14
Novice
Novice

Posts Posts : 18
Joined Joined : 2009-01-15
OS OS : windows XP
Points Points : 28870
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 18th January 2009, 1:14 pm

Not this again. Evil or enraged

Can you boot to safe mode and see if the admin account has a password on it?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mhimmer14 on 18th January 2009, 5:04 pm

I tried it in safe mode and nothing worked. The admin account was there but still couldn't get pass without a password. I tried just leaving it blank and trying admin and any other password I could think of but no luck so far!

mhimmer14
Novice
Novice

Posts Posts : 18
Joined Joined : 2009-01-15
OS OS : windows XP
Points Points : 28870
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 18th January 2009, 5:42 pm

Hello.
Sorry, but I found out why this happened.
That userinit I gave you was a copy of mine, which has caused this.
If you have your XP disc, we can try replacing the file from there.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mhimmer14 on 19th January 2009, 12:11 am

I actually don't have the XP discs with me, they are at my parents house 2hrs away. I can hopefully get them in the next few days but is there any other way around this other than using the discs??

mhimmer14
Novice
Novice

Posts Posts : 18
Joined Joined : 2009-01-15
OS OS : windows XP
Points Points : 28870
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 19th January 2009, 12:27 am

Unless we can get into dos mode somehow, we'll need the xp disc.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mhimmer14 on 19th January 2009, 2:47 am

My brother has an XP disc that he used to install on his own computer, will that work for what I need or do I need to have the specific one that came with my computer when I bought it?

mhimmer14
Novice
Novice

Posts Posts : 18
Joined Joined : 2009-01-15
OS OS : windows XP
Points Points : 28870
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 19th January 2009, 1:50 pm

Is it XP SP2 disc? if so, that will work.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 19th January 2009, 4:36 pm

Hi,
I'm mhimmer14's brother, and I've been helping her out a bit with following these instructions. The installation disc I have is XP SP2. What do you want us to do with it?

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 19th January 2009, 4:37 pm

We can use it for a repair install.
Put it in, and reboot the machine.

The machine should boot from the disc, and let it load.
It should come up with:
"Press R for repair install"


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 19th January 2009, 4:42 pm

Alright. I should be able to handle that.

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 19th January 2009, 4:42 pm

See this guide for more info:
[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 20th January 2009, 1:26 am

So I tried the repair installation, and the same thing keeps happening. I tried using the administrator account in both normal and safe modes, and it still says it's unable to log in. Do you have any ideas of what can be done now? Should I attempt to boot into DOS or linux via a cd and change some files around, or just take it somewhere and get it fixed?

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 20th January 2009, 1:29 am

Haha, Linux.
I don't have alot of time right now, about to head to bed.

If this can hold till after school for me, I'll do some search in school on how to use Linux for removing the password.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 20th January 2009, 1:35 am

It can wait. I just booted into Ubuntu to see if it would work, and I can navigate through all of the windows folders now. So if there is a file that needs to be changed or replaced, I can easily do that now.

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 20th January 2009, 1:48 am

And to clarify things a bit, I don't think there is a password associated with the accounts. I've used ophcrack and another bootable disc to check for passwords, and both say that there aren't any present. The second disc also ensured that the accounts weren't locked. The problem is that when trying to log on, it says "Unable to log you on because of an account restriction". And it says this for all accounts.

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 20th January 2009, 12:16 pm

Lets see if we can run the recovery console, if you have your XP disc, put it.

Then see this guide:
[You must be registered and logged in to see this link.]

Try doing the steps explained there.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 22nd January 2009, 1:48 am

I tried that, but the same thing kept happening. No progress whatsoever.

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 22nd January 2009, 1:52 am

I looked on a guide yesterday, if you delete this file:
C:\windows\system32\config\SAM
It blanks all windows passwords.

If you boot from Linux and delete the file, we can see if you can logon then.
If not, then we can try a repair install, see this guide for how to do that.
[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 23rd January 2009, 4:10 am

I tried deleting the SAM file and did a repair install, and the same thing happens. And now there are no accounts showing up on the welcome screen. Only the administrator account shows up while trying to boot into safe mode.

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 23rd January 2009, 5:02 pm

Hmmm.
Okay, does Linux allow cmd commands for the windows OS?
If so, please let me know.

If worst comes to worst, please backup your files that you need.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by mecheng09 on 30th January 2009, 2:42 am

I'm not completely sure one way or the other. If there is a command that you think might help, I can try it out. And I recently backed up all the files so the data is safe now.

mecheng09
Novice
Novice

Posts Posts : 14
Joined Joined : 2008-12-09
OS OS : Windows XP
Points Points : 29240
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Belahzur on 30th January 2009, 9:15 am

Type this in the command box.
control userpasswords2

It should give you the option to change user account passwords.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: unknown virus

Post by Doctor Inferno on 9th May 2009, 10:00 am

Since this issue has been addressed, a "solved" tag will be added and this topic will be closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a [You must be registered and logged in to see this link.] for your questions.


Please be a GeekPolice fan on [You must be registered and logged in to see this link.]



Have we helped you? [You must be registered and logged in to see this link.] | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Posts Posts : 11976
Joined Joined : 2007-12-26
Gender Gender : Male
OS OS : Windows 7 Home Premium and Ultimate X64
Protection Protection : Kaspersky PURE and Malwarebytes' Anti-Malware
Points Points : 104650
# Likes # Likes : 0

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum