Posted on 03/09/2010 8:25:00 AM PST by Williams
Some of these malware and hijack programs leave things behind when they are “removed”. Nasty things, like programs that harvest accounts info and passwords for online banking. I would always reformat and reinstall.
I was going to suggest nuking the laptop from orbit (it’s the only way to be sure), but then I saw your post.
I would disable the NIC card before running any of the fixes, just for the heck of it.
"Even in safe mode the computer opens to this screen only. There is no ability to close the window or to use ctrl alt delete."
That's why I recommended using the boot disk to go to safe mode.
As stated earlier, you cannot get to windows apps so don’t bother trying. You need an emergency boot disk such as Kaspersky. I believe you can make a boot disk from the Kaspersky trial version (using a friend’s machine). Set your machine to boot off the cd and run the antivirus app.
That's why I said to put the OS Disk in the drive and have it boot off of that. It boots from a clean OS and bypasses the registry on the computer.
Throw it in the
You do indeed have a bad virus and it’s one that probably came through an email. It is almost impossible to get rid of once it is in place. Last year my office computer became infected with this pest because the tech group temporarily shut down some AV and firewall protections for testing and forgot to turn it back on. I am on the information technology faculty side of our university and our security experts and I could not come up with a fix so the machine had to be reimaged. It affected any machine, Windows, Linux or Apple that received an email during that time from whatever the source and a few became infected when an infected machine sent an email to an uninfected machine. Good luck and I hope you have a recent backup.
For less than $30, you can get a kit that allows you to connect a disk to another computer via USB (inc. SATA, 3.5” IDE, and 2.5” IDE). My advice: get a kit (readily available on ebay), remove the disk from the laptop, and plug it into another computer using the kit. Once the file system is recognized, run a full deep scan on it using a product like Avast! (free). Let us know how it works out...
My daughter got that on her laptop from Facebook. As somebody mentioned earlier, google it and there are instructions on Youtube that shows exactly what to do.
Step 1 (this freaks many people out.....) Disable System Restore. If you clean a virus without taking this step, often times it comes right back. I have yet to have to reinstall an OS due to malware, but if that were the next step, System Restore won't) do you any good anyway.
2) Disable any running antivirus program.
3) Hit Start. In the "start search" line (vista, right?) paste the following: (excluding the "'s)
"iexplore.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe"
This takes you directly to the combofix executable. Save it to your desktop and run it. Answer Yes to the "combofix is not affiliated...." statement, NO to the Recovery console, and let it do its thing.....should progress through over 50 stages and then produce a text file. I typically download and run Superantispyware free or malwarebytes after combofix, but combofix will at least get you functional.
If your malware infection stops the combofix download, it will need the work of a professional to remove the infection. There's more that can be done, but it's too complicated to describe here.
Good Luck
Use ALT + F4 to close. Not the X, not right click. Even if it closes out something you're working on, it's better to do that than to enable spyware. I have seen that move prevent the spyware from executing in some cases.
If they cannot get to the windows app in any mode, how can they run those steps?
I have had this problem before and solved it every time with the help of the people at majorgeeks.com. Just go to their forum and follow the instructions for malware removal and you will be rid of your problem. It might take all day or a couple of days but you are guaranteed success based on my experience. They are very, very knowledgeable and have all the tools you need to fix your computer.
Here is the link: MajorGeeks Forum
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.