System Restore
in [Help and Support]
|
Prev: Downsizing from Windows 7 to XP Pro
Next: Safe mode (and variations) and Last known good config not working
From: sandy58 on 4 Apr 2010 08:01 On Apr 3, 2:32 pm, "Geoff" <geoff_b41(a)optusnet.com.au> wrote: > Win XP Pro SP3 and updates. I have been "hijacked" by XP Antispyware. > Despite all my efforts to get rid of it it keeps coming back. avdotexe seems > to be the culprit and despite using Malwarebytes, Spybot Search and Destroy > and SUPERAntiSpyware the damned malware keeps coming back. I am starting to > despair of getting rid of it! I tried using System Restore to an earlier > date when I had no problem but when the computer reboots it tells me that no > changes have been made! Where to now? Hope your e-mail works, Geoff.
From: Geoff on 5 Apr 2010 07:50 Thanks but I cannot get into Safe Mode.........I can bring up the choices (via F8 on bootup) but the arrow keys do not allow me to make a choice :-( The issue is presenting itself as shown here http://forums.malwarebytes.org:80/index.php?showtopic=38629 "db" <databaseben at hotmail dot com> wrote in message news:21910712-B490-4FD3-8BB7-E54481C6F67E(a)microsoft.com... > there are a number of > things you can do to > rid yourself of an issue. > > however, I am unclear > as to how the issue is > presenting itself to you. > > but what you might try > is to boot into safe mode. > because it is unlikely that the > problem you are seeing > will show up in safe mode. > > while in safe mode my first > attempt to resolve the > issue is to initiate a > clean boot. > > a clean boot will prevent > programs from staring up > with windows in normal > mode. > > I believe that the above > is a first good try towards > resolving the problem > because there may be > a startup that is disguised > as being something useful > when in fact it is malware. > > if the above pans out, > then you are on the right > path for resolving the issue. > > -- > > db���`�...�><)))�> > DatabaseBen, Retired Professional > - Systems Analyst > - Database Developer > - Accountancy > - Veteran of the Armed Forces > - Microsoft Partner > - @hotmail.com > ~~~~~~~~~~"share the nirvana" - dbZen > >> >> > > "Geoff" <geoff_b41(a)optusnet.com.au> wrote in message > news:4bb73577$0$5591$afc38c87(a)news.optusnet.com.au... >> Win XP Pro SP3 and updates. I have been "hijacked" by XP Antispyware. >> Despite all my efforts to get rid of it it keeps coming back. avdotexe >> seems to be the culprit and despite using Malwarebytes, Spybot Search and >> Destroy and SUPERAntiSpyware the damned malware keeps coming back. I am >> starting to despair of getting rid of it! I tried using System Restore >> to an earlier date when I had no problem but when the computer reboots it >> tells me that no changes have been made! Where to now? >> >> >>
From: "db" databaseben at hotmail dot on 5 Apr 2010 12:00 personally I never heard of that program and should be listed at the stopbadware site. I saw that there was a solution provided at the link you cited, but it proved useless to you. would be nice if someone would sue the manufacturer in civil court for damages and distress. in any case I am going to provide some of the steps that I would basically use to rid unwanted programs. ------------------- what you might try then is to boot into normal mode since this is the only option you have at the menu. step 1: initiate a clean boot by start>run>msconfig under that startup tab disable all the items that are checked as enabled. then apply to save changes. step 2: then before you click ok/close msconfig double check the services tab. and see if there are third party services that are suspicious. in particular look for any items that may relate to spywares and antivirus programs. such services are not included with the windows o.s. are can be disabled. then click save if needed and ok out of msconfig. step 3: open task manager via ctrl+alt+del look for that rogue file or the rogue software under the process tab. if you find it, then kill it. step 4: before rebooting go to program files and see if there is a folder pertaining to that rogue software. if so then delete it or as much of its contents as possible. step 5: reboot and let us know of the results of each step above. if the above proves useless, step 6: then you might try to download process explorer from microsoft. then use it to track down the files that are supporting the rogue process and delete them. step 7: if the above still proves useless then the ultimate option you have to exercise it to replace the infected registry with one that is safely stored on your system. however, you will need a xp cd to boot into the recovery console to do the above. -- db���`�...�><)))�> DatabaseBen, Retired Professional - Systems Analyst - Database Developer - Accountancy - Veteran of the Armed Forces - Microsoft Partner - @hotmail.com ~~~~~~~~~~"share the nirvana" - dbZen > > "Geoff" <geoff_b41(a)optusnet.com.au> wrote in message news:4bb9ce70$0$11181$afc38c87(a)news.optusnet.com.au... > Thanks but I cannot get into Safe Mode.........I can bring up the choices (via F8 on bootup) but the arrow keys do not allow me to > make a choice :-( > > The issue is presenting itself as shown here http://forums.malwarebytes.org:80/index.php?showtopic=38629 > > > > > "db" <databaseben at hotmail dot com> wrote in message news:21910712-B490-4FD3-8BB7-E54481C6F67E(a)microsoft.com... >> there are a number of >> things you can do to >> rid yourself of an issue. >> >> however, I am unclear >> as to how the issue is >> presenting itself to you. >> >> but what you might try >> is to boot into safe mode. >> because it is unlikely that the >> problem you are seeing >> will show up in safe mode. >> >> while in safe mode my first >> attempt to resolve the >> issue is to initiate a >> clean boot. >> >> a clean boot will prevent >> programs from staring up >> with windows in normal >> mode. >> >> I believe that the above >> is a first good try towards >> resolving the problem >> because there may be >> a startup that is disguised >> as being something useful >> when in fact it is malware. >> >> if the above pans out, >> then you are on the right >> path for resolving the issue. >> >> -- >> >> db���`�...�><)))�> >> DatabaseBen, Retired Professional >> - Systems Analyst >> - Database Developer >> - Accountancy >> - Veteran of the Armed Forces >> - Microsoft Partner >> - @hotmail.com >> ~~~~~~~~~~"share the nirvana" - dbZen >> >>> >>> >> >> "Geoff" <geoff_b41(a)optusnet.com.au> wrote in message news:4bb73577$0$5591$afc38c87(a)news.optusnet.com.au... >>> Win XP Pro SP3 and updates. I have been "hijacked" by XP Antispyware. Despite all my efforts to get rid of it it keeps coming >>> back. avdotexe seems to be the culprit and despite using Malwarebytes, Spybot Search and Destroy and SUPERAntiSpyware the damned >>> malware keeps coming back. I am starting to despair of getting rid of it! I tried using System Restore to an earlier date when >>> I had no problem but when the computer reboots it tells me that no changes have been made! Where to now? >>> >>> >>> > >
From: Jose on 6 Apr 2010 07:20 On Apr 5, 7:50 am, "Geoff" <geoff_...(a)optusnet.com.au> wrote: > Thanks but I cannot get into Safe Mode.........I can bring up the choices > (via F8 on bootup) but the arrow keys do not allow me to make a choice :-( > > The issue is presenting itself as shown herehttp://forums.malwarebytes.org:80/index.php?showtopic=38629 > > "db" <databaseben at hotmail dot com> wrote in messagenews:21910712-B490-4FD3-8BB7-E54481C6F67E(a)microsoft.com... > Why are you trying to boot in Safe Mode? Do you mean you press F8, get the XP boot options menu and your keyboard does not work so you can choose Safe Mode? You do not remove this malware in Safe Mode. The ability to boot in Safe Mode doesn't really matter since the removal instructions in the link provided do not say anything about booting in Safe Mode. If Safe Mode is broken, we can fix it later. You can "try" to do things in Safe Mode that "might work", but doesn't it make more sense to follow the removal instructions that "do work" instead of just trying things that might work? What part of removal the instructions are not working for you? I do not understand the logic of not following directions that have been proven to work.
From: Geoff on 7 Apr 2010 03:48 Thanks for your ideas but I have now managed to rid myself of the offending malware. Used various programs that gave the name of the malware within the registry, prefetch, Windows System32 areas and where the antimalware was not able/did not remove the offending entries I have done so manually. However, I am still stuck with not being able to choose Safe Mode (or any other mode) in the XP boot options menu when using the F8 key. I look forward to your help with how to solve this problem. "Jose" <jose_ease(a)yahoo.com> wrote in message news:e035d054-85d9-4ae1-809d-eee6546d04c9(a)x3g2000yqd.googlegroups.com... On Apr 5, 7:50 am, "Geoff" <geoff_...(a)optusnet.com.au> wrote: > Thanks but I cannot get into Safe Mode.........I can bring up the choices > (via F8 on bootup) but the arrow keys do not allow me to make a choice :-( > > The issue is presenting itself as shown > herehttp://forums.malwarebytes.org:80/index.php?showtopic=38629 > > "db" <databaseben at hotmail dot com> wrote in > messagenews:21910712-B490-4FD3-8BB7-E54481C6F67E(a)microsoft.com... > Why are you trying to boot in Safe Mode? Do you mean you press F8, get the XP boot options menu and your keyboard does not work so you can choose Safe Mode? You do not remove this malware in Safe Mode. The ability to boot in Safe Mode doesn't really matter since the removal instructions in the link provided do not say anything about booting in Safe Mode. If Safe Mode is broken, we can fix it later. You can "try" to do things in Safe Mode that "might work", but doesn't it make more sense to follow the removal instructions that "do work" instead of just trying things that might work? What part of removal the instructions are not working for you? I do not understand the logic of not following directions that have been proven to work.
First
|
Prev
|
Pages: 1 2 Prev: Downsizing from Windows 7 to XP Pro Next: Safe mode (and variations) and Last known good config not working |