After the initial infection, the computer began running a "IEXPLORE.EXE" thats no the actual internet explorer. I ran a number of virus scans with ZONE and it would tell me that IEXPLORE.EXE is trying to act as a server. It could not fix.
Tried System Restore. Still infected after. IEXPLORE.EXE process cannot be shut down via task manager.
Booted into safe mode to install and run a different Virus scan software. In safe mode, fake IEXPLORE.EXE is running and I cannot shut down the task manually.
NOW after i get to the desktop in safemode nothing will start! I can't run Hijackthis or any antivirus!
In normal mode, the computer is "loading" tons on start up and then auto restarts within 30-60 seconds.
Now safemode won't even load after F8 on startup ... gets stuck on "loading your personal settings".
tried using msconfig in my 60sec of normal mode to change to safeboot and got "an acces denied error was returned while attempting to change a service."
Need major help
2007-03-03 14:51:15 · 8 answers · asked by Jacob F 1 in Computers & Internet ➔ Security
Then I hope you have a full system backup you can restore from, because your system is now owned, by someone other than you.
You can try Regedit, and checking the Run keys in User and LocalMachine, (Software/Microsoft/Windows/CurrentVersion), and see if you can disable it from there, but it's a longshot.
Restore from full system backup, or reformat and re-install clean, is probably your best option.
2007-03-03 15:07:04 · answer #1 · answered by Raymond 3 · 1⤊ 0⤋
Try booting into safe mode with command prompt, or better yet, try booting off your windows xp CD into your recovery center. Many computer come with a copy of windows that you can do this from. You pop in the CD and hit a key when it says "Hit any key to boot form CD" or go to F8 and tell it to boot from the CD. Once there, it'll basically load basic things and you'll be at a blue screen with thext on it. It says "to repair installation, press R" Hit R. It will bring you to a command prompt-like screen.
From here, select your hard drive/partition where your operating system is installed (Should be C:\) by pressing the number next to it and pessing enter. It will ask you for a password. If you have an administrator password, enter it and press enter. If you don't, try just hitting enter- it works on mine.
From here you're in a command prompt. You can delete things, change values, and all sorts of thigns from here. If you know where the files is located, this "Iexplore.exe" then you can delete it from here. by using the "Del" command.
Try the least invasive routes first though! Type in "Fixboot" and "Fixmbr" which will do no harm, but may help.
If you know where the virus is, you can manually delte it. For example, if you wanted to delete something in C:\Documents and settings\stuff you hit CD and the name (C:\Documents and settings\stuff) and you'll be "in" that directory. Now, to delete a file named "virus.exe" from there, the path would be C:\Documents and settings\Stuff\Virus.exe. Since your're already at \Stuff, you type in "Del virus.exe" and you will delete that file/folder. :D
Otherwise you can run chkdsk and such and try that. Most of this stuff you will be guided through by using the "Help" command. Sorry if I'm a bit vague here, but I've never encountered a problem this serious, and I am mostly framiliar with the *theory* of this, though I have used the recovery center to fix my computer a few times.
If this doesn't work, you can always copy important data to external media by using "Copy" or "Xcopy" command. It works almost identically to the del command, except you have to specify to where you'll save it. To save "myfile.txt" from C:\documents and settings\stuff to your a folder on your A drive- a floppy disk- named "backupfolder", for example, and type Copy C:\Documents and settings\stuff\myfile.txt A:\Backupfolder
After you backup important information, you can safely resintall the operating system, do an in place upgrade, or reformat the hard drive and "Start fresh." you need an operating system CD for these, though, just as for the recovery console.To reformat your drive- deleting EVERYTHING ON IT- for example, if you wanted to do your C drive in NTFS (NTFS is better than any FAT, so I'd highly recommend you do this:) type Format C: /FS:NTSF and it will be done. Then reinstall windows and you get to start over.
If this sounds like a lot- and it is, because I had to crack open my A+ Certification Textbook to help you here- or you don't feel up to it, you can always get it fixed by certified A+ Techs at your local computer repair place- Best Buy, Circuit City, Comp USA, ETC.
Best of luck and don't hesitate to contact me if you need more help or clarifiaction!
2007-03-03 15:16:56 · answer #2 · answered by jhfd1234 3 · 0⤊ 0⤋
hiya mate :) attempt this: restart your computing device and whilst your on the video show which shows your organisation brand and theres a small handwriting on the backside asserting press "F(8?) for (boot?) menu. Press it and seek around till finally you detect equipment fix and fix some days be4 you obtain the virus or basically enter in secure mode and obtain a treatment :) or basically deliver it for fix. No, i do no longer propose your organisation workplace; basically some random computing device save which you have faith. i understand its obtrusive, yet its extra acceptable than screwing the completed computing device up! I incredibly have a splash brother who thinks he replaced right into a million,000 $s ordinary na d i've got had my honest share of viruses and the 1st technique fairly worked :) attempt posting your question on some anti-virus communicate board internet site. wish THIS facilitates :D
2016-12-14 10:07:43 · answer #3 · answered by Anonymous · 0⤊ 0⤋
Sounds like your drive is too infected for a simple fix. You might have to format your drive and reinstall your operating system. I'm a PC tech so if you need more help, feel free to send me an email (1newgoogad@ebusinesswiz.com)
Chuck
http://www.ebusinesswiz.com
2007-03-03 15:07:24 · answer #4 · answered by Dakota 5 · 1⤊ 0⤋
As soon as you switch on the computer press F8.
Select command prompt.
C:/dir
search and Delete the virus. file.
It will be in Programa~1
2007-03-03 15:05:18 · answer #5 · answered by essbebe 6 · 1⤊ 0⤋
Try the anti-spyware Ewido, its meant for the hard to get rid of spyware. Most likely it is being loaded with explorer as is done with the NAIL virus. do a regedit (run -> regedit) and look for
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/Shell
make sure its only explorer.exe elase its loading with explorer.exe.
2007-03-03 14:56:08 · answer #6 · answered by Anonymous · 1⤊ 0⤋
In your case I suggest taking a strong laxative and using a pencil will dramatically improve your start up.
2007-03-03 14:55:35 · answer #7 · answered by Anonymous · 0⤊ 1⤋