| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 85813 | 2007-12-23 01:37:00 | My PC is infected by printer.exe and possibly ultimate defender | ineedhelp2008 (13207) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 623737 | 2007-12-23 07:08:00 | Turn off System Restore as well, right click My Computer>Properties> System Restore Tab. Re run the cleaners. Restore may be putting the infections back when the PC reboots - Its nice like that sometimes :rolleyes: |
wainuitech (129) | ||
| 623738 | 2007-12-23 07:13:00 | Turn off System Restore as well, right click My Computer>Properties> System Restore Tab. Re run the cleaners. Thats the main prob he/she tried it, it didnt work From a PM earlier to me I lost my administrator password, the Window XP boot CD and I cannot disable window system restore |
Speedy Gonzales (78) | ||
| 623739 | 2007-12-23 07:19:00 | I had a stubborn infection a little while ago and killbox sorted it out. I had to follow extensive online instructions to do it though, so I'm not about to give a runthrough. Surely there should be some comprehensive guides on the net somewhere? Google? Don't try using killbox yourself though... dangerous app that one. Especially in untrained (ie: my) hands. I'd probably say delete C:... that would solve your problem though... I believe that's the US militaries top tactic though... see a bad guy (virus), level a suburb. Nice of me to bring politics into the forum huh?... anyway. GL |
Thebananamonkey (7741) | ||
| 623740 | 2007-12-23 08:02:00 | Thats the main prob he/she tried it, it didnt work From a PM earlier to me I lost my administrator password, the Window XP boot CD and I cannot disable window system restore Awhhhhh in a PM - thats why I didn't see it in the posts:rolleyes: :lol: Is it a limited Account ? |
wainuitech (129) | ||
| 623741 | 2007-12-23 08:10:00 | Sent u a PM WT. He/she didnt say it was a limited account, just that he/she has lost the Admin password. |
Speedy Gonzales (78) | ||
| 623742 | 2007-12-23 08:31:00 | I Don't try using killbox yourself though . . . dangerous app that one . Especially in untrained (ie: my) hands . Killbox is just the same as HJT's Delete on Reboot . |
pctek (84) | ||
| 623743 | 2007-12-23 08:34:00 | Sent u a PM WT. He/she didnt say it was a limited account, just that he/she has lost the Admin password. Got it thanks Speedy - OK since it looks like the Admin needs to be entered, HERE (ophcrack.sourceforge.net/) is something that May work - then again it might not :p :nerd: I've had a 50 success rate with it. I personally have a program that can change the admin password - but thats no use here :mad: , so the above is worth a try, if you can get into safe mode VIA the admin account you can try to disable system restore.I think thats half the problem, when rebooting restore puts back the bugs. The link above is a program that runs from a bootable CD - but it can take hours to run and may or may not show you all passwords.Download page (sourceforge.net) but it is a 455Mb ISO file. Just a thought - download Nod32 Antivirus - Durhhh to me- Nod32 WILL get into restore, many other AV's cant. It may just clean them Nod Trial (www.eset.com) |
wainuitech (129) | ||
| 623744 | 2007-12-23 08:44:00 | This may disable System restore (www.kellys-korner-xp.com) Thats if you know what youre doing in the registry An alternative to the usual method of enabling and disabling Windows XP's System Restore feature is to use the registry. To use this alternative, perform the following steps: Start the registry editor (regedit.exe). Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore. If a "DisableSR" value doesn't exist, go to the Edit menu, select New, DWORD value, and create the value. Set the value to 1 to disable System Restore or 0 to enable System Restore. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\sr to prevent the System Restore service from starting. Double-click Start, and set the value to 4 to stop the service from starting or to 0 for normal startup. Close the registry editor. I think you can stop a service in a command prompt with net start (service), and net stop (service). For instance net stop wuauserv stops windows update service net start wuauserv restarts it. net start in the command prompt shows a list of services, you can start |
Speedy Gonzales (78) | ||
| 623745 | 2007-12-23 09:17:00 | Speedy - PM comming your way with a possible suggestion if poster no to happy about reg. | wainuitech (129) | ||
| 623746 | 2007-12-23 14:48:00 | sounds like smitfraud to me get smitrem and run it | drcspy (146) | ||
| 1 2 3 4 5 6 7 8 | |||||