Sign in with
Sign up | Sign in
Your question

Windows XP misbehaves after virus/trojan problems

Last response: in Windows XP
Share
Anonymous
May 7, 2004 11:47:42 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

Hello,

I have Windows XP Home on a PC belonging to a friend, and I'd be
grateful for some advice.

Here's the fault: booting the PC in Normal mode gives a normal-looking
desktop - but d-clicking the Internet Explorer icon gives the hour-glass,
makes all of the shortcuts (and the Taskbar) disappear for about half a
minute, allows no launch of IE at all, and then the icons and Taskbar
reappear as if nothing had happened ready for another try. The same thing
happens with the Recycle bin, and with most of the icons on the Start menu -
i.e. they cause the 'Start' panel to vanish & reappear without activating
anything when double-clicked, and all that's viewable is the wallpaper on
the blank Desktop.. Trying the same things in Safe Mode gives Windows-normal
functionality (as far as Safe Mode can) - but the owner can't run in Safe
Mode and get his email etc.

Attempted remedy: a late version of AVG was loaded from a CD and run,
and has identified and removed some trojans (Downloader.Small, Dialer,
Stubby, and various releases of Dyfica, Swizzor and Keenval), but to no
avail. I suspect that something may be wrong in the Registry, but don't know
exactly where to look ... I can also say that switching off everything in
the System Configuration Utility has no effect on the problem.

Any info or helpful suggestions would be greatly appreciated - TIA :o )


Phil


--
Many thanks,

Philip Andrews

++++++++++++++++++ Website: ++++++++++++++++++++
http://mysite.freeserve.com/beltechservices/
+++++++++++++++++++++++++++++++++++++++++++++++++


---
Outgoing mail is certified Virus Free by Grisoft AVG 6.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.677 / Virus Database: 439 - Release Date: 04/05/2004
Anonymous
May 7, 2004 11:47:43 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

"Philip Andrews" <phil@philandrews.freeserve.co.uk> wrote in message
news:ed8Nh8$MEHA.2064@TK2MSFTNGP12.phx.gbl
> Hello,
>
> I have Windows XP Home on a PC belonging to a friend, and I'd be
> grateful for some advice.
>
> Here's the fault: booting the PC in Normal mode gives a
> normal-looking desktop - but d-clicking the Internet Explorer icon
> gives the hour-glass, makes all of the shortcuts (and the Taskbar)
> disappear for about half a minute, allows no launch of IE at all, and
> then the icons and Taskbar reappear as if nothing had happened ready
> for another try. The same thing happens with the Recycle bin, and
> with most of the icons on the Start menu - i.e. they cause the
> 'Start' panel to vanish & reappear without activating anything when
> double-clicked, and all that's viewable is the wallpaper on the blank
> Desktop.. Trying the same things in Safe Mode gives Windows-normal
> functionality (as far as Safe Mode can) - but the owner can't run in
> Safe Mode and get his email etc.
>
> Attempted remedy: a late version of AVG was loaded from a CD and
> run, and has identified and removed some trojans (Downloader.Small,
> Dialer, Stubby, and various releases of Dyfica, Swizzor and Keenval),
> but to no avail. I suspect that something may be wrong in the
> Registry, but don't know exactly where to look ... I can also say
> that switching off everything in the System Configuration Utility has
> no effect on the problem.
>
> Any info or helpful suggestions would be greatly appreciated - TIA
> :o )
>
>
> Phil

Open the Internet Options applet in Control Panel
Uncheck "Enable third-party browser extensions" on the Advanced tab.
You may also have to set the Home Page to about:blank

Then eliminate any scumware.
See
Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
http://mvps.org/winhelp2002/unwanted.htm

Note that AdAware and SpyBot S & D will each catch some things the other
won't. Also, each needs to be updated with the program's update function
before every use, even when just downloaded. There's also a lot more to do
than just those two programs. CWShredder is also available here:
http://www.kellys-korner-xp.com/regs_edits/cwshredder.z...
**Post your HijackThis log to
http://forums.spywareinfo.com/ or the Spyware forum at
http://forum.aumha.org/ for expert analysis, not here.**
Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder
may be found on this page:
http://aumha.org/a/parasite.htm.

If trying everything at that site does not fix the problem please post back
in the same thread.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/
Anonymous
May 8, 2004 4:36:22 AM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

Hello Frank,

"Frank Saunders, MS-MVP" <franksaunders@mvps.org> wrote in message
news:o UjwgnBNEHA.1032@tk2msftngp13.phx.gbl...


> Open the Internet Options applet in Control Panel
> Uncheck "Enable third-party browser extensions" on the Advanced tab.
> You may also have to set the Home Page to about:blank

That alone got me straight back into normal operation - many thanks.


> Then eliminate any scumware.
> See
> Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
> http://mvps.org/winhelp2002/unwanted.htm

> Note that AdAware and SpyBot S & D will each catch some things the other
> won't. Also, each needs to be updated with the program's update function
> before every use, even when just downloaded. There's also a lot more to
do
> than just those two programs. CWShredder is also available here:
> http://www.kellys-korner-xp.com/regs_edits/cwshredder.z...

CWShredder found Searchx: SpyBot S&D and AdAware have both subsequently
found (and cleaned) huge lists of bad Registry entries of Data Miners and
Malware, probably to do with ignorantly surfing or logging-onto 'dodgy'
websites.


> If trying everything at that site does not fix the problem please post
back
> in the same thread.

So far, so good - the PC still seems to work OK after reboot. Once
again, many thanks for your help. I'll advise this guy to use boxing gloves
in future, when he's trying to work his keyboard - he'll get into a lot less
trouble that way :o )


Regards,

Phil Andrews





---
Outgoing mail is certified Virus Free by Grisoft AVG 6.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.678 / Virus Database: 440 - Release Date: 07/05/2004
Anonymous
May 9, 2004 6:41:39 PM

Archived from groups: microsoft.public.windowsxp.newusers (More info?)

"Philip Andrews" <phil@philandrews.freeserve.co.uk> wrote in message
news:o 0pmKwINEHA.3052@TK2MSFTNGP12.phx.gbl
> Hello Frank,
>
> "Frank Saunders, MS-MVP" <franksaunders@mvps.org> wrote in message
> news:o UjwgnBNEHA.1032@tk2msftngp13.phx.gbl...
>
>
>> Open the Internet Options applet in Control Panel
>> Uncheck "Enable third-party browser extensions" on the Advanced tab.
>> You may also have to set the Home Page to about:blank
>
> That alone got me straight back into normal operation - many
> thanks.
>
>
>> Then eliminate any scumware.
>> See
>> Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
>> http://mvps.org/winhelp2002/unwanted.htm
>
>> Note that AdAware and SpyBot S & D will each catch some things the
>> other won't. Also, each needs to be updated with the program's
>> update function before every use, even when just downloaded.
>> There's also a lot more to do than just those two programs.
>> CWShredder is also available here:
>> http://www.kellys-korner-xp.com/regs_edits/cwshredder.z...
>
> CWShredder found Searchx: SpyBot S&D and AdAware have both
> subsequently found (and cleaned) huge lists of bad Registry entries
> of Data Miners and Malware, probably to do with ignorantly surfing or
> logging-onto 'dodgy' websites.
>
>
>> If trying everything at that site does not fix the problem please
>> post back in the same thread.
>
> So far, so good - the PC still seems to work OK after reboot. Once
> again, many thanks for your help. I'll advise this guy to use boxing
> gloves in future, when he's trying to work his keyboard - he'll get
> into a lot less trouble that way :o )
>
>
> Regards,
>
> Phil Andrews

Thanks for the feedback.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/
!