TechSpot

What to do when you can't use desktop?

By jbone
Jul 27, 2008
  1. Hey-

    I've been reading the preliminary removal instructions for viruses, and it would seen as though I have to download everything (hijack this, etc.) onto my desktop.
    Unfortunately for me, nothing appears on my desktop. So my question is, do these programs work just as well somewhere other than the desktop?
    If you need more information to answer, just let me know.

    -jbone
     
  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    All the download links are external (you are not downloading from TechSpot)

    In Step 4 if you select HiJackThis to download ie H E R E when you press "Save" you need to use the save location "drop down box" to wherever you want it. ie Desktop
     
  3. adu123

    adu123 TS Maniac Posts: 278

    Are you saying nothing show up on the desktop (except wallpaper) when you login? If so, try to boot in safe mode to see what happen.
     
  4. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Oh you can't see the desktop programs

    Try Start-->Run-->Desktop
     
  5. adu123

    adu123 TS Maniac Posts: 278

    I think what he tried to say is: when I save the tools to my desktop,they won't show up", I'm not sure though.
     
  6. CCT

    CCT TS Evangelist Posts: 2,653   +6

  7. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Have you purchased a legal version of Windows yet?
     
  8. jbone

    jbone TS Rookie Topic Starter Posts: 40

    Sorry for this delayed response.
    When I said I can't see my icons, I should have added that there is no start bar either, nor the ability to open task manager (the virus set the administrative privileges). Pressing Windows Key+R doesn't open the Run window, either.
    @Blind Dragon: I have genuine Windows.
     
  9. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

  10. jbone

    jbone TS Rookie Topic Starter Posts: 40

    Nope, ctrl-alt-delete does not work. It brings an error message that says the administrator has disabled task manager.
     
  11. CCT

    CCT TS Evangelist Posts: 2,653   +6

    Have you tried booting to Safe Mode?

    Have you tried a Repair Install then IMMEDIATE boot to Safe Mode?
     
  12. jbone

    jbone TS Rookie Topic Starter Posts: 40

    When I boot to safe mode, I get "safe mode" in all four corners, and a black background instead of mine, but everything else is the same. I do have the ability to log in as administrator when I boot to safe mode, though.

    And I don't know what Repair Install is.
     
  13. CCT

    CCT TS Evangelist Posts: 2,653   +6

  14. jbone

    jbone TS Rookie Topic Starter Posts: 40

    Thank you for giving me that link. :) I want to back up some important files before I try, though, and I need to order a few extra flash drives.

    Now, I read the whole thing, and it never really said if doing this remove viruses. What do you think?
     
  15. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    A repair install leaves your programs and files in tact and the only thing you have to do is reapply MS updates - but it doesn't remove viruses - it will repair damage done by viruses but not remove them - for that you need a "clean" install
     
  16. CCT

    CCT TS Evangelist Posts: 2,653   +6

    I always assume people have SOME AV on their comp and a repair will let them boot to Safe Mode and use them.

    If you don't, then buy a second HD, remove the one that has a problem, re-install FRESH on the new one and download every anti-virus listed here in the spyware section preliminary removal area, slave the old HD, then run every virus programme known to mankind on the slave.
     
  17. adu123

    adu123 TS Maniac Posts: 278

    just let you know that if those files are infected, and you restore them after your computer is clean, you'll just putting the infection back again!

    As Blind Dragon said, repair install will not remove the virus, unless you are sure you can clean the infection in safe mode, I would recommend clean install instead.
     
  18. jbone

    jbone TS Rookie Topic Starter Posts: 40

    Err... I'm not as smart as you guys with computers, and I don't know how to run a HD as a slave, although I get the basic idea (if that makes sense).


    P.S.: Do you know where I can get a cheaper HD just to put AV on it?

    P.P.S.: Can one copy of XP be used on 2 different drives, because if not, I don't believe I can get a new copy from Microsoft anymore.

    sorry if i sound incompetent.
     
  19. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Alright I suppose I can put some effort into this...

    Can you boot into last known good configuration (from the F8 menu like safe mode)
    if that doesn't work

    Do you have the recovery console installed?
    If yes select that from the boot menu

    or you can boot from your Windows CD and go to the recovery console if not

    -----------------------------------------------------------------------

    Either way when you get to the Recovery Console prompt, type cd \ and press "Enter".

    Type cd system~1\_resto~1 and press "Enter"

    Type dir and press "Enter".

    After you press enter you will see a list of folders (like rp1, rp2) If the list of restore points has more than one page then press the "Enter" key until you reach the end of the list

    Type cd rp {number of the second to last folder in the list} and press "Enter".
    Note: Example: cd rp9 if the last restore point is rp10

    Type cd snapshot and press "Enter".

    Type copy _registry_machine_system c:\windows\system32\config\system and press "Enter".

    Type copy _registry_machine_software c:\windows\system32\config\software and press "Enter".

    Type exit and press "Enter".

    Your PC will reboot.

    =======================

    If you get an access denied error when doing the above, then do the following at the recovery console:

    Type cd \ and press "Enter".

    Type cd windows\system32\config and press "Enter".

    Type ren system system.bak and press "Enter".

    Type exit and press "Enter".

    Your PC will reboot, go back into the Recovery Console and start from the beginning.
     
  20. adu123

    adu123 TS Maniac Posts: 278

    You're making things complicated here!

    You don't have to buy another hard drive! Why don't you just re-format your computer and re-install it?? All you need is a Windows XP disk, or recovery discs. If you don't know how to re-format your HD, this tutorial http://www.techspot.com/vb/topic53502.html will teach you how to do it, good luck:)
     
  21. jbone

    jbone TS Rookie Topic Starter Posts: 40

    I will try to reboot to last known good configuration.

    @adu123: I don't want to reformat the HD because many files I need are still on there.
     
  22. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Download RatsCheddar
    http://rathat.geekstogo.com/Applications/RatsCheddar.zip

    It contains a program written by Rathat, and it is a Policy Controller.
    Save and extract this program to the desktop.
    Once extracted, click on the RatsCheddar.exe file.
    Enable everything, then click Exit
    Reboot your Computer.

    This may do it! In Safe Mode (damn, did you say safe mode works or not?)
    Yes :)
     
  23. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,069

    Ok try this download combofix from the link below and run it if it does not let you run it rename combofix to CBF then run it then download smitfraudfix and run that to but in safe mode.

    ComboFix

    • Download ComboFix to your desktop.
    • Double click combofix.exe & follow the prompts.
    • A window will open with a warning.
    • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.

    Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

    Combofix will automatically save the log file to C:\combofix.txt

    ---------------------------------

    SmitfraudFix

    • Download SmitFraudFix to your deskop
    • reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
    • Double-click SmitfraudFix.exe
    • Select 2 and hit Enter to delete infect files.
    • You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    • The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    • A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt (Attach the log to your next reply)
     
  24. jbone

    jbone TS Rookie Topic Starter Posts: 40

    Oh wow thank you both. I just found out that I have access to a Windows Explorer window (but no icons on the desktop or start bar). Should I connect to the internet to download these or download onto a disc/flash drive from another computer?
     
  25. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,069

    yes then boot into safe mode and run Smitfraudfix then reboot into normal mode and run combofix
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...