Security issues with windows

  • Thread starter Thread starter CathyZ
  • Start date Start date
C

CathyZ

I think my system is seriously compromised. With IE, the home page is listed
as thecoolpics.net and I cannot change it because the home page box is all
grayed out and I cannot get into it. I also tried to go into regedit, and
the error message comes up that "registry editing has been disabled by the
administrator", yet there is only one user on the system, and therefore has
administrator rights. I downloaded subinacl.exe and tried to use it, but it
briefly shows up on the screen and closes.

I did an online scan with trendmicro/housecall, while it found some
cookies/grayware/spyware, which were deleted, I am still having the problems
with IE, regedit and subinacl.

What options do I have to clean up windows and get into some of the programs
that I need to?

CathyZ
 
CathyZ wrote:

> I think my system is seriously compromised. With IE, the home page is
> listed as thecoolpics.net and I cannot change it because the home page box
> is all
> grayed out and I cannot get into it. I also tried to go into regedit, and
> the error message comes up that "registry editing has been disabled by the
> administrator", yet there is only one user on the system, and therefore
> has administrator rights. I downloaded subinacl.exe and tried to use it,
> but it briefly shows up on the screen and closes.
>
> I did an online scan with trendmicro/housecall, while it found some
> cookies/grayware/spyware, which were deleted, I am still having the
> problems with IE, regedit and subinacl.
>
> What options do I have to clean up windows and get into some of the
> programs that I need to?

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, get guided help. Choose one of the specialty forums
listed at the first link. Register and read its posting FAQ. You will
generally be asked to:

1. Download and execute HiJack This! (HJT) -
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap - In Notepad.exe Format --> uncheck "Word
wrap"

3. Download/run Deckard's System Scanner -
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post at the
forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS.

Standard disclaimer: I can't see and test your computer myself, so these are
just suggestions based on many years of being a professional computer tech
suggestions based on what you've written. You should not take my
suggestions as a definitive diagnosis. If you can't do the work yourself
(and there is no shame in admitting this isn't your cup of tea), take the
machine to a professional computer repair shop (not your local equivalent
of BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may be
so infested that Windows will need to be clean-installed. If possible, have
all your data backed up before you take the machine into a shop.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
 
Back
Top