dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1661

artesian79
join:2001-10-16
West Chester, OH

artesian79

Member

What can I do when I cannot complete "Mandatory Steps....&q

I'm trying to help my nephew several states away. I've used Teamviewer to look at his system and know that it must be riddled with Malware.

I started down the mandatory steps, but can't even access Notepad to check word wrap since nothing shows up in Programs. Oh, he's running XP SP3+. Since those files were missing I first confirmed there were still programs in Files and Programs folder, I skipped to step 2 and d/l'd MBAM. It seems to install but at the very end before running it errors out with an error saying I don't have access, and rolls back.

I have a RootkitRevealer running now to see if I can see anything in it.

I did d/l a trial of AVG free and it ran and found things that I deleted, but there was a Trojan that it couldn't delete.

Is there anything I can do to get help here as I know little other than the name of Rootkit Revealer?

Thanks.

lilhurricane
Crunchin' For Cures
Numquam oblita
join:2003-01-11
Purple Zone

lilhurricane

Numquam oblita

Re: What can I do when I cannot complete "Mandatory Steps..

We do indicate in our forum FAQ that you can rename the .exe files - then run the apps

Have you attempted that yet?

artesian79
join:2001-10-16
West Chester, OH

artesian79

Member

Hmmm, I didn't get notified by email of this note.

I thought I had, but will give it another try.

I have him looking for an IMG file that I sent to talk him through a restore as more Trojans keep popping up.

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

LoPhatPhuud to artesian79

MVM

to artesian79
It sounds as if the infection is reaching epic proportions.

The best course of action is to reformat and re-install. Either use the Factory installed recovery program/partition, or a Windows DVD.

artesian79
join:2001-10-16
West Chester, OH

artesian79

Member

Yes. They seem to have lost all the disks - the ones in a ziplock bag with "KEEP THESE" marked on it.

I give up and won't have access until later this evening.