dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
1604
share rss forum feed


artesian79

join:2001-10-16
West Chester, OH

What can I do when I cannot complete "Mandatory Steps....&q

I'm trying to help my nephew several states away. I've used Teamviewer to look at his system and know that it must be riddled with Malware.

I started down the mandatory steps, but can't even access Notepad to check word wrap since nothing shows up in Programs. Oh, he's running XP SP3+. Since those files were missing I first confirmed there were still programs in Files and Programs folder, I skipped to step 2 and d/l'd MBAM. It seems to install but at the very end before running it errors out with an error saying I don't have access, and rolls back.

I have a RootkitRevealer running now to see if I can see anything in it.

I did d/l a trial of AVG free and it ran and found things that I deleted, but there was a Trojan that it couldn't delete.

Is there anything I can do to get help here as I know little other than the name of Rootkit Revealer?

Thanks.



lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57

Re: What can I do when I cannot complete "Mandatory Steps..

We do indicate in our forum FAQ that you can rename the .exe files - then run the apps

Have you attempted that yet?



artesian79

join:2001-10-16
West Chester, OH

Hmmm, I didn't get notified by email of this note.

I thought I had, but will give it another try.

I have him looking for an IMG file that I sent to talk him through a restore as more Trojans keep popping up.



LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
reply to artesian79

It sounds as if the infection is reaching epic proportions.

The best course of action is to reformat and re-install. Either use the Factory installed recovery program/partition, or a Windows DVD.



artesian79

join:2001-10-16
West Chester, OH

Yes. They seem to have lost all the disks - the ones in a ziplock bag with "KEEP THESE" marked on it.

I give up and won't have access until later this evening.