Halp! (Virus/trojan/malware ahhh)

[Kateness]

Okay.

I might have the same problem as the Windows Vista Virus Removal 2012 problem in the thread referenced below. But I don't have any png.exe files running.

Here's what I have/have done:

Pop-up showed up.

I did not click on anything.

I shut my computer down immediately. I ran in safe mode.

I ran Malwarebytes. It picked stuff up. Meanwhile, the AV Removal things kept popping up. I opened up task manager and found two hinky processes. (neither were png.exe). I ended the processes. The programs closed and have not shown up again.

I restarted in normal. Now things got hinky again. This time, it wouldn't let me start any program. (It would ask me what program I wanted to use to open it).

It will, however, let me run things as administrator.That's how I'm online right now. I also have my regular antivirus (eset) running right now.

I'm not seeing any popups. I'm not seeing any weird processes. I'm just not able to run things as a normal user and I'm scared to open too many things as administrator in case I'm doing myself even more damage.

by deleting those two processes, did I delete something vital that has totally screwed up my computer?

Please help...even if it's to tell me to start shopping for a new laptop.

 

[Deleted member 42]

I suspect you may have munged your Register for that User when you shut down your computer unexpectedly, but I'm sure someone with more recent Windows expertise will be along to help you out.

 

[Kateness]

That would be so like me.

Accidentally fix the virus problem but manage to totally fk my computer up anyway.

 

[alleycat]

You can always look up processes you're not familiar with. You can just use Google, or go to ProcessLibrary.com

They might be okay. Whenever you shut down your computer like that you will get legitimate additional processes running afterward for a short time.

 

[Kateness]

Well, when I ended them, the pop-ups vanished. (not trying to be snarky, just frustrated and totally computer-deficient)

 

[alleycat]

Have you done a complete "cold" shutdown after clearing your cookies, cache, and any other temporary files.

 

[alleycat]

Well, when I ended them, the pop-ups vanished. (not trying to be snarky, just frustrated and totally computer-deficient)

You, be snarky to me? Heaven forbid.


;-)

 

[Kateness]

Have you done a complete "cold" shutdown after clearing your cookies, cache, and any other temporary files.

Well, if you tell me how, I promise to try as soon as my anti-virus finishes running

 

[alleycat]

And no, just ending a process won't destroy your computer. It could, if you end the wrong process, screw things up until you reboot.

 

[Kateness]

Okay. Could a hard shutdown (i.e. just hitting the power button until it goes black) screw it up? If so, how do we fix that one?

 

[alleycat]

Well, if you tell me how, I promise to try as soon as my anti-virus finishes running

I would normally recommend a cleaner (just as ATF Cleaner or CleanUp!) but I'm not sure there's a Vista version. I'll go see.

For now, after your scan completes, shut the computer down totally. Let it sit for a few seconds, then reboot it and see what happens.

BTW, I'm working a little in the dark because I don't use Vista.

 

[alleycat]

Okay. Could a hard shutdown (i.e. just hitting the power button until it goes black) screw it up? If so, how do we fix that one?

It could, but most of the time it wouldn't.

 

[alleycat]

Don't worry about it right now, but at some point in the future you might want to get CCleaner.

http://download.cnet.com/ccleaner/

 

[Kateness]

It could, but most of the time it wouldn't.

With me?

If it could happen.

It probably did.

More useful(?) info:

When I go to the control panel, it allows me to access some things.

But for other things, it comes up with a message "C:\Windows\System32\rundll32.exe Application Not Found"

 

[alleycat]

Hold on. The malware has probably caused a problem with your rundll file.

I'll go see if Microsoft as a "Fix It" for me solution for this. If not, you're probably going to need to reload the file.

 

[alleycat]

Will it let you go to System Restore?

I'm not sure where this is found on Vista. Try Start > Help and Support.

 

[Keisha Perry]

Your problem sounds like the exact same thing I had happen to a couple of our computers at home, and of course being the Tech Savvy family member I spent a couple hours trying to fix it.

I'm a Network Admin so I could explain the detailed process of finding registry files and OS file and editing them, but frankly it's a bother to do for anyone regardless of skill level.

What did work for me was booting in safe mode and then using windows system restore. Hopefully your PC will have set restore points whenever software or updates were installed (this is standard setting).

Steps:
Boot in safe mode.
Open windows menu.
Type "system restore" in search bar.
Select Program System Restore.
Choose your restore point. Either Recommended, or pick your own from all the points windows has saved.
Allow process to run.
Reboot.

Hopefully this solves your problem. Let me know if you need anymore help.

 

[alleycat]

I'm found "fixes" for the problem, but they're not from the Microsoft website. If you used them you would have to do it at your own risk.

I'm still looking to see if Microsoft has something simple (like a fix you can just download).

 

[alleycat]

Your problem sounds like the exact same thing I had happen to a couple of our computers at home, and of course being the Tech Savvy family member I spent a couple hours trying to fix it.

I'm a Network Admin so I could explain the detailed process of finding registry files and OS file and editing them, but frankly it's a bother to do for anyone regardless of skill level.

What did work for me was booting in safe mode and then using windows system restore. Hopefully your PC will have set restore points whenever software or updates were installed (this is standard setting).

Steps:
Boot in safe mode.
Open windows menu.
Type "system restore" in search bar.
Select Program System Restore.
Choose your restore point. Either Recommended, or pick your own from all the points windows has saved.
Allow process to run.
Reboot.

System restore would probably be the best option IF she can get to it.

 

[Charles Farley]

Sorry to jump in . . system restore might be infected also.

When you say AV pop-ups what do you mean . . specifically?

 

[alleycat]

I'm a Network Admin so I could explain the detailed process of finding registry files and OS file and editing them, but frankly it's a bother to do for anyone regardless of skill level.

If you do have to step Kate though this, we need to make sure she's in a very calm state of mind.

Someone doesn't need to be editing their registry when they're frustrated and mad.

 

[Keisha Perry]

System restore would probably be the best option IF she can get to it.

We had the same virus and it let me run it ONLY when I booted in safe mode. The other boot options like normal, and safe with networking did not work. The trick may have been being disconnected from the internet, but it worked for two computers so it's worth a shot.

 

[alleycat]

Let's see if she can get to System Restore before offering any other options.

 

[Keisha Perry]

If you do have to step Kate though this, we need to make sure she's in a very calm state of mind.

Someone doesn't need to be editing their registry when they're frustrated and mad.

Heck! I got paid to edit registries and I still hate it. Windows can be such a pain.

 

[alleycat]

We had the same virus and it let me run it ONLY when I booted in safe mode. The other boot options like normal, and safe with networking did not work. The trick may have been being disconnected from the internet, but it worked for two computers so it's worth a shot.

Kate, try this if you can't get to System Restore normally.