Tech Support banner

Status
Not open for further replies.
1 - 11 of 11 Posts

·
Registered
Joined
·
82 Posts
Discussion Starter #1
Dell WinXP Computer has had the Task Manager hijacked along with some capabilities of Internet Explorer. Try to get to any popular search engine and a green page with a logo for "cPanel" pops up.

Something to do with a toolbar from Web Search is a strong possibility, however Web Search has been uninstalled.

Try to bring up Regedit and it disappears in about half a second.

The computer had several hundred spybots - cleared with Search and Destroy. It has active and updated McAfee - and is negative for virus scans.

I'm about to format the drive and begin again, but before I do, I thought I'd ask for suggestions.

With Regedit or the task manager, is there any way to get control of this computer?

Thanks.

Jon
 

·
Registered
Joined
·
5 Posts
I'm not VERY familiar with your problem, however I'd suggest going typing msconfig in the Run prompt, clicking on the Startup tab, and disabling everything you DON'T need when the computer boots up. Not only will this increase the boot time, it might stop some of those programs from loading.

I know I used to have a boot sector virus, and no matter what I did I couldn't get rid of the virus, so I had to reformat. Best of luck!
 

·
Registered
Joined
·
139 Posts
Yup. Sounds like you're gonna have to do a fresh reinstall. You probably had a virus and/or a Trojan that slipped through and did a lot of damage. You should also be running a firewall. Antivirus software won't stop everything from getting to your PC. Things can also slip by a firewall, but it will be much tougher for anything to get through.
 

·
Registered
Joined
·
14 Posts
jonjacobik said:
Dell WinXP Computer has had the Task Manager hijacked along with some capabilities of Internet Explorer. Try to get to any popular search engine and a green page with a logo for "cPanel" pops up.

Something to do with a toolbar from Web Search is a strong possibility, however Web Search has been uninstalled.

Try to bring up Regedit and it disappears in about half a second.

The computer had several hundred spybots - cleared with Search and Destroy. It has active and updated McAfee - and is negative for virus scans.

I'm about to format the drive and begin again, but before I do, I thought I'd ask for suggestions.

With Regedit or the task manager, is there any way to get control of this computer?

Thanks.

Jon
Hah! I had this same problem which was caused by the SAVENOW adware software. Like ne0n said run MSCONFIG from the START ---->> RUN menu and check for any programs that should not be there.

You can find a pretty complete list of startup applications and what they do Here.
 

·
Registered
Joined
·
82 Posts
Discussion Starter #6
Thanks . .

Thanks all.

I forgot to mention - this particular nasty highjacked MSCONFIG too. It launches and disappears in less than a second as does regedit.

The WebSearch folks offered a removal tool I'll try, but re-install looks like the appropriate action.

It's a customer's computer and I was called in too late to offer a firewall . . .something I don't like to recommend because the slow down the performance of the computer and are difficult and inefficient for most computer users.

I'd like to find a lawyer that would begin a class action suite against folks like Yahoo, WebSearch, and other hijackers. Only money will make them stop.
 

·
Registered
Joined
·
1 Posts
Had the same problem today.

These are the steps I had to take to get rid of the problem.
Open command prompt.
Run tasklist to see what process are running.
Stop anything Suspicious using the taskkill/pid **** /f command.
I had to use the /f command to forcefully stop the process from running.
Replace the **** with the process id number.
The process that I had to kill was winupdate.exe before I could get regedit to open and stay open.

After you can get regedit to stay open go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Delete the key/keys that have winsock2 in it and any other suspicious entries.
also goto runonce and check for keys there; although I found none on this machine.
The entry also points to the process that is causing the problem. I deleted this file from my windows\system32 folder.

Once done restart and run anti-virus.
If this does not help you may want to do a search on the W32.Klez virus and get removal tools for it.
 

·
Registered
Joined
·
1 Posts
Important!!!!

DO NOT reformat yet

go through these steps first and you probably won't have to go through the pain of reformatting and reinstalling everything

1. download Lavasoft's Ad-aware from www.lavasoftusa.com
update to the newest reference file, and run a FULL SYSTEM SCAN
you'll most likely find a bunch of stuff that Spybot MISSED.
Quarantine and delete all the harmful stuff that's found.

2. Now go to Start > Run, and type in "sfc/ scannow" without the quotes
this will scan your system for any vital system files that may have been messed up.

3. Reboot.

If this doesn't fix it, you may have to reformat....
only reformat as a LAST RESORT
 

·
TSF Team Emeritus, Microsoft Support
Joined
·
15,478 Posts
I agree with [email protected] on this one. Do not reformat yet.
They all have offered some good tools to use to rid of spyware, adware, viruses.
Using Housecall is in my experience well worth it even if you have an anti-virus installed and it came back clean.

SpyBot S&D 1.3 And: Adaware SE are both great programs that rid of spyware and adware.
Always check for updates in both of those.

I also use SpyWare Guard . SpywareGuard provides a real-time protection solution against spyware. SpywareGuard now also features Download Protection and Browser Hijacking Protection!

And I do not need an introduction for Zone Alarm . Their Easy-to-use firewall blocks hackers and other unknown threats. Stealth mode automatically makes your PC invisible to anyone on the Internet.

Lastly, as jgvernonco suggested, HiJackThis 1.99,a Hijacker detector and remover. And there are many skilled people in here to walk you step by step in removing what's causing your grief.

And the best of all, all these tools are all free to download. You can't get nothing for free anymore, but our help on this forum. :grin:

So I'm suggesting use these tools, clean up your pc before you decide to reformat.
 
1 - 11 of 11 Posts
Status
Not open for further replies.
Top