Since a recent Trojan/rootkit attack, I have been unable to access Safe Mode properly by pressing F5 in the conventional manner. Once Windows has launched fully and the Start button is visible I can then access Safe Mode via Run\msconfig. If I use the conventional F5 method, the initial Safe Mode options appear but I am unable to move the cursor up to my preferred choice e.g. Safe Mode with networking. I have, as far as I judge, successfully removed the offending Trojan/rootkit using AdwCleaner. To be on the safe side, I also temporarily disable System Restore and then reenabled it.
I have also run:
Subinacl.msi – from the MS website
Reset.zip
By way of background, (this is not an exact account, but gives you a rough idea of the sequence of events as far as I can recall) I initially realised that my PC had suffered some type of attack when the mouse became unusable, shooting to the top left of the monitor. After restarting in Safe Mode I was able to run System Restore, which appeared to have fixed the problem. However, a day or so later the computer suddenly displayed a black screen and appeared to have suffered a hardware failure. I restarted it in successfully in Safe Mode, shut down and restarted normally, but the problem was repeated. I then attempted to restart in Safe Mode but was confronted with a screen requesting that I press F2 to enter setup – which probably unwisely I did. The machine then briefly entered the BIOS, but was uncontrollable and then restarted. I assume something malicious took place during that time. I was then able to restart, but the machine was running very fast and noisily and System Idle Process and WPFFCache4.000.exe(or similar) were taking large amounts of resources. I smelt a large rat, disabled WPFFC...exe and eventually managed to access Safe Mode via Run & msconfig sys. Having run a variety of scans, which found nothing, I finally ran AdwCleaner, which, as I expected discovered and removed a pile of dodgy stuff from the registry, since when the machine has run excellently, with the single exception that Safe Mode is still behaving abnormally. I assume some component has been altered/deleted, which ideally I would like to restore.
I am running:
Windows XP Sp3
MS Office 2007
AVG 2014 free edition
Spybot – latest edition
SpywareBlaster – latest updates
+ lots of other programs.
Any suggestions as how to correct this problem would be most helpful.
Milo
I have also run:
Subinacl.msi – from the MS website
Reset.zip
By way of background, (this is not an exact account, but gives you a rough idea of the sequence of events as far as I can recall) I initially realised that my PC had suffered some type of attack when the mouse became unusable, shooting to the top left of the monitor. After restarting in Safe Mode I was able to run System Restore, which appeared to have fixed the problem. However, a day or so later the computer suddenly displayed a black screen and appeared to have suffered a hardware failure. I restarted it in successfully in Safe Mode, shut down and restarted normally, but the problem was repeated. I then attempted to restart in Safe Mode but was confronted with a screen requesting that I press F2 to enter setup – which probably unwisely I did. The machine then briefly entered the BIOS, but was uncontrollable and then restarted. I assume something malicious took place during that time. I was then able to restart, but the machine was running very fast and noisily and System Idle Process and WPFFCache4.000.exe(or similar) were taking large amounts of resources. I smelt a large rat, disabled WPFFC...exe and eventually managed to access Safe Mode via Run & msconfig sys. Having run a variety of scans, which found nothing, I finally ran AdwCleaner, which, as I expected discovered and removed a pile of dodgy stuff from the registry, since when the machine has run excellently, with the single exception that Safe Mode is still behaving abnormally. I assume some component has been altered/deleted, which ideally I would like to restore.
I am running:
Windows XP Sp3
MS Office 2007
AVG 2014 free edition
Spybot – latest edition
SpywareBlaster – latest updates
+ lots of other programs.
Any suggestions as how to correct this problem would be most helpful.
Milo
Facebook
Twitter
Instagram