re: frozen start menu and icons
Tuesday, October 25, 2005 at 10:12 am
Windows XP Annoyances Discussion Forum
Posted by jcw
(5124 messages posted)
This is difficult because of your having to work solely in the CP window, when we
really don't know all of the malicious files that need to be deleted. What we want
to try to do is to get you at least "unfrozen" so that you can reboot from the CP
window into safe mode and then use Windows to continue cleaning the system. Once
you think you may be "unfrozen", reboot from the CP environment into safe mode, not
normal mode, and then don't reboot again - keep the system on in safe mode only.
This could take a while. If you don't want to engage in this process, I don't know
of an alternative other than to use the CP window to copy to removable media the
data you don't want to lose, and then do a clean, fresh install of WinXP and then
your 3rd-party programs.
You said you don't have a firewall. You should not connect to the internet
without a firewall activated, at least the firewall built-in WinXP.
Did you delete a file, or a folder, called "Daily Weather Forecast"? If you
have a folder with that or a similar name that you don't recognize, you need to delete
the entire folder (not just the file) using the RMDIR command. Check
for proper syntax.
Can you find and delete in the CP window that file: C:\WINNT\Q50502281_disk.dll
?
Review the folders under Program Files and see if there are any there that you
don't recognize. But don't delete anything yet. Post back if anything looks suspicious.
You said you didn't delete because you couldn't find the “style32” registry entry
at the place you looked.
Look for it under:
» HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
(HKLM = HKEY_LOCAL_MACHINE)
Search in regedit for the following and any variants thereof, and if found, delete
them (if unsure of whether to delete, post back with what you found):
-- Daily Weather Forecast
-- style32
-- winstyle2.dll
-- winstyle2
In the meantime, I'll see what I can find on that TROJ_DLOADER.AHD you mentioned.
If you do get your system unfrozen so that you can boot into safe mode and work
in WinXP there, do the following:
close any open applications (presumably none are then open);
for every user-account on the computer, delete the temp files (in: Documents
and Settings\{user name}\Local Settings\Temp), although you may retain any temp
files that a user intentionally placed there and that you recognize as safe;
for every user-account on the computer, delete or clear the temporary internet
files, history, and cookies, although you may retain those cookies that are needed
and that you recognize as safe;
for every user-account on the computer, reduce to 10 mb the space for temporary
internet files (Internet Options --> General --> Temporary Internet files - Settings);
once your system is clean, you may increase that space setting as desired;
delete the files in the Windows\Prefetch folder;
delete the temp files in the Windows\Temp folder, although you may retain any
temp files that a user intentionally placed there and that you recognize as safe;
empty the recycle bin; and
disable (turn off) your WinXP system restore feature (yes, doing this will remove
all restore points, but once your system is clean, you may re-enable the system restore
feature and set a new restore point, if desired).
To disable system restore: Control Panel --> System --> System Restore -->
check: Turn Off System Restore --> click Apply or OK --> answer Yes to any follow-up
confirmation.
|
All messages in this thread [show all]
 | | | | | | |  |  | re: frozen start menu and icons (jcw: Tue, Oct 25, 2005, 10:12 am) |
| |
| |
| |
Return to the Windows XP Discussion Forum
|
|
