Welcome to WebmasterWorld Guest from 54.145.44.134

Forum Moderators: bill

Message Too Old, No Replies

command line crash

Windows XP Pro

     

dbarasuk

12:13 pm on Dec 12, 2009 (gmt 0)

5+ Year Member



Dear all,

I am addressing this problem that is above my knowledge to get solved.

I recently put my computer on the internet to get the lastest software since my copy of windows is genuine.

From that time on, i could any more do any system restore. Any attempt gave me an error saying that : System restore has been disabled by Group Policy, Contact your network Administrator.

Moreover, When i click on the black icon (of the command line) on the Boot menu to write commands or even use other software that i interact with using the command line tool, this one show up for less that a second before it dies away. Another problem is the fact that i cannot use the right click to display any right click related options.

The only improvement ive got from updating my copy of windows is speed improvement. I am very glad for this because its a bit faster.

Please,
help, what should i do at least to fix the command line box? I have MySQL installed on this PC and i interact with it using the command line, so i am very stuck.

Help

kaled

1:17 pm on Dec 12, 2009 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



It sounds like your system is badly compromised - what security software is installed?

1) You should backup your work (and verify the backup).
2) Your copy of Windows may be genuine, but perhaps you are running something else which is not. You should try to identify the rogue program (starting with a full virus scan).
3) Others may recognise the symptoms you have described and may be able to offer a simple solution, however, I recommend a clean install of Windows from CD (not a repair install). Then, keep the system as clean as possible with no unnecessary software.
4) Consider partitioning your hard disk and installing another copy of Windows. That way, you should always have a working system.

Kaled.

dbarasuk

12:35 pm on Dec 13, 2009 (gmt 0)

5+ Year Member



i am sure there is no virus. My hard drive is partitionned and the problem occurs on the other part of the hard drive too. When it happened for the first time i completely reinstalled windows. The very first time, the command line run with no problem, the subsequent requests crashed.
thanks.

bill

1:35 am on Dec 14, 2009 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I'd agree with kaled. Your description sounds like a seriously compromised machine.

i am sure there is no virus. My hard drive is partitionned and the problem occurs on the other part of the hard drive too.

How are you sure there is no virus/hijack/trojan/rootkit at work here?

What does a partitioned hard disk have to do with this? You may need to explain your setup in more detail.

dbarasuk

5:23 pm on Dec 14, 2009 (gmt 0)

5+ Year Member



I have Windows Defender (From Microsoft Itself) running and it has never found any virus. I Think no other antivirus cannot protect better a copy of windows than that one.

kaled

6:14 pm on Dec 14, 2009 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Defender is not adequate, not even close.

You need a full anti-virus solution - try AVG (free edition).
You need a firewall. The standard XP firewall can block intrusions (as might a firewall in your router) however, a firewall that blocks outgoing connections to the internet is advisable - try ZoneAlarm (free edition).

Kaled.

bill

4:59 am on Dec 15, 2009 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Windows Defender isn't anti-virus software. It's a spyware checker. It was superceded by Microsoft Security Essentials, which does have anti-virus checking.

However, it is probably too late with your current setup if it has already been compromised. In that case I could only recommend a clean install of Windows.

Lexur

6:56 am on Dec 15, 2009 (gmt 0)

5+ Year Member



If your system is compromised (and I think too it is), you could try Malwarebytes. It worked once for me where other failed and it's free..

dbarasuk

5:34 pm on Dec 15, 2009 (gmt 0)

5+ Year Member



I tried the solution of Lexur. I run Malwarebytes and indeed it found 3 threats as follows:

Vendor: Hijack.CMDPrompt
Category: Registry Value
Element: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Command Processor\Autorun . This key is set to the value "Exit" Is this probably the reason why the command prompt disappears when activated? How can I make a correction?

The second corrupted data is as follows:
Vendor: Disable.Recycle
Category: Registry Data
Element: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecycleFiles

Third infected data was:

Vendor: Disable.Recycle
Category: Registry Data
Element: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecycleFiles

After that, I deleted the infected files as suggested by the Malwarebytes software, booted the system but found again the infected elements

Then someone at my work place suggested to make a repair installation with the genuine CD. I did it but the same problems occurred anew.

WHat can I do?

Thanks

kaled

11:36 pm on Dec 15, 2009 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



What can I do?
  1. Backup your work (and verify backup).
  2. Perform a full, clean, reinstall of Windows (not a repair).
    It is not absolutely necessary to format the hard disk. You may keep work but do not open any files until you have performed a full virus scan (after the anti-virus software has fully updated itself following installation).
  3. Install anti-virus software (e.g. AVG free edition) and, I would also recommend a firewall that can block outward connections (e.g. ZoneAlarm free edition which is easy to use or Comodo which is effective but poorly designed in some regards).
  4. Use Firefox rather than Internet Explorer.
  5. If you currently use Outlook Express then consider switching to Thunderbird (but set aside an hour to get to know it because setting up is very different).
  6. In future, be more careful, and be aware that anti-virus and anti-spyware products are not infallible.

Kaled.