Author Archives: Administrator

Missing Control Panel on XP

A recent WinSys virus caused the control panel on an XP system to go missing.

There are two way to try and restore it:

1) Right click on the Start.
2) Click Properties.
3) Select the Start Menu tab.
4) Select Customize.
5) Go through the list. If you’re lucky, you’ll see Control Panel that you can check.

If the above doesn’t work, then try this set of procedures I found on http://www.annoyances.org/exec/forum/winxp/1191368503

1) Click Start, Run and type “regedit.exe” Press {ENTER}
2) Navigate to the following branch:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explor­er

3) Backup the key by exporting it (from the File menu, choose Export) as a REG file.

4) In the right pane of the above key, delete the value named “NoControlPanel” (if found)

5) Repeat the same in this branch:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explo­rer

6) Exit the Registry Editor.

The second procedure worked for me.

Winsys.exe Virus Unable To Run Regedit

Winsys.exe virus recented infected one of my customer’s computers. Two side effects:

1) Regedit is disabled.
2) No Control Panel under the start menu.

Boot to Safe Mode and run SDFix.exe. You can download it from this site:

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

You may also need to run Hijackthis to remove a regedit disable key. Run Hijackthis and search for regedit. Check off the item to remove it.

This should allow you to run Regedit.

To restore the Control Panel, see the next posting.

Java Byte Verify Exploit and Shinwow

Here’s one way to clean out any of these java related viruses:

Trojan.ByteVerify
VerifierBug.class
Java.JJBlack worm
Java.Shinwow trojan

These are malicious applets that are getting loaded into the java cache directory.

You can clear the java cache by going to Control Panel > Java > Delete Files under the Temporary Internet Files section.

Outlook Has Slow Keyboard Response

If you are running either Outlook 2000 or Outlook 2003 and notice a slow keyboard response, the problem may be the Windows update for Internet Explorer KB931768. Remove the patch and the problem will often be resolved.

If not, other users have mentioned these fixes:

  • Remove Spybot
  • Change from HTML to plain-text format
  • Change the Outlook Tools/Options/Security/Security Zones to Internet
  • Uninstall Windows update KB930916

Disable Windows Messenger

I got tired of looking at that Windows Messenger icon in the tool tray so I found a way to stop it from loading.

http://support.microsoft.com/kb/302089

You need to edit the registry so be careful!

In addition, you may want to disable the Windows Messenger Service, which sounds similar although it serves a different function. Still, it’s another source of possible spyware and viruses so you might as well disable it.

This program from all around super-tech guru Steve Gibson will do the trick. http://www.grc.com/stm/shootthemessenger.htm

Office Application Keeps Trying To Install

This is annoying: Sometimes an installation goes haywire and whenever you reboot your computer or run a particular application you get the Microsoft Office installation message asking you to insert a CD. Even after running Cleanup and clearing out the Windows cache you still get the install message.

One way to clean this up is the Installation Cleanup Utility. You can find it here:

http://support.microsoft.com/kb/290301

This program works great on Office installs and just about any other installation.

How To Remove ad.yieldmanager.com Popup Spyware

This details how I was able to remove one of my most difficult spyware popup infections to date: ad.yieldmanager.com.

This insidious spyware was extremely persistent, avoiding cleaning by my normal set of favorite cleaners: Kaspersky, AVG Antivirus, AVG Antispyware, Spybot, Ad-Aware, Panda Online, HijackThis, l2mfix, VundoFix, Easy Cleaner, CleanUp!, and ewido.net.

At first it was even difficult to identify the type of spyware because the popups didn’t leave many clues other than an occasional “New Offer” popup window. However, after letting the PC system “ferment” a little to let the spyware infestation spread, the ad.yieldmanager.com signature appeared in one of the windows.

The best removal sequence I found came mostly from this site: http://www.pchell.com/support/smitfraud.shtml where I followed the steps for removing SmitFraud. I took a guess on this because I saw an earlier SpySheriff infection on the system and I was thinking that perhaps it was not entirely removed.

The set of cleaners I ran from Safe Mode in this order were:

SmitRem by NoahdFear – http://noahdfear.geekstogo.com/

SmitFraudFix – http://siri.geekstogo.com/SmitfraudFix.php

RogueRemover – http://www.majorgeeks.com/RogueRemover_d5360.html

Aproposfix – http://swandog46.geekstogo.com/aproposfix.exe

HijackThis – http://www.merijn.org/files/hijackthis.zip

CCleaner – http://www.ccleaner.com/

CleanUp! – http://www.stevengould.org/software/cleanup/download.html

Easy Cleaner – http://personal.inet.fi/business/toniarts/ecleane.htm

Of the set of cleaners I ran, I think RogueRemover and Aproposfix were the critical programs for this particular spyware infection.

After running all these cleaners the ad.yieldmanager.com spyware was removed completely.

 


 
Here are a couple products you might want to consider for keeping your PC clean from further ad.yieldmanager infections.

1) First, the best anti-virus program on the market — in my view — is Kaspersky. It’s not as well known as some of the more heavily marketed antivirus programs like Norton and McAfee.

However, I like it because it catches a lot more viruses than Norton and McAfee and it is also a much smaller program. Norton is especially taxing on the system and there is a VERY noticeable slowdown of your PC when you have Norton installed.

The cheapest prices I’ve seen for Kaspersky Antivirus or Kaspersky Internet Security is on eBay. Make sure the seller has a lot of positive feedback when you make your purchase and you’ll save some bucks.

[phpbay]kaspersky, 5, “”, “”[/phpbay]

FREE registration on eBay and you can start saving right away.

2) Second, you should check out this RegCure registry cleaner. It’s a no-frills registry cleaner and has performed quite well in user tests.

Try a FREE RegCure Scan Today!