XP blank desktop – explorer.exe not loading (virut)

A friend of mine dropped off her Compaq laptop the other day, apparently it had been running slow and a friend of hers came round and “did stuff” to “sort it” – unfortunately it didn’t go to plan, and instead of the system performance improving as a result of the activity – it deteriorated to the stage where XP would display a blank desktop on startup (as in no taskbar, start menu, desktop shortcuts or anything).

So this was the state it was in when I got it. Here’s what I did:

Step 1: Get access to Windows Explorer
Hit ctrl-alt-delete – this only worked after leaving it alone for a couple of minutes after boot-up. Click “File>New Task (run) and type “explorer”. This brings up the windows desktop furniture.

Step 2: Find out why it isn’t loading
I wondered what her friend did.. I looked at the most recent installed apps in Programme files – there was an app called “TuneUp Utilities 2009″. A likely suspect I thought. In the wrong hands these tweak/tuneup utils can do more harm than good. I loaded up the app and undid all the “fixes”

Step 3: Check a little deeper
Restoring the TuneUp files didn’t solve the explorer.exe problem, so I figured that something else must be up with it. I suspected malware. I have rescued several Windows systems from malware (spyware, trojans etc) before using a great bit of software called MalwareBytes AntiMalware. I couldn’t get the faulty system to read the installer from my USB drive, so I had to burn it off onto CD. While I was doing that – I also stuck ‘FixShell‘ on there (a visual basic script that restores explorer.exe to the XP shell).

Step 4: Safe mode scanning
I restarted the PC and hit F8 repeatedly as the laptop started up, which brought up the XP menu with the option to load ‘safe mode’. I did this and logged in as administrator (which for some reason had not appeared during normal startup). This time it loaded up with explorer.exe no problem. I ran MalwareBytes AntiMalware quick-scan and it picked up 27 items. Some were trojans, mentions of rootkit (eek) and other registry entries (including disabling security centre). I opted to ‘fix’ them all and restarted again as prompted (some nasty bits of malware can only be deleted on boot). This still did not fix the issue. I ran another scan just in case. It found a few more bits. Restart.

Step 5. Manual(ish) restore of explorer.exe
…. this is where it got quite interesting… after several unsuccessful attempts to restore command.exe, including creating a slipstreamed SP3 disc to run sfc /scannow – I finally installed Avast Antivirus Home Edition and did a boot time scan (AVG8 was already installed but I removed it, finally realising it hadn’t done its job). Avast picked up lots of win32:JunkPoly infections. JunkPoly is Avast speak for Virut.

Virut is bad.

Very bad.

Worse than bad – it’s terminal.

Format and reinstall is the only option. Backing up is risky.

So now I need to get the photos off, scan them thoroughly and format the hard-drive and reinstall XP.

It probably came from a P2P service, somehow got passed AVG8 (outdated virus def probably), and started infecting the system with all kinds of malware.

Just downloading Ubuntu now – will attempt to back the data up tomorrow…

Plan Bee

Plan Bee logo

Bees pollinate a third of the food we eat. They are essential for farming and if we wanted to do the pollinating work ourselves – it would take a workforce of 30 million. And that’s just for food – bees also pollinate most wildflowers.

In the United States over a million hives have been lost since 2006 due to Colony Collapse Disorder – a very mysterious condition. Apparently, we don’t have it in the UK yet – but even so, 2008 was the worst year for bees in the UK – with up to 30% of hives not surviving the winter.

I can’t begin to imagine a world without bees. Or some of this stuff:

Alfalfa, Allspice, Almonds, Apples, Artichoke, Asparagus, Avocado, Blackberries, Blueberries, Broccoli, Brussel sprouts, Cabbage, Cacao, Cantaloupe, Caraway, Cardamom, Carrots, Cashew, Cauliflower, Celeriac, Celery, Cherries, Chicory, Chives, Cinnamon, Citrus, Coriander, Cranberries, Cucumbers, Currants, Dill, Fennel, Garlic, Gooseberries, Kale, Leek, Macadamia, Mango, Mustard, Nutmeg, Onion, Parsley, Parsnip, Passion fruit, Peaches, Pears, Plum, Pumpkin, Radish, Raspberries, Squash, Sunflower, Tangerine, Tea, and Watermelon to name a few. Not forgetting honey and beeswax of course.

There are things we can do – the Co-op has taken the initiative and set up a campaign called Plan Bee, along with a website that provides lots more information, and a couple of videos if you prefer to watch than read. (hopefully they will enable embedding at some point)

I applaud what they are doing, and attempting to do, and strongly encourage everyone to see what they can do to give the bees a hand whenever I can, so I thought I would take this opportunity too :)

Through Plan Bee:
1. The Co-operative Food will temporarily prohibit the use of neonicotinoid-based pesticides on own-brand fresh produce. These are Acetamiprid, Clothianidin, Dinotefuran, Fipronil, Imidacloprid, Nitenpyram, Thiacloprid and Thiamethoxam. To find out about The
Co-operative’s market-leading policy on pesticides, please see our latest Sustainability Report (p.95).

2. £150,000 will be made available to support research into the demise of the honeybee, with a particular focus on UK farming, pesticides and gene-diversity. This is the largest ever private contribution to bee research in the UK.

3. Over three years The Co-operative Farms will trial a new wildflower seed mix that will be planted alongside crops on our farms across the UK.

4. The Co-operative Farms will invite beekeepers to establish hives on all our farms in the UK.

5. The Co-operative will engage our three-million members in a campaign to protect and nurture the bee population in the UK, with advice and tips featuring on our website.

6. Members were invited to attend one of 40 screenings of a special preview from a forthcoming film that addresses the decline of the worldwide bee population and the significance of the bee in food production. In addition, The Co-operative has also commissioned a new bespoke documentary on the decline of the bee population in the UK.

7. The Co-operative will partner with RSPB’s ‘Homes for Wildlife’ team and empower members to garden in ways that are honeybee-friendly.

8. An initial 20,000 packets of wildflower seed mix will be distributed to members free of charge at membership events throughout the UK.

9. Bee boxes are being sourced and made available to The Co-operative members at discounted prices. Find out how to get hold of a discounted bee box.

10. The Co-operative will support our members and colleagues to find out more about amateur beekeeping and will encourage links between local beekeepers and members. Find details of your nearest beekeeping association.

Also – there is a documentary worth watching called “Who Killed the Honey Bee” showing on BBC4 starting on Thu 23 Apr 2009 at 21:00, with repeat showings. It will also be available on iPlayer.

The state of Police

Oh. My. God.

I am still reeling at this. It would be bad enough if a protester was assaulted by police, but this was an innocent man who worked in the area being callously attacked by one of our boys in blue. He died approximately 3 minutes later.

Despite the fact that under European human rights’ laws the police are required to actively protect the public’s right to peaceful protest, here we see a gross abuse of police powers, if not the kind of mindless aggression that the police are supposed to protect innocent members of the public from.

The police had bizarrely been talking up the potential for violence in the weeks up to the G20 protests, which one can only presume was strategic scare-mongering in order to frighten ‘normal’ people away from the demo, but it doesn’t seem to have worked out quite as planned.

If the footage had not been submitted to the Guardian – would we ever have heard the details surround Ian Tomlinson’s tragic death? I seriously doubt it, despite there being numerous (?) CCTV cameras and police witnesses. It even turns out that the IPCC wanted the video taken down from the Guardian website.

I suspect (and sincerely hope) that this will lead to a shake down of the increasing hard-line legislation being churned out by Jacki Smith and her cronies, and a serious change in police tactics regarding reasonable force, officer identification and culpability.

Technically speaking – the filming of this incident by a member of public is probably illegal, thanks to recent anti-terror legislation.

The Guardian has compiled a ‘rogue’s gallery’ with videos of heavy-handed policing at the G20 demo – worth checking out if you think that the Tomlinson tragedy was an isolated incident.