Re: Start up problem. Hangs. No entry in sys tray except time
- From: "Thota Umesh" <thotaumesh@xxxxxxx>
- Date: Mon, 17 Apr 2006 19:57:32 +0530
hii some trojans drop multiple signatures (core virus files) on to ur system
and active, so that when one is deleted the other detects and creates it
back. Many single trojan file also are protected by its memory image (virus
running in memory) in the same manner. One out of the box solution for this
is if this is repeating again and again what u can do is to notedown the
file name use cmd to go to dos create a garbage file in same directory and
rename it to the trojan file name as soon as the antivirus quarntines it or
deletes it. so if any trojan in memory detects missing file before it
generates it back u can create the file with r a s h attributes which wud
make editing or replacing the file so far difficult for many trojans so once
u reboot u will becompletely free from that trojan. to do this process u
need to have a bit of synchronising between ur antivirus actions and ur dos
actions just keep the command ready and hit enter once u delete or
quarentine. that should fix the problem! Do Note: it rearly happens that
even after cleaning the trojan pops back. caz the antivirus also kills the
trojan resident in the memory. so other reason may be that you dont use a
firewall and these trojans are able to get into your system again and again.
do use windows defender and firewall (inc. in sp2) for additional
protection.
Hope this helps...,
Umesh Thota.
www.windowsworkshop.com
"Sushil Kumar" <Sushil Kumar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:48D5A338-D612-45EF-B701-8634DDD38723@xxxxxxxxxxxxxxxx
Hi,
Thanks again for the response.
I tried ProcessExplorer. Its really a good software but it didnt not
solve
my problem. I Meanwhile observered something very strage.
I tried cleaning again using Avira Antivir. it detected 9 more
torajans.!!
I restarted my sytem 4-5 times cleanly but again i got the same problem
(now
it shows some icons in systray though). I again ran AntiVir it again
detected
and deleted some more tojans. (This time 7). Same procedures I followed
4-5
times. I am able to start system cleanly for for 4-5 times. Then again
missing icons in system tray. I log off and logg in again , run Antvir it
again detects 7-8 trojans.
It appears that these trojan appear again after some reboots. Hows that
possible?
Is it some self reproducing virus or something? These are detected in
C:\System Volume Information directory.
(In last scan I chose to move them to quarantine rather deleting them)
Follwoing is part of the AntiVir scan report.
C:\System Volume Information\MountPointManagerRemoteDatabase
[WARNING] The file could not be opened!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027802.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730505.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027821.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '40a3ec5e.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027840.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730506.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027859.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730507.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027878.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '40a3ec50.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027897.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730508.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027916.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730509.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027935.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '40a3ec52.qua'!
"Thota Umesh" wrote:
Thanks, you are welcome, when using onecare you were not able to connect
internet probably due to firewall settings if u are going to use antivir
i
suggest u to have windows defender installed. regarding ur startup issue
i
suggest to check the processes that are running using process explorer
that
way u can analize which application or process is causing the delay.
here's
the url : www.sysinternals.com/Utilities/ProcessExplorer.html
ps: the process using most of cpu are marked with red background.
Hope this helps...,
Happy Easter
Umesh Thota
www.windowsworkshop.com.
"Sushil" <Sushil@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DF2F3300-A856-41A0-86B1-66B7F2C406AB@xxxxxxxxxxxxxxxx
Well u r in concluding that my laptop still infacted. I installed
windowsonecare first which removed 2 trojans. But I could not connect
with
internet anymore. I tried many times. Checked all the setting but could
not
make out anything. Finally I uninstalled it and I could get the
internet
access again. Then I installed "Avira Antivir" from www.freeav.com.
This
anti
virus looks prett y good. It detected 36 trojans, while other antivirus
could
detect only 1 or two or none. Thanks for suggesting this.
My problem is still same. sometime when I startup the system I face
same
problem as I mentioned melow.
Thank you for the response anyway.
--
Sushil Kumar
"Thota Umesh" wrote:
Hii, you are still infected use a good antivirus and antispyware scan
www.windowsonecare.com or www.freeav.com both are very good! antivirus
softwares & get windows defender here
[www.microsoft.com/athome/security/spyware/software/default.mspx] if
you
have installed windows onecare it shd install defender automatically.
"Sushil" <Sushil@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7FF228EA-FE01-4DD9-9360-D18577376250@xxxxxxxxxxxxxxxx
Hi All,
Whenever I start my XP, most of the time (not always) windows (sort
of)
hangs. No entry except time is display in system tray. I cant open
anything
thogh I can move my mouse. If I long off and login generally problem
gets
resolved.
Note that this problem started after my PC got addwares like Torjan
horse
and Trojan.favadd.
Though later I removed these addwares using norten anti virus. But
this
problem is still continued.
Please help me to resolve this problem.
--
Sushil Kumar
.
- Follow-Ups:
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Thota Umesh
- Re: Start up problem. Hangs. No entry in sys tray except time
- References:
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Thota Umesh
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Thota Umesh
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Sushil Kumar
- Re: Start up problem. Hangs. No entry in sys tray except time
- Prev by Date: Re: Start up problem. Hangs. No entry in sys tray except time
- Next by Date: Re: product ID
- Previous by thread: Re: Start up problem. Hangs. No entry in sys tray except time
- Next by thread: Re: Start up problem. Hangs. No entry in sys tray except time
- Index(es):
Relevant Pages
|
