Re: Start up problem. Hangs. No entry in sys tray except time
- From: "Thota Umesh" <thotaumesh@xxxxxxx>
- Date: Wed, 19 Apr 2006 20:47:04 +0530
Restructuring:
hii some trojans drop multiple signatures (core virus files) on to ur system
and active, so that when one is deleted the other detects and creates it
back. Many single trojan file also are protected by its memory image (virus
running in memory) in the same manner.
One out of the box solution for this is if this is repeating again and again
what u can do is to notedown the file name use cmd to go to dos create a
garbage file in same directory and rename it to the trojan file name as soon
as the antivirus quarntines it or deletes it. so if any trojan in memory
detects missing file before it
generates it back u can create the file with r a s h attributes which wud
make editing or replacing the file so far difficult for many trojans so once
u reboot u will becompletely free from that trojan.
to do this process u need to have a bit of synchronising between ur
antivirus actions and ur dos actions just keep the command ready and hit
enter once u delete or
quarentine. that should fix the problem! Do Note: it rearly happens that
even after cleaning the trojan pops back. caz the antivirus also kills the
trojan resident in the memory. so other reason may be that you dont use a
firewall and these trojans are able to get into your system again and again.
do use windows defender and firewall (inc. in sp2) for additional
protection.
Hope this helps...,
Umesh Thota.
www.windowsworkshop.com
"Thota Umesh" <thotaumesh@xxxxxxx> wrote in message
news:uAiQAsiYGHA.4996@xxxxxxxxxxxxxxxxxxxxxxx
hii some trojans drop multiple signatures (core virus files) on to ur
system and active, so that when one is deleted the other detects and
creates it back. Many single trojan file also are protected by its memory
image (virus running in memory) in the same manner. One out of the box
solution for this is if this is repeating again and again what u can do is
to notedown the file name use cmd to go to dos create a garbage file in
same directory and rename it to the trojan file name as soon as the
antivirus quarntines it or deletes it. so if any trojan in memory detects
missing file before it generates it back u can create the file with r a s
h attributes which wud make editing or replacing the file so far difficult
for many trojans so once u reboot u will becompletely free from that
trojan. to do this process u need to have a bit of synchronising between
ur antivirus actions and ur dos actions just keep the command ready and
hit enter once u delete or quarentine. that should fix the problem! Do
Note: it rearly happens that even after cleaning the trojan pops back. caz
the antivirus also kills the trojan resident in the memory. so other
reason may be that you dont use a firewall and these trojans are able to
get into your system again and again. do use windows defender and firewall
(inc. in sp2) for additional protection.
Hope this helps...,
Umesh Thota.
www.windowsworkshop.com
"Sushil Kumar" <Sushil Kumar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:48D5A338-D612-45EF-B701-8634DDD38723@xxxxxxxxxxxxxxxx
Hi,
Thanks again for the response.
I tried ProcessExplorer. Its really a good software but it didnt not
solve
my problem. I Meanwhile observered something very strage.
I tried cleaning again using Avira Antivir. it detected 9 more
torajans.!!
I restarted my sytem 4-5 times cleanly but again i got the same problem
(now
it shows some icons in systray though). I again ran AntiVir it again
detected
and deleted some more tojans. (This time 7). Same procedures I followed
4-5
times. I am able to start system cleanly for for 4-5 times. Then again
missing icons in system tray. I log off and logg in again , run Antvir it
again detects 7-8 trojans.
It appears that these trojan appear again after some reboots. Hows that
possible?
Is it some self reproducing virus or something? These are detected in
C:\System Volume Information directory.
(In last scan I chose to move them to quarantine rather deleting them)
Follwoing is part of the AntiVir scan report.
C:\System Volume Information\MountPointManagerRemoteDatabase
[WARNING] The file could not be opened!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027802.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730505.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027821.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '40a3ec5e.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027840.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730506.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027859.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730507.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027878.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '40a3ec50.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027897.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730508.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027916.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '44730509.qua'!
C:\System Volume
Information\_restore{8C459B98-89AA-45F6-A5B9-323014416103}\RP90\A0027935.exe
[DETECTION] Is the Trojan horse TR/Dldr.FFZ.33
[INFO] The file was moved to '40a3ec52.qua'!
"Thota Umesh" wrote:
Thanks, you are welcome, when using onecare you were not able to connect
internet probably due to firewall settings if u are going to use antivir
i
suggest u to have windows defender installed. regarding ur startup issue
i
suggest to check the processes that are running using process explorer
that
way u can analize which application or process is causing the delay.
here's
the url : www.sysinternals.com/Utilities/ProcessExplorer.html
ps: the process using most of cpu are marked with red background.
Hope this helps...,
Happy Easter
Umesh Thota
www.windowsworkshop.com.
"Sushil" <Sushil@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DF2F3300-A856-41A0-86B1-66B7F2C406AB@xxxxxxxxxxxxxxxx
Well u r in concluding that my laptop still infacted. I installed
windowsonecare first which removed 2 trojans. But I could not connect
with
internet anymore. I tried many times. Checked all the setting but
could
not
make out anything. Finally I uninstalled it and I could get the
internet
access again. Then I installed "Avira Antivir" from www.freeav.com.
This
anti
virus looks prett y good. It detected 36 trojans, while other
antivirus
could
detect only 1 or two or none. Thanks for suggesting this.
My problem is still same. sometime when I startup the system I face
same
problem as I mentioned melow.
Thank you for the response anyway.
--
Sushil Kumar
"Thota Umesh" wrote:
Hii, you are still infected use a good antivirus and antispyware scan
www.windowsonecare.com or www.freeav.com both are very good!
antivirus
softwares & get windows defender here
[www.microsoft.com/athome/security/spyware/software/default.mspx] if
you
have installed windows onecare it shd install defender automatically.
"Sushil" <Sushil@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7FF228EA-FE01-4DD9-9360-D18577376250@xxxxxxxxxxxxxxxx
Hi All,
Whenever I start my XP, most of the time (not always) windows (sort
of)
hangs. No entry except time is display in system tray. I cant open
anything
thogh I can move my mouse. If I long off and login generally
problem
gets
resolved.
Note that this problem started after my PC got addwares like Torjan
horse
and Trojan.favadd.
Though later I removed these addwares using norten anti virus. But
this
problem is still continued.
Please help me to resolve this problem.
--
Sushil Kumar
.
- References:
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Thota Umesh
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Thota Umesh
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Sushil Kumar
- Re: Start up problem. Hangs. No entry in sys tray except time
- From: Thota Umesh
- Re: Start up problem. Hangs. No entry in sys tray except time
- Prev by Date: Re: CME II Client Application
- Next by Date: Re: CME II Client Application
- Previous by thread: Re: Start up problem. Hangs. No entry in sys tray except time
- Next by thread: Create color scheme?
- Index(es):
Relevant Pages
|
