Re: windows xp new files and missing files help

From: Malke (malke_at_nospoonnotreally.com)
Date: 10/22/04

Next message: Andrew E.: "RE: DirectX Issue"
Previous message: Andrew E.: "RE: Accessing files on a removed Hard Disk"
In reply to: balou: "windows xp new files and missing files help"
Next in thread: balou: "Re: windows xp new files and missing files help"
Reply: balou: "Re: windows xp new files and missing files help"
Messages sorted by: [ date ] [ thread ]

Date: Fri, 22 Oct 2004 15:33:22 -0700

balou wrote:

> after a recent trojan was found on my pc i have lost the folder
> "windows" in my "C" drive.... any ideas where this has gone????
>
> other issues are some files are trying to access the internet through
> my firewall these are as follows:-
> gir1cz.exe
> \ih5mi.exe
> ld6.exe
> fvbx.exe
>
> if anyone can offer any help on this issue please leave a message as
> it is driving me mad????

Your computer is still infected. Since you didn't tell us how you
cleaned the computer, it's impossible to specifically address your
issues. Here are some general steps:

Start by running TrendMicro's Sysclean antivirus tool:

TrendMicro's Sysclean is an extensive antivirus tool which has the
advantage of not needing to be installed. It requires two parts - the
scanning engine and the virus pattern files.

1. Create a new folder on your Desktop or the C: drive named something
useful like "Sysclean".
2. Go here and download the two parts of the program to that folder:

http://www.trendmicro.com/download/dcs.asp - Sysclean
http://www.trendmicro.com/download/pattern.asp - virus pattern files

The pattern files will be zipped - extract them with your unzipper (like
WinZip) or if you have XP, you can just open the folder. You need to
put the extracted files in the Sysclean folder you made.

3. Restart your computer in Safe Mode. Get into Safe Mode by repeatedly
tapping the F8 key as the computer is starting up to get to the proper
menu.
4. Go to the Sysclean folder you made and double-click on sysclean.com.
Start the scan. After the scan is finished, look at the log. You may
need to make a note of where any viruses were found if they were not
able to be removed so you can manually delete them.

1) Now you should be able to install a full-featured, current version
(not earlier than 2003) antivirus. Get updated definitions and scan in
Safe Mode.

Continue your cleaning of other non-viral malware:

2) remove spyware with Spybot Search & Destroy
(www.safer-networking.org) and Ad-aware (www.lavasoftusa.com). These
programs are free, so use them both since they complement each other.
You may also want to run CWShredder and HijackThis from
http://aumha.org/freeware.htm. Although CWShredder is no longer being
updated, it will still clean older variants of the CoolWebSearch
malware. If you do not have success with this, there are new removal
steps at http://www.silentrunners.org/sr_cwsremoval.html. A combination
of HijackThis and About:Buster (http://www.majorgeeks.com) works well
in removing homepage hijackers. Always read the instructions before
running a spyware removal tool. Be sure to update these programs before
running, and it is a good idea to do virus/spyware scans in Safe Mode.
Make sure you are able to see all hidden files and extensions (View tab
in Folder Options);
3) If you are running Windows ME or XP, you should disable/enable System
Restore because malware will be in the Restore Points. With ME, you
must disable System Restore completely. With XP, you can delete all but
the most recent (presumably clean) System Restore point from the More
Options section of Disk Cleanup (Run>cleanmgr).
4) make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update;

Malke

-- 
MS MVP - Windows Shell/User
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"

Next message: Andrew E.: "RE: DirectX Issue"
Previous message: Andrew E.: "RE: Accessing files on a removed Hard Disk"
In reply to: balou: "windows xp new files and missing files help"
Next in thread: balou: "Re: windows xp new files and missing files help"
Reply: balou: "Re: windows xp new files and missing files help"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Problem with IE and programs
... > Can not reach system restore either, as it is blank as well. ... TrendMicro's Sysclean is an extensive antivirus tool which has the ... scanning engine and the virus pattern files. ... Go here and download the two parts of the program to that folder: ...
(microsoft.public.windowsxp.general)
RE: XP Problem cant open Task Manager and a few others
... >> There are no System Restore points before this happened. ... Download TrendMicro's Sysclean, burn to cd-r, and take it to the sick ... Create a new folder on your Desktop or the C: ... Restart your computer in Safe Mode. ...
(microsoft.public.windowsxp.general)
Re: virus problem
... > prompts me to this virus but cannot delete it. ... *not* contained only in System Restore points. ... Mode with TrendMicro's Sysclean: ... Create a new folder on your Desktop or the C: ...
(microsoft.public.windowsxp.security_admin)
Re: Internet Traffic
... > off system restore, and restart in safe mode to delete these files. ... TrendMicro's Sysclean is an extensive antivirus tool which has the ... Create a new folder on your Desktop or the C: ... Restart your computer in Safe Mode. ...
(microsoft.public.security.virus)
Re: help
... than 2003 using updated virus definitions)in Safe Mode. ... Windows Update. ... TrendMicro's Sysclean is a fairly extensive tool which has the advantage ... Create a new folder on your Desktop or the C: ...
(microsoft.public.security.virus)