Re: XP + MSN + Worm - System now unstable
- From: Elmo <elmogeek@xxxxxxxxxxxxx>
- Date: Wed, 25 Jul 2007 13:38:18 -0400
John Reinders wrote:
Hi,
The other day (Monday) my son inadvertently (and I have warned him about doing this) opened a file (zip containing a .scr) he received from someone he's known for awhile on MSN and low and behold his system became infected. AVG reported the offending worm as:
Trojan Horse Downloader Generic5.ETN and .SOZ Not sure of the actual name of it...
Infected files, vnttgb.exe, notify.dll, printers.exe, 1(l)p6fw.sys, DefLib.sys and oocmhxl.exe...
He ended up with multiple cascading MSN windows, he hit Ctrl Alt Del to stop it, he momentarily saw the process that was running, but then all processes disappeared from process manager? He no longer is able to use Ctrl Alt Del or the manager, and depending on what he is doing will end up with a BSOD because of a Stop Error... IRQL_Not_Less_Or_Equal
We have run AdAware, AVG multiple times - plus in safe mode and believe we have cleaned out the offending worm. We were unable to run HiJackThis, as it also caused the same BSOD? We have tried to do system restores and have gone back to multiple checkpoints in the last two weeks, but none were successful. The problem is his system is now unstable.
I'm assuming our best solution is to format the drive and reinstall XP?
Has any one else run across this one and is there a simpler solution to fix what is broke?
I would appreciate any suggestions and help you can offer.
Thank you, John
Try running the AVG software from Safe Mode. With Avast! you can schedule a bootscan which should run before any virus can disable the software.
--
Joe =o)
.
- References:
- XP + MSN + Worm - System now unstable
- From: John Reinders
- XP + MSN + Worm - System now unstable
- Prev by Date: Re: Blue highlighted text under desktop icons
- Next by Date: Re: Dual Booting
- Previous by thread: Re: XP + MSN + Worm - System now unstable
- Next by thread: Re: XP + MSN + Worm - System now unstable
- Index(es):
Relevant Pages
|
