Re: Please Help! Aggressive Trojans
From: Doug (douginri_at_usadatanet.net)
Date: 06/30/04
- Next message: Kaylene aka Taurarian: "Re: media player 9.0"
- Previous message: OWEN: "Re: No boot again"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 30 Jun 2004 06:08:33 -0400
Hi Deidre-
Most computers manufactured with XP have a recovery partition known as RP (D:) drive. If you restart your PC, depending on your computer's bios program, it will present you the option to recover from the recovery partition, if you are able to it will probably ask you to press F10 or F1 during the startup and open the recovery partition program.
Additionally, you should try to see if you can run the antivirus program in Safe Mode, this may open the anti virus program without the gobble de gook, it is recomended by the anti viral programs manufacturer to run it in Safe Mode anyway.
Remember, the last thing you want to resort to is a complete destructive restore, and if you don't backup in a regular basis you can be out some important file and settings that you have saved along the way.
To run the anti viral program in Safe Mode do this:
Restart your computer and tap the F8 function key until it prompts you with a list of startup options, use the up/down arrows to select the Safe Mode option and press enter, this will start you computer in Safe Mode with limited programs, continue following the confirmation choices till it brings you to the desktop, from there you can select the anti viral program from your start menu.
If the av program doesnt run in safe mode, select the VGA mode from the startup options I previously mentioned and follow the same remaining steps.
If updated properly and regularly, the Norton AV program will remove the virus and correct your text problem, I know it works, I have had viruses and worms on my pc and after a few av scans it caught them and got my pc up and running like new again.
Another thing to do is to run all the maintenance you can after you have removed the virus-
Start>All Programs> Accessories> System Tools
Run the utilities in the following order with a reboot after each, rebooting doesn't hurt and in some cases, with the av program set to run at startup, it may surface a worm or boot malfunctions
Disk Clean Up - check to select all the boxes except compress, keep in mind that you don't want to do anything that might enable the worm or virus to hide and surface at a later date and often many of them are timed to do so
Purge Your Systems Cache - to do this:
Start> RUN - type cmd -it will open a black window with a dos prompt type cd c:\ -then at the new C:\ prompt type sfc/purgecache
-or you can do it this way-
Start> All Programs> Windows Support Tools> Command Prompt type cd c:\ -then at the new C:\ prompt type sfc/purgecache
this will take a few minutes, you will know when it's finished by the activity indicator light on the front of the CPU, and it's worth it, viruses like to hide in this place and can ressurect themselves from this memory
System File Checker - Start> RUN> type sfc /scannow -or if you cannot run the sytem file checker from RUN you can run it by doing this:
Start> RUN type cmd in the new black dos window that opens type cd C:\ at the new prompt type sfc/scannow
this will check the integrity of all the Windows System files and repair if necessary
Disk Defragmenter - This nifty tool is my favorite, it will sort through all the files on your hard drive, organize, condense them to free up space and remove any fragmented files (files that are broken apart or not valid any longer due to damage or otherwise) or lost files (files that are no longer in use becuase they out of place and have autmatically been replaced) YOU WILL NOTICE THE DIFFERENCE!
-think of this as attacking the virus-
When your virus is history and you are certain that there is no trace of if and your system is up and running like new again for a few days, run the System Restore Program and create a system restore point, to do this:
Start> All Programs> PC Help & Tools (the title of this console may vary from system to sytem depending on the manufacturer of your pc), if you can't find it there it will most likely be in the System Tools console previously mentioned, or in desperate cases you can intiate a search for SR with the XP search tool. When you eventually get to it select "Create A New System Restore Point" and give it a unique name that you can refer to in the event you need to get back to a good operating time.
When you have created the new restore point a good idea would be to remove all the previous restore points, you may accidently restore your pc to a time when it had the virus and this will also create some breathing room for your PC, to do this:
Start> All Programs> Accessories> System Tools> Disk Cleanup
at the disk cleanup manager click at the top tab that says "More Options" when the new window opens the third one at the botton will remove all but the most recent restore point removing old registry files that may also be infected.
Noting that you mentioned this is your daughters PC, she probably uses chat rooms and that is a complete danger zone for computers and infections, creeps like to hang out in them just for the satisfaction of being able to make someone's life miserable, what happens is that they send boot codes as instant messages that knock the user off the internet or make their computer crash by including worms with the boot codes, -take it form someone who has experienced it first hand. The remedy for this is to make sure that the antivirus program is setup for messenger services like Yahoo, MSN etc, I know Norton AV has the option to do so and even better is to have the Norton Personal Firewall that runs alongside the av program. Also another good to thing to do is to make sure your av program starts with the system, it will monitor what's going on in the background and at startup.
Hope this helps! -I found some of my best solutions to real intricate problems in this newsgroup and it is always my pleasure to help when I can....
All the best
Doug
Newport, RI
"Deidre" <unicornprincess_98@sbcglobal.net> wrote in message news:O55TsXTXEHA.1000@TK2MSFTNGP12.phx.gbl...
> Hello Carey:
>
> Thank you for responding so quickly!
>
> My daughter's system came with Windows XP Home Edition installed, and five
> recovery disks. Can you point me in the right direction for instructions on
> how to do a factory restore? Thank You so Much!
>
> Deidre
>
> "Carey Frisch [MVP]" <mrxp2004@nospamyahoo.com> wrote in message
> news:eoQktETXEHA.1048@tk2msftngp13.phx.gbl...
> > It appears the various viruses completed their dastardly mission and
> > have hopeless corrupted the Windows XP operating system files.
> > That's why it is extremely important to install a good antivirus program!
> >
> > At this point, all you can do is prepare for a "clean install".
> >
> > Use the following procedure for a "clean install" of Windows XP:
> >
> > The Windows XP CD is bootable and contains all the tools necessary
> > to partition and format your drive. Follow this procedure and allow
> > Windows XP to partition and format your drive:
> >
> > NOTE: It would be best to physically disconnect all your peripheral
> hardware
> > devices, except the monitor, mouse and keyboard, before
> installing XP.
> >
> > NOTE: If you have an internal Zip Drive installed, physically disconnect
> the
> > EIDE and power cable to it before proceeding, otherwise your
> main
> > hard drive may not be assigned the customary C: drive
> letter.
> > After installing Windows XP, you may then reconnect it.
> >
> > 1. Open your BIOS and set your "CD Drive as the first bootable device".
> >
> > ===> Accessing Motherboard BIOS
> > ===> http://www.michaelstevenstech.com/bios_manufacturer.htm
> >
> > 2. Insert your Windows XP CD in the CD Drive and reboot your computer.
> > 3. You'll see a message to boot to the CD....follow the instructions.
> > 4. The setup menu will appear and you should elect to delete all the
> existing
> > Windows partitions, then create a new partition, then format the
> primary
> > partition (preferably NTFS) and proceed to install Windows XP.
> >
> > 5. Clean Install Windows XP
> > http://michaelstevenstech.com/cleanxpinstall.html
> >
> > [Courtesy of Michael Stevens, MS-MVP]
> >
> > 6. ==> Immediately after installing Windows XP, turn on XP's Firewall.
> > ==> http://www.microsoft.com/security/protect/
> >
> > 7. After Windows XP is installed, visit the Windows Update website
> > and download the available "Critical Updates".
> >
> > 8. After installing the critical updates, be sure and visit the support
> website
> > of the manufacturer of the computer to download and install any
> > available Windows XP compatible drivers, such as video adapter
> > and audio drivers.
> >
> > 9. If you happen to run into any installation difficulties, use the
> following resources:
> >
> > How to Troubleshoot Windows XP Problems During Installation
> > http://support.microsoft.com/default.aspx?scid=kb;EN-US;310064
> >
> > Troubleshooting Windows XP Setup
> > http://www.kellys-korner-xp.com/xp_setup.htm
> >
> > [Courtesy of MS-MVP Kelly Theriot]
> >
> > To secure your computer and prevent possible future security breeches,
> > consider installing a first-rate, comprehensive, internet security
> program:
> >
> > Norton Internet Security 2004
> > http://www.symantec.com/sabu/nis/nis_pe/
> >
> > -- Includes Norton AntiVirus 2004
> > -- Includes Norton Personal Firewall
> > -- Includes prevention of annoying web pop-ups
> > -- Includes Parental Controls
> > -- All in one, easy-to-install package
> >
> > --
> > Carey Frisch
> > Microsoft MVP
> > Windows XP - Shell/User
> >
> > Be Smart! Protect your PC!
> > http://www.microsoft.com/security/protect/
> >
> > --------------------------------------------------------------------------
> --------
> >
> > "Deidre" <unicornprincess_98@sbcglobal.net> wrote in message:
> > news:ugkNgvSXEHA.3716@TK2MSFTNGP11.phx.gbl...
> >
> > | Hello:
> > |
> > | For two hours I have tried to repair my daughter's computer. She has
> the
> > | following trojans on her computer in the following locations.
> > |
> > | C:\HP\Vin\Terminator.exe - trojankillapp 30208
> > | C:\Windows\downloaded program files\install026.exe - Trojan.sectho
> > | C:\Windows\System32\gnucdna.davidlovelove - Win.exe virus
> > |
> > | You can see most icons on her computer, but nothing can be read [not
> titles,
> > | labels, etc]. The words are all gobble-de-gook. I have tried the
> Stinger
> > | program, No Adware, and Trojan Remover. None of these have worked.
> Cannot
> > | read anything in Add/Remove Software because of gobbled lettering.
> Tried to
> > | install Norton Antivirus but cannot read to complete installation.
> > |
> > | Can anyone PLEASE inform or suggest other methods to repair her
> computer.
> > | She is driving me NUTS! [Please keep me out of the looney-bin]
> > |
> > | Internet access is not an option at the moment. I cannot install my
> ISP's
> > | software to connect her to the Internet through my network.
> > |
> > | Thank you for any and all suggestions and information. Your assistance
> is
> > | Greatly Appreciated!
> > |
> > | Deidre
> >
>
>
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.712 / Virus Database: 468 - Release Date: 6/27/2004
- Next message: Kaylene aka Taurarian: "Re: media player 9.0"
- Previous message: OWEN: "Re: No boot again"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
