Re: trojan has infected my laptop my laptop

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 01/25/05 

Date: Tue, 25 Jan 2005 10:19:24 -0500

1) Download the following four items...

         McAfee Stinger
         http://vil.nai.com/vil/stinger/

         Trend Sysclean Package
         http://www.trendmicro.com/download/dcs.asp

         Latest Trend Pattern File.
         http://www.trendmicro.com/download/pattern.asp

         Adaware SE (free personal version v1.05)
         http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt369.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM .

2) Update Adaware with the latest definitions.
3) Disable System Restore
        http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode [F8 key during boot]
         and shutdown as many applications as possible.
5) Using Trend Sysclean, Stinger and Adaware, perform a Full Scan of your
        platform and clean/delete any infectors/parasites found.
        (a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using the three
        utilities; Trend Sysclean, Stinger and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
        (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point

* * * Please report your results ! * * *

Dave
http://www.claymania.com/removal-trojan-adware.html

"trey braid" <treybraid@discussions.microsoft.com> wrote in message
news:9AA37CB6-583D-4137-848F-A3089E4FEB26@microsoft.com...
| hey ive posted a couple of time's in reference to my laptop being infected
| with a trojan preventing me from accessing the following:
| 1. i cant access the microsoft update's website
| 2. i cant go to any antivirus website or even install a program- the window
| will flicker or the program will start installing then disappear...
| 3. the process's window in my task manage is completely greyed out...
| 4 i cant access the security center or windows firewall via the control
| panel- again when i double click the window will open and then disappear...
| 5. when i choose start-run and type: regedit to check the registry nothing
| happens... will not pull so i can look at the registry settings...
| 6 when i choose -start and type in the messenger services nothing pulls as
| well...
|
| i recently was told to go to the " aumha " forums and did post and someone
| told me to download cws shredder and adware se... ran the fix on cws
| shredder and it get's stuck on the " cws - therealsearch " telling me it had
| to shutdown... i have run adware se and it tells me ive got 2 registry
| issue's which are below...something has altered my registry...
|
| Vendor:Windows
| Category:Vulnerability
| Object Type:RegData
| Size:34 Bytes
| Location:software\microsoft\windows nt\currentversion\winlogon "Shell"
| (explorer.exe,drvinit16.exe -shell)
| Last Activity:1-23-2005
| Risk Level:Low
| TAC index:3
| Comment:Shell Possibly Compromised
| Description:General Windows Security Issue. Your system security may be
| compromised. The specifics of the possible compromised item are listed in the
| comments section.
|
| Vendor:Windows
| Category:Vulnerability
| Object Type:RegData
| Size:4 Bytes
| Location:...\software\microsoft\windows\currentversion\policies\system
| "DisableRegistryTools" ()
| Last Activity:1-23-2005
| Risk Level:Low
| TAC index:3
| Comment:Possible unintended lockout from Registry Editor (Regedit access
| disabled)
| Description:General Windows Security Issue. Your system security may be
| compromised. The specifics of the possible compromised item are listed in the
| comments section.
|
| please help...
| thanks
| trey

Relevant Pages

  • trojan has infected my laptop my laptop
    ... the process's window in my task manage is completely greyed out... ... i cant access the security center or windows firewall via the control ... will not pull so i can look at the registry settings... ... Description:General Windows Security Issue. ...
    (microsoft.public.windowsupdate)
  • Re: Folders views keep changing
    ... How did that Registry value get changed in the first place? ... Chances are it was done by one or more of your security applications. ... "Detailed" and keep resetting the size of the window to 3/4 the page ...
    (microsoft.public.windowsxp.general)
  • Re: Annoying start up message
    ... Looking through the registry I came across this: ... A Symantec professional should respond to you regarding this issue ... You can download the Intelligent Updater file ... etc does not eliminate this very annoying window. ...
    (microsoft.public.windowsxp.general)
  • Firespoofing [Firefox 1.0]
    ... download dialogs by partly covering them with a popup window. ... The PoC is designed for Firefox 1.0 running in a maximized window. ... Shows how to cover a download dialog and fool the user to execute a file ... Part 2 - security dialog spoofing ...
    (NT-Bugtraq)
  • [Full-Disclosure] Firespoofing [Firefox 1.0]
    ... download dialogs by partly covering them with a popup window. ... The PoC is designed for Firefox 1.0 running in a maximized window. ... Shows how to cover a download dialog and fool the user to execute a file ... Part 2 - security dialog spoofing ...
    (Full-Disclosure)