Re: Windows Me "User Connected"
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 02/22/05
- Next message: jack the lad: "Re: Win32/Mkar.K"
- Previous message: Stuart M: "Router"
- In reply to: Jim: "Re: Windows Me "User Connected""
- Next in thread: donnie: "Re: Windows Me "User Connected""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Feb 2005 21:52:58 GMT
1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Dowload the Trend Pattern File by obtaining the ZIP file.
For example; lpt436.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP, Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
* * * Please report your results ! * * *
-- Dave "Jim" <jimcraib@sanbrunocable.com> wrote in message news:111n89v8au8iv05@corp.supernews.com... | Here's the info form the log file: | | Source: C:\WINDOWS\TEMP\Installer2.exe | Description: The file C:\WINDOWS\TEMP\Installer2.exe is infected with the | Trojan dropper virus. | Click for more information about this virus | | Jim | | | "Jim" <jimcraib@sanbrunocable.com> wrote in message | news:111lalkm0iqrq17@corp.supernews.com... | > I had a strange message when I shutdown my PC today. The message said: | > | > "user TRIFACA connected. Do you still want to shutdown?" | > | > I assume someone accessed my PC but I'm not sure. A virus scan found a | > Trojan dropper that I suspect may be related. Can anyone out there tell | me | > what I encountered? Were my files accessed? | > | > Thanks for your help. | > | > -- | > Jim | > | > | |
- Next message: jack the lad: "Re: Win32/Mkar.K"
- Previous message: Stuart M: "Router"
- In reply to: Jim: "Re: Windows Me "User Connected""
- Next in thread: donnie: "Re: Windows Me "User Connected""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
