Re: System atttack

From: Sarah (anonymous_at_discussions.microsoft.com)
Date: 02/10/04 

Date: Mon, 9 Feb 2004 16:12:16 -0800

Rich Moran writes:
>-----Original Message-----
>Anybody have any clues about one that affects the
>MINDEX.dll file? I am running Windows XP and am having
>problems not found anywhere else. I was surfing the web,
>and hit one site that rolled me over into about 6 or 7
>sites, got the anti-virus warning, and used the anti-
virus
>program to halt the advance into my system. I
immediately
>started closing the windows from the lower task bar once
>the Norton anti-virus warning window came up.
>
>Since I am running 2 ISP providers, one AOL the other
>RoadRunner, I am having some operational issues. I
>installed a spyware program, eliminated any imbedded
>spyware which there were several files, did the virus
>check, but found nothing there.
>
>When I start the computer, after all the windows checks,
>and the system is up, AOL kicks on automatically, and
asks
>me to log my password into a file to save for future
>reference. I think that this prompt is some kind of a
>program that would take control of the AOL account once
>the password would be stored into the system memory. The
>AOL account never tried to start automatically in the
>past, so there is something imbedded in the command
prompt
>making AOL start automatically.
>
>If on Micro-soft internet explorer, going to the AOL
>account (Reason for 2 accounts is too many business
cards
>with my e-mail address out there in the world) and
trying
>to get into the e-mail, the Explorer advises that it has
>to shut down due to a problem, and it refers back to a
dll
>file.
>
>At the control panel, I've shut off the system restore,
>delete all cookies and files. Then finding MINDSET.dll
>file that was created on the date the problem, I delete
>this to the recycle bin, and then delete. Reboot, go
back
>to control panel, and turn on system restore, and
>everything re-occurs again.
>
>I've tried this with the system restore off, delete
>reboot, system restore turned back on. No luck, tried it
>with system restore off, delete and then reboot, and
>reboot again, no luck. Whatever is imbedded in the files
>is in there deep.
>
>So is the outcome of this to go to DOS command and
FORMAT,
>and upload the programs from the restore discs?
>
>Thanks for any help.
>
>Rich Moran
>

     Might want to try a broader approach to resolving
this, before going through the trouble of a format:

     Tighten your security-
1) If you do not have a firewall, get and use one.
ZoneAlarm offers a free version:
http://www.zonelabs.com/store/content/home.jsp
2) Kick up the privacy and security settings on your
browser to the maximum that still allows you to do what
you need to.
3) Be sure that you have all critical Windows updates, to
remove known vulnerabilities:
http://v4.windowsupdate.microsoft.com/en/default.asp

     Add to your defenses-
1) Adaware and Spybot Search and destroy are free and
will remove spyware. You must keep them updated in order
for them to be effective. Set them to scan all files, and
scan frequently. AdAware is at:
http://www.lavasoftusa.com/software/adaware/
2) Use antivirus products with updated virus definitions.
Again, you need to be sure that they are set to scan all
files. If you are having trouble eliminating an infection
with one product, try the free online scans of others.
One online scan is Trend's Housecall:
http://housecall.trendmicro.com/housecall/start_corp.asp

     Get information-
     It sounds like you might want to look at the items
in startup. One (free)tool for that is WinPatrol:
http://www.winpatrol.com/

     If you still have trouble-
     If none of these suggestions helps, you might want
to create a log and let the folks at HijackThis see if
they can find the source of the problem. There is a
tutorial for doing that here:
http://mjc1.com/mirror/hjt/

-Sarah
This message transmitted on 100% recycled electrons.

Relevant Pages

  • Re: System atttack
    ... Dealing with Unwanted Spyware, Parasites, Toolbars and Search Engines ... I am running Windows XP and am having ... > and the system is up, AOL kicks on automatically, and asks ... > At the control panel, I've shut off the system restore, ...
    (microsoft.public.security.virus)
  • Re: System Restore Corrupted, wsh.inf Files Deleted
    ... He also tried to do a system restore from 3 months ... > He also uses AOL for broadband, so he has to connect to AOL first before ... > assume this is the Windows Scripting Host inf file. ... I think his AOL was corrupt anyway from him deleting files at random ...
    (microsoft.public.windowsxp.general)
  • Re: NIce WinXP Home Boots-Up VERY SLO-O-WLY and Paints Screen Slowly with Banding
    ... Also, in some cases, online scanners may detect a threat in the System Restore folder even though you scanned your computer with an antivirus program and did not find any infected files. ... For instructions on how to turn off System Restore, read your Windows documentation, or the article "How to turn off or turn on Windows XP System Restore" (END QUOTE) ... > Upon Reboot, nothing changed. ...
    (microsoft.public.windowsxp.basics)
  • System Restore Corrupted, wsh.inf Files Deleted
    ... He also tried to do a system restore from 3 months ... He also uses AOL for broadband, so he has to connect to AOL first before he ... assume this is the Windows Scripting Host inf file. ... SP2, so an in place upgrade will not work. ...
    (microsoft.public.windowsxp.general)
  • Re: Cant boot into Safe Mode
    ... Then in the left windows expand "local ... enable then okay and reboot. ... was in use although I am not running any virtual drives nor have ... system restore tab and check mark "turn off system restore on all ...
    (microsoft.public.windowsxp.general)
Quantcast