Re: Nasty Virus
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 10/09/04
- Next message: David H. Lipman: "Re: z1.adserver.com pop-up"
- Previous message: Mike F: "Re: Nasty Virus"
- In reply to: Mike F: "Re: Nasty Virus"
- Next in thread: Mike F: "Re: Nasty Virus"
- Reply: Mike F: "Re: Nasty Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 9 Oct 2004 12:41:32 -0400
Yes. Have Adaware remove the parasites in Safe Mode and delete the hosts file.
You may have to cycle through this a few times.
Dave
"Mike F" <dancingwhelk@hotmail.com> wrote in message
news:1e8e01c4ae1a$af63ea00$a301280a@phx.gbl...
| Yeah I did all that, and the same problems are still
| there, the trendmicro program found nothing, and the
| adaware found a bunch, but just cydoor and stuff like
| that.
|
| The hosts file in my system32/drivers/etc folder has in
| it the sites that this virus won't let me access,
| symantec, windows update and such.
|
| Any other ideas, besides formatting?
|
|
| >-----Original Message-----
| >1) Download the following three items...
| >
| > Trend Sysclean Package
| > http://www.trendmicro.com/download/dcs.asp
| >
| > Latest Trend signature files.
| > http://www.trendmicro.com/download/pattern.asp
| >
| > Adaware SE
| > http://www.lavasoftusa.com/
| >
| >Create a directory.
| >On drive "C:\"
| >(e.g., "c:\New Folder")
| >or the desktop
| >(e.g., "C:\Documents and Settings\lipman\Desktop\New
| Folder")
| >
| >Download sysclean.com and place it in that directory.
| >Dowload the signature files (pattern files) by obtaining
| the ZIP file.
| >For example; lpt186.zip
| >
| >Extract the contents of the ZIP file and place the
| contents in the same directory as
| >sysclean.com.
| >
| >2) Update Adware with the latest definitions.
| >3) If you are using WinME or WinXP, disable System
| Restore
| >
| http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.ht
| m
| >4) Reboot your PC into Safe Mode
| >5) Using both the Trend Sysclean utility and
| Adaware, perform a Full Scan of your
| > platform and clean/delete any
| infectors/parasites found.
| >6) Restart your PC and perform a "final" Full Scan
| of your platform using both the
| > Trend Sysclean utility and Adaware
| >7) If you are using WinME or WinXP,Re-enable System
| Restore and re-apply any
| > System Restore preferences, (e.g. HD space
| to use suggested 400 ~ 600MB),
| >8) Reboot your PC.
| >9) If you are using WinME or WinXP, create a new
| Restore point
| >10) Please report back your results
| >
| >Dave
| >
| >
| >
| >
| >
| >"Mike F" <dancingwhelk@hotmail.com> wrote in message
| >news:32bc01c4ae09$78155860$a601280a@phx.gbl...
| >| I believe I have a trojan of some kind, it has changed
| my
| >| access on my registry so that I no longer have
| >| administrator privledges, it closes my browser
| whenever I
| >| load sites dealing with antivirus programs, it closes
| >| programs on my computer as well ( hijackthis, norton).
| >| it won't let me open regedit, msconfig or any other
| >| system programs. System restore won't work, safe mode
| >| still has same problems.
| >|
| >| Any ideas on how I can restore my administrator
| >| privledges so that I can fix this bug?
| >
| >
| >.
| >
- Next message: David H. Lipman: "Re: z1.adserver.com pop-up"
- Previous message: Mike F: "Re: Nasty Virus"
- In reply to: Mike F: "Re: Nasty Virus"
- Next in thread: Mike F: "Re: Nasty Virus"
- Reply: Mike F: "Re: Nasty Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
