Re: any-find & win min ?
From: david (david_at_AAAA.net)
Date: 10/18/04
- Previous message: Br0wnbear: "Re: Backdoor.MLink"
- In reply to: David H. Lipman: "Re: any-find & win min ?"
- Next in thread: Br0wnbear: "Re: any-find & win min ?"
- Reply: Br0wnbear: "Re: any-find & win min ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 18 Oct 2004 07:44:18 -0700
David,
Thanks for your answer; however, I am still looking for any-find removal and
win min fix info.
David
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:%23eoj73LtEHA.1220@TK2MSFTNGP10.phx.gbl...
> David:
>
> You are on the right track. Just keep at it.
>
> If Sysclean took a very long time, there must be *many* files on this PC.
> Dump the IE cache. Then set it to no more than 10MB. Dump the TEMP
> directories as well.
> %windir%\temp
> C:\Documents and Settings\-USER_PROFILE-\Local Settings\Temp
>
> Are you sure McAfee/AVERT Stinger detected "Backdoor-BDD" ?
> Stinger's documentation indicates it targets: "BackDoor-AQJ",
> "BackDoor-CFB", "BackDoor-CHR"
> and "BackDoor-JZ"
> BackDoor-AQJ --
> Trojan -- http://vil.nai.com/vil/content/v_101702.htm -- Companion worm,
> Lovgate
> BackDoor-CHR --
> Trojan -- http://vil.nai.com/vil/content/v_127617.htm -- Companion worm,
> Mydoom
> BackDoor-JZ --
> Trojan -- http://vil.nai.com/vil/content/v_98963.htm -- Companion worm,
> deborm
>
> To find out if a program (Trojan ?) is opening ports. Obtain the free
> utility,
> TCPVIEW.EXE - http://www.sysinternals.com/
> It will show the name and parth of a program and what port it opens
> (listening on).
>
> Dave L.
>
>
>
>
> "david" <david@AAAA.net> wrote in message
> news:u7DUptLtEHA.3564@tk2msftngp13.phx.gbl...
> | A "friend" has a dell 4300 winxpsp1 and asked me to upgrade it to sp2.
> | However, he had not used safe hex and it would not even connect to the
> | internet. I installed and ran in safe mode CWShredder, Trend Micro
> | Sysclean, and About:Buster. He also had SpyBot, and AdAware which I
> ran.
> | The last two did not have the latest update because he could not
> connect. I
> | then ran all of them in the normal mode. Then I ran WinsockFix and was
> able
> | to connect!
> |
> | I was worried because About:Buster kept finding random registry entries
> and
> | Sysclean found Troj_Agent.el but could not clean it. I then ran the
> latest
> | Stinger and it found Backdoor-BDD. Based on a later google search,
> these
> | maybe the same. I did not have time to run a third sysclean scan to
> verify
> | it. I updated Spybot, AdAware, SpyWareBlaster and deleted hosts.bho and
> | installed the latest MVP HOSTS.
> |
> | When I rebooted, the END PROGRAM WIN MIN box came up, did its
> countdown,
> | and I had to click "End Task" to reboot. When I connected to the
> internet,
> | the home page was "Any-Find.com." I changed it to MSN.com and could
> operate
> | OK but when I rebooted again, the WIN MIN box came up and the next
> internet
> | connection had Any-Find as the home page until I changed it again.
> |
> | I ran the updated Spybot and cleaned the one thing it found but I left
> the
> | AdAware scan for him. After 4 hours, I ran out of time. Sysclean is a
> long
> | scan! I did do a HiJackThis scan first thing but did not clean anything
> | because I thought Sysclean would get everything. I guess that was
> wrong.
> |
> | My friend has been told to leave the computer on and practice safe hex
> or NO
> | MORE HELP.
> |
> | At home, I search on google for instruction to clean out Any-Find.com
> and
> | how to fix the WIN MIN problem. I saw several different instruction and
> | copied two but I am confused.
> |
> | So I am asking for help. Does anyone have a procedure to fix these two
> | items or a link to a site that has a good method that I can use? Also,
> any
> | additional suggestions short of putting the computer and my friend in
> the
> | trash? The firewall is on but I did not check the ports. One response
> on
> | google said that Any-Find opens one of them. Also, I will install an AV
> | program next time. No time today.
> |
> | David
> |
> |
>
>
- Previous message: Br0wnbear: "Re: Backdoor.MLink"
- In reply to: David H. Lipman: "Re: any-find & win min ?"
- Next in thread: Br0wnbear: "Re: any-find & win min ?"
- Reply: Br0wnbear: "Re: any-find & win min ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
