Re: Infected!
From: Br0wnbear (brownbearat_at_canadadotcom.net)
Date: 11/27/04
- Next message: eknodule: "RE: Spy or Adware that power off PCs?"
- Previous message: David H. Lipman: "Re: Macafee antivirus software"
- In reply to: Avril H: "Infected!"
- Next in thread: Avril H: "Re: Infected!"
- Reply: Avril H: "Re: Infected!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Nov 2004 10:05:14 -0500
On Sat, 27 Nov 2004 00:33:02 -0800, "Avril H" <Avril
H@discussions.microsoft.com> wrote:
>Have reloaded Windows twice this week and still have problems, e.g Trojan
>horse Downloader.Small.9.X and IRC/Backdoor.SdBot.71.AU, antivirus is
>attending to them but they just keep coming back, I'm have no clue how to
>permanently remove them. I also get error messages from dddf.exe which opens
>on it's own - what is this file?? Can anyone help?
Yes we can.
Where is the dddf.exe file located? When do you get the error message
for the dddf.exe file?
As far as the two trojans go, they are probably in the startup section
of your registry or in your system restore. I am going to assume the
dddf.exe file is trying to run at startup.
Lets deal with the trojans first. (chances are the dddf.exe file is
one of them or an older version of spyware that didn't get cleaned
properly)
Check windows startup. Select Start > Run and type MSCONFIG .
You will see a startup tab on the right.
Select that.
If you do not know what the service is then disable it. If you are
unsure of all of them then just disable all. You can turn things back
on afterwards. Save the changes and DO NOT RESTART THE COMPUTER YET.
Turn off system restore. Right click on "My computer", select
properties. Select the System restore Tab.
Select "Turn off System Restore"
Download all the information in David Lipmans post.
Now you can restart the machine but restart the machine in Safe mode
and follow David's instructions for cleaning the machine.
After the machine has been cleaned up, restart the machine in normal
configuration.
Check the start up programs and turn on what you think you will need
to auto start and can't live without by manually turning it on when
you need it.
Reset the System restore to build a new check point.
hth
John Brown
"Bears have more fun, we hibern8 alot"
- Next message: eknodule: "RE: Spy or Adware that power off PCs?"
- Previous message: David H. Lipman: "Re: Macafee antivirus software"
- In reply to: Avril H: "Infected!"
- Next in thread: Avril H: "Re: Infected!"
- Reply: Avril H: "Re: Infected!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
