Re: cOOL
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 12/06/04
- Next message: paintpearl: "Re: cOOL"
- Previous message: paintpearl: "Re: cOOL"
- In reply to: paintpearl: "Re: cOOL"
- Next in thread: paintpearl: "Re: cOOL"
- Reply: paintpearl: "Re: cOOL"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 5 Dec 2004 22:14:29 -0500
Read the following URL.
http://www.liutilities.com/products/wintaskspro/processlibrary/tgcmd/
Dave
"paintpearl" <paintpearl@discussions.microsoft.com> wrote in message
news:42EB9D4F-B075-4A44-A971-0E67EDCB20B3@microsoft.com...
| Hey David,I think I finally got it fixed.I then went to update 3 patches from
| my manufactuer(Sony Vaio).Then I downloaded the Service Pack 2 and so far it
| is working fine.Let me ask you one final question(hopefully...lol).After I
| restarted my computer after the Servive Pack 2,I was asked by the security
| pop up did I want to continue to block tgcmd Module.I answered yes,was this
| the correct thing to do?What exactly is a tgcmd Module?Thanks for all your
| help.You have been so kind and patient with a dummy like me.
|
| "David H. Lipman" wrote:
|
| > To create a subdirectory (folder)...
| > Double Click on "My Computer" --> Double Click on drive "C:"
| > Right click --> New --> Folder
| >
| > That will create "c:\new folder"
| >
| >
| > http://www.trendmicro.com/download/dcs.asp
| > Download SYSCLEAN.COM and save SYSCLEAN.COM in "c:\new folder"
| >
| > http://www.trendmicro.com/download/pattern.asp
| > Download "lpt281.zip"
| > Open in WinZIP or other decompression utility and extract "lpt$vpn.281" and save
lpt$vpn.281
| > in "c:\new folder"
| >
| > Dave
| >
| >
| >
| >
| > "paintpearl" <paintpearl@discussions.microsoft.com> wrote in message
| > news:DDFC4CC9-E9D1-4A5D-A0E6-AD056C4EBB7F@microsoft.com...
| > | Thanks for all your help David.I got 2 questions for you.The first is how do
| > | i create a directory in drice C? I am a dummy when it comes to computer
| > | lingo.The 2nd question is when I try to download the latest Trend Pattern
| > | file it don't do nothing.The file that my sysclean is asking for is the
| > | "LPT.$VPN.*".What to do here?
| > |
| > | "David H. Lipman" wrote:
| > |
| > | > Please try the following to remove "Trojan IRC", and "SDBot" anmd "Spybot" worms.
| > | > The DSO Exploit that SpyBot S&D detected is a False Positive declaration.
| > | >
| > | >
| > | > 1) Download the following four items...
| > | >
| > | > McAfee Stinger
| > | > http://vil.nai.com/vil/stinger/
| > | >
| > | > Trend Sysclean Package
| > | > http://www.trendmicro.com/download/dcs.asp
| > | >
| > | > Latest Trend Pattern File.
| > | > http://www.trendmicro.com/download/pattern.asp
| > | >
| > | > Adaware SE (free personal version v1.05)
| > | > http://www.lavasoftusa.com/
| > | >
| > | > Create a directory.
| > | > On drive "C:\"
| > | > (e.g., "c:\New Folder")
| > | > or the desktop
| > | > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
| > | >
| > | > Download Sysclean.com and place it in that directory.
| > | > Download the Trend Pattern File by obtaining the ZIP file.
| > | > For example; lpt281.zip
| > | >
| > | > Extract the contents of the ZIP file and place the contents in the same directory as
| > | > sysclean.com.
| > | >
| > | > 2) Update Adaware with the latest definitions.
| > | > 3) If you are using WinME or WinXP, disable System Restore
| > | > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
| > | > 4) Reboot your PC into Safe Mode
| > | > 5) Using Trend Sysclean, Stinger and Adaware, perform a Full Scan of your
| > | > platform and clean/delete any infectors/parasites found.
| > | > (a few cycles may be needed)
| > | > 6) Restart your PC and perform a "final" Full Scan of your platform using the
three
| > | > utilities; Trend Sysclean, Stinger and Adaware
| > | > 7) If you are using WinME or WinXP, Re-enable System Restore and re-apply any
| > | > System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
| > | > 8) Reboot your PC.
| > | > 9) If you are using WinME or WinXP, create a new Restore point
| > | >
| > | >
| > | >
| > | > * * * Please report your results ! * * *
| > | >
| > | > Dave
| > | >
| > | >
| > | >
| > | >
| > | >
| > | >
| > | >
| > | > "paintpearl" <paintpearl@discussions.microsoft.com> wrote in message
| > | > news:05C3CBC7-82F2-4A56-B2C3-712FF31323F7@microsoft.com...
| > | > | Ok guys.I have done the safe mode thing.I ran my Spybot Search and Destroy.It
| > | > | found 3 entries which were DSO Exploit.I did the repair thing on these and it
| > | > | said it repaired the 3 items.Then I ran my CWShredder.It said that the
| > | > | CoolWeb was not found on my system,yet it is there in my programs list in the
| > | > | control panel under add/remove programs.The only thing I did not understand
| > | > | was how to make sure I am showing "all hidden files and extensions" in the
| > | > | folder options.What folder options,and how do I get there.Any more help from
| > | > | you guys?I am really aggravated with this.How do I get rid of the Trojan IRC
| > | > | virus?You guys have been so friendly.Thanks for your patience and help.
| > | > |
| > | > | "Malke" wrote:
| > | > |
| > | > | > paintpearl wrote:
| > | > | >
| > | > | > > Does anyone know how to get rid of this program?It will pop up and my
| > | > | > > Norton 2005 anti-virus will tell me about some viruses.Any help?
| > | > | >
| > | > | > You haven't given us a lot of information to work with, so do these
| > | > | > malware troubleshooting steps. All scans should be done in Safe Mode.
| > | > | > Links follow the steps.
| > | > | >
| > | > | > 1) Scan in Safe Mode with current version (not earlier than 2003)
| > | > | > antivirus using updated definitions.
| > | > | >
| > | > | > 2) Remove spyware with Spybot Search & Destroy and Ad-aware. These
| > | > | > programs are free, so use them both since they complement each other.
| > | > | > There is a new version of CWShredder from Intermute. I would not
| > | > | > install the other Intermute programs, however. Alternately, there are
| > | > | > CoolWebSearch malware removal steps at SilentRunners.
| > | > | >
| > | > | > Be sure to update these programs before running, and it is a good idea
| > | > | > to do virus/spyware scans in Safe Mode. Make sure you are able to see
| > | > | > all hidden files and extensions (View tab in Folder Options).
| > | > | >
| > | > | > HijackThis is an excellent tool to discover and disable hijackers, but
| > | > | > it requires expert skill. See below for HijackThis links. A combination
| > | > | > of HijackThis and About:Buster works well in removing the About:Blank
| > | > | > homepage hijacker. Again, this is an expert tool and novices should get
| > | > | > help with it.
| > | > | >
| > | > | > 3) If you are running Windows ME or XP, you should disable/enable System
| > | > | > Restore because malware will be in the Restore Points. With ME, you
| > | > | > must disable System Restore completely. With XP, you can delete all but
| > | > | > the most recent (presumably clean) System Restore point from the More
| > | > | > Options section of Disk Cleanup (Run>cleanmgr).
| > | > | >
| > | > | > 4) Make sure you've visited Windows Update and applied all security
| > | > | > patches. Do not install driver updates from Windows Update.
| > | > | >
| > | > | > 5) Run a firewall.
| > | > | >
| > | > | > Links to help with malware:
| > | > | >
| > | > | > Software/Methods:
| > | > | > http://www.safer-networking.org - Spybot Search & Destroy
| > | > | > http://www.lavasoftusa.com - Ad-aware
| > | > | > http://www.majorgeeks.com - good download site
| > | > | > http://www.intermute.com/spysubtract/cwshredder_download.html
| > | > | > http://www.silentrunners.org/sr_cwsremoval.html. - SilentRunners
| > | > | >
| > | > | > HijackThis:
| > | > | > http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Jim
| > | > | > Eshelman
| > | > | > http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
| > | > | > forum
| > | > | > http://www.wilderssecurity.com/
| > | > | > http://forums.tomcoyote.org/
| > | > | > http://www.spywareinfo.com/forums/
| > | > | >
| > | > | > General:
| > | > | > http://forum.aumha.org/ - look under "Security" for various forums
| > | > | > http://rgharper.mvps.org/cleanit.htm
| > | > | > http://mvps.org/winhelp2002/unwanted.htm
| > | > | > http://www.aumha.org/a/parasite.htm - The Parasite Fight
| > | > | > http://www.spywarewarrior.com/rogue_anti-spyware.htm
| > | > | >
| > | > | > Malke
| > | > | > --
| > | > | > MS MVP - Windows Shell/User
| > | > | > Elephant Boy Computers
| > | > | > www.elephantboycomputers.com
| > | > | > "Don't Panic!"
| > | > | >
| > | >
| > | >
| > | >
| >
| >
| >
- Next message: paintpearl: "Re: cOOL"
- Previous message: paintpearl: "Re: cOOL"
- In reply to: paintpearl: "Re: cOOL"
- Next in thread: paintpearl: "Re: cOOL"
- Reply: paintpearl: "Re: cOOL"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
