Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
>-----Original Message-----
>From: "Roger M" <anonymous@discussions.microsoft.com>
>
>| Recently had machines infected with this virus??? All
>| machines are of Dell manufacture on a LAN and are loaded
>| with XP-SP1. Syptoms include : cannot open word or excel
>| files; cannot edit registry; cannot perform software
>| updates of anykind & some websites will not load. Machines
>| preloaded with XP-SP2 do not appear to be affected. Thru
>| shear desparation, disconnected machines from network and
>| did a complete reload of XP from original CDs. Yes HD was
>| formatted during reload. Applied the folllowing patches:
>| WindowsXP-KB823980-X86-ENU, KB824146-X86-ENU &
>| KB835732-X86-ENU. Thought these would protect the new
>| install but found out that MSNPG came back almost
>| immediately. What did I miss? Has anyone run into this
>| one before and what is the "cure"? TIA.
>
>There are anti virus News Groups specifically for this
type of discussion.
>
> microsoft.public.scripting.virus.discussion
> microsoft.public.security.virus
> alt.comp.virus
> alt.comp.anti-virus
>
>What you missed in the installation of anti virus
software. If you did you would find that
>you would have protected your computers.
>
>You would have also found that the infector using
MSNPG.exe has a name. That name would
>help you find and remove the infector and prevent
re-infection and cross-contamination.
>
>Dump the contents of the IE Temporary Internet Folder
cache (TIF)
>
>start --> settings --> control panel --> internet options
--> delete files
>
>1) Download the following items...
>
> McAfee Stinger
> http://vil.nai.com/vil/stinger/
>
> BHOdemon
>
http://www.definitivesolutions.com/bhodemon.htm
>
> Trend Sysclean Package
>
http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend Pattern File.
>
http://www.trendmicro.com/download/pattern.asp
>
> Ad-aware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
>Create a directory.
>On drive "C:\"
>(e.g., "c:\New Folder")
>or the desktop
>(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
>Download Sysclean.com and place it in that directory.
>Download the Trend Pattern File by obtaining the ZIP file.
>For example; lpt540.zip
>
>Extract the contents of the ZIP file and place the
contents in the same directory as
>sysclean.com.
>
>2) Update Ad-aware with the latest definitions.
>3) Disable System Restore
>
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
>4) Reboot your PC into Safe Mode [F8 key during boot]
> and shutdown as many applications as possible.
>5) Using Trend Sysclean, Stinger and Ad-aware, perform
a Full Scan of your
> platform and clean/delete any infectors/parasites
found.
> (a few cycles may be needed)
>6) Restart your PC and perform a "final" Full Scan of
your platform using the three
> utilities; Trend Sysclean, Stinger and Adaware
>7) Re-enable System Restore and re-apply any System
Restore preferences,
> (e.g. HD space to use suggested 400 ~ 600MB),
>8) Reboot your PC.
>9) Install, execute and update BHOdemon and then scan
the platform and remove
> any unkown Browser Helper Objects.
>10) Create a new Restore point
>
>* * * Please report your results ! * * *
>
>
>--
>Dave
>http://www.claymania.com/removal-trojan-adware.html
>http://www.ik-cs.com/got-a-virus.htm
>
>
>.
>I appreciate your rapid reply & yes, I forgot to mention
that all did have up to date virus protection loaded and
running. Unfortunately, the virus was not detected. As I
mentioned before, I cannot perform any type of update or
loading of software on these machines, even in safe mode.
Any more thoughts
Facebook
Twitter
Instagram