Sign in with
Sign up | Sign in
Your question

reply ASAP, Virus problem

Last response: in Windows 95/98/ME
Share
Anonymous
August 27, 2005 7:22:02 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

Dear Sir/Madam,

I am posting this on behalf of a colleague who cannot access the internet.

Last week, my colleague got a virus on his computer. This was despite having
Norton anti-virus 2003 AND a firewall. He doesn't understand how the virus
could have managed this, and to be frank I cannot either, but I know he isn't
lying!

This virus disabled his Norton2003 and the firewall, before taking total
control of his computer. He now has around 100 viruses on his computer and
doesn't know what to do.

He used to be able to access his files in Safe Mode, but now even in Safe
Mode the computer is going ballistic and will not allow him to access his
files. So I just wanted to ask the following questions:

1. Is there any way he can regain control of his computer? (without losing
his files)

2. If no, then is there any way he can regain control of the computer after
losing all his files?

3. I suggested to him that perhaps he could try restoring it to factory
settings. He would lose all his files I know, but would it wipe off the
viruses? Also, how do you restore it to factory settings, is it done through
the BIOS? What key do you press on keyboard to get into BIOS on Windows ME?

If you have any suggestions, please do go ahead and say because my colleague
is in a bit of a mess right now. He's desperate to get back control of his
computer, he's even saying that he thinks hes got one of those viruses that
tell the creator of the virus everything the user is doing, and every single
key on keyboard he even presses. Please reply ASAP

Thankyou very much for your time, and have a lovely day.
Anonymous
August 27, 2005 11:44:03 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

From: "puthputh" <puthputh@discussions.microsoft.com>

There are anti virus News Groups specifically for this type of discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus

Replies are inline


| Dear Sir/Madam,


There are *many* volunteers here. Don't assume one. But I am glad you haven't assumed male
onl ;-)


| I am posting this on behalf of a colleague who cannot access the internet.
|
| Last week, my colleague got a virus on his computer. This was despite having
| Norton anti-virus 2003 AND a firewall. He doesn't understand how the virus
| could have managed this, and to be frank I cannot either, but I know he isn't
| lying!
|
| This virus disabled his Norton2003 and the firewall, before taking total
| control of his computer. He now has around 100 viruses on his computer and
| doesn't know what to do.
|


Many viruses now disable anti virus and FireWall applications.


| He used to be able to access his files in Safe Mode, but now even in Safe
| Mode the computer is going ballistic and will not allow him to access his
| files. So I just wanted to ask the following questions:


What do you mean "can't access his files" Is there a specific error message and if there
is... What is it ?


| 1. Is there any way he can regain control of his computer? (without losing
| his files)


Try cleaning the PC using various malware tools running them in Safe Mode as well as booting
off a WinME Emergency Boot Disk. At the end of this post I will give you details on one
such tool.


| 2. If no, then is there any way he can regain control of the computer after
| losing all his files?


There are many ways. One is to create a Ghost image of the infected platform and then wipe
the computer clean and reinstall the OS and all applications. Then restore data from the
Ghost backup.

Other ways are to completely clean the PC insitu and then repair problems in the OS.


| 3. I suggested to him that perhaps he could try restoring it to factory
| settings. He would lose all his files I know, but would it wipe off the
| viruses? Also, how do you restore it to factory settings, is it done through
| the BIOS? What key do you press on keyboard to get into BIOS on Windows ME?


Factory settings ? Depends on if the PC is an OEM version of WinME and if a CDROM was
provided by the vendor such that an image, as shipped from the factoty, is provided. If
not, then see my reply to #2.


| If you have any suggestions, please do go ahead and say because my colleague
| is in a bit of a mess right now. He's desperate to get back control of his
| computer, he's even saying that he thinks hes got one of those viruses that
| tell the creator of the virus everything the user is doing, and every single
| key on keyboard he even presses. Please reply ASAP
|
| Thankyou very much for your time, and have a lovely day.

Follow the below instructions. With the PC on the Internet, go through each module and
obtain the files for the scanners from Trend Micro, Sophos and McAfee. Then use a WinME
Emergency Boot Disk (or obtain a boot disk image from the web site in the tool's help file)
and run the DOS scanners from Sophos and Mcafee. Each will create a report of what viruses
were found and cleaned. Then after the DOS scanners are executed, boot the WinME PC and run
the tool again and then run the Trend micro module and run its Windows scanner.


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

It is a self-extracting ZIP file that contains the Kixtart Script Interpreter {
http://kixtart.org Kixtart is CareWare } three batch files, five Kixtart scripts, one Link
(.LNK) file, a PDF instruction file and two utilities; UNZIP.EXE and WGET.EXE. It will
simplify the process of using; Sophos, Trend and McAfee Anti Virus Command Line Scanners to
remove viruses, Trojans and various other malware.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode. This
way all the components can be downloaded from each AV vendor’s web site.
The choices are; Sophos, Trend, McAfee, Exit the menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

* * * Please report back your results * * *



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
!