Virus attack has crippled me

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi,

I have a home PC multibooted with XP and Vista.I normally use XP as
lots of software doesnt yet work properly with vista.My problem is
that I was running my Xp without antivirus software for two
weeks.Everything was nearly fine till I installed Norton 360 and it
detected W32.Lecna.A,Invader trojan,win32.Virut.A,Downloader
trojan ,win32.brontok.q,trojan.generic,win32.Lecna.c .
I have handled lots of viruses before and have successfully cleaned
lots before but this time ,after I rebooted the PC with the newly
installed norton 360,it refuses to log in.
   It logs in and then logs off.I tried the built in administrator
account and my account also,but no luck.It simply fails to log in.I
guess one of the viruses has affected the winlogon service.Safe mode
wont also work.


What can be done so that I can gain access ? I can login to vista and
it shows no problems.Can I scan from Vista and clean XP as well as
the
hard drives.It's getting really frustrating.I dont want to format
because I have so many apps installed,that It would take a really
long
time to get everything installed.


Hope you  guys can help me out...


Rgds,
Nandan


Re: Virus attack has crippled me

Quoted text here. Click to load it

==========
First - practice safe hex.   Second - practice safe hex!

System restore turned off?

hijackthis - *DO NOT* post the log here though.

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Hook up the drive as a slave and try cleaning it.

You can also try Lipman's


Re: Virus attack has crippled me


Quoted text here. Click to load it

Out of interest why turn system restore off, is it
because nasty stuff can hide there?



Re: Virus attack has crippled me

"M25" wrote in message
Quoted text here. Click to load it

Why would you think system files that are included in a System Restore
snapshot could never be infected?


Re: Virus attack has crippled me

says...
Quoted text here. Click to load it

I turn System Restore off, re-boot, then turn it back on, to purge possibly
infected restore points.
But: AFTER finishing the cleanup.
Before that, I may _need_ System Restore to get back to something (anything!)
that actually works.

--
Snob? Were I a snob, I wouldn't be talking to you.

Re: Virus attack has crippled me

On Fri, 14 Sep 2007 14:12:10 -0000, Duh_OZ wrote:
Quoted text here. Click to load it

Valuable advice from an AV expert, David H. Lipman
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Question:
"Is it advisable to turn off System Restore while cleaning the OS using
AV/A-S, and if so, when do you turn it off and then on?
Also is it was recommended to delete all restore point during this
procedure?"

Answer(David H. Lipman):
"I used to be convinced that one should dump the System restore cache PRIOR
to cleaning a system.  However after many discussions and based upon
personal tests and experience, I have come to the conclusion that this
should be done AFTER a system is cleaned.

Here's the problem.  Most malware  are binary files that the System Restore
cache will create a backup of in restore points.  When one gets infected,
copies of the infector are now stored in the System Restore cache.  If you
clean the system then restore to a prior Restore Point that contains
infectors, the OS become re-infected.

If you clean a PC and don't expect to restore to a previous Restore Point
then eventually the infected files will cache-out.  In that situation, one
does NOT need to dump the System Restore cache.

If you dump the System Restore cache PRIOR to cleaning the system, you will
also remove a fall back point.  That is, if during the cleanup the system
becomes unstable, you will not be able to restore the system from a
previous Restore Point.  If you did restore the system
back to that state, you can clean the system differently such that the
system won't become unstable and/or unusable.  Thus an infected Restore
Point is better than no Restore Point at all.

Later, when the system is cleaned and verified to be stable, you can then
dump the System Restore cache, reboot the PC and then re-enable the system
Restore cache and subsequently manually create an initial Restore Point.

Thus it is better the dump the cache AFTER and not BEFORE the system has
been cleaned of malware."

Be guided accordingly.

Re: Virus attack has crippled me

That's the second time you posted bad links.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com , David
H. Lipman, Max M Wachtell III  aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



Quoted text here. Click to load it



Re: Virus attack has crippled me

On Fri, 14 Sep 2007 17:30:24 -0700, pcbutts1 wrote:

Quoted text here. Click to load it

Oh really. Can you elaborate please.

Re: Virus attack has crippled me

Your quote from Microsoft.public.security.virus "When the menu is displayed
hitting 'H' or 'h' will bring up a more
comprehensive PDF help file. http://www.ik-cs.com/multi-av.htm "

Your quote from yesterday " Valuable advice from an AV expert, David H.
Lipman
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm "

Two of the 3 links are bad, that site was shutdown because David got busted
stealing others software.



--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com , David
H. Lipman, Max M Wachtell III  aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



Quoted text here. Click to load it



Re: Virus attack has crippled me

pcbutts1 - 15.09.2007 02:30 :

Quoted text here. Click to load it

but no reason for your fullquoting (snipped) again.

Only a recommendation:

http://www.xs4all.nl/~hanb/documents/quotingguide.html

Please note:

For example: It is not necessary to quote the entire text of the person
you respond to. A quoting should always and first of all clarify the
context, enabling the reader to understand the flow of the thread. A
quoting is not ment to re-post the previous article.

THX in advance for your kind willing and understanding.

--

by(e) PS

spam will be killfiled


Re: Virus attack has crippled me


Quoted text here. Click to load it

Boy, did you get the wrong male/female/transsexual......it is not kind,
willing or understanding!!!

Nasty, pain in the ass and rude to everyone would be more like it.




Re: Virus attack has crippled me

On Sep 15, 2007, Heather wrote:
Quoted text here. Click to load it

But isn't (unnecessary) full-posting a pain in the ass and rude in its own
way?


Re: Virus attack has crippled me


Quoted text here. Click to load it

However, I didn't do that, so what are you talking about??

And yes, it is.....and yes, sometimes many of us forget to trim.  But it
is not a criminal offence, OK??

HF
Quoted text here. Click to load it



Re: Virus attack has crippled me

Kayman wrote:
Quoted text here. Click to load it

And if you invested in an imaging backup program and used it from time
to time you would not only be able to go back to a known clean system,
you would be protecting yourself from all sorts of nasty happenings, bad
installs etc.
Dave Cohen

Site Timeline