Despite all my precautions, I've gotten a bad virus. AdAware found 3 trojans when I scanned after discovering the problem. I use Grisoft AVG software for virus protection. It's updated (or checked for updates) automatically every day. Somehow this got through in an e-mail from my daughter. She had sent me some pictures and I believe the problem was in one of the pictures. I believe it's affected the registry somehow as the e-mail scanner has been disabled and when I went to re-load it, it fail saying denied access registry HOTKEY.....something, something. Also the Windows firewall has been disabled and can't be restarted. Any ideas before I re-format the drive and start over? Running XP on an IBM laptop. BTW, is there any way to access my e-mail on the hard drive? There are a few e-mails I don't have saved elsewhere.

Down load the first Stinger on the list. The other versions are there to fix specific viruses, They are free from McAfee, and will work with any antivirus software.
McAfee Threat Center (http://vil.nai.com/vil/stinger/)

Despite all my precautions, I've gotten a bad virus. AdAware found 3 trojans when I scanned after discovering the problem. I use Grisoft AVG software for virus protection. It's updated (or checked for updates) automatically every day. Somehow this got through in an e-mail from my daughter. She had sent me some pictures and I believe the problem was in one of the pictures. I believe it's affected the registry somehow as the e-mail scanner has been disabled and when I went to re-load it, it fail saying denied access registry HOTKEY.....something, something. Also the Windows firewall has been disabled and can't be restarted. Any ideas before I re-format the drive and start over? Running XP on an IBM laptop. BTW, is there any way to access my e-mail on the hard drive? There are a few e-mails I don't have saved elsewhere.

Try running Housecall from Trend Micro, it's a free online virus scan that uses their server to scan and fix your drive...

Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro USA (http://housecall.trendmicro.com/)

Then try the restore feature of XP to travel back in time on the drive to before she messed up the computer...

:popcorn:

Then try the restore feature of XP to travel back in time on the drive to before she messed up the computer...
:popcorn:

Tried that already, it's been comprimised also.

also you can get Sunbelt Software ; Counterspy - full 15 day trial

CounterSpy - Reviews and free CounterSpy downloads at Download.com (http://www.download.com/CounterSpy/3000-8022_4-10705277.html)

Download.com 5 star, Cnet just gave it editors choice this month, and I have been using it for 2 yrs now since 1.2 , now @ 2.x .... if you purchese you can usually get a send yr for 10 bucks

Tried that already, it's been comprimised also.

What's Housecall reporting, can it fix it?

Tomcat - What Email Client are you using; Outlook, Outlook Express, Thunderbird - mozilla product ?

Es-net is the best virus program out there ... hands down

What's Housecall reporting, can it fix it?

A little more info: Still using a dial up connection. Would not connect when I last tried. Can't get online (nor do I want to until I get all of this resolved).

Tomcat - What Email Client are you using; Outlook, Outlook Express, Thunderbird - mozilla product ?

Outlook Express
Thanks,

A little more info: Still using a dial up connection. Would not connect when I last tried. Can't get online (nor do I want to until I get all of this resolved).



Outlook Express
Thanks,

Then your best advice is to make a bootable cd with the stinger program on it that the other guy mentioned...

Yes use BartPE if you have access to it.

Make a bootable cd on the computer that you are using and copy Stinger onto it. Or copy Stinger on to a cd from the computer you are using and run Stinger from the cd on your computer.

Stinger is a onetime virus scanner that removes the virus in question and leaves no footprint. McAfee updates it as often as necessary and offers it to the public free of charge. You may download it anytime you want, and as many times as you want. It is best to download the latest version each time you need it.

Running these from the safe mode may be the best way to ensure that you get all the rouge files. You may have to copy Stinger or any other remover to a temp folder and access that file from the safe mode to run the file.

You should search the net for the names of the viruses your antivirus is telling you about. You will find all kinds of free virus removing tools on the net. Just down load a couple of them and take them to your computer on a cd.

Good Luck

Downloads: Antivirus Update - Download Norton Antivirus - Free Antivirus Trial (http://www.symantec.com/norton/downloads/index.jsp)

You may also go to Norton/Symantec go to Support / downloads / Virus Definitions and Removal Tools and look up your specific virus and download their removal tool for that virus free. Their tools also include the instructions for manually removing the virus file by file and registry entry by registry entry. Sometimes that is the only way to get rid of some of these things.

If you are sitting in front of a paying customer you want tools that work quickly. These work.

Thanks all. I will try these ideas when I get home tonight.

Thumb drive for moving files around too

First, fetch SDFix.exe and use that. It's an advanced tool, however, but it's got a number of built-in utilities for taking down Ad/spyware and viruses.

Then follow up with a decent quality virus scanner. I recommend looking on Amazon for "Symantec Corporate Anti-Virus 10.2". This is the commercial version of Norton that does virus and spyware scanning, with unlimited virus definition updates for free, without all the bloat of the consumer-grade Norton product. It's only $19.99 too. I have my suspicions that it's not supposed to be sold to end consumers, but hey, cheap, and free updates. Can't argue.

The catch is, the core heuristics engine isn't free -- 10.2 is for Vista, but the CD has version 10.1.5.5000 for Windows 2000 and Windows XP, and you're locked at that version level until 10.1.6 or 10.1.7 get out onto CD I believe. I might have to go scour Symantec's site and confirm that, though.

Regardless, however, the heuristics system in 10.1.x is pretty robust, and will catch viruses and spyware for several years to come.


Now, about SDFix. Below is the download URL, and some usage instructions copied off another forums site. Just follow them, and grab some coffee while waiting for SDFix to finish, and you should be able to entirely remove, or at least neutralize the critter.

SDFix.exe download here:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe


Usage instructions copied (and modified) from here (http://forums.pcpitstop.com/lofiversion/index.php/t128220.html) (my additions are in italics):
Double click SDFix.exe and choose Install to extract it to its
own folder on the C: Drive (C:\SDFix). Please then reboot your computer in Safe Mode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode with Command Prompt, then press Enter.
When Windows loads, you'll get a black box with a blinking cursor -- this is the command prompt. Type the following commands, pressing enter after each item: CD \SDFix RunThis.bat
Type Y to begin the cleanup process.
It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.

SDFix ONLY runs in "Fix" mode from Safe Mode. If you run SDFix in normal mode, you're instead given options to download and run a series of cleaner tools. Do this AFTER the initial scan (i.e., following the above instructions). When you run SDFix after the fix mode is complete, you'll want to start with the Virus scanner, using Option #5. You'll know what I mean when you select it. Then run the first and second tools after that, and you should hopefully have a clean system.

--K

Thanks Kumba, although a little too late. I ended up re-formatting the hard drive and starting over. I will look into the symantec program though. I've had pretty good luck with the AVG program from Grisoft, it's free and what I like most is it will automatically update when needed. Seems like Norton and the others you have to remember to check for updates

avg free is pretty good ....... I am Using Kaspersky right now, but I also have the latest Symantec Corp on hand as well .......

I use Mcafee and Spybott , been trouble free for over a year . The real Ace in the hole though is Norton Ghost. Now that you spent an entire day reformatting ,and reloading ,all those updates ,and getting those settings the way you like.ect .ect. Spin off a custom restore disk so when it happens again and it will you are ready. It now takes only minutes to get the computter back to were you are when the restore disk is made.