How would you know that you had a trojan/virus on your system?..I check regularly and find nothing..--Phyllis
----- Original Message ----- From: "marlon tuna" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 28, 2004 6:44 PM Subject: RE: [A-1-Computer_Tech] sp-2 blocked by one virus or one trojan! > Ed, thank you very much for the time you spent sharing this information. > I, > for one, really appreciate it. Have a good evening. Best wishes. > > Michael > > >>From: "ED R" <[EMAIL PROTECTED]> >>Reply-To: [EMAIL PROTECTED] >>To: <[EMAIL PROTECTED]>,<[EMAIL PROTECTED]> >>CC: >><[EMAIL PROTECTED]>,<[EMAIL PROTECTED]> >>Subject: [A-1-Computer_Tech] sp-2 blocked by one virus or one trojan! >>Date: Tue, 28 Sep 2004 17:48:39 -0500 >>MIME-Version: 1.0 >>X-Sender: [EMAIL PROTECTED] >>Received: from n53.grp.scd.yahoo.com ([66.218.67.59]) by >>mc10-f6.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 28 Sep >>2004 >>15:53:44 -0700 >>Received: from [66.218.66.97] by n53.grp.scd.yahoo.com with NNFMP; 28 Sep >>2004 22:49:04 -0000 >>Received: (qmail 52591 invoked from network); 28 Sep 2004 22:49:00 -0000 >>Received: from unknown (66.218.66.218) by m14.grp.scd.yahoo.com with >>QMQP; >>28 Sep 2004 22:49:00 -0000 >>Received: from unknown (HELO imf21aec.mail.bellsouth.net) (205.152.59.69) >>by mta3.grp.scd.yahoo.com with SMTP; 28 Sep 2004 22:48:59 -0000 >>Received: from richbourg ([65.7.80.144]) by imf21aec.mail.bellsouth.net >> (InterMail vM.5.01.06.11 201-253-122-130-111-20040605) with ESMTP >> id <[EMAIL PROTECTED]>; >> Tue, 28 Sep 2004 18:48:52 -0400 >>X-Message-Info: JGTYoYF78jH/GJKgpcHoI8xNqLR1uO9Q >>X-Yahoo-Newman-Property: groups-email >>X-Apparently-To: [EMAIL PROTECTED] >>Message-ID: <[EMAIL PROTECTED]> >>X-MSMail-Priority: Normal >>X-Mailer: Microsoft Outlook, Build 10.0.6626 >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 >>In-Reply-To: <[EMAIL PROTECTED]> >>X-eGroups-Remote-IP: 205.152.59.69 >>X-Yahoo-Profile: ebbourg >>Mailing-List: list [EMAIL PROTECTED]; contact >>[EMAIL PROTECTED] >>Delivered-To: mailing list [EMAIL PROTECTED] >>Precedence: bulk >>List-Unsubscribe: <mailto:[EMAIL PROTECTED]> >>Return-Path: >>[EMAIL PROTECTED] >>X-OriginalArrivalTime: 28 Sep 2004 22:53:45.0269 (UTC) >>FILETIME=[022E2E50:01C4A5AE] >> >>After spending hours downloading sp-2 and not being able to use IE 6.0, >>because of ONE sneaky Trojan or virus, I'm posting the steps I went >>through >>to clean my pc. (found the article online) I am now up and running after >>installing both xp sp-2 and ol sp-3 today (YIPPEE!!!!!). The article is >>VERY informative. >> >>ED R >> >> >> >>Getting Prepared; Steps to be sure your system is ready to be scanned: >> >>1: Disable System Restore temporarily (WinXP & WinME only) if you are >>infected; Any trojans, spyware, etc. you may have picked up could have >>been >>saved in System Restore and are waiting to re-infect you. Since System >>Restore is a protected directory, your tools can not access it to delete >>files, trapping viruses inside. Please follow instructions to do that >>here: >>http://forums.majorgeeks.com/showthread.php?t=31668 >> >>2: Network Security, Workstation Netlogon Services & Remote Procedure Call >>(RPC) Helper (Windows XP, 2K, NT); If you have the about:blank or home >>search hijack you need to check to see if a Windows service name "Network >>Security Service" or "Workstation Netlogon Service" are running. To do >>this, >>click Start, Run, and enter the following in the Open box: "services.msc" >>(without the quotes). Then click OK. Now, in the Services window that pops >>up look for exactly the following service names (no others) "Network >>Security Service" or "Workstation Netlogon Service" or "Remote Procedure >>Call (RPC) Helper". If you find these services, you must stop it by right >>clicking on it then select stop. Now, disable it by right clicking on it >>and >>selecting Properties. Then in the General tab see the area that says >>"Startup type: " click on the pull down arrow and change it to Disabled. >>If >>it does not exist, do not worry and skip this step. >> >>3: Enable viewing of hidden files and folders and extensions; Some >>programs >>can hide this way by not being visible in Windows. Start Windows Explorer >>and click on your main hard drive, usually c:\. Then select Tool from the >>top of Windows Explorer and then Folder Options. Go to the View tab. >>Scroll >>down to the folder icon that says Hidden files and folders and check show >>hidden files and folders. Optionally, right below it, uncheck the hide >>file >>extensions for known types. Not doing this could allow file extensions >>commonly used by trojans and spyware to be >>hidden, for example a file ending in .exe or dll making manually finding >>it, >>if needed, difficult to impossible >> >>4: Downloading Tools; Download the following tools and save in your >>favorite >>download folder or create one, for example C:\Temp or C:\Downloads. And >>then >>install, update, and configure as indicated below. >> >>Ad-Aware SE.......Install, click Check for Updates now and get any >>updates, >>then exit. >>Ad-Aware VX2 Cleaner Plug-In.....Install only >>CCleaner.............Install only, then exit >>Spybot................Install, do the search for updates now and get any >>updates, then exit. >>SpywareBlaster...Install, click Download Latest Protection Updates, Check >>for Updates, and then Enable All Protection, then exit. It does a great >>job >>of blocking known vulnerabilities as well as known malicious websites. >>McAfee AVERT Stinger....No installation required! Ready to run as is. >>CWShredder......No installation required! Just unzip it to a folder. >>Kill2me..............No installation required! Just unzip it to a folder. >>about:Buster......No installation required! Just unzip it to a folder. >>HSRemove........No installation required! Ready to run as is. >> >> >>Your system is now ready to be properly scanned for spyware, trojans and >>viruses. >> >>Scanning And Cleaning Steps: >> >>1: Virus And Trojan Scanning; >>a) Win9x (Windows 95, 98, 98SE) users boot normal mode. >>do an online scan at Trend Micro's Free Online Virus Scan >>do an online scan at Symantec Security Check >>now boot in safe mode (and remain there) and run McAfee AVERT Stinger. See >>how to boot in safe mode below. >>b) And Windows XP, 2000, NT, ME, users boot in "safe mode with networking >>support" (and remain in there). See how to boot in safe mode below. >>do an online scan at Trend Micro's Free Online Virus Scan >>do an online scan at Symantec Security Check >>run McAfee AVERT Stinger >>How to boot in safe mode: To boot into safe mode, restart your computer >>and >>tap the f8 key (after first black and white screen, but before the Windows >>splash screen) until you get to a black and white screen asking you what >>to >>do. With Windows XP, 2000, NT, ME: Use your arrow keys and select "safe >>mode >>with networking support". >> >>Booting in safe mode is important because best results are achieved since >>safe mode disables most drivers and running programs. >> >>2: Clean Your Hard Drive; Remove temporary internet and other files not >>needed with CCleaner. Run CCleaner with the default options to clean out >>temporary files. Optionally, check the clean "Delete Index.dat" checkbox. >> >>3: Main Spyware Scan And Removal; Scan your machine with Ad-Aware SE >>(remember to install the Ad-Aware VX2 Cleaner Plug-In for it) and Spybot. >>Look for the Immunize feature in Spybot and use it. >> >>4: Secondary Spyware Scan And Removal: Other Removal Tools; Run the other >>programs you downloaded; CWShredder (make sure you select Fix), Kill2me, >>about:Buster and HSRemove. They are free, standalone and easy to use. >>Note: >>about:Buster and HSRemove need only be run if you are having about:blank >>or >>HomeSearchAssistent hijacks. Also, note that HSRemove is not compatible >>with >>Win9x or WinMe systems. >> >> >> >> >> >> >>If you have any questions or problems with any aspect of this site, please >>feel free to contact me directly [EMAIL PROTECTED] Please do not post >>personal issues directly to the group. >> >>To unsubscribe from this list, send an email to >>[EMAIL PROTECTED] >> >>Thank you for using A-1 Computer Tech >>Yahoo! Groups Links >> >> >> >> >> > > _________________________________________________________________ > Check out Election 2004 for up-to-date election news, plus voter tools and > more! http://special.msn.com/msn/election2004.armx > > > > > If you have any questions or problems with any aspect of this site, please > feel free to contact me directly [EMAIL PROTECTED] Please do not post > personal issues directly to the group. > > To unsubscribe from this list, send an email to > [EMAIL PROTECTED] > > Thank you for using A-1 Computer Tech > Yahoo! Groups Links > > > > > ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/67folB/TM --------------------------------------------------------------------~-> If you have any questions or problems with any aspect of this site, please feel free to contact me directly [EMAIL PROTECTED] Please do not post personal issues directly to the group. To unsubscribe from this list, send an email to [EMAIL PROTECTED] Thank you for using A-1 Computer Tech Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/A-1-Computer_Tech/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
