On Wednesday 25 August 2004 19:22, Lanman wrote:
<replies within>
> It sounds like your system is having more problems than it
> should. Did I understand you correctly in assuming that your
> WindowsXP image is stored somewhere on the hard drive? Some PC
> companies put the image or cab files for WindowsXP on a hidden
> partition, and this sounds like what has happened to you, but in
> your case, the image or files have also been infected, so
> re-installing from the harddrive may be a waste of time.
Correct. The "restore" thingy seemed to be on another partition, in
Windownese called D:\ - I happen to know that, because naturally I
tried to defrag that partition in order to shrink it and make some
room for a real OS to dual boot. But the "system" told me, that if
I touched that partition, I wouldn't be able to restore Windows. So
I didn't. Following Lyvim and others advice I used ClamAv to scan
that partition as well as my home-created CD's. And, lo and
behold : No viruses. But you know what ? - When scanning those same
media with XoftSpy and SpyBot what pops up : 8 trojans labelled as
medium threats, among them SAHAgent. That last beast was reported
by ALL scanners to be removed, but showed up every time I
re-scanned.
Now, I tried the hard way, as suggested : I edited the registry by
hand. Mysteriosly, that didn't bork the system, but the Spyware was
there, nevertheless.
> I suggest that you contact HP for a set of recovery CD's, then do
> a low-level or "zero-fill" format of the drive after you've
> received the CD's from HP. That is probably the only way to be
> 100% sure that you've got a clean install. Then you should try
> installing your extra software from a CD.
>
> Another option is to disconnect your current hard drive, get
> another hard drive, and install Windows98 or another copy of
> WindowsXP on that temporary drive, then the service packs,
> anti-virus application AND it's updates. Once that's all done,
> reconnect your old drive as a slave drive and scan clean it
> thoroughly. Use two or three different anti-virus and spyware
> programs to make sure that it's totally clean. While you're doing
> this, make sure your PC is not connected to any other PC, whether
> its via firewire, Lan, or wireless! Make sure you disconnect the
> PC from any switch or router, and even your from Internet modem.
>
> Once your scan is complete, reconnect the main drive as your
> primary drive, and start your install from scratch. If that
> doesn't work, you will need those recovery CD's from HP in order
> to solve this problem.
>
> HTH
>
> lanman
Lanman, I have E-mailed HP Denmark for just that. It is now obvious,
that the whole PC is severely infected, with no available cure at
hand.
Please read my next post, and thanks a lot
Kaj Haulrich.
--
*sent from a 100% Microsoft-free workstation*
* http://haulrich.net *
*Running Linux (Mandrake 10.0) - kernel 2.6.7*
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
