[pchelpers] Re: i have a virus

I was recently using a Gateway pc with Win XP home edition.  Gateway has what is
called GoBack software, and XP has what is called System Restore.  The system 
restore
will let you go back to when all things were working well.
A calendar comes up and you pick the date.

Hope that helps a little.

G.R. Hanson
Arkansas USA


----- Original Message -----
From: John Durham <john.modec@xxxxxxxxxx>
To: <pchelpers@xxxxxxxxxxxxx>
Sent: Thursday, November 29, 2001 2:22 PM
Subject: [pchelpers] Re: i have a virus



You're not a happy chap today...
Given the description you provided (and not having this software
myself), the basic procedures used must ensure the virus is contained
where it is.

First order is a clean reboot from cold using a floppy boot or CD if
appropriate. Once that is done, clean the system files of infection. In
W98 I would use System File Checker (SFC) to restore the original
versions, but I don't know if XP has it. Anyone else know that?

After the system files are clean a standard virus scan should root out
the nasty.

If this method won't work for you, there are 2 alternatives.
1) Remove the hard drive and slave it to another system with a full
antivirus. Run the scan then restore the system to original condition.
2) Complete re-partition and reformat of the hard drive.

Jonathan Setcer wrote:
>
> I have a new virus in my kernel32.exe file and it is in my kdll.dll
> file too
> according to "Norton's".  I am using windows XP Professional.
> {aside: I got the W95/Badtrans.B@mm virus BEFORE I got around to
> installing
> my Norton software. As soon as I saw bouncing e-mails from newsgroups,
> strangers, etc. I knew I waited too long to install....}
>
> First Norton said the files could not be cleaned.   and could not be
> deleted
> because they were in use so it "quarantined" them.
>
> a few min later i got an error message that "kernel32.exe" had
> performed an
> illegal operation and would be closed.
>
> I thought "kernel32" was necessary for ANYTHING to run, so I am
> suprised
> that I am still running with it closed.
> (I looked in my "taskmanager/processes" and it is not on the list).
>
> NOW FINALLY MY QUESTION:
> with the kernel32 "quarantined", and infected, and not running, what
> is
> going to happen when I reboot my computer?
>
> How do I get a clean copy of these two files?
>
> Please help me,  I am drowning in my self pity.
>
> Agape  & 73,  J. Setcer

--
Regards, John Durham <mailto:modec@xxxxxxxxx >
ICQ number 112663246
Fax/Phone 64 4 5286786
Award winning web site at http://modecideas.com?sig
https://www.paypal.com/xclick/business=john.modec%40xtra.co.nz&item_name=How+to+get+t
housands+of+hits+to+your+website&item_number=ebook1&amount=19.97&return=http%3A//mode
cideas.com/dthanks.htm&cancel_return=http%3A//modecideas.com/dmaxhits.htm?sig
Open your PayPal account
https://secure.paypal.com/refer/pal=john.modec%40xtra.co.nz
Get paid to learn http://www.itpaystolearn.com/default.asp?ref_id=AAS007
PC-HELPERS list subscribe/unsub at http://pchelpers.5er.com?sig
Get massive hits to your site
http://www.startblaze.com/cgi-bin/intro.cgi?11590
Classified ad site
http://www.spunge.org/~johndurh/cgi-bin/classifieds.cgi?sig

Good advice is like good paint- it only works if applied.





---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/2001

Other related posts: