[pchelpers] Re: i have a virus

We have been cleaning a lot of these virus up i.e. badtrans, and it is an
easy fix.  By now you have figured that there is no kernel32.exe in windows.
It has a kernel32.dll.  so when you delete the .exe file nothing happens.
If a person has the latest updates for their virus checker you won't get it.
We went into an office where 4 out of all of them got the virus.  Only ones
not doing their updates.  All the others stopped it.

Robert McLellan

----- Original Message -----
From: "John Durham" <john.modec@xxxxxxxxxx>
To: <pchelpers@xxxxxxxxxxxxx>
Sent: Thursday, November 29, 2001 2:22 PM
Subject: [pchelpers] Re: i have a virus


>
> You're not a happy chap today...
> Given the description you provided (and not having this software
> myself), the basic procedures used must ensure the virus is contained
> where it is.
>
> First order is a clean reboot from cold using a floppy boot or CD if
> appropriate. Once that is done, clean the system files of infection. In
> W98 I would use System File Checker (SFC) to restore the original
> versions, but I don't know if XP has it. Anyone else know that?
>
> After the system files are clean a standard virus scan should root out
> the nasty.
>
> If this method won't work for you, there are 2 alternatives.
> 1) Remove the hard drive and slave it to another system with a full
> antivirus. Run the scan then restore the system to original condition.
> 2) Complete re-partition and reformat of the hard drive.
>
> Jonathan Setcer wrote:
> >
> > I have a new virus in my kernel32.exe file and it is in my kdll.dll
> > file too
> > according to "Norton's".  I am using windows XP Professional.
> > {aside: I got the W95/Badtrans.B@mm virus BEFORE I got around to
> > installing
> > my Norton software. As soon as I saw bouncing e-mails from newsgroups,
> > strangers, etc. I knew I waited too long to install....}
> >
> > First Norton said the files could not be cleaned.   and could not be
> > deleted
> > because they were in use so it "quarantined" them.
> >
> > a few min later i got an error message that "kernel32.exe" had
> > performed an
> > illegal operation and would be closed.
> >
> > I thought "kernel32" was necessary for ANYTHING to run, so I am
> > suprised
> > that I am still running with it closed.
> > (I looked in my "taskmanager/processes" and it is not on the list).
> >
> > NOW FINALLY MY QUESTION:
> > with the kernel32 "quarantined", and infected, and not running, what
> > is
> > going to happen when I reboot my computer?
> >
> > How do I get a clean copy of these two files?
> >
> > Please help me,  I am drowning in my self pity.
> >
> > Agape  & 73,  J. Setcer
>
> --
> Regards, John Durham <mailto:modec@xxxxxxxxx >
> ICQ number 112663246
> Fax/Phone 64 4 5286786
> Award winning web site at http://modecideas.com?sig
>
https://www.paypal.com/xclick/business=john.modec%40xtra.co.nz&item_name=How
+to+get+thousands+of+hits+to+your+website&item_number=ebook1&amount=19.97&re
turn=http%3A//modecideas.com/dthanks.htm&cancel_return=http%3A//modecideas.c
om/dmaxhits.htm?sig
> Open your PayPal account
> https://secure.paypal.com/refer/pal=john.modec%40xtra.co.nz
> Get paid to learn http://www.itpaystolearn.com/default.asp?ref_id=AAS007
> PC-HELPERS list subscribe/unsub at http://pchelpers.5er.com?sig
> Get massive hits to your site
> http://www.startblaze.com/cgi-bin/intro.cgi?11590
> Classified ad site
> http://www.spunge.org/~johndurh/cgi-bin/classifieds.cgi?sig
>
> Good advice is like good paint- it only works if applied.
>
>

Other related posts: