XP Internet Security Virus HELP
in [Windows Viruses]
|
From: David Kaye on 7 Mar 2010 17:02 =?Utf-8?B?RGluYQ==?= <Dina(a)discussions.microsoft.com> wrote: >This program started and I know it's a virus. I ran Malwarebytes in safe >mode and it removed 3 infected files from the registry: antivirus disable >notify, firewall disable notify and updates disable notify. I reboot and the >program was back. I then removed them manually in safe mode. I reboot and >it was back again. It has also disabled my internet. Last update in >Malwarebytes was 12/2009. Did you run MB in full scan or quick scan? Do it twice in full scan. You may need something like ComboFix if it's a serious rootkit and the thing is booting in Linux or something that Windows can't see. The three "infected files" you mention are simply the notifications from the Security Center, so in essence, MB didn't find anything. Try running a copy of Avast. I'm not sure, but I think you can DL and run it in safe mode with networking.
From: David Kaye on 7 Mar 2010 17:04 "FromTheRafters" <erratic @nomail.afraid.org> wrote: >> / Thank you ! / > >It's a constant battle. :o) > But "malware" is such an invented term that I have to keep explaining it to people. It's not all spyware so we can't use that term, either.
From: "FromTheRafters" erratic on 7 Mar 2010 20:15 "David Kaye" <sfdavidkaye2(a)yahoo.com> wrote in message news:hn17tf$jl9$3(a)news.eternal-september.org... > "FromTheRafters" <erratic @nomail.afraid.org> wrote: > >>> / Thank you ! / >> >>It's a constant battle. :o) >> > > But "malware" is such an invented term that I have to keep explaining > it to > people. It's not all spyware so we can't use that term, either. Yes, education sometimes seems like an exercise in futility. :o) The differences between the terms virus and malware are *not* trivial, as each has its own strengths and weaknesses and requires different prevention/cleanup methods. For instance, some detection methods require an active infestation while the goal of antivirus is to allow the user to prevent the execution of infected executables. Another point is that viruses have one thing that they have to do to be viruses, they must replicate (and some say infect as well). Malware has no such restriction - it can do or not do anything the author desired. Viruses can copy more than themselves, and thus can carry a payload that does anything the author desired (but it *must* replicate). One might think that it would be easier to detect viruses than would be to detect malware since it is known that at least one function of the virally infected program will cause replication - it is at least something constant to look for, but virus authors have complicated things somewhat. Most malware can be easily avoided through safe computing practices, but virally infected programs have been known to come through perfectly legitimate channels, hence the *need* for AV scanning in addition to other 'safe hex' measures.
From: Sandy 3 ODBC files Sandy 3 ODBC on 8 Mar 2010 02:03 "David Kaye" wrote: > =?Utf-8?B?RGluYQ==?= <Dina(a)discussions.microsoft.com> wrote: > > >This program started and I know it's a virus. I ran Malwarebytes in safe > >mode and it removed 3 infected files from the registry: antivirus disable > >notify, firewall disable notify and updates disable notify. I reboot and the > >program was back. I then removed them manually in safe mode. I reboot and > >it was back again. It has also disabled my internet. Last update in > >Malwarebytes was 12/2009. > > Did you run MB in full scan or quick scan? Do it twice in full scan. You may > need something like ComboFix if it's a serious rootkit and the thing is > booting in Linux or something that Windows can't see. > > The three "infected files" you mention are simply the notifications from the > Security Center, so in essence, MB didn't find anything. Try running a copy > of Avast. I'm not sure, but I think you can DL and run it in safe mode with > networking. > > . >
From: sandy on 8 Mar 2010 02:12
Is there a fix for this? Have found these three files in ODBC dBase microsoft driver*.dbf excel*.xls access. seems to be hiding in microsoft access-excel "David Kaye" wrote: > =?Utf-8?B?RGluYQ==?= <Dina(a)discussions.microsoft.com> wrote: > > >This program started and I know it's a virus. I ran Malwarebytes in safe > >mode and it removed 3 infected files from the registry: antivirus disable > >notify, firewall disable notify and updates disable notify. I reboot and the > >program was back. I then removed them manually in safe mode. I reboot and > >it was back again. It has also disabled my internet. Last update in > >Malwarebytes was 12/2009. > > Did you run MB in full scan or quick scan? Do it twice in full scan. You may > need something like ComboFix if it's a serious rootkit and the thing is > booting in Linux or something that Windows can't see. > > The three "infected files" you mention are simply the notifications from the > Security Center, so in essence, MB didn't find anything. Try running a copy > of Avast. I'm not sure, but I think you can DL and run it in safe mode with > networking. > > . > Ok |