I got a worm through Limewire. I know better but I opened something I shouldn't have. So anyway no I can't get rid of it. I am running XP. It seems to have altered what ever file that tells XP what programs to start because it is running when I go to Trendmicro and starts everytime I boot my computer so It can't be deleted.
It seems to have disabled Ctrl+Alt+Del because I cannot run task manager to stop it. I also can't run regedit to search for it.
I don't know how to start in Safe Mode in XP nor do I know how to get to a command prompt. I knew old Windows pretty well but I am not up on the differences in XP, although I am finding out quickly.
All you Techies out there, if you can even give me a little bit of info on each one of my failing I would appreciate it.
2007-01-29 03:07:04 · 2 answers · asked by Christopher B 2 in Computers & Internet ➔ Security
If you can download these 3 programs and update them.
Ad-Aware
AVG 7.5 Anti-spyware
Search and Destroy
Then restart, when you PC is booting and its loading the BIOS hit the F8 key a few times. Then select SAFE MODE. WHen your in safe mode. Run the programs in this order
AVG
Ad-aware
Search and Destroy
Clean everthing it finds boot back up normaly, and see how things act.
If it wasn't able to clean everything you will need to be more specific on the type of worm. Then e-mail me. I will help
hobbit_lovin2000@yahoo.com
2007-01-29 03:38:47 · answer #1 · answered by Anonymous · 0⤊ 0⤋
You truly have a problem my friend.
The first thing to try is to go back to a previous restore point on your computer. If you can get rid of it this way, this will be by far the easiest way to do it.
If that does not work, you have quite a chore ahead of you. Many viruses, once running on your computer can be quite the annoying little bugs to get rid of. They seem to be able to hide from virus scanners sufficiently to make them impossible to get rid of with a virus scanner.
OK, here are some things you can do.
This is going to take some time but for some viruses, it is the only way I have found to get rid of them if you can't do it with restore points.
The most drastic is to reformat and re-install. Not always the option you want.
Next will require a DOS bootable CD or floppy and some knowledge of DOS. If your hard drive is formatted in NTFS download NTFS4DOS. The free edition is available for home use.
Create a DOS Bootable CD and add NTFS4DOS on it or create a DOS bootable floppy and add NTFS4DOS if needed. Put this aside for a few moments. Nero makes a nice bootable CD from either a bootable floppy you provide or gives you a chance to make one from their DR-DOS. Do not use their NTFS reader as it gives you read only access to NTFS drives You need read/write access. NTFS4DOS is not perfect but it should be able to do what you need to do.
Download and install Spybot S&D.
Don't bother with scanning at this point, we want it for something else. On the Mode menu, switch to advanced mode. They'll give you a warning, but do it anyway.
Now, on the left side, select the Tools menu at the bottom. You want to look at the System Startup. If it doesn't show up on the menu at the left, put a check mark in the option to the right. Then click on the menu option on the left.
Now you see what's starting up in your computer. Look at the command line column and look for anything that doesn't seem to belong. You have to be careful here because there are things there that have to be there in order for your computer to operate. If unsure, look at the file name and Google it.
Write down the filename of any virus file shown here. Now, the next part is critical. Many viruses are set to rename themselves when the computer shuts down. This is one of the few times that you DO NOT want to shut down the computer safely. You don't want those viruses renaming themselves.
Put the bootable disk in that you created into the appropriate drive. Pull the power from the computer so it just turns off with out a normal shut down.
Now boot up using the bootable disk you created. You may need to go into the BIOS to set the drive up to boot.
Once you get to the DOS prompt, go to the appropriate spot and start up NTFS4DOS, if necessary. The free version will give you an annoying full screen prompt just type YES to continue. Note the drive letter it assigns. Your Windows C drive will probably have a different drive letter. That's OK, just go to that drive letter and delete (or rename) all the virus files you found earlier.
Now when you reboot, you should be able to scan and remove anything else that is remaining.
I can't stress enough that you make sure you only delete files you are certain are viruses. Renaming the files might be better so that you can rename one back if necessary.
This takes time but may be the solution if you really don't want to wipe out and reinstall.
Good luck.
2007-01-29 03:48:55 · answer #2 · answered by rbarc 4 · 0⤊ 0⤋