Jump to content

Problems with Viruses and Trojans

Guest Anon

By Guest Anon
in Windows 2000 Workstation

 Share

Recommended Posts

Guest Anon

Guest Anon

Posted
Posted

For three days now I have been having problems with viruses. I find

stuff and remove it, (just a few minutes AVG 8.0 finally found a trojan

and moved it to quarantine, and that seems to have fixed one problem),

but each time I find and remove something, something else pops up, so I

don't have a lot of confidence that this is the end of it.

 

My wife bought Kaspersky with a three machine license, and anti-virus

software is always very difficult to uninstall. So instead of trying to

uninstall AVG 8.0, I think it would be easier to rebuild my system.

 

What I'm going to do is format my hard drive and reinstall Windows 2000

and reinstall my drivers, SP4, the security roll-up, Open Office,

Firefox, etc.

 

What I want to know is do I need to reformat the whole drive, or just

the C: partition? Do I need to worry that the trojans, viruses,

spyware, etc has infected my documents or other files on the other

partitions, and will reinfect my computer as soon as I try to open them?

 

If the documents on the other partitions are infected, how do I clean

them up? I've got stuff out there that I don't want to just delete.

 

I have DBAN Boot and Nuke, but I don't think I can use it on just the

C:\ partition. It looks like it will nuke the whole drive. Am I wrong

about this? Can I use it on just the C:\ partition?

  • Replies 4
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Dave Patrick

Guest Dave Patrick

Posted
Posted

Re: Problems with Viruses and Trojans

 

You should be able to scan the disks at boot from floppy.

 

Also FYI; (format the partition in lieu of deleting if you're going that

method)

 

To do a clean install, either boot the Windows 2000 install CD-Rom or setup

disks. The set of four install disks can be created from your Windows 2000

CD-Rom; change to the \bootdisk directory on the CD-Rom and execute

makeboot.exe (from dos) or makebt32.exe (from 32 bit) and follow the

prompts.

 

(Note: If your drive controller is not natively supported then you'll want

to boot the Windows 2000 install CD-Rom. Then *F6* very early and very

important (at setup is inspecting your system) in the setup to prevent drive

controller detection, and select S to specify additional drivers. Then later

you'll be prompted to insert the manufacturer supplied Windows 2000 driver

for your drive controller in drive "A")

 

Setup inspects your computer's hardware configuration and then begins to

install the Setup and driver files. When the Windows 2000 Professional

screen appears, press ENTER to set up Windows 2000 Professional.

 

Read the license agreement, and then press the F8 key to accept the terms of

the license agreement and continue the installation.

 

When the Windows 2000 Professional Setup screen appears, all the existing

partitions and the unpartitioned spaces are listed for each physical hard

disk. Use the ARROW keys to select the partitions Press D to delete an

existing partition, If you press D to delete an existing partition, you must

then press L (or press ENTER, and then press L if it is the System

partition) to confirm that you want to delete the partition. Repeat this

step for each of the existing partitions When all the partitions are deleted

press F3 to exit setup, (to avoid unexpected drive letter assignments with

your new install) then restart the pc then when you get to this point in

setup again select the unpartitioned space, and then press C to create a new

partition and specify the size (if required). Windows will by default use

all available space.

 

Be sure to apply SP4 and these two below to your new install before

connecting to any network. Internet included. (sasser, msblast)

http://download.microsoft.com/download/E/6/A/E6A04295-D2A8-40D0-A0C5-241BFECD095E/W2KSP4_EN.EXE

http://www.microsoft.com/technet/security/bulletin/MS03-043.mspx

http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx

 

Then

 

Rollup 1 for Microsoft Windows 2000 Service Pack 4

http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyid=B54730CF-8850-4531-B52B-BF28B324C662&displaylang=en

 

 

 

 

--

 

Regards,

 

Dave Patrick ....Please no email replies - reply in newsgroup.

Microsoft Certified Professional

Microsoft MVP [Windows]

http://www.microsoft.com/protect

 

 

"Anon" wrote:

> For three days now I have been having problems with viruses. I find stuff

> and remove it, (just a few minutes AVG 8.0 finally found a trojan and

> moved it to quarantine, and that seems to have fixed one problem), but

> each time I find and remove something, something else pops up, so I don't

> have a lot of confidence that this is the end of it.

>

> My wife bought Kaspersky with a three machine license, and anti-virus

> software is always very difficult to uninstall. So instead of trying to

> uninstall AVG 8.0, I think it would be easier to rebuild my system.

>

> What I'm going to do is format my hard drive and reinstall Windows 2000

> and reinstall my drivers, SP4, the security roll-up, Open Office, Firefox,

> etc.

>

> What I want to know is do I need to reformat the whole drive, or just the

> C: partition? Do I need to worry that the trojans, viruses, spyware, etc

> has infected my documents or other files on the other partitions, and will

> reinfect my computer as soon as I try to open them?

>

> If the documents on the other partitions are infected, how do I clean them

> up? I've got stuff out there that I don't want to just delete.

>

> I have DBAN Boot and Nuke, but I don't think I can use it on just the C:\

> partition. It looks like it will nuke the whole drive. Am I wrong about

> this? Can I use it on just the C:\ partition?

Guest Anon

Guest Anon

Posted
Posted

Re: Problems with Viruses and Trojans

 

Dave Patrick wrote:

> You should be able to scan the disks at boot from floppy.

>

> Also FYI; (format the partition in lieu of deleting if you're going that

> method)

>

> To do a clean install, either boot the Windows 2000 install CD-Rom or

> setup disks. The set of four install disks can be created from your

> Windows 2000 CD-Rom; change to the \bootdisk directory on the CD-Rom and

> execute makeboot.exe (from dos) or makebt32.exe (from 32 bit) and follow

> the prompts.

>

> (Note: If your drive controller is not natively supported then you'll

> want to boot the Windows 2000 install CD-Rom. Then *F6* very early and

> very important (at setup is inspecting your system) in the setup to

> prevent drive controller detection, and select S to specify additional

> drivers. Then later you'll be prompted to insert the manufacturer

> supplied Windows 2000 driver for your drive controller in drive "A")

>

> Setup inspects your computer's hardware configuration and then begins to

> install the Setup and driver files. When the Windows 2000 Professional

> screen appears, press ENTER to set up Windows 2000 Professional.

>

> Read the license agreement, and then press the F8 key to accept the

> terms of the license agreement and continue the installation.

>

> When the Windows 2000 Professional Setup screen appears, all the

> existing partitions and the unpartitioned spaces are listed for each

> physical hard disk. Use the ARROW keys to select the partitions Press D

> to delete an existing partition, If you press D to delete an existing

> partition, you must then press L (or press ENTER, and then press L if it

> is the System partition) to confirm that you want to delete the

> partition. Repeat this step for each of the existing partitions When all

> the partitions are deleted press F3 to exit setup, (to avoid unexpected

> drive letter assignments with your new install) then restart the pc then

> when you get to this point in setup again select the unpartitioned

> space, and then press C to create a new partition and specify the size

> (if required). Windows will by default use all available space.

>

> Be sure to apply SP4 and these two below to your new install before

> connecting to any network. Internet included. (sasser, msblast)

> http://download.microsoft.com/download/E/6/A/E6A04295-D2A8-40D0-A0C5-241BFECD095E/W2KSP4_EN.EXE

>

> http://www.microsoft.com/technet/security/bulletin/MS03-043.mspx

> http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx

>

> Then

>

> Rollup 1 for Microsoft Windows 2000 Service Pack 4

> http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyid=B54730CF-8850-4531-B52B-BF28B324C662&displaylang=en

>

>

>

>

>

In addition to W2KSP4_EN.EXE which has a download size of 132,302KB

Microsoft also has "Windows 2000 Service Pack 4 Express Install for End

Users" (SP4express_EN.exe), which has a download size of 589 KB

 

Is the "Express" version compressed for a quicker download?

Did Microsoft leave something out of it?

Guest John John (MVP)

Guest John John (MVP)

Posted
Posted

Re: Problems with Viruses and Trojans

 

Anon wrote:

> Dave Patrick wrote:

>

>> You should be able to scan the disks at boot from floppy.

>>

>> Also FYI; (format the partition in lieu of deleting if you're going

>> that method)

>>

>> To do a clean install, either boot the Windows 2000 install CD-Rom or

>> setup disks. The set of four install disks can be created from your

>> Windows 2000 CD-Rom; change to the \bootdisk directory on the CD-Rom

>> and execute makeboot.exe (from dos) or makebt32.exe (from 32 bit) and

>> follow the prompts.

>>

>> (Note: If your drive controller is not natively supported then you'll

>> want to boot the Windows 2000 install CD-Rom. Then *F6* very early and

>> very important (at setup is inspecting your system) in the setup to

>> prevent drive controller detection, and select S to specify additional

>> drivers. Then later you'll be prompted to insert the manufacturer

>> supplied Windows 2000 driver for your drive controller in drive "A")

>>

>> Setup inspects your computer's hardware configuration and then begins

>> to install the Setup and driver files. When the Windows 2000

>> Professional screen appears, press ENTER to set up Windows 2000

>> Professional.

>>

>> Read the license agreement, and then press the F8 key to accept the

>> terms of the license agreement and continue the installation.

>>

>> When the Windows 2000 Professional Setup screen appears, all the

>> existing partitions and the unpartitioned spaces are listed for each

>> physical hard disk. Use the ARROW keys to select the partitions Press

>> D to delete an existing partition, If you press D to delete an

>> existing partition, you must then press L (or press ENTER, and then

>> press L if it is the System partition) to confirm that you want to

>> delete the partition. Repeat this step for each of the existing

>> partitions When all the partitions are deleted press F3 to exit setup,

>> (to avoid unexpected drive letter assignments with your new install)

>> then restart the pc then when you get to this point in setup again

>> select the unpartitioned space, and then press C to create a new

>> partition and specify the size (if required). Windows will by default

>> use all available space.

>>

>> Be sure to apply SP4 and these two below to your new install before

>> connecting to any network. Internet included. (sasser, msblast)

>> http://download.microsoft.com/download/E/6/A/E6A04295-D2A8-40D0-A0C5-241BFECD095E/W2KSP4_EN.EXE

>>

>> http://www.microsoft.com/technet/security/bulletin/MS03-043.mspx

>> http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx

>>

>> Then

>>

>> Rollup 1 for Microsoft Windows 2000 Service Pack 4

>> http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyid=B54730CF-8850-4531-B52B-BF28B324C662&displaylang=en

>>

>>

>>

>>

>>

> In addition to W2KSP4_EN.EXE which has a download size of 132,302KB

> Microsoft also has "Windows 2000 Service Pack 4 Express Install for End

> Users" (SP4express_EN.exe), which has a download size of 589 KB

>

> Is the "Express" version compressed for a quicker download?

> Did Microsoft leave something out of it?

 

It would be quite a feat to compress a 132 Megabyte file down to 589

kilobytes! The Express Install file is a small program that you

download and run on your computer, the program will ask a few basic

questions, do a check of your machine and then connect to the internet

and download the necessary files to update your installation to SP4.

This will be quicker than downloading the whole SP4 package because

unneeded files will not be downloaded, for example if SP4 includes a

patch for AMD processors and you are running on an Intel that particular

patch doesn't need to be installed on your computer so it won't be

downloaded. SP4 is a collection of patches and it also includes all

previous Service Packs, if you have already installed SP# 1,2 or 3 or

other patches via Windows Updates these patched will not be downloaded

again. That is the "Express" meaning of this package, in reality out of

the full 132 MB Service pack maybe you only need 30MB worth of files to

update your machine to SP4. The drawback is that no service pack files

are saved when you do an Express install. If you reinstall Windows, or

if you need to reapply the service pack, or if you have more than one

machine to patch you have to rerun the program and download all the

files again, whereas if you download the full package you can save it to

a cd or other backup location and run it whenever and wherever you need

to, in the long run it may be a lot quicker and more convenient to

simply download and save the full package.

 

John

Guest Anon

Guest Anon

Posted
Posted

Re: Problems with Viruses and Trojans

 

John John (MVP) wrote:

> Anon wrote:

>

>> Dave Patrick wrote:

>>

>>> You should be able to scan the disks at boot from floppy.

>>>

>>> Also FYI; (format the partition in lieu of deleting if you're going

>>> that method)

>>>

>>> To do a clean install, either boot the Windows 2000 install CD-Rom or

>>> setup disks. The set of four install disks can be created from your

>>> Windows 2000 CD-Rom; change to the \bootdisk directory on the CD-Rom

>>> and execute makeboot.exe (from dos) or makebt32.exe (from 32 bit) and

>>> follow the prompts.

>>>

>>> (Note: If your drive controller is not natively supported then you'll

>>> want to boot the Windows 2000 install CD-Rom. Then *F6* very early

>>> and very important (at setup is inspecting your system) in the setup

>>> to prevent drive controller detection, and select S to specify

>>> additional drivers. Then later you'll be prompted to insert the

>>> manufacturer supplied Windows 2000 driver for your drive controller

>>> in drive "A")

>>>

>>> Setup inspects your computer's hardware configuration and then begins

>>> to install the Setup and driver files. When the Windows 2000

>>> Professional screen appears, press ENTER to set up Windows 2000

>>> Professional.

>>>

>>> Read the license agreement, and then press the F8 key to accept the

>>> terms of the license agreement and continue the installation.

>>>

>>> When the Windows 2000 Professional Setup screen appears, all the

>>> existing partitions and the unpartitioned spaces are listed for each

>>> physical hard disk. Use the ARROW keys to select the partitions Press

>>> D to delete an existing partition, If you press D to delete an

>>> existing partition, you must then press L (or press ENTER, and then

>>> press L if it is the System partition) to confirm that you want to

>>> delete the partition. Repeat this step for each of the existing

>>> partitions When all the partitions are deleted press F3 to exit

>>> setup, (to avoid unexpected drive letter assignments with your new

>>> install) then restart the pc then when you get to this point in setup

>>> again select the unpartitioned space, and then press C to create a

>>> new partition and specify the size (if required). Windows will by

>>> default use all available space.

>>>

>>> Be sure to apply SP4 and these two below to your new install before

>>> connecting to any network. Internet included. (sasser, msblast)

>>> http://download.microsoft.com/download/E/6/A/E6A04295-D2A8-40D0-A0C5-241BFECD095E/W2KSP4_EN.EXE

>>>

>>> http://www.microsoft.com/technet/security/bulletin/MS03-043.mspx

>>> http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx

>>>

>>> Then

>>>

>>> Rollup 1 for Microsoft Windows 2000 Service Pack 4

>>> http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyid=B54730CF-8850-4531-B52B-BF28B324C662&displaylang=en

>>>

>>>

>>>

>>>

>>>

>> In addition to W2KSP4_EN.EXE which has a download size of 132,302KB

>> Microsoft also has "Windows 2000 Service Pack 4 Express Install for

>> End Users" (SP4express_EN.exe), which has a download size of 589 KB

>>

>> Is the "Express" version compressed for a quicker download?

>> Did Microsoft leave something out of it?

>

> It would be quite a feat to compress a 132 Megabyte file down to 589

> kilobytes! The Express Install file is a small program that you

> download and run on your computer, the program will ask a few basic

> questions, do a check of your machine and then connect to the internet

> and download the necessary files to update your installation to SP4.

> This will be quicker than downloading the whole SP4 package because

> unneeded files will not be downloaded, for example if SP4 includes a

> patch for AMD processors and you are running on an Intel that particular

> patch doesn't need to be installed on your computer so it won't be

> downloaded. SP4 is a collection of patches and it also includes all

> previous Service Packs, if you have already installed SP# 1,2 or 3 or

> other patches via Windows Updates these patched will not be downloaded

> again. That is the "Express" meaning of this package, in reality out of

> the full 132 MB Service pack maybe you only need 30MB worth of files to

> update your machine to SP4. The drawback is that no service pack files

> are saved when you do an Express install. If you reinstall Windows, or

> if you need to reapply the service pack, or if you have more than one

> machine to patch you have to rerun the program and download all the

> files again, whereas if you download the full package you can save it to

> a cd or other backup location and run it whenever and wherever you need

> to, in the long run it may be a lot quicker and more convenient to

> simply download and save the full package.

>

> John

 

Thank you for your reply.

 

I haven't had any problems that I could detect since AVG 8.0 found the

trojan yesterday, but I'm worried that there may be something lurking

quietly in the background, such as a spambot that comes awake in the

middle of the night, or a key logger that wakes up when I log onto

PayPal. Since I'm worried about it I will probably reinstall

 

If I do reinstall Windows 2000, I will probably do it Monday, and I will

use W2KSP4_EN.EXE for two reasons

 

1) I have already downloaded it and have it in my Reinstalling Windows

2000 folder on my Download partition

 

but more importantly,

 

2) I don't want to connect to the internet until I have loaded SP4 and

the Windows 2000 SP4 Rollup.

 

Thanks again

 Share
Go to topic listing
×
×
  • Create New...