Bob said:
I have an XP professional SP3 system on a LAN, which was infected with two
trojans. I removed the system from the LAN, did a full scan, found threats,
ran another in safe mode, found threats - they were all removed. But when I
boot back up to windows - non-safe mode, there are more threats !
Now ---- I would like to restore to a point before the threats hit - 1 week
ago, when the restore completes, I will stop, then re-start system restore to
clear restore points, then i will do another full scan.
I do have Symantec security/the latest definitions gor a/v and spyware.
Anyone do this with success ?
Thanks,
Bob
Hi Bob,
You didn't tell us what the infection is. It could be the restore points too
infected!
Unexplained computer behaviour may be caused by deceptive software
http://support.microsoft.com/kb/827315
Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
install the free trial of Windows Live OneCare
http://onecare.live.com/standard/en-gb/default.htm
http://www.microsoft.com/mscorp/safety/technologies/onecare/default.mspx
Windows Defender detects and removes spyware
http://www.microsoft.com/windows/products/winfamily/defender/default.mspx
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting or you can send it to me on my email
provided at the bottom:
When all else fails, HijackThis v2.0.2
(
http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
Can you please send me a copy at (e-mail address removed) ,
remove the obvious to email me.
HTH,
nass
