Recovering from Win32/Heur virus

  • Thread starter Thread starter news.eternal-september.org
  • Start date Start date
N

news.eternal-september.org

AVG has detected the Win32/Heur and Generic7.AYZT infections. I have the PC
running again without functional networking and have done a couple of full
system scans , one clean and the second showing Win32/Heur in fsutil.exe and
in system volume info restore.

What are my options?

Repairing the OS (not console) results in a bunch of dlls missing which I
suppose is because I am trying to repair sp2 with the original OS CD.

How can I reinstall a clean OS in C without disturbing the D and E partions
on the same hard drive or is there a better way?

Help appreciated John.
 
news.eternal-september.org said:
AVG has detected the Win32/Heur and Generic7.AYZT infections. I have the
PC
running again without functional networking and have done a couple of full
system scans , one clean and the second showing Win32/Heur in fsutil.exe
and
in system volume info restore.

What are my options?

Repairing the OS (not console) results in a bunch of dlls missing which I
suppose is because I am trying to repair sp2 with the original OS CD.

How can I reinstall a clean OS in C without disturbing the D and E
partions
on the same hard drive or is there a better way?

Help appreciated John.
Click to expand...

Using another PC, you can slipstream SP2 with your original XP install CD
and then do a repair install.

This link is gives tips,hints, etc. for a repair install with numerous links
about halfway down the page for slipstreaming.

http://michaelstevenstech.com/XPrepairinstall.htm

SC Tom
 
AVG has detected the Win32/Heur and Generic7.AYZT infections. I have the PC
running again without functional networking and have done a couple of full
system scans , one clean and the second showing Win32/Heur in fsutil.exe and
in system volume info restore.

What are my options?

Repairing the OS (not console) results in a bunch of dlls missing which I
suppose is because I am trying to repair sp2 with the original OS CD.

How can I reinstall a clean OS in C without disturbing the D and E partions
on the same hard drive or is there a better way?
Click to expand...


See Philo's answer, but let me add the following:

You say you have C: D: and E: partitions. What's on D: and E:? If one
of those has your installed programs and you reinstall Windows cleanly
on C:, almost all your installed programs will be useless. With very
few exceptions, installed programs are useless and will not run after
you reinstall Windows. That's because all the registry entries and
ancillary files that they need will be gone.
 
Firstly, upload the file to http://virustotal.com to see if it is a genuine
detection or a false positive.

IF it looks like a real threat, and is a Win32 file infector, then you would
be well-advised to save your data and do a FULL format and reinstall.
 
Ken Blake said:
See Philo's answer, but let me add the following:

You say you have C: D: and E: partitions. What's on D: and E:? If one
of those has your installed programs and you reinstall Windows cleanly
on C:, almost all your installed programs will be useless. With very
few exceptions, installed programs are useless and will not run after
you reinstall Windows. That's because all the registry entries and
ancillary files that they need will be gone.
Click to expand...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks Ken,

D: contains software installation files (I always installed software in
C:\Program Files), photos (jpg) and mp3 music. E: contains video stuff,
avi, vob etc. and now backups of OEX mail, news groups, current desk top for
links and both user specific files. All this scans cleanly with AVG.
John.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
SC Tom said:
Using another PC, you can slipstream SP2 with your original XP install CD
and then do a repair install.

This link is gives tips,hints, etc. for a repair install with numerous links
about halfway down the page for slipstreaming.

http://michaelstevenstech.com/XPrepairinstall.htm

SC Tom
Click to expand...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks Tom.

I attempted to follow the instructions on Paul Thurrot's SuperSite for
Windows page
http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp
Service Pack Setup informs me that "This service pack cannot be integrated
into a destination that also has integrated software updates".
I have just been browsing this site and there is masses of help there,
thanks for the link.
I assume I now have to install the OS from my original CD and build up to
when I can get online. Can I use PartitionMagic 8 to reformat and clean C:?
I am a little nervous about using the ms format because the prompts and
actions are not very clear to me as I rarely use it.

John.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
John said:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks Tom.

I attempted to follow the instructions on Paul Thurrot's SuperSite for
Windows page
http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp
Service Pack Setup informs me that "This service pack cannot be integrated
into a destination that also has integrated software updates".
I have just been browsing this site and there is masses of help there,
thanks for the link.
I assume I now have to install the OS from my original CD and build up to
when I can get online. Can I use PartitionMagic 8 to reformat and clean
C:?
I am a little nervous about using the ms format because the prompts and
actions are not very clear to me as I rarely use it.

John.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Click to expand...

I've never used Partition Magic, so I can't say what it will do.

You don't have to install the SP for slipstreaming, just extract it to a
folder on your HDD. If that's been done, and you're getting the error
message in the slipstreaming process, then you already have that SP on the
original CD. IIRC, it has to be a retail CD, not an OEM one, such as a Dell
or Gateway OS CD. But I may be mistaken about that.

SC Tom
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks Ken,

D: contains software installation files (I always installed software in
C:\Program Files), photos (jpg) and mp3 music. E: contains video stuff,
avi, vob etc. and now backups of OEX mail, news groups, current desk top for
links and both user specific files. All this scans cleanly with AVG.
Click to expand...



OK, good. You understand that programs will need to be reinstalled if
you reinstall Windows cleanly.

I'll just make two additional points:

1. I don't really understand the rationale between separating the
things you have on D: with those on E:. In my view, except for people
multi-booting operating systems, most people should either have one
partition or two, depending on their backup strategy. If you like, you
can read a fuller exposition of my views on partitioning in this
article I wrote: "Understanding Disk Partitioning" at
http://www.computorcompanion.com/LPMArticle.asp?ID=326

2. You say you are storing some backups on E:, but let me point out
that storing backups on a partition on your only drive is the weakest
form of backup there is. I don't recommend this approach because it
leaves you susceptible to simultaneous loss of the original and backup
drive to many of the most common dangers, which include drive crashes,
severe power glitches, nearby lightning strikes, virus attacks, and
even theft of the computer. Here's my article "Back Up Your Computer
Regularly and Reliably" at
http://www.computorcompanion.com/LPMArticle.asp?ID=314
 
Back
Top