AboutLorry Expertise I can answer most questions regarding viruses/Trojans and help to remove them.
Experience This happens to be of interest to me as it boggles my mind that people have nothing better to do than to write a virus. Wish these people, the ones who write viruses would put the knowledge to good use instead. My job as a local tech involves removing viruses and/or spyware.
Question QUESTION: Hi...I think I may have picked up a virus through Outlook Express 6. I have Windows 2000 NT. About 4 days ago, my computer suddenly started dragging. On initial startup, the page takes a long time to open...kind of freezes for a bit. Then I seem to be able to navigate normally. However, in some sites such as Yahoo games, I can get into the master game room but, am unable to open a new (personal) game room...it times out and gives me an error that says I need to allow popups. I have popups allowed in these sites. In other sites opening a new window takes a long time, as well. I have run various scans, downloaded service packs, and still seem to have the problem.
Hope you can help!!
Thanks
Pam
ANSWER: Hi Pam,
Not knowing which scans you have run, check for spyware using Spybot - Search & Destroy 1.5.2:
Click the GO button, then under Virus Detection, click Start. You might be told that you need to download and install ActiveX Controls for the scan to work, answer Yes.
Write down exactly anything it finds, then go to: http://www.symantec.com/search/ and do a search for what was found. Symantec usually has a removal tool and/or directions for removing manually. Make sure that you follow the instructions for removal, step by step, especially the part regarding disabling System Restore.
Hope this helps!
Lorry
---------- FOLLOW-UP ----------
QUESTION: Hi again...thanks for you quick response. I had already run Spybot but, I did it again. I ran Symantec and found 1 infected file C:\Documents and Settings\Administrator\Local Settings\Temp\UPRP_0001_D22M0806\installer.exe is infected with PrivacyProtector
There were no viruses detected in memory.
I did the search for the fix and when I went to regedit as instructed to delete the files, there are no files to be found.
I ran MicroSoft Windows Malicious Spyware Removal Tool and got at least 100 win32 files. I recognized some of them that I thought were malware but, the scans all bypassed them or say they were not infected. Some of the suspicious ones are Bagle,Msblast,Sasser,Sobig,and Virtuemonde.
Do I need win32 files at all? Can I just delete them to see if they could be the problem? Any other suggestions? So far nothing I've done has fixed the problem.
Thanks
Pam
Answer Hi Pam,
If you have Bagle,Msblast,Sasser,Sobig,and Virtuemonde on the computer, I am very surprised that the Symantec site didn't find them. Did you update Spybot before running the scan? And you followed the instructions from:
