Unsolved
This post is more than 5 years old
4 Posts
0
20090
Trying to fix damage from a Trojan Horse virus
On April 4,2003 I somehow aquired a Trojan horse virus. My norton antivirus software caught it and tried to fix it , couldn't and quarentined it.
However, I seems the damage was already done. I have a Dimension 8100, running Windows ME, Intel pentium 4, 2 GB hard drive, 128 MB Ram.
Here's what it did so far( or at least what I've noticed),:
Emptied the list of programs in the Install/Remove untility in the control panel.(All are still listed on the desktop and start menu.
Cannot access any Microsoft Office items such as Word, Excel, Notepad, etc... When tried a message says it is not installed. Document files associated with such programs are still listed but cannot be opened.
Cannot run Live update from the Norton window,(says it's not installed) but can run it from start/programs menu. Also can still open Norton program itself from all icons.
Damaged the install program itself; I cannot install any new programs including internet downloads, new software from cds, or reinstall from the original disks that came with the computer.
Here are some of the error messages I have gotten:\
'Internal Error 2868. Set up error' and 'Error 1402 could not open key' ( I think this one showed up when I tried to reinstall ms office from original disk)
When I tried to install recent updates from ms site got this one;'Advanced INF Installer: INF Install failure. Reason: The configuation registry database is corrupt'
another around the same time: 'Application fatal error: unable to connect to the CCD Process' ( I forget when that popped up)
And when I tried to install some software recommended on this site this message came up: 'Setup Error Creating Registry Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\Uninstall\Trojan Hunter_ is 1. '
and again: 'Reg Create Key EX failed; Code 1009 The configuration registry database is corrupt'
I have done two full virus scans and Norton says it's clear. I also sent a report back to them but didn't get much back. The report said it was 'Trojan Horse js.(1).js' and said it did something with .EXE files. I don't know if it also opened any back doors to anyone, as they said some trojans will do. Sometime, I hear the sound a program makes when it opens when I'm online( and I'm not actively opening anything), but I don't know how to trace that sort of thing.
I figured from all my searchng here, that I will have to do a repartion, format and reinstall of the OP and other programs, and I think I can do that as I'm pretty good following instructions. My two main questions are- When I back up my files before erasing how will I know the virus is gone from all of them, and won't reinfect the pc when I reload them? And will doing the above also remove the virus from the hard drive if it happens to be hiding there?
I'm sorry this post is so long, but I wanted to include any info that might be relevent. Also, I'm fairly familier with how the system works, but my computer vocabulary is not great so if anyone wants to help me, you will probably need to define more technical terms. I did do a reinstall way back not long after first bought the pc, but did not need to reformat, etc... I will probably call Dell support to walk me through it, but I feel more comfortable with some information about what I'm supposed to be doing first.
Thank you all so much in advance. This board is a great public service!
Barb
JOKERSWILD
1.4K Posts
0
May 30th, 2003 09:00
http://swatit.org/download.html
Try this trojan remover.
bpacky
4 Posts
0
May 30th, 2003 13:00
Well, I'd like to try that software, but I won't be able to install it.
I tried that previously with something called 'Trojan Hunter' that another thread suggested to someone else. I can download stuff, I just can't install it because the virus(or something) damaged my install utility. Right now I cannot add any thing to the computer untill the install program is repaired. I have to use whatever is on the pc right now. Thanks for the suggestion anyway.
Barb
Ron B
639 Posts
0
May 30th, 2003 14:00
bpacky
4 Posts
0
May 30th, 2003 18:00
Yes I do, and that was one of the first things I tried. If I remember right, it said the system restore was unsucessful. I went all the way back to Jan. 03 which was the earliest restore point, and was still unsucessfull. I'm afraid I've forgotten the message it gave me at the time. Sorry.
Barb
Greatone1601
907 Posts
0
May 30th, 2003 23:00
Can't you burn any useful info to a CDROM and format the hard drive? Wont that get rid of it?
maxd
2.4K Posts
0
May 31st, 2003 16:00
You may well have to format/install but you could try Housecall; it's suppose to not only scan but try to remove the virus. It can't hurt.
http://housecall.trendmicro.com/
bpacky
4 Posts
0
May 31st, 2003 22:00
Thanks. I did that and it found one more virus in the temp.internet files. So, I guess I'll start backing up whatever doc. I want to save and then go ahead and reformat and reinstall everything. I just wanted to make sure the viruses were gone so I didn't reinfect the pc when I reloaded my backed up files and documents. Thanks for all the advice and wish me luck.
Barb
rustymt
292 Posts
0
June 1st, 2003 04:00
Message Edited by rustymt on 06-01-2003 12:27 AM