thread... recently h peterson posted to me in private about some probs his sister-in-law and brother were having with a computer virus. i believe that he was reluctant to post the details here in the 'main room' due to the profanity that was appearing on his s-i-l's screen whenever she typed a letter or word. pretty nasty virus. <g> so we consulted a bit on the nature of the beast and put together a plan of attack. h peterson just pm'd me this update, saying that i could post it here if i thought it would help anyone. i'm glad he feels that way, because imo, it's always best to expose the whole group to the situation, and vice versa. that's where the best work gets done. so here's hp's post....
************************************
"Best wishes to you Mark on this Holiday Season,
I thought I should give you a report on my Sister-in-laws virus situation. They went to town and bought SystemWorks 2001 4.0 for $71. They wanted those nasty words off the computer immediately since their teenagers use it all the time.
I went up to their place (45 miles) last Tuesday to help install SystemWorks. First of all I had problems loading the CD since the system said it didn't recognize that we had a CD ROM. Didn't know if the Virus was doing that to keep us from even loading an AntI-Virus program to find it or not. So I out smarted it and went to the Dos prompt and put in: D: setup and it loaded SystemWorks. I immediately ran the Virus Scan program and it said I had two virus's. I chose to delete them and it came back and said it got rid of one but not the other one. Access denied was the reason. The virus turned out to be a Trojan Horse called, KeyPanic.Trojan. It was located in C:\Windows\System folder. The program was Datcheck.exe and Keystroke Panic.exe. SystemWorks was able to get rid of Keystoke Panic.exe but not the other one.
I tried everything I could think of to delete Datcheck.exe with no luck. After three hours of frustration, I decided to shut down and come home and ask for help from someone on the Learning Tread. I don't know why,but, I said lets power up and see if it is still there. To our surprise, SystemWorks pops up and says you have a Trojan Horse virus called Datcheck.exe virus on your system and would you like it deleted. We said yes, and it was gone.
In conclusion, I think what happened was when we were loading SystemWorks, the virus was already loaded into the computer. The reason we couldn't get rid off it was it was denying us access to it. When we shut down and rebooted, SystemWorks Virus Scan loaded first and when the virus tried to load, SystemWorks caught it before it could load. A very good learning experience for me since I've never had a virus on my computer. Wednesday I ordered my update to SystemWorks 2001 4.0 and it should be here Tuesday. I also have my brother ordering his because he still has an AOL virus on his machine. He lives 200 miles away and that's to far to go every time he has a problem. Hope I can walk him through it on the phone.
Thanks for all your help Mark
H Peterson
PS....You have my permission to post this PM on the main tread if you think others can learn from it."
**************************************
:)
mark |
