Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Qoolaid, Smitfraud etc. - imm. logoff - no Safe Mode, MSN inflicted.

Status
Not open for further replies.
satrow

satrow

Technical User
Mar 8, 2004
832
GB
I've pulled the disk to another machine, cleaned out loads of trojans etc - there's no XP or recovery cd, nor any sign of making one (apart from jumping through hoops of real fire ;) ), it's a Dell 2550, I think - P4, 256Mb, 40Gb.

Any way I can make this work again without flattening it - ie., how do I clean the registry from another XP CD or PE disc?
 
Sort by date Sort by votes
Specialized removal tools may be in order, two possibilities from your title:

Combofix:


download here:

smitfraud fix:

Others may be needed.

If there is a rootkit problem in there too, there may be no way you can be absolutely sure the registry is cleaned.
 
Upvote 0 Downvote
Thanks for the reply, diogenes10.

With the drive slaved, I found and removed Swizzor, Qoolaid, worm.vb.ao, zquest and a myriad of other spyware traces - still couldn't access Windows when back as a boot drive.

Rootkit detectors found nothing on the drive.

I managed to run a parallel install from an nLite disc I'd created for my machine a couple of days before (The original XP disc was found but was unbootable (damaged)).

The machine's back in use now and a couple of teenagers suitably chastised and given some safe hex education.

If I can't find a way into the original Windows installation, I'll go back and clean all traces of the original install and repair the current installation using their OEM key.
 
Upvote 0 Downvote
That's already installed,as is the Spybot hosts file and they're under strict orders to use Firefox to paste links into - not click them from MSN Messenger so they open in IE!

Thanks again.
 
Upvote 0 Downvote
I have Symantec Mail Security for Microsft Exchange 4.6.1.107 installed. When I try and activate Symantec Premium AntiSpam
I get the following error:

"Symantec Premium AntiSpam registration failed. The product will not
receive spam definition updates.

Do the following:
1. Ensure that a valid, up-to-date Premium AntiSpam license is
installed.
2. Verifty that DNS can resolve aztec.brightmail.com
3. Allow outbound secure https through firewall (port 443)
4. If using a proxy server, see the documentation for manually running
register.
5. Retry registration by enabling Premium AntiSpam within the
product."

Has anyone got this to successfully register?
PS So I've checked second,third and fourth line and it's working and I think I've got the valid key from Symantec.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Henry Pence
  • Locked
  • Question
Is Norton Antivirus Necessary?
Replies
2
Views
134
Henry Pence
Henry Pence
Shimmy613
  • Locked
  • Question
Avira Free: "Your computer is not secure! A Service is not working correctly"
Replies
14
Views
350
ChrisHirst
ChrisHirst
mscallisto
  • Locked
  • Question
Can I get a virus in a picture file (like .jpg etc.)? 3
Replies
5
Views
131
mscallisto
mscallisto
nconick
  • Locked
  • Question
SEP 12.5 and Avaya Aura Contact Center 6.2 exceptions, etc.
Replies
0
Views
57
nconick
nconick
2ffat
  • Locked
  • News
Police: Do as we say and not as we do! 1
Replies
4
Views
88
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top