After a virus attack...
My computer has recently been attacked by viruses (quite a few Trojans and Adwares). I've dealt with them by installing Norton 360 and then it seemed fine... until... error messages started popping up; I started getting many popup sites with advertising on my IE 7 that just don't stop no matter what I do (mostly for so called "security softwares"); Firefox can no longer run on my system properly (displays no pages, stops responding every time I open it); Processes in task manager seem to take up tremendous amounts of memory (IE = around 50000k, explorer = over 40000k, etc); Explorer.exe seem shuts down itself randomly and gives the following message: ---------------------------
Microsoft Visual C++ Runtime Library
---------------------------
Buffer overrun detected!
Program: D:\WINDOWS\explorer.exe
A buffer overrun has been detected which has corrupted the program's
internal state. The program cannot safely continue execution and must
now be terminated.
---------------------------
OK
---------------------------
.... etc etc....
Help!!! What should I do? I have important files and programs on this computer and doing a fresh install of XP is my VERY LAST resort which I want to avoid as much as possible. Is there any way to fix this other than a fresh install?
Any help is greatly appreciated
This work is licensed under a Creative Commons Attribution-Noncommercial 3.0 License.
Microsoft, Windows and the Windows logo are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Microsoft Corporation in no way endorses or is affiliated with www.vista4beginners.com.
All other products mentioned are registered trademarks and/or trademarks of their respective companies.
Backup & reinstall
Backup all your data to DVD's or another hard disk, format your C: drive and reinstall Windows Vista.
Before copying back your files, scan everything with one or two very good antivirus solutions, to make sure nothing is infected.
Buffer over run
ok wha NOT to do. Backing up your stuff on DVD is pointless.
The infection can not be found thru scans. Not even in safe mode.
The issue remains in Windows Shell . The exploit has to be fixed Not reinstall.
The one thing that can be done since the end user seems to Redial your adapter
addres. is to change the network adapater after a fresh install But even then,
There is NO known fixes unless you are a coder and can go alter your code to disable or disallow the exploit.
Mainly Microsfoft has Little just about nothing to say about it.
The "fixes" found online are pretty much all fake and even the CAUSE of the exploit is under dispute from all searches. Not one site or another agree on the exact cause.
I a hardware tech of 12 years have little success of fully cleaning a system of this type of exploit. Other virus or worms have been childsplay but this particular one is ... a pest.
Stealing information is all it really does and .. personally anoys me trying to navigate the net trying to get work done.
Reinstalling every other day is a nusiance.
Id suggest IF you do reinstall, swap routers and network adapters aswell.... try to minimize the fact the End user may just be redialing since he Has your current adapter addres. Am trying this myself and so far succes.. but for howlong.
But I do have a STRONG suspicion that if you torrent or limewire or anything of the sort you will always have this action on your system as it is the number one commonality in my clients computer usage.
Stop that type of downloading as much as it hurts and you may have it licked.
Sorry for the bad news but its the truth.
No matter how an "expert" says they have the fix download this software, inmy 300 machines the"fix" is illusive at best. as Users have habitual places they surf and those places or (p2p downloads) are highly questionable. Its not just porn sites ya know that infect your computer.
Even after clean install, installing antivirus Then windows updates. The problem returned within hours.
My only diagnosis is user habitual usage. What ever tehy do. (mainly p2p) gets teh problem again. and yes full format Clean install.
RE: your issue
www.download.com
Spybot S&D
Install > Update > Run Scan
This should sort it, if it's not found by AV then will be spyware
Post new comment